Report - www.eauxcook.ru.com/wperc/hlnebtkj872757vxdp/grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p

Report Overview

Submitted URL
www.eauxcook.ru.com/wperc/hlnebtkj872757vxdp/grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p
IP
172.67.129.207
ASN
#13335 CLOUDFLARENET
Submitted
2022-09-27 03:35:47
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
68

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.49
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	987 B	2.2 kB	93.184.220.29
tr.outbrain.com	2017	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	491 B	70.42.32.255
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	501 B	694 B	142.250.74.3
www.facebook.com	99	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	746 B	157.240.200.35
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.6 kB	7.7 kB	142.250.74.3
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	430 B	1.7 kB	142.250.74.10
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.9 kB	99 kB	142.250.74.163
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	363 B	20 kB	142.250.74.174
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	59 kB	34.120.237.76
www.eauxcook.ru.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	19 kB	2.4 MB	172.67.129.207
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	502 B	87 kB	142.250.74.164
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.36
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	978 B	2.7 kB	23.36.76.226
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	375 B	43 kB	142.250.74.72
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	34.215.56.181
amplify.outbrain.com	2255	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	276 B	3.7 kB	23.38.201.81
connect.facebook.net	139	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	364 B	28 kB	157.240.200.14
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	1.4 kB	64.233.162.156

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-27	medium	www.eauxcook.ru.com/wperc/hlnebtkj872757vxdp/grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-09-27	medium	eauxcook.ru.com	Sinkholed
2022-09-27	medium	eauxcook.ru.com	Sinkholed
2022-09-27	medium	eauxcook.ru.com	Sinkholed
2022-09-27	medium	eauxcook.ru.com	Sinkholed
2022-09-27	medium	eauxcook.ru.com	Sinkholed
2022-09-27	medium	eauxcook.ru.com	Sinkholed
2022-09-27	medium	eauxcook.ru.com	Sinkholed
2022-09-27	medium	eauxcook.ru.com	Sinkholed
2022-09-27	medium	eauxcook.ru.com	Sinkholed
2022-09-27	medium	eauxcook.ru.com	Sinkholed
2022-09-27	medium	eauxcook.ru.com	Sinkholed
2022-09-27	medium	eauxcook.ru.com	Sinkholed
2022-09-27	medium	eauxcook.ru.com	Sinkholed
2022-09-27	medium	eauxcook.ru.com	Sinkholed
2022-09-27	medium	eauxcook.ru.com	Sinkholed
2022-09-27	medium	eauxcook.ru.com	Sinkholed
2022-09-27	medium	eauxcook.ru.com	Sinkholed
2022-09-27	medium	eauxcook.ru.com	Sinkholed
2022-09-27	medium	eauxcook.ru.com	Sinkholed
2022-09-27	medium	eauxcook.ru.com	Sinkholed
2022-09-27	medium	eauxcook.ru.com	Sinkholed
2022-09-27	medium	eauxcook.ru.com	Sinkholed
2022-09-27	medium	eauxcook.ru.com	Sinkholed
2022-09-27	medium	eauxcook.ru.com	Sinkholed
2022-09-27	medium	eauxcook.ru.com	Sinkholed
2022-09-27	medium	eauxcook.ru.com	Sinkholed
2022-09-27	medium	eauxcook.ru.com	Sinkholed
2022-09-27	medium	eauxcook.ru.com	Sinkholed
2022-09-27	medium	eauxcook.ru.com	Sinkholed
2022-09-27	medium	eauxcook.ru.com	Sinkholed
2022-09-27	medium	eauxcook.ru.com	Sinkholed
2022-09-27	medium	eauxcook.ru.com	Sinkholed
2022-09-27	medium	eauxcook.ru.com	Sinkholed

JavaScript (19)

	URL	Size	First Seen	Last Seen
	www.googletagmanager.com/gtag/js?id=UA-22484186-3	109 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtag/js?id=UA-22484186-3 IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:12:11 Last Seen2023-03-08 02:12:11 Times Seen1 Hash 5ad004f0d8d8485caa9ac702e3348c48 81d1725bc637438abe1a429a2cf1bf92396dcb3c 8ff148df7d460052319c79efbb348ad6b833f89547dc15ec5dc562631f0f7aa2 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-K7KV9MG	139 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-K7KV9MG IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:12:11 Last Seen2023-03-08 02:12:11 Times Seen1 Hash f06b562cd6f14e4183af8b8e0e174e5a e53488bc31305e0e4baf64e0a3a39f23c94a9e41 7c16d2a1b628c424145ad86d8875cb582792be965cdc941d1dc050782806c864 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-07	2024-01-06
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:05:31 Last Seen2024-01-06 17:39:53 Times Seen66 Hash 99ba52a15d2da967b023016d1af58cbd 5c2246049c43834d17113877b4731bd4f9803d55 9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f Loading...

	www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/fbevents.js.download	129 kB	2023-03-07	2024-04-04
Pretty URL www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/fbevents.js.download IP 172.67.129.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:23 Last Seen2024-04-04 05:53:28 Times Seen63 Hash 9d939cad64375505e4dce7469a82e4ee c0d0919210cb8dc763acb3de97a6218020caaa8d 5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685 Loading...

	www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/gtm.js.download	84 kB	2023-03-07	2023-03-17
Pretty URL www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/gtm.js.download IP 172.67.129.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:24 Last Seen2023-03-17 11:37:30 Times Seen1 Hash 7eb0a1bda269d3087b8bc748e696f147 3ba33c1c1c3374837f373637041bdb33e7b41d3e f28faa623ecd340179ec27e8a8288a7f75be69f9335c15e0d28055e372009bba Loading...

	www.eauxcook.ru.com/clicks/chapter2/GX-watch.php?sid=990888&h=grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p	824 B	2023-03-07	2023-03-17
Pretty URL www.eauxcook.ru.com/clicks/chapter2/GX-watch.php?sid=990888&h=grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p IP 172.67.129.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:23 Last Seen2023-03-17 11:37:30 Times Seen1 Hash e608f58172a868d1340e8a73be305ca4 5c7568e5df4d0198097ba377d171a382f25b2848 cd562bac98703123532bb45ad0fc8cd668c7f2b2ab586a7db322839a1720dbb0 Loading...

	amplify.outbrain.com/cp/obtp.js	8.1 kB	2023-03-07	2023-03-17
Pretty URL amplify.outbrain.com/cp/obtp.js IP 23.38.201.81 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2023-03-17 12:54:28 Times Seen1 Hash 51de2e10510f823326f9b30ea6068a2a d59ac8a4371d74ec69945686b04453246130d846 83db3bbe981876d41cce2ddff9a3f3eb388342c9d70a4112fd79b995dae26dd0 Loading...

	tr.outbrain.com/cachedClickId?marketerId=00d6f88dd9fc53a7a314e8f968d681ae2a	35 B	2023-03-07	2024-02-13
Pretty URL tr.outbrain.com/cachedClickId?marketerId=00d6f88dd9fc53a7a314e8f968d681ae2a IP 70.42.32.255 ASN #22075 AS-OUTBRAIN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:36 Last Seen2024-02-13 00:48:29 Times Seen1372 Hash 75c843c7b717e7b722777907475c67a3 983d1c9a05b315288039b9d4694ce3b402259240 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580 Loading...

	www.eauxcook.ru.com/jquery-1.11.0.min.js	96 kB	2023-03-07	2024-04-23
Pretty URL www.eauxcook.ru.com/jquery-1.11.0.min.js IP 172.67.129.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:10 Last Seen2024-04-23 07:40:09 Times Seen18481 Hash 8fc25e27d42774aeae6edbc0a18b72aa b66ed708717bf0b4a005a4d0113af8843ef3b8ff b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682 Loading...

	www.eauxcook.ru.com/clicks/chapter2/GX-watch.php?sid=990888&h=grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p	154 B	2023-03-07	2024-03-13
Pretty URL www.eauxcook.ru.com/clicks/chapter2/GX-watch.php?sid=990888&h=grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p IP 172.67.129.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:24 Last Seen2024-03-13 17:48:30 Times Seen54 Hash ea6fb5829b8b3345ad595b21c0eaedb0 2c6c4609804f99e09ad777a308eaf4f26ec04474 5be5ed06f4b849d7af02562365acb798fac639c00cf9e2e2dd1fbb0df5068cad Loading...

	www.eauxcook.ru.com/clicks/chapter2/GX-watch.php?sid=990888&h=grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p	428 B	2023-03-07	2023-03-17
Pretty URL www.eauxcook.ru.com/clicks/chapter2/GX-watch.php?sid=990888&h=grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p IP 172.67.129.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:24 Last Seen2023-03-17 11:37:30 Times Seen1 Hash 8070aec9e7c9c7b823dfd3d522913d4e f6acbbc8bbf96e37a297dfe1277fa2df71040c48 e06ff49562eb8977c881fd6bed39aac1ccaee047348327fcae339f77b44cbfaa Loading...

	www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/semantic.min.js.download	346 kB	2023-03-07	2023-03-17
Pretty URL www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/semantic.min.js.download IP 172.67.129.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:24 Last Seen2023-03-17 11:37:30 Times Seen1 Hash 132bab8897a9ced6fba8df024ff44c61 5389aebace491d696e63b2747da38441e992de44 ddb165eba6b445a6c460fc57ea5f15de11383b6b75bf9259eb35ad34d442b124 Loading...

	www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/2-es2015.478e249f6ca420649117.js.download	699 B	2023-03-07	2023-03-17
Pretty URL www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/2-es2015.478e249f6ca420649117.js.download IP 172.67.129.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:23 Last Seen2023-03-17 11:37:30 Times Seen1 Hash 0997f48838ce432db6b37f72c8fdf1f2 c9b2dc8a68ab46b5b36c96d52ef6c6de1084c6e6 646f01731972adb62a05fbadddee4f1760499bd01e6c2162d889ba47d160b6c5 Loading...

	connect.facebook.net/signals/config/2517737108351885?v=2.9.84&r=stable	300 kB	2023-03-08	2023-03-08
Pretty URL connect.facebook.net/signals/config/2517737108351885?v=2.9.84&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:12:11 Last Seen2023-03-08 07:31:41 Times Seen1 Hash 84ad4faebdcebe1d0385bf176c8c7e61 e43e1cce0e8d333b340e5de5d4221f7686ef7483 c41a21e847f640cc89634288322e6c7a0b5a8c8f44fd3a4a3eae1cb6703045f6 Loading...

	www.eauxcook.ru.com/clicks/chapter2/GX-watch.php?sid=990888&h=grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p	495 B	2023-03-07	2023-03-17
Pretty URL www.eauxcook.ru.com/clicks/chapter2/GX-watch.php?sid=990888&h=grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p IP 172.67.129.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:23 Last Seen2023-03-17 11:37:30 Times Seen1 Hash 446a8a57f2549211a41c8bd246a403f4 470424ab769b1325e2587bee7a515b9811a39435 6ea2fbe05d8fcd0bf6c8b499309fa8bf600db1e3f36cb4cf4d79640792634c2d Loading...

	connect.facebook.net/en_US/fbevents.js	103 kB	2023-03-08	2023-11-10
Pretty URL connect.facebook.net/en_US/fbevents.js IP 157.240.200.14 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:45:46 Last Seen2023-11-10 23:06:10 Times Seen10 Hash d78a7caef2779bec7d3e91de3eb77eeb 5af31c112f3bcd8f2866d4bf89e8455438b1e382 00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674 Loading...

	www.eauxcook.ru.com/wperc/hlnebtkj872757vxdp/grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p	360 B	2023-03-08	2023-03-08
Pretty URL www.eauxcook.ru.com/wperc/hlnebtkj872757vxdp/grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p IP 172.67.129.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:12:11 Last Seen2023-03-08 02:12:11 Times Seen1 Hash 5ef1e753e5321658d5d4c1b1b62284a9 14928d4b96841fefc7bb56503cc3f647ed40b343 4ccac56c127d77c7c8f560a70827fdc5e8f5d0aa9701f9aadc0b204fcb5eb16d Loading...

	www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/obtp.js.download	6.2 kB	2023-03-07	2023-03-17
Pretty URL www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/obtp.js.download IP 172.67.129.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:24 Last Seen2023-03-17 11:37:30 Times Seen1 Hash 522e4451790939ca385c10f4b474de63 23027181eea39e5fc338694c98602baaae0944a4 8bd397636ecd49c36d687ad591807ea5ee621b1e11888657827902a5003fc4bb Loading...

	unknown	0 B	2023-03-07	2024-04-23
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-23 08:50:24 Times Seen37018115 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (78)

URL IP Response Size

www.eauxcook.ru.com/wperc/hlnebtkj872757vxdp/grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p

172.67.129.207

200 OK

557 B

URL HTTP/1.1
www.eauxcook.ru.com/wperc/hlnebtkj872757vxdp/grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p
IP
172.67.129.207:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (338)
Size
557 B (557 bytes)
Hash
27be9d6cb71a8a63b4d70ffe02befd85
dda76024674843e2d572204cef3aa89ac1e463d1
ee3a5efb60977f9aa76975b2a57446fa33951af50e6bc4bde2be503d9a154bc4

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /wperc/hlnebtkj872757vxdp/grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:35:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.3.25
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0vfptGQn7GqU6oUHXlbqvQ7t%2BkLCRo9OCCD%2BpePkv47BBIZLYyGaaeIGzqThJgYZlG02lKUagYHyQgZSNyFIh4aXRCyws%2FEG419ydShqQBvHKCWRCTnytgkQVyv20XLTizm%2FRL0a"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 751130b29b7c1bfa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

firefox.settings.services.mozilla.com/v1/

143.204.55.36

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 27 Sep 2022 03:15:30 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: rZGotNrTd7PjD_Vtfp53aFUp1wsRuwrb24c4YCifXaJPPw9RJRw9aw==
Age: 1206

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7440
Expires: Tue, 27 Sep 2022 05:39:36 GMT
Date: Tue, 27 Sep 2022 03:35:36 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.49

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.49:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Sep 2022 04:35:16 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _QGByo-9VdvgW-wvasLIB7OHXDspgZ-LaeQ5E7zHq3JpSUMiebUDyQ==
age: 82821
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 03:35:36 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c939f97c8bcbfea356e92036803714bc
608c795e7c4fb943a4db49a4e4533c41ea717023
b05b38c78c15c259720bfc6783ac65ab60ceb1e6037b45b08113f183554f08cb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 03:35:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=UA-22484186-3

142.250.74.72

200 OK

42 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-22484186-3
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1720)
Size
42 kB (42261 bytes)
Hash
701ed3a577f19b862103bb8ccc6651d1
c4fd1efaa8172619aa10992d476234a08509fac8
693719de1bcc012d999d14fe991e5aa33cb1a26c03adbbfc5d11ab4d250eab57

HTTP Headers

GET /gtag/js?id=UA-22484186-3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 27 Sep 2022 03:35:36 GMT
expires: Tue, 27 Sep 2022 03:35:36 GMT
cache-control: private, max-age=900
last-modified: Tue, 27 Sep 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42261
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c939f97c8bcbfea356e92036803714bc
608c795e7c4fb943a4db49a4e4533c41ea717023
b05b38c78c15c259720bfc6783ac65ab60ceb1e6037b45b08113f183554f08cb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 03:35:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.eauxcook.ru.com/jquery-1.11.0.min.js

172.67.129.207

200 OK

33 kB

URL HTTP/1.1
www.eauxcook.ru.com/jquery-1.11.0.min.js
IP
172.67.129.207:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (32341)
Size
33 kB (33436 bytes)
Hash
95fe3f4dd117c33f6015e1c3d6df1d0d
d5b8856932d1ea63f51824de0bb50670d2e960bc
e6945ac3f1927f242a9fd7a5cf67720f7763888127a7427eb24ffc52019d4b16

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /jquery-1.11.0.min.js HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/wperc/hlnebtkj872757vxdp/grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p

HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:35:36 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:03:39 GMT
ETag: W/"62e8238b-1787d"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n0tKkSF9uJN07HFm024J%2FnI%2FhJKH2n2ngtCrCzw3tFXQiCG%2FQ26VPHARp0T2rgNLX%2FLmZHqTJ9w7U6DzyNfX99tAXgvWoB%2FX7HTEq0oVWXVDlZRqWo5zsjKbLFaCYN%2F1t0GH64TF"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 751130b47c231bfa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

www.eauxcook.ru.com/offer.php?id=213&sid=990888&h=grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p

172.67.129.207

200 OK

364 B

URL HTTP/1.1
www.eauxcook.ru.com/offer.php?id=213&sid=990888&h=grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p
IP
172.67.129.207:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (361)
Size
364 B (364 bytes)
Hash
7b5f17eaad284d675590573cf744c5a7
d925d3dbc0d7b0a43f2dccda9788299661226b71
3fbf8262311eeb4ffcf5b8f818f8e9a211f2441ebd96a7257f50a3b052bc2238

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /offer.php?id=213&sid=990888&h=grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/wperc/hlnebtkj872757vxdp/grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:35:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.3.25
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=88zlbznOEmITudKgtIypmeM9rgjLl0O5kn0QeCO1GK1UwnJIzIKI4MQb0uFD223B66G2HIOyGKm3ZoYvdDZqz3JBf9DfTD01QnQrgAooKxVZOwJGhlFWr3XDWCYBY6AktXIrC3tb"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 751130b65cbe1bfa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

www.eauxcook.ru.com/clicks/chapter2/GX-watch.php?sid=990888&h=grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p

172.67.129.207

200 OK

14 kB

URL HTTP/1.1
www.eauxcook.ru.com/clicks/chapter2/GX-watch.php?sid=990888&h=grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p
IP
172.67.129.207:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (42825)
Size
14 kB (13750 bytes)
Hash
8ff3f33099937ef6762c588ad05cda5e
8839c6415748be0d292a679d2ffc84dd87e25d2a
b0cfdecc92513a89200a9947fca1bd5c06a331f73d7a4b43ac21352b906b067a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /clicks/chapter2/GX-watch.php?sid=990888&h=grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:35:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.3.25
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y9qWuMHPHHYSaC2mnwDBCWpi5NK20A2he8iaupTouXXR0dZP9r4o48LLSIBvtY3EBOJb4Fz6nYLUhce114sFgvBNe%2BwoMYJg%2BPRx7QIqGtUrjG%2FtBY09UWuHI3Cg03yV7yNujmte"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 751130b7bd2b1bfa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.36

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 27 Sep 2022 03:10:46 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Tue, 27 Sep 2022 03:36:19 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: PBPZpkf6sFSM0isEPPh_v-IJTxJJW4pAGe7dz-w1opEpkdpmEvOUoA==
Age: 1491

www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/obtp.js.download

172.67.129.207

200 OK

6.2 kB

URL HTTP/1.1
www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/obtp.js.download
IP
172.67.129.207:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (6169), with no line terminators
Size
6.2 kB (6169 bytes)
Hash
522e4451790939ca385c10f4b474de63
23027181eea39e5fc338694c98602baaae0944a4
8bd397636ecd49c36d687ad591807ea5ee621b1e11888657827902a5003fc4bb

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /clicks/chapter2/GX-watch_files/obtp.js.download HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/clicks/chapter2/GX-watch.php?sid=990888&h=grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p

HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:35:37 GMT
Content-Type: application/octet-stream
Content-Length: 6169
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:08 GMT
ETag: "62e823e4-1819"
Accept-Ranges: bytes
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nt41gbeiDrhyIXKlmVLbuZeOQ5Q8ZWyFPCjyIreircLhYdk8b12zyYO%2FMQ%2BHS7pSSjMFkbONlFHxgtSUM3VRafRmeO7%2BQAmbGMMqoYnAey0ZWRq4X0SWCWXw2cytxXB6QYRqt5D1"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 751130b83c50b50f-OSL
alt-svc: h2=":443"; ma=60

www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/styles.980a546aa37addf3afdf.css

172.67.129.207

200 OK

11 kB

URL HTTP/1.1
www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/styles.980a546aa37addf3afdf.css
IP
172.67.129.207:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (62929), with CRLF, LF line terminators
Size
11 kB (10782 bytes)
Hash
b8bc5aa36f686ee04208c9686195edab
e020d345db7efa2dfe4ebf4b888ccdb560372b8f
0b1aa036cd4b64c7b1462f92833e4f54cb98850db23bfbf42d35b3b2ff192f4e

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /clicks/chapter2/GX-watch_files/styles.980a546aa37addf3afdf.css HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/clicks/chapter2/GX-watch.php?sid=990888&h=grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p

HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:35:37 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:08 GMT
ETag: W/"62e823e4-11e86"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tfqV4Lm9sJGy2%2BXyKy2XfBy2o3tlzCDR14eaNGOCE6mlvhvXX75CQkr2Qhf28Umne0BOSPE%2FH2JAMRJtiOW3MFbgydYOXgpoSKzlbVSY9ZmvEFiPTPTZYUiSU3Vi46gPeM8NPq8L"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 751130b84f56b4fa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/2-es2015.478e249f6ca420649117.js.download

172.67.129.207

200 OK

699 B

URL HTTP/1.1
www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/2-es2015.478e249f6ca420649117.js.download
IP
172.67.129.207:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (699), with no line terminators
Size
699 B (699 bytes)
Hash
0997f48838ce432db6b37f72c8fdf1f2
c9b2dc8a68ab46b5b36c96d52ef6c6de1084c6e6
646f01731972adb62a05fbadddee4f1760499bd01e6c2162d889ba47d160b6c5

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /clicks/chapter2/GX-watch_files/2-es2015.478e249f6ca420649117.js.download HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/clicks/chapter2/GX-watch.php?sid=990888&h=grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p

HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:35:37 GMT
Content-Type: application/octet-stream
Content-Length: 699
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:08 GMT
ETag: "62e823e4-2bb"
Accept-Ranges: bytes
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=baz6BvKwlyXXfBNaojSXw1RluuEG8dYiAxR1DoEREDKueSifO2is3GCFUN6epwPWiWoncgWZWAHLYrd8IjC95iMW%2FyJbn9wg27Sf7K2GkcYC8Y%2BL5SdWtS1TyWyTGhlLsm%2F0EU08"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 751130b92cbcb50f-OSL
alt-svc: h2=":443"; ma=60

www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/fbevents.js.download

172.67.129.207

200 OK

129 kB

URL HTTP/1.1
www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/fbevents.js.download
IP
172.67.129.207:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (33256)
Size
129 kB (128769 bytes)
Hash
9d939cad64375505e4dce7469a82e4ee
c0d0919210cb8dc763acb3de97a6218020caaa8d
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /clicks/chapter2/GX-watch_files/fbevents.js.download HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/clicks/chapter2/GX-watch.php?sid=990888&h=grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p

HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:35:37 GMT
Content-Type: application/octet-stream
Content-Length: 128769
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:08 GMT
ETag: "62e823e4-1f701"
Accept-Ranges: bytes
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LcnET0FQtjXLDUYHnIstfyr7JvQAzpJWk8i9l3z1H7dvTIGY4lwFn9buSRoDUKN0SBGQj9fyUzBgTDwWZWIQ4XR7FHN7DSKzrJFa4WMVfXy24QzstdxCDTBpzUYFwbqiHl9RBgEM"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 751130b83cf2b523-OSL
alt-svc: h2=":443"; ma=60

www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/gtm.js.download

172.67.129.207

200 OK

84 kB

URL HTTP/1.1
www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/gtm.js.download
IP
172.67.129.207:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (1721)
Size
84 kB (84387 bytes)
Hash
7eb0a1bda269d3087b8bc748e696f147
3ba33c1c1c3374837f373637041bdb33e7b41d3e
f28faa623ecd340179ec27e8a8288a7f75be69f9335c15e0d28055e372009bba

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /clicks/chapter2/GX-watch_files/gtm.js.download HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/clicks/chapter2/GX-watch.php?sid=990888&h=grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p

HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:35:37 GMT
Content-Type: application/octet-stream
Content-Length: 84387
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:08 GMT
ETag: "62e823e4-149a3"
Accept-Ranges: bytes
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z8lyOCnu99jcOxUVk6ogR0u5BgcmuECMU383yFvhd0fYCvyeL9HLBeGnrp6gVBUvsjrqYcCByA8IGcm%2FQAE61eHwgYlTDSaO3mHPjSm%2Bh7yzT2qBKWwG17%2BbH8A9WTlqUPgNnuop"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 751130b83e380b59-OSL
alt-svc: h2=":443"; ma=60

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
5adb7eb1d103eadeeafac36e663ffdd3
23b784388dd634fa736cd60aed71570661e73d02
5c95ba48bc342887b4f7ef697bd4def50f6f2f472f654169179e5ac44df883d9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6477
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 03:35:37 GMT
Last-Modified: Tue, 27 Sep 2022 01:47:40 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471

www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/runtime-es2015.9502c56c7b8ec72c1df4.js.download

172.67.129.207

200 OK

2.3 kB

URL HTTP/1.1
www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/runtime-es2015.9502c56c7b8ec72c1df4.js.download
IP
172.67.129.207:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (2339), with no line terminators
Size
2.3 kB (2339 bytes)
Hash
a5fd49d9f6995d297d975ff767b07693
6e62ba7c1e1b5683480f0359c5daa96f7f602ef4
74feece712f2d426ea2f9f682eec3d74f4474a31222a62de4778f2670cd2c2c7

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /clicks/chapter2/GX-watch_files/runtime-es2015.9502c56c7b8ec72c1df4.js.download HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/clicks/chapter2/GX-watch.php?sid=990888&h=grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p

HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:35:37 GMT
Content-Type: application/octet-stream
Content-Length: 2339
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:07 GMT
ETag: "62e823e3-923"
Accept-Ranges: bytes
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ybQq%2BCWMeu3c8ybKvinuUUHIieciZab7nbhLJjekhlNfQ9m69k9VbapCg63NASBzZ9PVnS%2FAHj%2Fy%2BkqF1W02Il122Y9oODVTV7bptHjr0Hn%2FBshGe7BMcGmBBvujY7zVLeoM9%2Bf"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 751130b9c81ab4fa-OSL
alt-svc: h2=":443"; ma=60

www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/semantic.min.css

172.67.129.207

200 OK

115 kB

URL HTTP/1.1
www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/semantic.min.css
IP
172.67.129.207:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (60347)
Size
115 kB (114854 bytes)
Hash
bf79ae58d383b0bfd5aa04fa527ae59d
76141d2acb1acbfd7c2fc2a050dde381e4b0b25d
e7966e88811b0480c1f74fb9c2453deb97ad7a1d2c3a70e75cc69c9ca6a65e2d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /clicks/chapter2/GX-watch_files/semantic.min.css HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/clicks/chapter2/GX-watch.php?sid=990888&h=grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p

HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:35:37 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:08 GMT
ETag: W/"62e823e4-c055e"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oMNc28n4F0UOAnko1UOvtuPC89ZEm71FC0Vq1iHSOqj7Y0zOpFzHZIoAPN%2BD%2FsEo5Eswts5QI6IkdOp38WB64%2Bphltayz79KfchlyYvgCtyBLG0NA0XMEfQeBjjt3b%2BHxHNOan1Z"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 751130b84f55b4fa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/0-es2015.ca3005822a3d933170a8.js.download

172.67.129.207

200 OK

593 kB

URL HTTP/1.1
www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/0-es2015.ca3005822a3d933170a8.js.download
IP
172.67.129.207:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
593 kB (593023 bytes)
Hash
67ced67786c2faf02230249ebfca68b1
43248fe8f624ea47d7ee8bd71d47691bd3b836d1
fcde07bab3999ff73a36dfc92c42ee7d1966cebe0246e6601923410ad0ae3cbf

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /clicks/chapter2/GX-watch_files/0-es2015.ca3005822a3d933170a8.js.download HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/clicks/chapter2/GX-watch.php?sid=990888&h=grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p

HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:35:37 GMT
Content-Type: application/octet-stream
Content-Length: 593023
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:08 GMT
ETag: "62e823e4-90c7f"
Accept-Ranges: bytes
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aBZfsy4JDfaVO5yZoIY%2FH2oPpHqeGJ7y7sYYbhbbBv6wemoT6BNJf%2FJrGTT4rAYgY6Ha9mEPV%2FO6H8Pdx563xBhVd%2F%2F%2FZ%2BDM9gUWG%2FgimRCzsPJUbbWyrRl1BtHucOch9mGDePtJ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 751130b8bd8a1bfa-OSL
alt-svc: h2=":443"; ma=60

push.services.mozilla.com/

34.215.56.181

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.215.56.181:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: k4/dQTPbegreIu+fF0DtyA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: hkrAtMTpxY5CUWb75jX8IDfZHC4=

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
bfc8c650e23854f708a3dd54fca4393f
b54c061cf5a5306a68112d403471914e839a68c8
84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 03:35:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/semantic.min.js.download

172.67.129.207

200 OK

346 kB

URL HTTP/1.1
www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/semantic.min.js.download
IP
172.67.129.207:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65324)
Size
346 kB (346199 bytes)
Hash
132bab8897a9ced6fba8df024ff44c61
5389aebace491d696e63b2747da38441e992de44
ddb165eba6b445a6c460fc57ea5f15de11383b6b75bf9259eb35ad34d442b124

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /clicks/chapter2/GX-watch_files/semantic.min.js.download HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/clicks/chapter2/GX-watch.php?sid=990888&h=grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p

HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:35:37 GMT
Content-Type: application/octet-stream
Content-Length: 346199
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:07 GMT
ETag: "62e823e3-54857"
Accept-Ranges: bytes
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fh0c%2BBk8y%2FetQLlLyJTIq1lDwRWiQDG3rbGGCBLIEgC7CZR1x6UunOY3qNMtj2W88JTr0X187qaKjezdyFNaDpVHiE16DWpGUk9k%2FE4n%2BCbuNwAQS%2Bc%2BXPZAKlBN8dcAim%2FoSHsw"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 751130bac8ceb4fa-OSL
alt-svc: h2=":443"; ma=60

fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin&display=swap

142.250.74.10

200 OK

919 B

URL HTTP/2
fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
919 B (919 bytes)
Hash
f041277350d11efda1ff4ff125004516
3ef485f96865fb092b3ecde8752a19172be3e53b
53acbf300cae74cf09a37d03b5999b5f5b781ccf30277d064e46f218f35ec794

HTTP Headers

GET /css?family=Lato:400,700,400italic,700italic&subset=latin&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 27 Sep 2022 03:35:37 GMT
date: Tue, 27 Sep 2022 03:35:37 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/polyfills-es2015.614913fbba11925f96b8.js.download

172.67.129.207

200 OK

14 kB

URL HTTP/1.1
www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/polyfills-es2015.614913fbba11925f96b8.js.download
IP
172.67.129.207:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
14 kB (13612 bytes)
Hash
4a085fb2f873340a92d12eb28367b5c3
f23507b5d52a86e5bfcdcab534430a1406608c06
8b3f6e864716940a6f8a2873f73f3b74ed74054fa63b808c93ce571edc27428d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /clicks/chapter2/GX-watch_files/polyfills-es2015.614913fbba11925f96b8.js.download HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/clicks/chapter2/GX-watch.php?sid=990888&h=grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p

HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:35:37 GMT
Content-Type: application/octet-stream
Content-Length: 36500
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:08 GMT
ETag: "62e823e4-8e94"
Accept-Ranges: bytes
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0sEexLHnAtwOzXyMH8t9tNBxzDPKO9q2%2B2t6p9%2Fn7wPiZed8TSxOexnTzVq1fu9M03MgG0GpMilWXj26IIeNEdSz18iGaLvBk7E%2BmLghceyozQImrKp3cR%2F%2FDoe9fO8BBrT%2F1QYD"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 751130b9dd59b50f-OSL
alt-svc: h2=":443"; ma=60

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
737756d717fd215d94458a21028ae486
ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f
8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 03:35:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

142.250.74.163

200 OK

24 kB

URL HTTP/2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Size
24 kB (23580 bytes)
Hash
e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

HTTP Headers

GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.eauxcook.ru.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 17:10:21 GMT
expires: Wed, 20 Sep 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 555916
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/lato/v23/S6u_w4BMUTPHjxsI5wq_Gwft.woff2

142.250.74.163

200 OK

24 kB

URL HTTP/2
fonts.gstatic.com/s/lato/v23/S6u_w4BMUTPHjxsI5wq_Gwft.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 24448, version 1.0\012- data
Size
24 kB (24448 bytes)
Hash
865e46af816320c9f32234e8968558d0
6791e9f732fcbde0f375f84ccbc14c4ac72795a3
6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550

HTTP Headers

GET /s/lato/v23/S6u_w4BMUTPHjxsI5wq_Gwft.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.eauxcook.ru.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24448
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 17:27:46 GMT
expires: Wed, 20 Sep 2023 17:27:46 GMT
cache-control: public, max-age=31536000
age: 554871
last-modified: Tue, 26 Apr 2022 16:41:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

142.250.74.163

200 OK

23 kB

URL HTTP/2
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Size
23 kB (23040 bytes)
Hash
de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

HTTP Headers

GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.eauxcook.ru.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 17:10:21 GMT
expires: Wed, 20 Sep 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 555916
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/1586100728425_sidebar.jpg

172.67.129.207

200 OK

25 kB

URL HTTP/1.1
www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/1586100728425_sidebar.jpg
IP
172.67.129.207:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 270x270, components 3\012- data
Size
25 kB (24980 bytes)
Hash
5ac031f2695f2f0c0223d7e7e245f3eb
fcf0766c41f347ecac0e74310b70d78b20044dfe
f5091a260a7a625a373fda20c1dac57b734a346dcb0656a0be836f61a09b0276

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /clicks/chapter2/GX-watch_files/1586100728425_sidebar.jpg HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/clicks/chapter2/GX-watch.php?sid=990888&h=grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p

HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:35:37 GMT
Content-Type: image/jpeg
Content-Length: 24980
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:08 GMT
ETag: "62e823e4-6194"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oMnVApgJSLv0cNXoUTS3%2BM73axhn2OVYSjGdZx%2BTx0qfUvh70qD0XQUySUJUFQ0Lxhh%2BVAZlgmj9PgY7D2z8p5JVR1x0mtwuhM3snvD0Vw11OI9KnyXRcgGj9cJh%2FSojAddHhFk9"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 751130bce9f7b4fa-OSL
alt-svc: h2=":443"; ma=60

fonts.gstatic.com/s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2

142.250.74.163

200 OK

24 kB

URL HTTP/2
fonts.gstatic.com/s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 24408, version 1.0\012- data
Size
24 kB (24408 bytes)
Hash
efee2d080d7bebdd2e0aeb2e030813a0
f8d38f9f9584e48c2e469877ebd94232265585f1
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0

HTTP Headers

GET /s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.eauxcook.ru.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24408
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 20:02:01 GMT
expires: Tue, 26 Sep 2023 20:02:01 GMT
cache-control: public, max-age=31536000
age: 27216
last-modified: Tue, 26 Apr 2022 15:50:25 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/1586101192223_laser.jpg

172.67.129.207

200 OK

50 kB

URL HTTP/1.1
www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/1586101192223_laser.jpg
IP
172.67.129.207:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1000x600, components 3\012- data
Size
50 kB (49717 bytes)
Hash
fca31471671ea05f0f7162fa96bcad2a
451be53621ba63467a0203c532010653c6cc0618
a50afa03f5efe4300e805950def99f32a26b5c01f81ba6fbe552718a21bb1ecd

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /clicks/chapter2/GX-watch_files/1586101192223_laser.jpg HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/clicks/chapter2/GX-watch.php?sid=990888&h=grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p

HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:35:37 GMT
Content-Type: image/jpeg
Content-Length: 49717
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:08 GMT
ETag: "62e823e4-c235"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YOapP0blzfaN6LsuOhSQ3TYAmHa8%2F%2FcP6BGG90fqWFDrAg8f2c6lwlDIf36XYf8zC9jZmA2NQOSVDZlum0CMAC2GgPXxuS1Mhh3KOB0lJmNOoaUxlQcgDB04oBR1AdshZ0rWV1Lp"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 751130bcef4db523-OSL
alt-svc: h2=":443"; ma=60

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
737756d717fd215d94458a21028ae486
ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f
8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 03:35:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/1586103152860_review__.jpg

172.67.129.207

200 OK

58 kB

URL HTTP/1.1
www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/1586103152860_review__.jpg
IP
172.67.129.207:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1000x600, components 3\012- data
Size
58 kB (58359 bytes)
Hash
a5724ec80fd0ba3912854045e0a5dca6
1f1bdb6a41f67feb941c5d2824ea354c5685011d
d476034f617682becd5ab468c20d5f713578c0b70ee30ece4e5b4978c8e2e541

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /clicks/chapter2/GX-watch_files/1586103152860_review__.jpg HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/clicks/chapter2/GX-watch.php?sid=990888&h=grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p

HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:35:37 GMT
Content-Type: image/jpeg
Content-Length: 58359
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:08 GMT
ETag: "62e823e4-e3f7"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FD3sUVxpLJyJoc7MFxZE6dFpq4JC8%2BSaLE8r34JTpxce6Dyzk5NSq5cB7c2SEJ3ewPeZgmcK4mFtU%2FHePdz1VaSdosgFyBHA3c6WIntn207NCZACkd%2BcTzl3T%2FUGtcOwBo%2FZHET%2B"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 751130bcef211bfa-OSL
alt-svc: h2=":443"; ma=60

www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/main-es2015.a486239d1b6b56551079.js.download

172.67.129.207

200 OK

42 kB

URL HTTP/1.1
www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/main-es2015.a486239d1b6b56551079.js.download
IP
172.67.129.207:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
42 kB (42456 bytes)
Hash
cc6b98bb2a835cb60cf5342a8cc21f81
988a7ca87f790c53731d662588902acd0e21c43e
689239912ed74f83d31452c181b8c6df10f26cacc80f18b40d6299523fde8c61

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /clicks/chapter2/GX-watch_files/main-es2015.a486239d1b6b56551079.js.download HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/clicks/chapter2/GX-watch.php?sid=990888&h=grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p

HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:35:37 GMT
Content-Type: application/octet-stream
Content-Length: 720806
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:08 GMT
ETag: "62e823e4-affa6"
Accept-Ranges: bytes
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iVHZhKaGRgXfIctb2khl2PvhyG%2BX%2F2UwQBYKAnva3psZpU06XH2xtMR9SRZ%2Bh%2FfMdsi3bmdPHQTd94XYgcojJXoBrXDXWlutGn%2BB2KD4ovFm0Fdtx%2F1SOqsClFz4OqRiP2T%2FrxgR"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 751130ba0ecc0b59-OSL
alt-svc: h2=":443"; ma=60

www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/1586101527005_heartbeat.jpg

172.67.129.207

200 OK

94 kB

URL HTTP/1.1
www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/1586101527005_heartbeat.jpg
IP
172.67.129.207:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x720, components 3\012- data
Size
94 kB (94011 bytes)
Hash
a0ebed5174260feaa33a4915bb96a491
777aa895cd21a81a88329387ed7a2de0f07c9a4d
9a80903f13d0921fd3cdf9ed17eba80bc42b64eebb9dea38a5544659ec4b7c92

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /clicks/chapter2/GX-watch_files/1586101527005_heartbeat.jpg HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/clicks/chapter2/GX-watch.php?sid=990888&h=grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p

HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:35:37 GMT
Content-Type: image/jpeg
Content-Length: 94011
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:08 GMT
ETag: "62e823e4-16f3b"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pxEuQ%2BcHWcBSUQR9%2FOcnj16Ad6fu6uZET0aRiC%2FhHmI4uvyA9CBrRDCgL2Wv%2FPAEiF6eLDexBdcfc4iYi0TXYDx2VvjmXkUzXpiEbsQNXZVA3UY665ROo5YtB1C0FS7HHGMJSJTr"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 751130bcef4fb523-OSL
alt-svc: h2=":443"; ma=60

www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/1586103483138_review__.jpg

172.67.129.207

200 OK

82 kB

URL HTTP/1.1
www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/1586103483138_review__.jpg
IP
172.67.129.207:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1000x600, components 3\012- data
Size
82 kB (82345 bytes)
Hash
277d28a5ee15b503ba507791bc9d0e60
a7279b9889c6e1f13c2aaecd03bc6960ec54a1bb
712eebff95f07402bc0884e094e06bbcd538881832ef6936cf566a86942e5dad

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /clicks/chapter2/GX-watch_files/1586103483138_review__.jpg HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/clicks/chapter2/GX-watch.php?sid=990888&h=grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p

HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:35:37 GMT
Content-Type: image/jpeg
Content-Length: 82345
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:08 GMT
ETag: "62e823e4-141a9"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d3b%2BTIz63DqVVlaIQY2%2FzaAk%2FEBb7tAt00RRNkw7hpKVqoEE8c%2BTt6WeQsBmqf8t2mbbB6Z%2Btf1xGUE17ck1URNcGsg%2FRmF23cVmkgmXQAwTrNrnt6OYGu%2FkK%2FR6wzzi7uvwKYj3"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 751130bceb330b3d-OSL
alt-svc: h2=":443"; ma=60

www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/OpenSans-Regular.5a798cdadc7cd321e3f7.ttf

172.67.129.207

404 Not Found

116 B

URL HTTP/1.1
www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/OpenSans-Regular.5a798cdadc7cd321e3f7.ttf
IP
172.67.129.207:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
116 B (116 bytes)
Hash
d6e62b966693d7822072903ae8310d00
2de307cf4db56a090d7633f2da9ce6d224f6ffb7
36bd7d3c61ddaa2cfd74438dfcc2552f527a5299abc17957073a05d4b1d5cecf

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /clicks/chapter2/GX-watch_files/OpenSans-Regular.5a798cdadc7cd321e3f7.ttf HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/styles.980a546aa37addf3afdf.css

HTTP/1.1 404 Not Found
Date: Tue, 27 Sep 2022 03:35:38 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1kebegcLsf0q3vTyC4IZAU8rJHKdZnLWfAPRJV2rToch6f0skqKDJc9oAL3mbKzpiWV80Tg4uHvaWNCYIEzxzFrSyByjZi83CF5K5Rh4tdGz0%2FiECldpys%2B6FdiFQ8qU9uFQewv5"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 751130be3819b523-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/1586104576554_realx_.jpg

172.67.129.207

200 OK

234 kB

URL HTTP/1.1
www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/1586104576554_realx_.jpg
IP
172.67.129.207:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1000x600, components 3\012- data
Size
234 kB (234504 bytes)
Hash
53204f36d6c135106517cbd07e1ea300
3b9db691224b222ebe4456b5cecce91ee382cb10
7bbae81b7732bd696dbcd5cae1079f699c9f6b09b731584c55e4a98497359c30

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /clicks/chapter2/GX-watch_files/1586104576554_realx_.jpg HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/clicks/chapter2/GX-watch.php?sid=990888&h=grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p

HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:35:37 GMT
Content-Type: image/jpeg
Content-Length: 234504
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:08 GMT
ETag: "62e823e4-39408"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ScktgmvcBfVTeqL2QrHGwCivH67r0slzY%2BY3KFJHUxWdqZFcuazZqR4g6ZDHGJMqhlNCsJ2Ta4SvZNbt9T5j3z%2FDENHB9X%2FhfsIROU9MbLZKS9QmwZRdAPk%2BH0IhPR%2Bjq1DE0KAJ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 751130bce9f8b4fa-OSL
alt-svc: h2=":443"; ma=60

www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/themes/default/assets/fonts/icons.woff2

172.67.129.207

404 Not Found

153 B

URL HTTP/1.1
www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/themes/default/assets/fonts/icons.woff2
IP
172.67.129.207:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
153 B (153 bytes)
Hash
706a98254456810d3e849c3957af9d01
e461d072a6ba8f0082d6f187eba7f053343529c6
8351c0267c2cd7866ff04c04261f06cd75af9a7130aac848ca43fd047404e229

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /clicks/chapter2/GX-watch_files/themes/default/assets/fonts/icons.woff2 HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/semantic.min.css

HTTP/1.1 404 Not Found
Date: Tue, 27 Sep 2022 03:35:38 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sWRAbYRfNd2Ny3fqO6Bp1Nef5eh0AdUjcg%2Fyve3AqnoRc1f0VjVKaRama%2BOapHmws9Q8seSH1MbYPZuxI9N8UFosw0%2FZw%2BzE12hh%2BWCcfTV%2BCw2y57OxjYTc62s1ud9y9UswtNqa"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 751130be6b03b4fa-OSL
alt-svc: h2=":443"; ma=60

www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/themes/default/assets/fonts/brand-icons.woff2

172.67.129.207

404 Not Found

153 B

URL HTTP/1.1
www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/themes/default/assets/fonts/brand-icons.woff2
IP
172.67.129.207:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
153 B (153 bytes)
Hash
706a98254456810d3e849c3957af9d01
e461d072a6ba8f0082d6f187eba7f053343529c6
8351c0267c2cd7866ff04c04261f06cd75af9a7130aac848ca43fd047404e229

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /clicks/chapter2/GX-watch_files/themes/default/assets/fonts/brand-icons.woff2 HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/semantic.min.css

HTTP/1.1 404 Not Found
Date: Tue, 27 Sep 2022 03:35:38 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=atfb2UqR8dpVfGBLq%2BHLE%2Be2UVEyZ8pj7yrutAmNonohbe5Y5psF5zQqPlUoXDeZIXL4LZanD8fIwlTqwH1ZeQlKpWzh3BsRauxLW8bWyzXvrHsFMGlMMJUl%2F8k3mwUXl0pnRhM5"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 751130be4f871bfa-OSL
alt-svc: h2=":443"; ma=60

www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/themes/default/assets/fonts/brand-icons.woff

172.67.129.207

404 Not Found

153 B

URL HTTP/1.1
www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/themes/default/assets/fonts/brand-icons.woff
IP
172.67.129.207:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
153 B (153 bytes)
Hash
706a98254456810d3e849c3957af9d01
e461d072a6ba8f0082d6f187eba7f053343529c6
8351c0267c2cd7866ff04c04261f06cd75af9a7130aac848ca43fd047404e229

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /clicks/chapter2/GX-watch_files/themes/default/assets/fonts/brand-icons.woff HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/semantic.min.css

HTTP/1.1 404 Not Found
Date: Tue, 27 Sep 2022 03:35:38 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hpf8qBTbeMd4LbH8QGyqyzrRg5PyS7eCNRcDqvO5XzjaYfi1r5CL6UDDuaJMoVrkUIPHt96IvvIJQ3ij24AopKt%2BALNEVl7d4T0nG4wJC4QuBDE0T%2FVZqzQ4Jcczw3GHM91XeFR%2F"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 751130beffc21bfa-OSL
alt-svc: h2=":443"; ma=60

www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/themes/default/assets/fonts/icons.woff

172.67.129.207

404 Not Found

153 B

URL HTTP/1.1
www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/themes/default/assets/fonts/icons.woff
IP
172.67.129.207:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
153 B (153 bytes)
Hash
706a98254456810d3e849c3957af9d01
e461d072a6ba8f0082d6f187eba7f053343529c6
8351c0267c2cd7866ff04c04261f06cd75af9a7130aac848ca43fd047404e229

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /clicks/chapter2/GX-watch_files/themes/default/assets/fonts/icons.woff HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/semantic.min.css

HTTP/1.1 404 Not Found
Date: Tue, 27 Sep 2022 03:35:38 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RTiTmSUjiW27ecAAiiR6x%2F5sVDjgecykWU7OfHygnNfTL%2FCNy0Mdz6IS%2BfAPFE2PdCEZ1EiSPlyYucCtMDz3lFEJ9YbYT0uHdA5%2BB%2FVhkd1SX%2BR75MyfKB4XI2S5m5gz%2Bdt2cxZP"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 751130befb52b4fa-OSL
alt-svc: h2=":443"; ma=60

www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/1586100334702_multi_view.jpg

172.67.129.207

200 OK

130 kB

URL HTTP/1.1
www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/1586100334702_multi_view.jpg
IP
172.67.129.207:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1000x600, components 3\012- data
Size
130 kB (130041 bytes)
Hash
376d40a13fb314f6348c39ac3b14ed6f
83fe6feebe524666e39a8f201ba10a3f4ce5f78b
458b44113e09b0eb516e6b13fd90d138b1ec195cee7cf02f7c415e2a4df37f24

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /clicks/chapter2/GX-watch_files/1586100334702_multi_view.jpg HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/clicks/chapter2/GX-watch.php?sid=990888&h=grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p

HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:35:38 GMT
Content-Type: image/jpeg
Content-Length: 130041
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:08 GMT
ETag: "62e823e4-1fbf9"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Siva7je4uHAQevRsYQ%2FRHOqHzW5U%2Fqv12OqZcgJ%2Bx9Z%2Bs8l2Ik8719FVZIduAUEk%2F7Z0vipQpf5osfg96zYEUO36in9KugCo9DcQLqqF%2BP6qWy6s4OWtEx6dP0fdBgFHBg0X7M1"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 751130be8be80b3d-OSL
alt-svc: h2=":443"; ma=60

www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/themes/default/assets/fonts/icons.ttf

172.67.129.207

404 Not Found

116 B

URL HTTP/1.1
www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/themes/default/assets/fonts/icons.ttf
IP
172.67.129.207:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
116 B (116 bytes)
Hash
d6e62b966693d7822072903ae8310d00
2de307cf4db56a090d7633f2da9ce6d224f6ffb7
36bd7d3c61ddaa2cfd74438dfcc2552f527a5299abc17957073a05d4b1d5cecf

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /clicks/chapter2/GX-watch_files/themes/default/assets/fonts/icons.ttf HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/semantic.min.css

HTTP/1.1 404 Not Found
Date: Tue, 27 Sep 2022 03:35:38 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Z2aoZZXXcQoRgkEs4X0syXz0IsXn1ucx80rRf03qokdsZPFjYoWqs7C6pa8Yfm4J7Iei6lfzyQCweimITei5HmbVv%2BrqXQdLp35%2FHfM%2BgsZGrQPVzvFiA%2Fc3uIkCIJZ6ldE4Yr3"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 751130bf8bb0b4fa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/1586102937853_review__.jpg

172.67.129.207

200 OK

111 kB

URL HTTP/1.1
www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/1586102937853_review__.jpg
IP
172.67.129.207:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1000x600, components 3\012- data
Size
111 kB (111187 bytes)
Hash
b559717db701371ec085ad351c4c5baf
de55a086bc86879864832d6038034aa9c131ffce
dc06f10b5152b28f2f8a1638e67b18025f22091259673cde91ce4921bd6b3bb3

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /clicks/chapter2/GX-watch_files/1586102937853_review__.jpg HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/clicks/chapter2/GX-watch.php?sid=990888&h=grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p

HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:35:38 GMT
Content-Type: image/jpeg
Content-Length: 111187
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:08 GMT
ETag: "62e823e4-1b253"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2FJQhFYmdMkaVLzjHrftoFBDkLVxG6Wov1k%2FuU3MbHxjgtR8%2BrKLrREGxwmdBXAOHXRG7f80j43D5ucM61ZT%2BDA8aBe%2BUloV66mkKENuSZipFLscHHsResulVtlXw%2Bi3pyPox2Kx"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 751130bedb45b4fa-OSL
alt-svc: h2=":443"; ma=60

www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/themes/default/assets/fonts/brand-icons.ttf

172.67.129.207

404 Not Found

116 B

URL HTTP/1.1
www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/themes/default/assets/fonts/brand-icons.ttf
IP
172.67.129.207:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
116 B (116 bytes)
Hash
d6e62b966693d7822072903ae8310d00
2de307cf4db56a090d7633f2da9ce6d224f6ffb7
36bd7d3c61ddaa2cfd74438dfcc2552f527a5299abc17957073a05d4b1d5cecf

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /clicks/chapter2/GX-watch_files/themes/default/assets/fonts/brand-icons.ttf HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/semantic.min.css

HTTP/1.1 404 Not Found
Date: Tue, 27 Sep 2022 03:35:38 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sGyBncpErBtZjHqqpkMLR7T%2BYlrUeWWQ18GeVKzVGEGGlMy16WLw0hNvjxhyWctpFn0PFfeN%2BQIYlst89CbbA0rQw6XgSZ%2BtDH4MMTUZX7ksD2ILeL5uG3S5JN8l8i4tBmR45sxG"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 751130bf6fdf1bfa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/1586100239946_banner__.jpg

172.67.129.207

200 OK

80 kB

URL HTTP/1.1
www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/1586100239946_banner__.jpg
IP
172.67.129.207:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1000x600, components 3\012- data
Size
80 kB (79716 bytes)
Hash
8c1c17dff8ed4ca1df320a8005f4860d
9cb0249e0b76ab6c6d81e53ccaf8b6a2f5687a0f
1df377f3d31d6b23fb51eb01bd038e8ad071e10e4f2a585246d1a2b0b794e4a3

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /clicks/chapter2/GX-watch_files/1586100239946_banner__.jpg HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/clicks/chapter2/GX-watch.php?sid=990888&h=grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p

HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:35:38 GMT
Content-Type: image/jpeg
Content-Length: 79716
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:07 GMT
ETag: "62e823e3-13764"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lYA1nQTnUufkZX0r7GxYUt0RDLW9ICSQyxWcVx18oDa60W%2FsLgc3TD1PNP%2FaFxxDfwZWQQjPbhqaGsugwHnTvIJcUc56b%2FQwFaTv493DfvZhWi6JWI0MLeTd2Ba9OUwFtQ0f3bk3"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 751130be783fb523-OSL
alt-svc: h2=":443"; ma=60

www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/1586102542256_features__.jpg

172.67.129.207

200 OK

103 kB

URL HTTP/1.1
www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/1586102542256_features__.jpg
IP
172.67.129.207:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1000x600, components 3\012- data
Size
103 kB (103271 bytes)
Hash
0309841be9f6c93b5163a6ab2cb19f2a
3abb34179b969dbabdb120d51ba02ac5151b1de7
bebc224b22cec1d226915bd2118a0fc9a53d50a9f369920b30ac0eb6495a0538

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /clicks/chapter2/GX-watch_files/1586102542256_features__.jpg HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/clicks/chapter2/GX-watch.php?sid=990888&h=grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p

HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:35:38 GMT
Content-Type: image/jpeg
Content-Length: 103271
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:08 GMT
ETag: "62e823e4-19367"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BCLHRJr4FRQ2xwvS%2BB5tYcS9OWjSuFc2Tk5xIxX8AUungIbVOlvea5wnGARJPaMSuou54aa%2FUq4NgL1wVm5i4Cz34qKyOEWRpqNQ9MCMDST%2B0V6DTxNlfQs8qlpq2G9powZki70v"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 751130bec867b523-OSL
alt-svc: h2=":443"; ma=60

amplify.outbrain.com/cp/obtp.js

23.38.201.81

200 OK

3.2 kB

URL HTTP/1.1
amplify.outbrain.com/cp/obtp.js
IP
23.38.201.81:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (8072), with no line terminators
Size
3.2 kB (3249 bytes)
Hash
9b19340ef7db3cbb26aa923adb8dbe6e
082e699bca6e80ca6c72a43f2894f4a32e785e26
c042b8b199b2c08fa66f90753998544860e3f64c3a1f47754a66970b3b8c5b2a

HTTP Headers

GET /cp/obtp.js HTTP/1.1
Host: amplify.outbrain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "51de2e10510f823326f9b30ea6068a2a:1655820557.452892"
Last-Modified: Tue, 21 Jun 2022 14:06:31 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1200
Expires: Tue, 27 Sep 2022 03:55:38 GMT
Date: Tue, 27 Sep 2022 03:35:38 GMT
Content-Length: 3249
Connection: keep-alive

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (19826 bytes)
Hash
cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Tue, 27 Sep 2022 02:41:09 GMT
expires: Tue, 27 Sep 2022 04:41:09 GMT
cache-control: public, max-age=7200
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
age: 3269
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
cf99681f6f1d6e00e0abca7033eb6219
73261f7daa90ce6fd7a81b10ed7bd762200c3f28
3f4bfe673679f8f0650774c07f8707a7013ac7e1c3e1b3b03e68cbaa5ccc1af6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4640
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 03:35:38 GMT
Last-Modified: Tue, 27 Sep 2022 02:18:18 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471

connect.facebook.net/en_US/fbevents.js

157.240.200.14

200 OK

27 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
157.240.200.14:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
27 kB (26840 bytes)
Hash
e1327a02d76346c7e23d114e4e508b30
195b8ad875ab8f7a7adf735f1f70aa02b3a2e1a3
331e67b451c6559915b12ab2df810ccdba73b3971c5301b2010b54dd6d391de2

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: jff2YPP/zZ1An4FvYSW1IsYguDDoK+xYyq7e5CsgUO0cG1bg9h05urCnkJlH4Mvfd0AVB1H3VGWz55jQxSliWA==
priority: u=3,i
content-length: 26840
x-fb-trip-id: 1679558926
date: Tue, 27 Sep 2022 03:35:38 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
cf99681f6f1d6e00e0abca7033eb6219
73261f7daa90ce6fd7a81b10ed7bd762200c3f28
3f4bfe673679f8f0650774c07f8707a7013ac7e1c3e1b3b03e68cbaa5ccc1af6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4640
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 03:35:38 GMT
Last-Modified: Tue, 27 Sep 2022 02:18:18 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
002d49bafbcc428a44fe523322ad9e05
b39aad0d1e941121f28af8f9b6d76f19216800d5
59a10c7762be219b689cd518aea4d034aa725c6a632b7f866989dcf984b5e007

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 03:35:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-22484186-3&cid=1644403411.1664249736&jid=535931529&gjid=2120477645&_gid=1838135638.1664249736&_u=YEBAAUAAAAAAAC~&z=570952299

64.233.162.156

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-22484186-3&cid=1644403411.1664249736&jid=535931529&gjid=2120477645&_gid=1838135638.1664249736&_u=YEBAAUAAAAAAAC~&z=570952299
IP
64.233.162.156:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-22484186-3&cid=1644403411.1664249736&jid=535931529&gjid=2120477645&_gid=1838135638.1664249736&_u=YEBAAUAAAAAAAC~&z=570952299 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://www.eauxcook.ru.com
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: http://www.eauxcook.ru.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 27 Sep 2022 03:35:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-126905093-1&cid=1644403411.1664249736&jid=726527261&gjid=816899124&_gid=1838135638.1664249736&_u=YEDAAUABAAAAAC~&z=361337715

64.233.162.156

200 OK

1 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-126905093-1&cid=1644403411.1664249736&jid=726527261&gjid=816899124&_gid=1838135638.1664249736&_u=YEDAAUABAAAAAC~&z=361337715
IP
64.233.162.156:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-126905093-1&cid=1644403411.1664249736&jid=726527261&gjid=816899124&_gid=1838135638.1664249736&_u=YEDAAUABAAAAAC~&z=361337715 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://www.eauxcook.ru.com
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: http://www.eauxcook.ru.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 27 Sep 2022 03:35:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

tr.outbrain.com/unifiedPixel?marketerId=00d6f88dd9fc53a7a314e8f968d681ae2a&obApiVersion=1.1&obtpVersion=1.8.2&name=PAGE_VIEW&dl=http%3A%2F%2Fwww.eauxcook.ru.com%2Fclicks%2Fchapter2%2FGX-watch.php%3Fsid%3D990888%26h%3Dgrl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa%2Fjfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p&optOut=false&bust=006060409846638437&referrer=

70.42.32.255

200 OK

60 B

URL HTTP/1.1
tr.outbrain.com/unifiedPixel?marketerId=00d6f88dd9fc53a7a314e8f968d681ae2a&obApiVersion=1.1&obtpVersion=1.8.2&name=PAGE_VIEW&dl=http%3A%2F%2Fwww.eauxcook.ru.com%2Fclicks%2Fchapter2%2FGX-watch.php%3Fsid%3D990888%26h%3Dgrl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa%2Fjfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p&optOut=false&bust=006060409846638437&referrer=
IP
70.42.32.255:0
ASN
#22075 AS-OUTBRAIN

File type
GIF image data, version 89a, 1 x 1\012- data
Size
60 B (60 bytes)
Hash
fb0fc5c090282e372b8bf8ff13ae3ee2
2de3834253ece606ce4d2a6f10a59654b6fa378b
90a8ffa59ad6227daafa10083d4cff2e9b295c9c82135b5f5cedd65b2e7c8ceb

HTTP Headers

GET /unifiedPixel?marketerId=00d6f88dd9fc53a7a314e8f968d681ae2a&obApiVersion=1.1&obtpVersion=1.8.2&name=PAGE_VIEW&dl=http%3A%2F%2Fwww.eauxcook.ru.com%2Fclicks%2Fchapter2%2FGX-watch.php%3Fsid%3D990888%26h%3Dgrl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa%2Fjfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p&optOut=false&bust=006060409846638437&referrer= HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/

HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:35:38 GMT
Content-Type: image/gif;
Content-Length: 60
Cache-Control: no-cache
X-TraceId: 54c2c93bf618754d285bf884384f8ba8
content-encoding: gzip

tr.outbrain.com/cachedClickId?marketerId=00d6f88dd9fc53a7a314e8f968d681ae2a

70.42.32.255

200 OK

56 B

URL HTTP/1.1
tr.outbrain.com/cachedClickId?marketerId=00d6f88dd9fc53a7a314e8f968d681ae2a
IP
70.42.32.255:0
ASN
#22075 AS-OUTBRAIN

File type
ASCII text, with no line terminators
Size
56 B (56 bytes)
Hash
77fbe8ab311fa20557d95906363035ed
5806df80f09a37e070d5f37c49f19797c2763fd0
4fa9f4ca5bfa56b9f8467324e3654f4a717dcd40b70c05b538092d8a101b0599

HTTP Headers

GET /cachedClickId?marketerId=00d6f88dd9fc53a7a314e8f968d681ae2a HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/

HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:35:38 GMT
Content-Type: application/javascript
Content-Length: 56
X-TraceId: d9d889da57e5b26134d4e2953e8c2212
content-encoding: gzip

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
002d49bafbcc428a44fe523322ad9e05
b39aad0d1e941121f28af8f9b6d76f19216800d5
59a10c7762be219b689cd518aea4d034aa725c6a632b7f866989dcf984b5e007

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 03:35:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5b7b66f5886a12421c3f3970bbf49d5a
13a31565fb5b2f1e75d67ba1ce09dae339f1c0e8
3ed8ffa99cefdf81381912b426c0ab9091fb5888836665d9012435965f99feba

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 03:35:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
95f95fee6e94fb192e7c06459e3e3f8e
025638b85afcc833cd592c98cc941dd011d2526f
dbc8654990b37741f8e393d069054ae68d584c2496421892e814e7a8c45467fd

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 03:35:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-22484186-3&cid=1644403411.1664249736&jid=535931529&_u=YEBAAUAAAAAAAC~&z=12550928

142.250.74.164

200 OK

86 kB

URL HTTP/2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-22484186-3&cid=1644403411.1664249736&jid=535931529&_u=YEBAAUAAAAAAAC~&z=12550928
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
gzip compressed data, from Unix\012- data
Size
86 kB (85919 bytes)
Hash
d387b69a22c9e97df7ce7cc89b994c33
fb3f469977fd101990140b86e3caa9996f4a8dc2
f8dba7fc9612ad8c2674b1b1ea60ebb6d37ef7342a332a7739ed728f9743dc38

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-22484186-3&cid=1644403411.1664249736&jid=535931529&_u=YEBAAUAAAAAAAC~&z=12550928 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 03:35:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-22484186-3&cid=1644403411.1664249736&jid=535931529&_u=YEBAAUAAAAAAAC~&z=12550928

142.250.74.3

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-22484186-3&cid=1644403411.1664249736&jid=535931529&_u=YEBAAUAAAAAAAC~&z=12550928
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-22484186-3&cid=1644403411.1664249736&jid=535931529&_u=YEBAAUAAAAAAAC~&z=12550928 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 03:35:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.facebook.com/tr/?id=2517737108351885&ev=PageView&dl=http%3A%2F%2Fwww.eauxcook.ru.com%2Fclicks%2Fchapter2%2FGX-watch.php%3Fsid%3D990888%26h%3Dgrl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa%2Fjfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p&rl=&if=false&ts=1664249736603&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.2.1664249736602.112306168&it=1664249736407&coo=false&rqm=GET

157.240.200.35

200 OK

0 B

URL HTTP/2
www.facebook.com/tr/?id=2517737108351885&ev=PageView&dl=http%3A%2F%2Fwww.eauxcook.ru.com%2Fclicks%2Fchapter2%2FGX-watch.php%3Fsid%3D990888%26h%3Dgrl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa%2Fjfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p&rl=&if=false&ts=1664249736603&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.2.1664249736602.112306168&it=1664249736407&coo=false&rqm=GET
IP
157.240.200.35:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tr/?id=2517737108351885&ev=PageView&dl=http%3A%2F%2Fwww.eauxcook.ru.com%2Fclicks%2Fchapter2%2FGX-watch.php%3Fsid%3D990888%26h%3Dgrl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa%2Fjfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p&rl=&if=false&ts=1664249736603&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.2.1664249736602.112306168&it=1664249736407&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Tue, 27 Sep 2022 03:35:38 GMT
X-Firefox-Spdy: h2

www.facebook.com/tr/?id=2517737108351885&ev=SmartWatch&dl=http%3A%2F%2Fwww.eauxcook.ru.com%2Fclicks%2Fchapter2%2FGX-watch.php%3Fsid%3D990888%26h%3Dgrl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa%2Fjfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p&rl=&if=false&ts=1664249736606&sw=1280&sh=1024&v=2.9.84&r=stable&ec=1&o=30&fbp=fb.2.1664249736602.112306168&it=1664249736407&coo=false&rqm=GET

157.240.200.35

200 OK

0 B

URL HTTP/2
www.facebook.com/tr/?id=2517737108351885&ev=SmartWatch&dl=http%3A%2F%2Fwww.eauxcook.ru.com%2Fclicks%2Fchapter2%2FGX-watch.php%3Fsid%3D990888%26h%3Dgrl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa%2Fjfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p&rl=&if=false&ts=1664249736606&sw=1280&sh=1024&v=2.9.84&r=stable&ec=1&o=30&fbp=fb.2.1664249736602.112306168&it=1664249736407&coo=false&rqm=GET
IP
157.240.200.35:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tr/?id=2517737108351885&ev=SmartWatch&dl=http%3A%2F%2Fwww.eauxcook.ru.com%2Fclicks%2Fchapter2%2FGX-watch.php%3Fsid%3D990888%26h%3Dgrl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa%2Fjfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p&rl=&if=false&ts=1664249736606&sw=1280&sh=1024&v=2.9.84&r=stable&ec=1&o=30&fbp=fb.2.1664249736602.112306168&it=1664249736407&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Tue, 27 Sep 2022 03:35:38 GMT
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4538701cf9bc34d908f50370beb922f4
df141b9c3ec626ecaba7c1899073a48b811c4113
61497b93eb237687a8fff5845a7a81aff2f2f53dc56f2d0818bfb98dd1256d6f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 03:35:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
95f95fee6e94fb192e7c06459e3e3f8e
025638b85afcc833cd592c98cc941dd011d2526f
dbc8654990b37741f8e393d069054ae68d584c2496421892e814e7a8c45467fd

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 03:35:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4822
Expires: Tue, 27 Sep 2022 04:56:00 GMT
Date: Tue, 27 Sep 2022 03:35:38 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4822
Expires: Tue, 27 Sep 2022 04:56:00 GMT
Date: Tue, 27 Sep 2022 03:35:38 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffffd9a36-7835-4249-a213-06720f62ce54.jpeg

34.120.237.76

200 OK

4.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffffd9a36-7835-4249-a213-06720f62ce54.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.3 kB (4327 bytes)
Hash
f9bc23ab347b5f2e2ec15d69f41f0cf0
a92af0438aa2b6637c0f69dabd0be00b3a43caf8
4382f21ee6727d4b4d21bd7d16b1821a57d9fec6c78dbf7e74bfdfbde51ec206

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffffd9a36-7835-4249-a213-06720f62ce54.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4327
x-amzn-requestid: 59493149-3c46-42c6-96aa-92c945fb4c40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlA1HzioAMFzxw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b9e-5bd13d5719a119a25650f405;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:37:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: nZuilN7CTsQ_XYx39le70nZKRzVBDyygmYdaHVmBnpi8teTUB1Faxw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:49:18 GMT
age: 20780
etag: "a92af0438aa2b6637c0f69dabd0be00b3a43caf8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8480871-279b-49d0-8a83-97fd2e1ef4f1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.3 kB (9304 bytes)
Hash
b97879edd864c4f251a6668c8201095f
28938e97773ac1a51a529e85284d228239641f01
143cd15afadce309b970b525818be68c23fcb2322a66ac915d1dc7418968b6c5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8480871-279b-49d0-8a83-97fd2e1ef4f1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9304
x-amzn-requestid: d0045fdc-1e02-4039-9e0e-d3b8b255f205
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1-koF_eoAMFyHA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632bde1d-1cb029d169ec2b1651b2ac78;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 04:01:33 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7XXVE-hcLMoCU9jUDrgReSZMkPLz_GEAKoc_gR4Ai4hoCeZXfiC3tg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 05:28:34 GMT
age: 79624
etag: "28938e97773ac1a51a529e85284d228239641f01"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe29cee89-5693-407a-b182-e52f8fe5734f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11885 bytes)
Hash
1f0a1508f459d7774c0d63ff682532c0
03edfe254fa4f5c88bf9c8868edd9cdf07bf5d0d
eebf3b550e7a675a2231e97575e8be57e8d1216126a711cdef73ccbc5dd1e773

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe29cee89-5693-407a-b182-e52f8fe5734f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11885
x-amzn-requestid: a8f6d57a-8bd3-42b9-80ba-695c5baac04b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YshLpHZPIAMFZiQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328157d-4ef5eb306dde741502e46f24;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 07:08:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JSWNUGbYq_zNf2L2AwkLuPfnGUTsX6iqCB5ESRr3dX-0voDgtu4KnQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:59:27 GMT
age: 20171
etag: "03edfe254fa4f5c88bf9c8868edd9cdf07bf5d0d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8342bc11-d95e-4085-a7ca-d421aba94a91.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.6 kB (4573 bytes)
Hash
efaaa002eb6251769ea6dbf306ced3a1
9f99fa947a603fd6b10ff149e379cd04ad83d27a
238e0ca1aa29223416c34ef2dfcc6570c00e27a98991d91efc16e9bc4083c197

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8342bc11-d95e-4085-a7ca-d421aba94a91.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4573
x-amzn-requestid: ff35a66a-caf2-4ff4-b850-01a584fc2aa0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yv1B8FzLIAMFSPw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63296872-5b4a410a2827baf5598d58e7;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 07:14:58 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: NFjYOqhUeb3yyjMNWpoBNq_xcsX3wXvc3-rqJt4cGbJXY9Sxr5KpDA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 15:29:19 GMT
age: 43579
etag: "9f99fa947a603fd6b10ff149e379cd04ad83d27a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (13213 bytes)
Hash
62e68c3cd08dd94d910507512a67e85f
3d4fa8701f17e8818c25584ef5f04bfbee8440cd
058d798963f83f5fb88ab728185f755c5353fa981d93e1b6ff869089f501586b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13213
x-amzn-requestid: 09f8fee2-6830-4bec-af40-f2fb6547bc63
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFkreH5poAMFdxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b16-0afbf5e01a013e6f0db53da1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:35:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: CwkfEPDseHez7mArqwz8tmC3WHFwXAZF1OSColucaQ5vG2hvBIDWOg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:42:47 GMT
age: 21171
etag: "3d4fa8701f17e8818c25584ef5f04bfbee8440cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.2 kB (9163 bytes)
Hash
deb8d1e3b6d7fbc8c8ba478269621676
84f5a4c8b38acde814bc790e5b514347718d5bb9
ed14fa766f0708b4166e83b61f160db5671af430917b7c67184bf18d9208742b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9163
x-amzn-requestid: 8ccd9b1f-bef9-4591-be32-e6dd98f4ee78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlKpEZrIAMFS1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bdd-4a40b9c8281b64c725fec0f1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:38:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Lf6qqokEw32egp3ofmJGtUTAt3RD2f9rVq5gskbhrk_VFGweeo0oCQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:49:18 GMT
age: 20780
etag: "84f5a4c8b38acde814bc790e5b514347718d5bb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/scripts.f7764ecf794a9df7be6b.js.download

172.67.129.207

200 OK

0 B

URL HTTP/1.1
www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/scripts.f7764ecf794a9df7be6b.js.download
IP
172.67.129.207:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /clicks/chapter2/GX-watch_files/scripts.f7764ecf794a9df7be6b.js.download HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/clicks/chapter2/GX-watch.php?sid=990888&h=grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p

HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:35:37 GMT
Content-Type: application/octet-stream
Content-Length: 740762
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:08 GMT
ETag: "62e823e4-b4d9a"
Accept-Ranges: bytes
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P3a9PMk2SNFd2t74F8idEIrWhNjenpUmmqolDgjDQi8Hp2s%2B%2Bn92elLSb44LXL0BRfBNI9v%2FgKQNpQFfRJFkeo307%2FzIosAsgtoNJC4IQMxu0Pj7SdYs83uGmDp5HusgOJAso0oK"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 751130b9fdacb523-OSL
alt-svc: h2=":443"; ma=60

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (19)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations