Report - syndication.exdynsrv.com/splash.php?cat=&idzone=4734030&type=8&p=tioanime.com/anime/baki-2018&sub=&tags=&el=&cookieconsent=true&scr_info=cmVtb3RlfHBvcHVuZGVyanN8MjYyMjU2NjY=&tested=2

Report Overview

Submitted URL
syndication.exdynsrv.com/splash.php?cat=&idzone=4734030&type=8&p=tioanime.com/anime/baki-2018&sub=&tags=&el=&cookieconsent=true&scr_info=cmVtb3RlfHBvcHVuZGVyanN8MjYyMjU2NjY=&tested=2
IP
95.211.229.246
ASN
#60781 LeaseWeb Netherlands B.V.
Submitted
2022-12-09 03:43:10
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.9 kB	34.160.144.191
syndication.exdynsrv.com	34243	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	6.9 kB	95.211.229.247
faptitans.com	353083	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.2 kB	3.9 kB	138.201.149.27
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	676 B	1.5 kB	23.36.76.226
my.rtmark.net	9054	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	2.0 kB	139.45.195.8
syndication.realsrv.com	9112	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	990 B	1.0 kB	95.211.229.246
lostincunt.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	572 B	6.8 kB	172.67.215.107
iadoremakingpics.com	170567	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	429 B	77 kB	104.21.65.147
runative-syndicate.com	31587	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	437 B	633 B	136.243.43.25
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
syndication.exoclick.com	22750	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	2.1 kB	95.211.229.247
cdn.faptitans.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	388 kB	104.19.254.19
status.thawte.com	5123	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341 B	797 B	93.184.220.29
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	477 B	17 kB	216.58.207.227
main.realsrv.com	91110	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	834 B	872 B	95.211.229.247
epoch.com	178156	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	395 B	82 kB	104.18.4.99
simplewebanalysis.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	822 B	1.5 kB	18.185.190.54
rivne.space	778292	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	485 B	835 B	104.21.47.163
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	421 B	14 kB	142.250.74.106
main.exoclick.com	33599	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	836 B	1.2 kB	95.211.229.247
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	6.9 kB	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.42.148.177
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	59 kB	34.120.237.76
d39iocnrk5rxnb.cloudfront.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	396 B	526 B	54.230.245.148
a.exoclick.com	71579	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	325 B	922 B	205.185.216.42
syndication.traffichaus.com	53588	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	523 B	694 B	66.254.114.233
professionalswebcheck.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	604 B	508 B	18.185.190.54
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	2.8 kB	216.58.211.3
twistconcept.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	399 B	1.4 kB	172.67.215.17
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	350 B	1.2 kB	54.230.245.110
s.opoxv.com	53756	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	756 B	868 B	95.211.229.246
goplayhere.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	488 B	993 B	172.67.187.242
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.7 kB	1.8 MB	23.36.76.226
offers.hooligapps.com	456812	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	368 B	2.0 kB	172.67.172.137
tsyndicate.com	13042	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	429 B	625 B	162.55.130.248

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-09	medium	simplewebanalysis.com/px.gif?akey=068f30d41a2c432d6c8a96d5a7fc6706	Malware
2022-12-09	medium	simplewebanalysis.com/px.gif?akey=4bd743ddcc79bd80ae00a9d22a3fcb14	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (18)

	URL	Size	First Seen	Last Seen
	cdn.faptitans.com/s1/__64/locale/en.js	26 kB	2023-03-08	2024-02-27
Pretty URL cdn.faptitans.com/s1/__64/locale/en.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:19:36 Last Seen2024-02-27 06:15:27 Times Seen14 Hash ff888c3a3168e77ecc7414bc0ceb85fe 4eca89e503fb709008c4432a81bc6d73ae343de0 af80d5dc54893f6c17e5e9b42b3237a59a9b2803d43af3ea0c0e830738c76c26 Loading...

	cdn.faptitans.com/s1/__1152/vendor.js	994 kB	2023-03-08	2024-02-27
Pretty URL cdn.faptitans.com/s1/__1152/vendor.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:19:36 Last Seen2024-02-27 06:15:26 Times Seen11 Hash f51f75d45ac7dc1a024fb3c89bddd059 16c94d5537603711ed259a11acb3c72cc2a8738f f2f85b56fbeb1263d3f67bb19ec51a5ba1af175819bfc0f8414f4b4916036afb Loading...

	cdn.faptitans.com/s1/__1152/conf.js	5.6 MB	2023-03-08	2023-03-08
Pretty URL cdn.faptitans.com/s1/__1152/conf.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:19:36 Last Seen2023-03-08 23:19:36 Times Seen1 Hash b4d5e3ffb3cf877ee228f48751ba1f85 f6b518d815a32a2fc3833ed9de62e2aa02cc28e2 2546c565fbde283e942d278400c515e6f63ce4fb853466d72ef8c64833507215 Loading...

	cdn.faptitans.com/s1/__1152/app.js	3.8 MB	2023-03-08	2023-03-08
Pretty URL cdn.faptitans.com/s1/__1152/app.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:19:36 Last Seen2023-03-08 23:19:36 Times Seen1 Hash ebb1f8abe83724f023dd1dc77ae01b06 bcd3f20368771d44f1aefeaafe37da36719fbe8d 36c88741e293068f8f8fc508f26a509a9a0138da3ea869d732818c4937b94fc4 Loading...

	faptitans.com/	664 B	2023-03-08	2023-03-08
Pretty URL faptitans.com/ IP 138.201.149.27 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:19:36 Last Seen2023-03-08 23:19:36 Times Seen1 Hash 01669c949c542db509662c37354b0e1d 8a30f0f20a0a73da740883e8dffe2424bb3f7f50 5a16e57b0f72c6f7b7c05d9b270b86f261747368a00d4bd18072e0f84c70953b Loading...

	faptitans.com/	333 B	2023-03-08	2023-03-08
Pretty URL faptitans.com/ IP 138.201.149.27 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:19:36 Last Seen2023-03-08 23:19:36 Times Seen1 Hash 349b7970bb59f3b89388aabe8470499d 55a9462aae7c9f73594db61d3e9c8aff74622091 f4cc0da2c8d8709d3c4aefef526f33b1a8403c956580a2bad93fb3ebd821820f Loading...

	faptitans.com/	305 B	2023-03-08	2024-02-27
Pretty URL faptitans.com/ IP 138.201.149.27 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:19:36 Last Seen2024-02-27 06:15:27 Times Seen11 Hash f57a4a4b30a31527c576aae51803ef33 a5f77508eef528f30b52b7a232d3f5c83c648a39 6b8399207a5e63142f23da8324227861d71218f5de60920681d6cd6489f85e9e Loading...

	a.exoclick.com/tag_gen.js	1.0 kB	2023-03-07	2023-05-03
Pretty URL a.exoclick.com/tag_gen.js IP 205.185.216.42 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:21 Last Seen2023-05-03 11:49:17 Times Seen218 Hash e04e1dcc070d00703ed07cf1d8d4dbbb a56c0470b9aa925085e51a6271a4a2185006fc13 3f89c138ce1226da6cf58792344304839adeea6fc1fad2ba4ff9fc137abb70a0 Loading...

	faptitans.com/	58 B	2023-03-08	2024-02-27
Pretty URL faptitans.com/ IP 138.201.149.27 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:19:36 Last Seen2024-02-27 06:15:27 Times Seen11 Hash 59a3fe6d40ee0f069824e2f973d02c09 1163d7d04b82aee2abcf3cec56d778c1f71935ee d65aa676e19d7668586acdd53671afca0acb1715ff5d6426f10b57840ce46f72 Loading...

	faptitans.com/	1.4 kB	2023-03-08	2024-02-27
Pretty URL faptitans.com/ IP 138.201.149.27 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:19:36 Last Seen2024-02-27 06:15:27 Times Seen11 Hash 24f202c82c14604b6c95fe8e83ce9b5e 48accff6cc2af72c917316c9fd42313abf1a17b5 fcf56b982a2c2d892e1bee1c7b50d39d6e663a59862ff470d7b0ac07a0c1bae0 Loading...

	epoch.com/compliance/epoch_descriptor.php?master_code=M-607000	75 B	2023-03-08	2024-02-27
Pretty URL epoch.com/compliance/epoch_descriptor.php?master_code=M-607000 IP 104.18.4.99 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 08:42:10 Last Seen2024-02-27 06:15:28 Times Seen84 Hash 4c3b9b7df4a3326c84da0c4a89717fe4 3a9f58004f386d11e69aa2d0ed3d5b012fdfea2c e282575868c67d80a6931093daccaa645754d8d38766a373dc2eaa0e038f495b Loading...

	faptitans.com/	12 kB	2023-03-08	2023-03-08
Pretty URL faptitans.com/ IP 138.201.149.27 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:19:36 Last Seen2023-03-08 23:19:36 Times Seen1 Hash d26f318ea3e62c5415234f475df3de83 1a18312b956c2ea783062811fc9faa0747545287 44ea3e5b2a255e7d557e6cf8851db60042ffd34259647b981837f348d3e9d2ef Loading...

	faptitans.com/	723 B	2023-03-08	2024-02-27
Pretty URL faptitans.com/ IP 138.201.149.27 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:19:36 Last Seen2024-02-27 06:15:27 Times Seen11 Hash 4347068136c6b07cfe22b4870d3078fb a7defbdb072b192362c309f4c201f5b2e696ccf5 2612e9dcd4713747f7a94719e1166a21c50d1646a43e676c9c0a166949f69086 Loading...

	twistconcept.com/index.min.js?pk=068f30d41a2c432d6c8a96d5a7fc6706	652 B	2023-03-08	2023-08-25
Pretty URL twistconcept.com/index.min.js?pk=068f30d41a2c432d6c8a96d5a7fc6706 IP 172.67.215.17 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:44 Last Seen2023-08-25 08:03:34 Times Seen61 Hash 01a127c75bfb3af3f7dadcfb76dea285 1574b0cc420485c73fa9262b11c18cc24c1105b3 dd4a94c7375b7ab6958904bdcb765f6900226be76e2068a68007bf5000968b13 Loading...

	faptitans.com/	1.2 kB	2023-03-08	2023-03-08
Pretty URL faptitans.com/ IP 138.201.149.27 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:19:36 Last Seen2023-03-08 23:19:36 Times Seen1 Hash a38281e7e68708e69510f4cff347b2b4 70d465ff5712373448bd8b4e67d06d3326a566e2 53e93f3737692714d0961e9c314f1acb1ed6e363a71cf804b8bc361b46db2880 Loading...

	cdn.faptitans.com/s1/__1152/boot.js	8.1 kB	2023-03-08	2023-03-09
Pretty URL cdn.faptitans.com/s1/__1152/boot.js IP 104.19.254.19 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:19:36 Last Seen2023-03-09 16:56:28 Times Seen1 Hash 6f230452e4d975903aee8a0c616ddc9b 1312eac4f7f6b2c71a2c64d749f3d87dce2210a3 482cb8c2bdcfabedbdfd90f170e46ed0f76810e825958434977d45acab3b0c80 Loading...

	offers.hooligapps.com/xoffers_v2.js	2.1 kB	2023-03-08	2024-02-27
Pretty URL offers.hooligapps.com/xoffers_v2.js IP 172.67.172.137 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:19:36 Last Seen2024-02-27 06:15:28 Times Seen29 Hash 775d7e56ed93e5c20e894cfd45cf04eb aac4146ac3c95af19274907cd1536079e7016d8d 7a04a56d03b73e3ae646ca7457fd5cc58d429a41ad033df73604aa202df783b1 Loading...

		Size	First Seen	Last Seen
	#1 Eval - a73743c5b3414ee67bef1b9a4a1858a0	35 B	2023-03-08	2024-04-07
Pretty Observations First Seen2023-03-08 23:19:36 Last Seen2024-04-07 21:33:18 Times Seen20 Hash a73743c5b3414ee67bef1b9a4a1858a0 335f23df405141cd4f0027be109c89b1eb485a4e ba6f1d5919ab18ea56d18c25ee06c74efb9ffa4670f3323b24c0218a160c47d4 Loading...

HTTP Transactions (88)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8377
Expires: Fri, 09 Dec 2022 06:02:35 GMT
Date: Fri, 09 Dec 2022 03:42:58 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aea93551fa9deb76ae49a3b4019d64fe
e3b8862057ebe839959228e42246d7b1807fc90c
7e210f03b140418085e94ec20c1d27d6ecf7a404cbd323e16476ae5ae95d6dac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5869
Expires: Fri, 09 Dec 2022 05:20:47 GMT
Date: Fri, 09 Dec 2022 03:42:58 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 09 Dec 2022 03:08:17 GMT
content-type: application/json
age: 2081
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5534
Expires: Fri, 09 Dec 2022 05:15:12 GMT
Date: Fri, 09 Dec 2022 03:42:58 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: eH/y6VommAtFe9HyRbXSspcjx8xNE3+XQVbhGSJDXimvgnW2RoMm5VneukyI1VTHOEtFkVa4cmHLpRmR29Joyg==
x-amz-request-id: 9RVQKBYZ2TCP512B
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 09 Dec 2022 02:48:09 GMT
age: 3289
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

syndication.exdynsrv.com/splash.php?cat=&idzone=4734030&type=8&p=https://tioanime.com/anime/baki-2018&sub=&tags=&el=&cookieconsent=true&scr_info=cmVtb3RlfHBvcHVuZGVyanN8MjYyMjU2NjY=&tested=2

95.211.229.247

302 Found

0 B

URL HTTP/1.1
syndication.exdynsrv.com/splash.php?cat=&idzone=4734030&type=8&p=https://tioanime.com/anime/baki-2018&sub=&tags=&el=&cookieconsent=true&scr_info=cmVtb3RlfHBvcHVuZGVyanN8MjYyMjU2NjY=&tested=2
IP
95.211.229.247:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /splash.php?cat=&idzone=4734030&type=8&p=https://tioanime.com/anime/baki-2018&sub=&tags=&el=&cookieconsent=true&scr_info=cmVtb3RlfHBvcHVuZGVyanN8MjYyMjU2NjY=&tested=2 HTTP/1.1
Host: syndication.exdynsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Server: nginx
Date: Fri, 09 Dec 2022 03:42:58 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226392aec25d8610.956298012409665413%22%3B%7D; expires=Sun, 08 Dec 2024 03:42:58 GMT; path=; domain=.exdynsrv.com;
impressions=cmmsxrbonxgxameexmllsgeicmmsxaeenxgxamecmrmabgeimacslbecnxgxaaabssxamgeislsaroornxgxamercxaxlgeicxbmsbxcnxgxaallaccblgeioslmrxlrnxgxamecmscacgeiccmmlmlcnxgxameomroeegeialbsereanxgxaalrollmegeioslmrxbrnxgxamercxaxlgeicxbmsbcenxgxaallsbmbbgeioslmrxlsnxgxamercolsxgeicxbmsbocnxgxaallcccaogeicxbmsboenxgxaalbaaamegeiclsmarcanxgxaaallsxlcgeiclsmrrmanxgxaaallsxlcgeirbabxabbnxgxameexmllsgeiccmmlleanxgxameexmerxgeimcrxsbcenxgxaameollsmgeimreaoboenxgxaameollsmgeimcclosscnxgxaalccxmexgeimacslbeenxgxaaboslelageioslmroemnxgxamecmrmabgeioslmrxbmnxgxamesrlmlogeicaxsscmbnxgxamexrbcemgeicaormlxonxgxaamealeoegeicaormbmcnxgxaamealeoegeimcclsxscnxgxaamsmxlcageimccloscanxgxaallmalxmgeimreaomxenxgxaamelbbsbgeimreaobscnxgxaamelbbsbgeimcclosconxgxaallsbmbbgeimcclsoeonxgxaamxaacblgeimacslbeonxgxaaloesaslgeimcclsxsanxgxaamsmxlcageimcclsxlbnxgxaamssmcolgeimaecseaonxgxaamssmcolgeimaecsxeonxgxaamssmcolgeimaecseronxgxaamssmcolgeimrblelrenxgxaamssmcolgeiccmmllebnxgxameoxbrrrgeimcclsxlonxgxaamcsebsxgeimcclsoeenxgxaamcrclalgeimcclsxsbnxgxaamcrclalgeimcclossbnxgxaalbexcrageimcclsxlcnxgxaamrscxmxgeimaecseranxgxaabrlemaegeimcclosccnxgxaamrscxmxgeicaormlxcnxgxaalbxrlcegeicaormbmbnxgxaalrexasogeiclsmrbsenxgxaamaxcsxcgeialbserebnxgxamexsrmoogeimcclsxconxgxamecabelcgeimcclsxmenxgxamecabelcgeialbserxonxgxaalbcxbsageimccloscenxgxaalmlsmmcgeimcclsxxonxgxameexxllrgeimcclsxbcnxgxameomoscbgeicaormlxanxgxaammacmrxgeimcclsxaonxgxamesemoslgeimrblxxxbnxgxaambboecmgeimrblxelcnxgxaambboecmgeimrblxxrbnxgxaambboecmgeialbserxenxgxamexmlmxxgeimacslbeanxgxaablxaelxgeialbserecnxgxameoxbrrrgeiccmmllecnxgxamexsrmoogeisaeeasslnxgxaabrbeccogeimcclossanxgxaabrlemaegeimcclsxronxgxamesemoslgeimaecseabnxgxaabrlemaegeimrblelrcnxgxaabrlemaegeimrblxemonxgxaabrlemaegeimcclsxcanxgxaalrlccrxgeimaecsxoonxgxaabmalbxxgeircsxcxscnxgxaabbxeomsgeicaormbbenxgxaalexxbcxgeiabeocmconxgxaablxrcmmgeimcclsxxcnxgxaalesmxrsgeimrblxeeanxgxaablsaloageimaecsemanxgxaalmmeabageimaecselonxgxaaloaroaageimcclsxacnxgxameolxrmmgeimcclselenxgxamecrasabgeimaecsxronxgxaalxmmoorgeimaecsxsenxgxaalxmmoorgeimaecsercnxgxaalxmmoorgeimaecsembnxgxaalxmmoorgeimaecselenxgxaalxmmoorgeimaecobobnxgxaalsmleergeimaecomoanxgxaalsbbboageimrblxxoenxgxaalsbmacmgeimaecobsbnxgxaalsbbboageimrblxosonxgxaalsbbboageimcclsxmanxgxamecrasabgeimaecsxccnxgxaalmeeamageimrblxeecnxgxaalmeeamageimrblelronxgxaalmeeamageimrblelmonxgxaalmeeamageimaecseacnxgxaalmmeabageimaecsxxcnxgxaalmmeabageicaormbmanxgxaalbxrlcegeimaecsxocnxgxaalbrxssogeicaormlobnxgxaallcccaogeimaecomrenxgxameexxllcgeimrblxxxanxgxameexxllrgeimrblxosbnxgxameexxllrgeimaecomlonxgxameexxllrgeimcclselanxgxameobesbsgeimrblxoxenxgxameexmllsgeimaecomconxgxameexmllsgeiclsmrrrenxgxamexlcmeageiclsmarocnxgxamexlcmeageiclsmrbecnxgxamexlcmeageiclsmarcbnxgxamexlcmeageimmccrbeanxgxamecrasabgeimmccrlacnxgxamecmrmabgeimrblxeoenxgxamecrasabgeimmccrlaonxgxamecmscacgeimrxccosoncgxamecmselogxcceicloaxxacnxgxamecmselsgxcceixaoossalnsgxamecmselsgxcceimmccrbxenxgxamecbxbacgeimmcorsxonxgxamecmscacgxcceicmarxbbonsgxamecmscacgxcceialbmlesenxgxamecmcmrogxcceimrxmbarenxgxamecmcmrogxcceimxlbmoconcgxamecmrsbogxcceicloaxxaanxgxamecmmsrogxcceimraeelabnsgxamecmmcxsgxcceimrxccosancgxamecmmcsogxcceimxxerreonxgxamecmmcsogxcceiceecmorsnxgxamecmmcsogxcceimeembesonxgxamecmbbmegxcceimxxerrxenxgxamecmlbxegxcceimcssmlrensgxamecmlbxegxcceialbbebsbnxgxamecmlbxegxcceimmossscensgxamecmlbxegxcceimxxerrebnxgxamecbeobxgxcceimxlbalcenogxamecbeobogxcceimeembescnxgxamecbessmgxcceialrexeoonxgxamecbxmbmgxcceimmccrlaenxgxamercolsxgeimcoaxmxoncgxamecbsaregxcceimeembecenxgxamecbsaregxcceimasbmxconxgxamecbmrbsgxcceimxlbmosensgxamecbbmbcgxcceimmooobranogxamecloaaogxcceimeelaclonogxamecloaaogxcceimeelaclanxgxamecloaaogxcceicloaxxabnxgxameclomccgxcceimmcoaalenxgxameclcbsbgxcceimxlbmosanogxamerexxbogxcceimcoaxmxcncgxamereobergxcceimcssmlrcnsgxamereobergxcceimrceboxanxgxamerelarmgxcceimaoobbebnxgxamerelarmgxcceicloaecoanxgxamerelarmgxcceimmooobronogxamerelbregxcceimaabamcanxgxamerelbregxcceimxreaomcnxgxamerxslmbgxcceimmxerbocnxgxamerxslmlgxcceimmosssconsgxameroxoscgxcceimcssmlroncgxameroxoscgxcceimxlbmosonrgxameroxoscgxcceialbbebrenxgxameroxoscgxcceimmcaacrancgxameroxoscgxcceialrexexbnxgxameroxmargxcceimclsaoxbnmgxamerooesbgxcceimxxerrecnxgxamerooeslgxcceimexexabbnxgxamerooecxgxcceicxmecmcanxgxamerooecxgxcceimrbleaxonogxameroarrbgxcceimxlbmoobnogxamerssomrgxcceimxlbalscnxgxamerscassgxcceimmsoxrlenxgxamersreclgxcceimrxccoscnxgxamersrlacgxcceimxeoxsbenxgxamersblamgxcceimxlbmxbbnxgxamersblamgxcceimsacexoonxgxamersblamgxcceimmcorsebnxgxamersblamgxcceimxlbmxlonogxamercxaxlgxcceislmbeslrnxgxamercxaxlgxoaeimmcorsxanogxamercxaxlgxcceimxeoxsacnogxamercxaxlgxcceimaoolcoonxgxamercxmxcgxcceimmccrbebnxgxamercolsxgeimmxcxslenxgxamercolsxgxcceimmsoxrlonxgxamerccesxgxcceimmsxrlabnxgxamerccesxgxcceimaalslbanogxamerccesxgxcceimmsoxrlcnxgxamerccesxgxcceimrbxmxmanxgxamercbeblgxcceimmoabamcnogxamercbeblgxcceimaoobrbcnogxamercbeblgxcceimaooloranxgxamerrsxaagxcceimaoobrbanogxamerrsxaagxcceialbmmbbenxgxamerrsrbcgxcceimmooobrcnxgxamerrsrbcgxcceiaaxcambbnxgxamerrsrbcgxcceimromoslanxgxamerrsrbcgxcceimxlbmoscnxgxamerrsrbcgxcceimxeemleanxgxamerrsrbcgxcceimrcebeaenxgxamerrmsmbgxcce; expires=Sat, 10 Dec 2022 03:42:58 GMT; path=/; domain=.exdynsrv.com;
c-tag=%7B%22tag-link%22%3A%22v3%7C%7CNOR%7C4734030%7C75408060%7C0%7C%7C517%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C0%7C%7C8eb713ec8cdc14035d0efbf4dd15f05c%7C0%7Ctioanime.com%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D; expires=Sat, 10 Dec 2022 03:42:58 GMT; path=/; domain=.exdynsrv.com;
Location: https://goplayhere.com/?5defa5d178518&ag_custom_domain=tioanime.com
X-Robots-Tag: noindex, follow

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 03:42:58 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
07f4d799f20c86bc36a16a606fbed917
e05f5cd071693de228d62d3e54b2626fcb3c9707
8ed3c868d556318eb23d4dc0592daa2b8ceaec5bedb493b7c59f5959471f11a0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 826
Cache-Control: max-age=129007
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 03:42:58 GMT
Etag: "63920077-118"
Expires: Sat, 10 Dec 2022 15:33:05 GMT
Last-Modified: Thu, 08 Dec 2022 15:19:19 GMT
Server: ECS (amb/6BAC)
X-Cache: HIT
Content-Length: 280

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
07f4d799f20c86bc36a16a606fbed917
e05f5cd071693de228d62d3e54b2626fcb3c9707
8ed3c868d556318eb23d4dc0592daa2b8ceaec5bedb493b7c59f5959471f11a0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 826
Cache-Control: max-age=129007
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 03:42:58 GMT
Etag: "63920077-118"
Expires: Sat, 10 Dec 2022 15:33:05 GMT
Last-Modified: Thu, 08 Dec 2022 15:19:19 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 280

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ebe0b335e4b0695680ce797853f3cc5f
5e4885483eb193470edd22c9489717f39831f04b
9d4addec8d3829b107682fbb2363b43cca5c0045bf5f29aa91e760d181a1469a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9D4ADDEC8D3829B107682FBB2363B43CCA5C0045BF5F29AA91E760D181A1469A"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7612
Expires: Fri, 09 Dec 2022 05:49:51 GMT
Date: Fri, 09 Dec 2022 03:42:59 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Cache-Control, Backoff, Content-Length, Content-Type, Last-Modified, ETag, Expires, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 09 Dec 2022 03:07:55 GMT
age: 2104
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

faptitans.com/?utm_campaign=pu_exo_manga_na&utm_medium=click&utm_source=bn&utm_content=tioanime.com&bnid=direct&crID=4539&zID=95870&land=direct

138.201.149.27

302 Found

0 B

URL HTTP/2
faptitans.com/?utm_campaign=pu_exo_manga_na&utm_medium=click&utm_source=bn&utm_content=tioanime.com&bnid=direct&crID=4539&zID=95870&land=direct
IP
138.201.149.27:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?utm_campaign=pu_exo_manga_na&utm_medium=click&utm_source=bn&utm_content=tioanime.com&bnid=direct&crID=4539&zID=95870&land=direct HTTP/1.1
Host: faptitans.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
date: Fri, 09 Dec 2022 03:42:59 GMT
content-type: text/html; charset=utf-8
content-length: 0
location: /start/
vary: Accept-Language, Cookie
content-language: en
set-cookie: sessionid=koai6hlmzhyazuoqjcfb4k8vvxjcwf1d; expires=Sun, 11-Dec-2022 03:42:59 GMT; HttpOnly; Max-Age=172800; Path=/
strict-transport-security: max-age=43200
X-Firefox-Spdy: h2

faptitans.com/start/

138.201.149.27

302 Found

0 B

URL HTTP/2
faptitans.com/start/
IP
138.201.149.27:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /start/ HTTP/1.1
Host: faptitans.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: sessionid=koai6hlmzhyazuoqjcfb4k8vvxjcwf1d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 302 Found
date: Fri, 09 Dec 2022 03:42:59 GMT
content-type: text/html; charset=utf-8
content-length: 0
location: /
vary: Accept-Language, Cookie
content-language: en
set-cookie: cook=6zesz82y062gso3nai25ngifug54540z; expires=Sat, 04-Nov-2023 03:42:59 GMT; HttpOnly; Max-Age=28512000; Path=/
sessionid=koai6hlmzhyazuoqjcfb4k8vvxjcwf1d; expires=Sun, 11-Dec-2022 03:42:59 GMT; HttpOnly; Max-Age=172800; Path=/
strict-transport-security: max-age=43200
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fd55f4aaaab6ec40bc7dc10252cd819a
a72523f60be265a391fa9edc43e0a93418ad1fd0
bae354b3db14f4fd115311a0c412c9b5e436dd9e0a151afd8b9c18831dd8c2dd

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3011
Cache-Control: max-age=108844
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 03:42:59 GMT
Etag: "6391a92c-1d7"
Expires: Sat, 10 Dec 2022 09:57:03 GMT
Last-Modified: Thu, 08 Dec 2022 09:06:52 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

52.42.148.177

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.42.148.177:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: TW1jXG2in6d4rB5FcMGrtw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ZtZCAxumguZ4lnBeGMuvtoo49wQ=

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
1e777091545c9c2ed462829dda2bd090
dec7ade636f9a660f7c6ca0cff033f0a2ec845bc
5ba69e6e9c1c4368a5d1968b57756d8d524c35af066470d3da5fc20d6100b996

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6251
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 03:42:59 GMT
Last-Modified: Fri, 09 Dec 2022 01:58:48 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
2fb795cef147e72f70e3f4918bd8833c
6b793cc5f43af30c5c28c14e4f6de9c24571d731
e17ae24c55d39a60c92944b0c9478eeaa128431c55266345806f75fbf613dc6c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4552
Cache-Control: max-age=117961
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 03:42:59 GMT
Etag: "6391c6c4-117"
Expires: Sat, 10 Dec 2022 12:29:00 GMT
Last-Modified: Thu, 08 Dec 2022 11:13:08 GMT
Server: ECS (amb/6BBC)
X-Cache: HIT
Content-Length: 279

offers.hooligapps.com/xoffers_v2.js

172.67.172.137

200 OK

1.2 kB

URL HTTP/2
offers.hooligapps.com/xoffers_v2.js
IP
172.67.172.137:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (2130), with no line terminators
Size
1.2 kB (1162 bytes)
Hash
9d0138b74e21985d09ee3cf6473e01eb
b21b1c1a06cfc03c379ceae4d974aa6f92badd59
f9ee3cc09bd262346db6b27c715c09d018ad166efb50394f5662e13700f170cc

HTTP Headers

GET /xoffers_v2.js HTTP/1.1
Host: offers.hooligapps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faptitans.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 09 Dec 2022 03:42:59 GMT
content-type: application/javascript
last-modified: Mon, 19 Sep 2022 13:04:03 GMT
etag: W/"632868c3-38d"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=14400
cf-cache-status: HIT
age: 6832
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3jqWcrOXj0ElPJK7ewglFpNWGCcC7ZyYFPl%2FcMidgRGALAJY1A%2FC%2F1G0m3dlyh%2FfhqOuArDqhpeIDLNUCXqtjrdZmDhZPwxu7%2BPA%2BFf2If0qweokqx0UFRQ48CuI7q9%2Fqz9IO2HP9bY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776abbe73a6ab523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.faptitans.com/s1//rc/fap-splash-xmas-web.jpg

104.19.254.19

200 OK

383 kB

URL HTTP/2
cdn.faptitans.com/s1//rc/fap-splash-xmas-web.jpg
IP
104.19.254.19:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, progressive, precision 8, 1200x640, components 3\012- data
Size
383 kB (383182 bytes)
Hash
95c3734f9ecaf27619cff0a6cdacba1b
fe19e2262e136e0c099c076412209f878ee7ad14
f7cbd6b92b499de1bfd83b8ab4e0a58ee38a21463f9e790e6c1a31e194a4a43e

HTTP Headers

GET /s1//rc/fap-splash-xmas-web.jpg HTTP/1.1
Host: cdn.faptitans.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faptitans.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Fri, 09 Dec 2022 03:42:59 GMT
content-type: image/jpeg
content-length: 383182
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-bgj: h2pri
etag: "63908758-5d8ce"
expires: Mon, 06 Dec 2032 03:42:59 GMT
last-modified: Wed, 07 Dec 2022 12:30:16 GMT
cf-cache-status: HIT
age: 140531
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 776abbe77cf0b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.faptitans.com/s1/__1152/boot.js

104.19.254.19

200 OK

3.6 kB

URL HTTP/2
cdn.faptitans.com/s1/__1152/boot.js
IP
104.19.254.19:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
3.6 kB (3586 bytes)
Hash
f75262dce758b01ba69618f6c1b63f67
36b34e88da4a9dd3bae5a0815ac9deb9319fd0e6
0172b73a915474c2e2e6088e2e86b8f92f1f42a0f989c1886428e02eae6be4a9

HTTP Headers

GET /s1/__1152/boot.js HTTP/1.1
Host: cdn.faptitans.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faptitans.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Fri, 09 Dec 2022 03:42:59 GMT
content-type: application/javascript
last-modified: Mon, 05 Dec 2022 11:59:01 GMT
etag: W/"638ddd05-1fa6"
expires: Mon, 06 Dec 2032 03:42:59 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 140532
vary: Accept-Encoding
server: cloudflare
cf-ray: 776abbe74cd6b515-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4069
Expires: Fri, 09 Dec 2022 04:50:49 GMT
Date: Fri, 09 Dec 2022 03:43:00 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

313 kB

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
gzip compressed data, from Unix\012- data
Size
313 kB (313089 bytes)
Hash
e6d2f674d8ba4ac9c276a2fc3a07daf9
e63e2b8171960dc181c9370965954f235627d74f
4de2d31db5fd266497999335be56a012920f543a663ada471e32c7268a408f05

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4069
Expires: Fri, 09 Dec 2022 04:50:49 GMT
Date: Fri, 09 Dec 2022 03:43:00 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

267 kB

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
gzip compressed data, from Unix\012- data
Size
267 kB (267103 bytes)
Hash
1ec07a33ae774e07f776fb4159891a59
67a952693df730b323b132d72ad7acd0402eac78
c8a1ee09c2186f992a0cef14bd7024bcc3e4b1a17bff6b5bf9b8834cba78c83c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4069
Expires: Fri, 09 Dec 2022 04:50:49 GMT
Date: Fri, 09 Dec 2022 03:43:00 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

502 kB

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
gzip compressed data, from Unix\012- data
Size
502 kB (502407 bytes)
Hash
3a7b5fed23d53a0eaf94f7dded6a88bf
0f818d5b711469f89686bc9e78ee18d231b9831e
f2473b15711152203cf06156427cf5da094f20511bd078fa0067d823a79c7e34

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4069
Expires: Fri, 09 Dec 2022 04:50:49 GMT
Date: Fri, 09 Dec 2022 03:43:00 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

693 kB

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
gzip compressed data, from Unix\012- data
Size
693 kB (693409 bytes)
Hash
2ecadf5e9bd055e59c5e50f2227517e6
2903fc79c1551c62d7fe1f2e253bd5fd7c0bed86
040a8d801e0c573f07af591d078e3d07ae79a1acff5fba775d56724abb540ba3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4069
Expires: Fri, 09 Dec 2022 04:50:49 GMT
Date: Fri, 09 Dec 2022 03:43:00 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7557 bytes)
Hash
5de5d319f43d9c9c641419d96655541f
cde4c7fa0145d3645af17e34c83c63c08f76a076
fdb114eb142f035c7a54195d16af51b5b423642c312f4bccc0f407d8fcc245aa

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7557
x-amzn-requestid: 09204b5e-8af5-4d4b-8186-628443866e0f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctlz5EISoAMFdWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee9b2-357cd4f921c592e1319098dd;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:05:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3KZwQ5HqXa_-tUyDHA5m-65OprogFpFgbbKpEJ65k-Yy3lwoCg8M5w==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 07:15:07 GMT
age: 73673
etag: "cde4c7fa0145d3645af17e34c83c63c08f76a076"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.9 kB (7897 bytes)
Hash
8c3214044657f3b876d1f1848bca5684
7558222788f06623ddae6e883413e38e1146281e
e1f9c9c445bba7765f371dbb655cab43c1e12de7cbd015f8034c494118f7f708

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7897
x-amzn-requestid: 032fd8ae-b7e9-4e12-8546-838191a73688
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cwVM_F51IAMFunw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63900252-345ae6cd107d207f5dbe29a8;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 03:02:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oV7bB5Tek01MFi9x2tr_Wix13-UGlQPIt042XM0ALNUvVFYnu5DRcg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 03:38:26 GMT
age: 274
etag: "7558222788f06623ddae6e883413e38e1146281e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07b4f3-8986-4a9c-8c85-b126338852d2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12748 bytes)
Hash
730ba1a8edb79ba6f83b46d1ba5aed7b
55a236fedf6f5f7ca2bb88ae13e20846a50fd36d
f8043e76265c59073d111987fd4c08d05a3ac80989af9269cca9ebcc21af4013

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07b4f3-8986-4a9c-8c85-b126338852d2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12748
x-amzn-requestid: edd028e3-c23e-4985-b12d-d3ebe760df47
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjuciEptIAMFj9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638af783-1c151eb66f590c9c0e0c4c82;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 07:15:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -y4-_OwHl5_OFykJYYZSqwIopjKoYy1MhaGTpVXd4Grq2EsUP2c3IA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 18:34:32 GMT
age: 32908
etag: "55a236fedf6f5f7ca2bb88ae13e20846a50fd36d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F884d1162-4377-487f-a056-b21117ef5001.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.2 kB (8204 bytes)
Hash
9cb76c68a8cd472600106cc118067868
6cee6b1828c709f68b995197ca943a5c393f86fb
009d9ba19043b03b5aceeb80b69bf249f19a0a225bdbfef7ab8691669cb64130

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F884d1162-4377-487f-a056-b21117ef5001.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8204
x-amzn-requestid: cf54b5f8-ede8-49d5-aa56-5d9de98e3ab8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjtKfEiToAMFSXA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638af576-6ddfe35c0b31074d6a07076f;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 07:06:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UfqFAlLedF6ZkfbGXhyYDcvu0porNJb6LPaeQ8p4dqWqsFD6iRgWLw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 15:50:07 GMT
age: 42773
etag: "6cee6b1828c709f68b995197ca943a5c393f86fb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f3c5738-c186-4a1f-a431-33143797bcd5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.3 kB (8345 bytes)
Hash
659b6eb1f1c430e2780758c7787b9a23
4792b0893827924e84cc51450012407717da4d2b
f14393b6bcc036fa9ed61114944ebb25192adfec72c09807eb7948a88c790d69

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f3c5738-c186-4a1f-a431-33143797bcd5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8345
x-amzn-requestid: b1cf2094-2cf5-4e19-9ed7-4d7e220c93cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czUoREPoIAMF4hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6391349b-1b78fe0a155179643ae2aeed;Sampled=0
x-amzn-remapped-date: Thu, 08 Dec 2022 00:49:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: YMFI6I2o0A4rGZTluooPsDLGNRRY9kSAfDAFrwzXhIG4HC_W-hFIoQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 11:31:33 GMT
age: 58287
etag: "4792b0893827924e84cc51450012407717da4d2b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f25ad59-b8ed-49ea-9611-21f63c20c8fb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (7960 bytes)
Hash
eb00a2a503a690cee3e4dd729b5bc9bd
cfb1e5bcab2148a777889680e6e36b9d7e8917ec
7e4583ae78ab597639f53669ac2d67d1ebd26be3278c2fc3fc95af934178c116

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f25ad59-b8ed-49ea-9611-21f63c20c8fb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7960
x-amzn-requestid: beadd240-39d0-407d-a890-6a095657cac3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctEd8HC0oAMFUag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb459-44d4f63c62f58684782ef14a;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:17:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: yL-FrFYh-3PuCZCpCHYg--ebTS7wMmMQ7IE2mgimDVsKWFEtKC2gVQ==
via: 1.1 74aa91fe819001bcedd882694f52b436.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 05:44:09 GMT
age: 79131
etag: "cfb1e5bcab2148a777889680e6e36b9d7e8917ec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6ec5f6261a8262e9f94b29627f54cefe
7ac766cf2ac8c2d960ec033388a767ff8a7d45e2
5f6ee11d840909fc5272c2c32f7874d55f49d831abc88d527e35562d218890f9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 03:43:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6ec5f6261a8262e9f94b29627f54cefe
7ac766cf2ac8c2d960ec033388a767ff8a7d45e2
5f6ee11d840909fc5272c2c32f7874d55f49d831abc88d527e35562d218890f9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 03:43:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

faptitans.com/api/

138.201.149.27

200 OK

16 B

URL HTTP/2
faptitans.com/api/
IP
138.201.149.27:0
ASN
#24940 Hetzner Online GmbH

File type
JSON data\012- , ASCII text, with no line terminators
Size
16 B (16 bytes)
Hash
c08db8689029b24432b3283bb558d25f
70431d464d9ec8b326e809c3438b47f6d1bf4465
f31f5ecf6846631607e69be15a71c23cc270b550906e17040d5bf4fef83b019f

HTTP Headers

POST /api/ HTTP/1.1
Host: faptitans.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-CSRFToken: pea6vXbGNbMfmDfestmNydRFYSw2cM4ufjAeZ4B9ZC4MVRXzuXZv6fRcxRsROtdB
X-Requested-With: XMLHttpRequest
Content-Length: 151
Origin: https://faptitans.com
Connection: keep-alive
Referer: https://faptitans.com/
Cookie: sessionid=qfqn5rk84fd0voviqslwtdyq90ibk1x5; cook=6zesz82y062gso3nai25ngifug54540z; csrftoken=pea6vXbGNbMfmDfestmNydRFYSw2cM4ufjAeZ4B9ZC4MVRXzuXZv6fRcxRsROtdB
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 09 Dec 2022 03:43:01 GMT
content-type: text/html; charset=utf-8
content-length: 16
vary: Cookie, Accept-Language
content-language: en
set-cookie: csrftoken=pea6vXbGNbMfmDfestmNydRFYSw2cM4ufjAeZ4B9ZC4MVRXzuXZv6fRcxRsROtdB; expires=Fri, 08-Dec-2023 03:43:01 GMT; Max-Age=31449600; Path=/
strict-transport-security: max-age=43200
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto&subset=latin,latin-ext,cyrillic

142.250.74.106

200 OK

13 kB

URL HTTP/2
fonts.googleapis.com/css?family=Roboto&subset=latin,latin-ext,cyrillic
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
13 kB (12753 bytes)
Hash
3217ca548056d862160d26e3f2ab451e
054e07327c568e63f2753dd1b9cf8ee341aa5b0e
f56edc82574d307d4c388d711cd9e8a4ed10a39a3492c804876c8ff3a2fcaec6

HTTP Headers

GET /css?family=Roboto&subset=latin,latin-ext,cyrillic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.faptitans.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Dec 2022 03:43:01 GMT
date: Fri, 09 Dec 2022 03:43:01 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
1840aeb34fdf302c4b0279cff88a3fff
b6269311d6e4f3a0d1ca7ae4a19b626d9c8a9c39
6f422d3c21f4b4af8fe81eafff36f4f0d8c0e55ba98c06ce7579ce9e2ef44ee7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5389
Cache-Control: max-age=135735
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 03:43:01 GMT
Etag: "639208ef-1d7"
Expires: Sat, 10 Dec 2022 17:25:16 GMT
Last-Modified: Thu, 08 Dec 2022 15:55:27 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
9c88a0dc24f35af394824eb79bb4ed55
5a6a71e6a36d83cb2b351912e531fd33c487b1ce
b669863c288f8def7779ffca9aa41bfb47e15a699ac8f81dc4c36d22ed5503e5

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 184
Cache-Control: max-age=152807
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 03:43:01 GMT
Etag: "63925ff4-116"
Expires: Sat, 10 Dec 2022 22:09:48 GMT
Last-Modified: Thu, 08 Dec 2022 22:06:44 GMT
Server: ECS (amb/6B83)
X-Cache: HIT
Content-Length: 278

status.thawte.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
status.thawte.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
651b6978fe0c454b7c799a257073e03d
1c135ed1e0f7bebd3ce45cfad7301103b93b81e3
28ee1e33d02fc5c68ab1d51073777afd2157d8911b8ef08fc6b7e1f65fa1f1ae

HTTP Headers

POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5035
Cache-Control: max-age=125984
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 03:43:01 GMT
Etag: "6391e43a-1d7"
Expires: Sat, 10 Dec 2022 14:42:45 GMT
Last-Modified: Thu, 08 Dec 2022 13:18:50 GMT
Server: ECS (amb/6B83)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
9c88a0dc24f35af394824eb79bb4ed55
5a6a71e6a36d83cb2b351912e531fd33c487b1ce
b669863c288f8def7779ffca9aa41bfb47e15a699ac8f81dc4c36d22ed5503e5

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 185
Cache-Control: max-age=152807
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 03:43:02 GMT
Etag: "63925ff4-116"
Expires: Sat, 10 Dec 2022 22:09:49 GMT
Last-Modified: Thu, 08 Dec 2022 22:06:44 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 278

lostincunt.com/iframe/5e2ae7bb31e93?iframe&xapp=faptitans&xuid=237039754&time=1075.669677734375&ag_custom_domain=faptitans.com

172.67.215.107

200 OK

5.8 kB

URL HTTP/2
lostincunt.com/iframe/5e2ae7bb31e93?iframe&xapp=faptitans&xuid=237039754&time=1075.669677734375&ag_custom_domain=faptitans.com
IP
172.67.215.107:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2283)
Size
5.8 kB (5800 bytes)
Hash
6b4f298ccf85b92355803aaf5906d2cf
c86dc45a5233074adf86be0f04a7739637e89e23
6429861256e336022d10e452e8070db22924b633776f36411778380b56187a8b

HTTP Headers

GET /iframe/5e2ae7bb31e93?iframe&xapp=faptitans&xuid=237039754&time=1075.669677734375&ag_custom_domain=faptitans.com HTTP/1.1
Host: lostincunt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faptitans.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 09 Dec 2022 03:43:02 GMT
content-type: text/html
set-cookie: f_14737_96043_86400={"t":1670643782,"v":0}; Expires=Sat, 10-Dec-22 03:43:02 GMT; Domain=lostincunt.com; Path=/; Secure; SameSite=None
c_18f247a59eab66606c6850df22169cc0=1; Expires=Sat, 10-Dec-22 03:43:02 GMT; Domain=lostincunt.com; Path=/; Secure; SameSite=None
z_5c7db1b25c1c1ea3b02070bfbd4e66e9=1; Expires=Sat, 10-Dec-22 03:43:02 GMT; Domain=lostincunt.com; Path=/; Secure; SameSite=None
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MfhuCr5atj1ZlD0SceWYiKxjCRojDiU%2FxSndqF5b4vIKrEIYsClPnx2X7WNNU31G3cXlx%2BbHRCdC%2Ba5EvHuAT1nvUJcjZQfmBuxh%2F7KBTC%2BMOyq4m%2BS%2B8ezWICVaM%2BvCGw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776abbf4ed48b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
0e9eef4ed41ef94e9ea175ad243e294e
b6f83e508270413dabe55e2884b5409ca7978e24
0e741ca8d92717128bca7aed937bca43519a8d20a9d3dd8670da656ad51a695e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 03:43:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://faptitans.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:33:54 GMT
expires: Thu, 07 Dec 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 115748
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
cecc392d07add9c5724f2cea41391984
389db162b9b5d7d13121268c5f59d2d125f24f92
81b7b344780f14e95e393fbc681173e64df6cfd065bf83f17281ffc5a66f232a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6289
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 03:43:02 GMT
Last-Modified: Fri, 09 Dec 2022 01:58:13 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 280

e1.o.lencr.org/

23.36.76.226

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
60f8362598607aac51bd2e40ae9c0801
4eddc9eefc8c181c23add2a7a44b22376844ab2e
74a41cb73844d67c6bb09a04095878441a1b9d59cbce67a7ca0cd7dd64f08354

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "74A41CB73844D67C6BB09A04095878441A1B9D59CBCE67A7CA0CD7DD64F08354"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8131
Expires: Fri, 09 Dec 2022 05:58:33 GMT
Date: Fri, 09 Dec 2022 03:43:02 GMT
Connection: keep-alive

d39iocnrk5rxnb.cloudfront.net/compliance/epoch_descriptor.html?

54.230.245.148

200 OK

75 B

URL HTTP/2
d39iocnrk5rxnb.cloudfront.net/compliance/epoch_descriptor.html?
IP
54.230.245.148:0
ASN
#16509 AMAZON-02

File type
HTML document, ASCII text
Size
75 B (75 bytes)
Hash
4c3b9b7df4a3326c84da0c4a89717fe4
3a9f58004f386d11e69aa2d0ed3d5b012fdfea2c
e282575868c67d80a6931093daccaa645754d8d38766a373dc2eaa0e038f495b

HTTP Headers

GET /compliance/epoch_descriptor.html? HTTP/1.1
Host: d39iocnrk5rxnb.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://faptitans.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html
content-length: 75
last-modified: Thu, 12 Jul 2018 16:17:26 GMT
accept-ranges: bytes
server: AmazonS3
date: Fri, 09 Dec 2022 03:28:21 GMT
etag: "4c3b9b7df4a3326c84da0c4a89717fe4"
x-cache: Hit from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NvcNk_LvZuurlLFbR1wca-t461Z7ZVFraM5TrX_n3RfvO4fCNhSuOA==
age: 882
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
0e9eef4ed41ef94e9ea175ad243e294e
b6f83e508270413dabe55e2884b5409ca7978e24
0e741ca8d92717128bca7aed937bca43519a8d20a9d3dd8670da656ad51a695e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 03:43:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
acea7cb44141792f5d84b0c9ab8c57e4
69f1e46739200324bd891063d17c7a7083f313b7
4c0d144b20ab8cf7fec972a66e08ed2b993121e9c4b6c88bbf0f3e7388f2b058

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C0D144B20AB8CF7FEC972A66E08ED2B993121E9C4B6C88BBF0F3E7388F2B058"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5066
Expires: Fri, 09 Dec 2022 05:07:28 GMT
Date: Fri, 09 Dec 2022 03:43:02 GMT
Connection: keep-alive

iadoremakingpics.com/bnr/4/03d/3bc890/03d3bc890345aa15462e9aa382d06217.jpg

104.21.65.147

200 OK

76 kB

URL HTTP/2
iadoremakingpics.com/bnr/4/03d/3bc890/03d3bc890345aa15462e9aa382d06217.jpg
IP
104.21.65.147:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, baseline, precision 8, 580x100, components 3\012- data
Size
76 kB (76461 bytes)
Hash
03d3bc890345aa15462e9aa382d06217
639c121a5b621a9c908d7969763a8cca8e29861e
8b11d96de3683db3bc15a4d91b22bc6584b9eb2185796e3ce5297353597ac1c7

HTTP Headers

GET /bnr/4/03d/3bc890/03d3bc890345aa15462e9aa382d06217.jpg HTTP/1.1
Host: iadoremakingpics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lostincunt.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 09 Dec 2022 03:43:02 GMT
content-type: image/jpeg
content-length: 76461
last-modified: Sun, 18 Aug 2019 08:40:36 GMT
etag: "5d590f04-12aad"
expires: Fri, 09 Dec 2022 13:31:04 GMT
cache-control: max-age=1382400
cf-cache-status: HIT
age: 51118
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ZZqG7QQS0L2wd%2FOn3TOHvxkpr7zkDGR1Ii6yYg0dQ4LYBZtStS9EaDa8sfLeo1DG9kXvbyyoCX5rXsdzBvr%2FGX0ky6cQ74AsLPvpNNwLUP5ZgtIE2iM0PZS8iNRUpSUs3sA4E5gPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776abbf748f0b512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
1748e389f833acab2befe35c8d932ccd
83b505213038c09fb3bf22d227ad253dbb5cae10
49186d6b2f5071fa2172fdcd25b9a457ce1d520c4f56165c0c16b0327e7d750a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6252
Cache-Control: max-age=103466
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 03:43:02 GMT
Etag: "63918784-118"
Expires: Sat, 10 Dec 2022 08:27:28 GMT
Last-Modified: Thu, 08 Dec 2022 06:43:16 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 280

e1.o.lencr.org/

23.36.76.226

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
60f8362598607aac51bd2e40ae9c0801
4eddc9eefc8c181c23add2a7a44b22376844ab2e
74a41cb73844d67c6bb09a04095878441a1b9d59cbce67a7ca0cd7dd64f08354

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "74A41CB73844D67C6BB09A04095878441A1B9D59CBCE67A7CA0CD7DD64F08354"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8131
Expires: Fri, 09 Dec 2022 05:58:33 GMT
Date: Fri, 09 Dec 2022 03:43:02 GMT
Connection: keep-alive

twistconcept.com/index.min.js?pk=068f30d41a2c432d6c8a96d5a7fc6706

172.67.215.17

200 OK

637 B

URL HTTP/2
twistconcept.com/index.min.js?pk=068f30d41a2c432d6c8a96d5a7fc6706
IP
172.67.215.17:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (651)
Size
637 B (637 bytes)
Hash
773bff652302ebbcfa93ea6a1384c5cc
191549a3a45edf4e1a27b9f70d681bb397e8c840
31eb4bb3a3d8a6af7031683988b1cb0ca7cd8531bdf64863b4f9d8b438a79f1c

HTTP Headers

GET /index.min.js?pk=068f30d41a2c432d6c8a96d5a7fc6706 HTTP/1.1
Host: twistconcept.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lostincunt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 09 Dec 2022 03:43:02 GMT
content-type: application/javascript
last-modified: Thu, 07 Apr 2022 08:49:08 GMT
etag: W/"624ea584-28c"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4789
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WROjNeljdENjGKD0zIedDr9va1xPJp4Ec4Jit8hEkaYgdKbB%2Bhwg5fKGvMDRlSOzHin63MXGQ%2FFxck0XbK8aE4Z6W11hTrZ6SLNOoxeJpmmaCSoMIXFc%2Bo%2FOwD%2BUBnNCvkTN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776abbf7490b1c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

tsyndicate.com/api/v1/retargeting/set/cd5a54e9-d886-4c75-af65-8b819a80f59e

162.55.130.248

200 OK

35 B

URL HTTP/2
tsyndicate.com/api/v1/retargeting/set/cd5a54e9-d886-4c75-af65-8b819a80f59e
IP
162.55.130.248:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

HTTP Headers

GET /api/v1/retargeting/set/cd5a54e9-d886-4c75-af65-8b819a80f59e HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lostincunt.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 03:43:02 GMT
content-type: text/plain; charset=utf-8
content-length: 35
pragma: no-cache
expires: 0
vary: *
x-api-version: 1
x-request-id: f8448cf5d87077cf
set-cookie: ts_rt_cd5a54e9-d886-4c75-af65-8b819a80f59e=AAMC; expires=Sat, 09 Dec 2023 03:43:02 GMT; path=/; HttpOnly; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
X-Firefox-Spdy: h2

runative-syndicate.com/api/v1/retargeting/set/dedc7df9-c920-4b4b-a9e4-2a904ca2f8ef

136.243.43.25

200 OK

35 B

URL HTTP/2
runative-syndicate.com/api/v1/retargeting/set/dedc7df9-c920-4b4b-a9e4-2a904ca2f8ef
IP
136.243.43.25:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

HTTP Headers

GET /api/v1/retargeting/set/dedc7df9-c920-4b4b-a9e4-2a904ca2f8ef HTTP/1.1
Host: runative-syndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lostincunt.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 03:43:02 GMT
content-type: text/plain; charset=utf-8
content-length: 35
pragma: no-cache
expires: 0
vary: *
x-api-version: 1
x-request-id: 4ff300de58e768ae
set-cookie: ts_rt_dedc7df9-c920-4b4b-a9e4-2a904ca2f8ef=AAMC; expires=Sat, 09 Dec 2023 03:43:02 GMT; path=/; HttpOnly; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.runative-syndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
X-Firefox-Spdy: h2

my.rtmark.net/img.gif?f=sync&lr=1&partner=8c7c01962f4e2c3e4ed0abe5cbafc84289b3e8521c6f0b5a27c2e73ae5e07e86

139.45.195.8

200 OK

43 B

URL HTTP/2
my.rtmark.net/img.gif?f=sync&lr=1&partner=8c7c01962f4e2c3e4ed0abe5cbafc84289b3e8521c6f0b5a27c2e73ae5e07e86
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /img.gif?f=sync&lr=1&partner=8c7c01962f4e2c3e4ed0abe5cbafc84289b3e8521c6f0b5a27c2e73ae5e07e86 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 03:43:02 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=4b218c7483de4a3cb1d868748d8f26c3; expires=Sat, 09 Dec 2023 03:43:02 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

main.realsrv.com/tag.php?goal=c413c2e3b989836e2023687a6fe7f55b

95.211.229.247

200 OK

20 B

URL HTTP/1.1
main.realsrv.com/tag.php?goal=c413c2e3b989836e2023687a6fe7f55b
IP
95.211.229.247:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /tag.php?goal=c413c2e3b989836e2023687a6fe7f55b HTTP/1.1
Host: main.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lostincunt.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 03:43:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A83755%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-08%22%3B%7D%7D; expires=Sat, 09 Dec 2023 03:43:02 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

main.realsrv.com/tag.php?goal=e2bbb6c289a1f6fc299b4c365e04ea7c

95.211.229.247

200 OK

20 B

URL HTTP/1.1
main.realsrv.com/tag.php?goal=e2bbb6c289a1f6fc299b4c365e04ea7c
IP
95.211.229.247:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /tag.php?goal=e2bbb6c289a1f6fc299b4c365e04ea7c HTTP/1.1
Host: main.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lostincunt.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 03:43:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A45506%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-08%22%3B%7D%7D; expires=Sat, 09 Dec 2023 03:43:02 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

epoch.com/compliance/epoch_descriptor.php?master_code=M-607000

104.18.4.99

301 Moved Permanently

82 kB

URL HTTP/2
epoch.com/compliance/epoch_descriptor.php?master_code=M-607000
IP
104.18.4.99:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix\012- data
Size
82 kB (81798 bytes)
Hash
dbac2121da5bc728d345778cf6649012
8d19919114b29987e65df040f0477126c7085bdf
8c47da3b8e619dc62809c276483967451c096d0c6869d3bc0eb8136ddddf0753

HTTP Headers

GET /compliance/epoch_descriptor.php?master_code=M-607000 HTTP/1.1
Host: epoch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faptitans.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
date: Fri, 09 Dec 2022 03:43:01 GMT
location: https://d39iocnrk5rxnb.cloudfront.net/compliance/epoch_descriptor.html?
cache-control: max-age=3600
expires: Fri, 09 Dec 2022 04:43:01 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 776abbf55849b51e-OSL
X-Firefox-Spdy: h2

faptitans.com/api/

138.201.149.27

200 OK

16 B

URL HTTP/2
faptitans.com/api/
IP
138.201.149.27:0
ASN
#24940 Hetzner Online GmbH

File type
JSON data\012- , ASCII text, with no line terminators
Size
16 B (16 bytes)
Hash
c08db8689029b24432b3283bb558d25f
70431d464d9ec8b326e809c3438b47f6d1bf4465
f31f5ecf6846631607e69be15a71c23cc270b550906e17040d5bf4fef83b019f

HTTP Headers

POST /api/ HTTP/1.1
Host: faptitans.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-CSRFToken: pea6vXbGNbMfmDfestmNydRFYSw2cM4ufjAeZ4B9ZC4MVRXzuXZv6fRcxRsROtdB
X-Requested-With: XMLHttpRequest
Content-Length: 152
Origin: https://faptitans.com
Connection: keep-alive
Referer: https://faptitans.com/
Cookie: sessionid=qfqn5rk84fd0voviqslwtdyq90ibk1x5; cook=6zesz82y062gso3nai25ngifug54540z; csrftoken=pea6vXbGNbMfmDfestmNydRFYSw2cM4ufjAeZ4B9ZC4MVRXzuXZv6fRcxRsROtdB
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 09 Dec 2022 03:43:02 GMT
content-type: text/html; charset=utf-8
content-length: 16
vary: Cookie, Accept-Language
content-language: en
set-cookie: csrftoken=pea6vXbGNbMfmDfestmNydRFYSw2cM4ufjAeZ4B9ZC4MVRXzuXZv6fRcxRsROtdB; expires=Fri, 08-Dec-2023 03:43:02 GMT; Max-Age=31449600; Path=/
strict-transport-security: max-age=43200
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

54.230.245.110

200 OK

620 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.110:0
ASN
#16509 AMAZON-02

File type
gzip compressed data, from Unix\012- data
Size
620 B (620 bytes)
Hash
d234cf546b28bbe86f927337b91b55ba
f0f31551d755a5e86b8e6a6e8624edb17c1a4ef1
97c332fdd487c436d904a71199c2ea74f3fc3ceab35a20fcd708359590828b2a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=123574
Date: Fri, 09 Dec 2022 03:43:02 GMT
Etag: "6391e720-1d7"
Expires: Sat, 10 Dec 2022 14:02:36 GMT
Last-Modified: Thu, 08 Dec 2022 13:31:12 GMT
Server: ECS (nyb/1D32)
X-Cache: Miss from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: MZTo2fvuUgNtqv1s28Am-nmhFGLTr4i1LQRABdlK_2BMtwgFwfnwrA==
Age: 1884

main.exoclick.com/tag.php?goal=c413c2e3b989836e2023687a6fe7f55b

95.211.229.247

200 OK

167 B

URL HTTP/1.1
main.exoclick.com/tag.php?goal=c413c2e3b989836e2023687a6fe7f55b
IP
95.211.229.247:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
JSON data\012- , ASCII text, with no line terminators
Size
167 B (167 bytes)
Hash
e67cb30efacc40cc78ef2aaa657d8dc7
79c9da5a6518c8f91c2e5e2db98daa9734cbb725
40d7917aa1f643b80d0c369ccf1d45ec007c158a3ea69e9fba176e6611d21d79

HTTP Headers

GET /tag.php?goal=c413c2e3b989836e2023687a6fe7f55b HTTP/1.1
Host: main.exoclick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lostincunt.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 03:43:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A83755%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-08%22%3B%7D%7D; expires=Sat, 09 Dec 2023 03:43:02 GMT; path=/; domain=.exoclick.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

syndication.exoclick.com/tag.php?goal=c413c2e3b989836e2023687a6fe7f55b

95.211.229.247

200 OK

20 B

URL HTTP/1.1
syndication.exoclick.com/tag.php?goal=c413c2e3b989836e2023687a6fe7f55b
IP
95.211.229.247:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /tag.php?goal=c413c2e3b989836e2023687a6fe7f55b HTTP/1.1
Host: syndication.exoclick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lostincunt.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 03:43:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A83755%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-08%22%3B%7D%7D; expires=Sat, 09 Dec 2023 03:43:02 GMT; path=/; domain=.exoclick.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4b1aeff1cd3c947c1be297cb88e0ee10
bf0c86976f9184f96e493d0b18bfaa653415dcff
444c632c4522f8b2411d746de2390910a7b4c609da4762adce992ace746e8bbc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "444C632C4522F8B2411D746DE2390910A7B4C609DA4762ADCE992ACE746E8BBC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11388
Expires: Fri, 09 Dec 2022 06:52:50 GMT
Date: Fri, 09 Dec 2022 03:43:02 GMT
Connection: keep-alive

main.exoclick.com/tag.php?goal=e2bbb6c289a1f6fc299b4c365e04ea7c

95.211.229.247

200 OK

208 B

URL HTTP/1.1
main.exoclick.com/tag.php?goal=e2bbb6c289a1f6fc299b4c365e04ea7c
IP
95.211.229.247:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
JSON data\012- , ASCII text, with very long lines (371), with no line terminators
Size
208 B (208 bytes)
Hash
06f8dd6acb4d5786786e1dc37cfc501c
62b2c9b896130af5c379aabc35be6a18e6b7e400
5fca458804cd6707eda5ce9a40e10d15e5d658953c6c938c64e4688edea9a2c4

HTTP Headers

GET /tag.php?goal=e2bbb6c289a1f6fc299b4c365e04ea7c HTTP/1.1
Host: main.exoclick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lostincunt.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 03:43:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A45506%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-08%22%3B%7D%7D; expires=Sat, 09 Dec 2023 03:43:02 GMT; path=/; domain=.exoclick.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

syndication.exoclick.com/tag.php?goal=e2bbb6c289a1f6fc299b4c365e04ea7c

95.211.229.247

200 OK

396 B

URL HTTP/1.1
syndication.exoclick.com/tag.php?goal=e2bbb6c289a1f6fc299b4c365e04ea7c
IP
95.211.229.247:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
JSON data\012- , ASCII text, with very long lines (1374), with no line terminators
Size
396 B (396 bytes)
Hash
036235a963100a1195289e959dfe0c92
5837db4614f04439682123fadc7b2be6149b1f9d
9ba775b34e013c3e98f14addc431074cab90df4ec942c0475376305fead0d4ad

HTTP Headers

GET /tag.php?goal=e2bbb6c289a1f6fc299b4c365e04ea7c HTTP/1.1
Host: syndication.exoclick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lostincunt.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 03:43:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A45506%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-08%22%3B%7D%7D; expires=Sat, 09 Dec 2023 03:43:02 GMT; path=/; domain=.exoclick.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
1748e389f833acab2befe35c8d932ccd
83b505213038c09fb3bf22d227ad253dbb5cae10
49186d6b2f5071fa2172fdcd25b9a457ce1d520c4f56165c0c16b0327e7d750a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6252
Cache-Control: max-age=103466
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 03:43:02 GMT
Etag: "63918784-118"
Expires: Sat, 10 Dec 2022 08:27:28 GMT
Last-Modified: Thu, 08 Dec 2022 06:43:16 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 280

my.rtmark.net/img.gif?f=sync&lr=1&partner=c7cc550860330813dd2414dae0e7ea3dc3bfcaa7a8158e4a67e8a192f5e622b3

139.45.195.8

200 OK

43 B

URL HTTP/2
my.rtmark.net/img.gif?f=sync&lr=1&partner=c7cc550860330813dd2414dae0e7ea3dc3bfcaa7a8158e4a67e8a192f5e622b3
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /img.gif?f=sync&lr=1&partner=c7cc550860330813dd2414dae0e7ea3dc3bfcaa7a8158e4a67e8a192f5e622b3 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ID=4b218c7483de4a3cb1d868748d8f26c3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 03:43:02 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=4b218c7483de4a3cb1d868748d8f26c3; expires=Sat, 09 Dec 2023 03:43:02 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

my.rtmark.net/img.gif?f=sync&lr=1&partner=89796ae6f4f1656234dc83bc070b543763c33405da12904dd20ac99505a3d9d1

139.45.195.8

200 OK

43 B

URL HTTP/2
my.rtmark.net/img.gif?f=sync&lr=1&partner=89796ae6f4f1656234dc83bc070b543763c33405da12904dd20ac99505a3d9d1
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /img.gif?f=sync&lr=1&partner=89796ae6f4f1656234dc83bc070b543763c33405da12904dd20ac99505a3d9d1 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ID=4b218c7483de4a3cb1d868748d8f26c3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 03:43:02 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=4b218c7483de4a3cb1d868748d8f26c3; expires=Sat, 09 Dec 2023 03:43:02 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

a.exoclick.com/tag_gen.js

205.185.216.42

200 OK

515 B

URL HTTP/1.1
a.exoclick.com/tag_gen.js
IP
205.185.216.42:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (1030), with no line terminators
Size
515 B (515 bytes)
Hash
628e0302068ade64b5f411f39d5ce7e5
ff1a609269f34bad5ae67ed1678df3f7b905d018
c583ceaeae2e9a05e25c27b61520710f16b8b98ca7f9087a75ae90a040b8bc3f

HTTP Headers

GET /tag_gen.js HTTP/1.1
Host: a.exoclick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 03:43:02 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 515
Content-Type: application/javascript
Accept-Ranges: bytes
Cache-Control: max-age=10800
Server: nginx
etag: W/"a56c0470b9aa925085e51a6271a"
X-HW: 1670557382.dop232.sk1.t,1670557382.cds219.sk1.shn,1670557382.dop232.sk1.t,1670557382.cds251.sk1.c
Access-Control-Allow-Origin: *, *

faptitans.com/api/

138.201.149.27

200 OK

16 B

URL HTTP/2
faptitans.com/api/
IP
138.201.149.27:0
ASN
#24940 Hetzner Online GmbH

File type
JSON data\012- , ASCII text, with no line terminators
Size
16 B (16 bytes)
Hash
c08db8689029b24432b3283bb558d25f
70431d464d9ec8b326e809c3438b47f6d1bf4465
f31f5ecf6846631607e69be15a71c23cc270b550906e17040d5bf4fef83b019f

HTTP Headers

POST /api/ HTTP/1.1
Host: faptitans.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-CSRFToken: pea6vXbGNbMfmDfestmNydRFYSw2cM4ufjAeZ4B9ZC4MVRXzuXZv6fRcxRsROtdB
X-Requested-With: XMLHttpRequest
Content-Length: 152
Origin: https://faptitans.com
Connection: keep-alive
Referer: https://faptitans.com/
Cookie: sessionid=qfqn5rk84fd0voviqslwtdyq90ibk1x5; cook=6zesz82y062gso3nai25ngifug54540z; csrftoken=pea6vXbGNbMfmDfestmNydRFYSw2cM4ufjAeZ4B9ZC4MVRXzuXZv6fRcxRsROtdB
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 09 Dec 2022 03:43:02 GMT
content-type: text/html; charset=utf-8
content-length: 16
vary: Cookie, Accept-Language
content-language: en
set-cookie: csrftoken=pea6vXbGNbMfmDfestmNydRFYSw2cM4ufjAeZ4B9ZC4MVRXzuXZv6fRcxRsROtdB; expires=Fri, 08-Dec-2023 03:43:02 GMT; Max-Age=31449600; Path=/
strict-transport-security: max-age=43200
X-Firefox-Spdy: h2

s.opoxv.com/tag.php?goal=cdbcfa949fc6ffc294469b5dae1a472e

95.211.229.246

200 OK

20 B

URL HTTP/1.1
s.opoxv.com/tag.php?goal=cdbcfa949fc6ffc294469b5dae1a472e
IP
95.211.229.246:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /tag.php?goal=cdbcfa949fc6ffc294469b5dae1a472e HTTP/1.1
Host: s.opoxv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 03:43:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A77325%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-08%22%3B%7D%7D; expires=Sat, 09 Dec 2023 03:43:02 GMT; path=/; domain=.opoxv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

simplewebanalysis.com/px.gif?akey=068f30d41a2c432d6c8a96d5a7fc6706

18.185.190.54

307 Temporary Redirect

0 B

URL HTTP/2
simplewebanalysis.com/px.gif?akey=068f30d41a2c432d6c8a96d5a7fc6706
IP
18.185.190.54:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /px.gif?akey=068f30d41a2c432d6c8a96d5a7fc6706 HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lostincunt.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 307 Temporary Redirect
date: Fri, 09 Dec 2022 03:43:02 GMT
content-type: image/gif
content-length: 0
location: https://professionalswebcheck.com/dbs?uuid=50148bac-d918-4719-8a67-de57481d74af&j=eyJhbGciOiJIUzI1NiJ9.eyJhY2FuIjoyLCJhY3VzIjoxLCJhY2kiOnsgIjI5IjoxNjcwNTU3MzgyfSwiYWNjbCI6eyAiMjAsMSI6MTY3MDU1NzM4Mn19.Ynde_KbgJ5WTA1RsLdSZKkwRSrctsGX-zP2rqs2Wawk
server: nginx/1.17.6
set-cookie: uid_id2=50148bac-d918-4719-8a67-de57481d74af:2:1; expires=Mon, 06 Dec 2032 03:43:02 GMT; secure; SameSite=None
ak=29,1670557382; expires=Thu, 09 Mar 2023 03:43:02 GMT; secure; SameSite=None
acl=20,1,1670557382; expires=Thu, 09 Mar 2023 03:43:02 GMT; secure; SameSite=None
expires: Fri, 09 Dec 2022 03:43:02 GMT
cache-control: max-age=0, : no-cache
X-Firefox-Spdy: h2

syndication.exdynsrv.com/tag.php?goal=cdbcfa949fc6ffc294469b5dae1a472e

95.211.229.246

200 OK

20 B

URL HTTP/1.1
syndication.exdynsrv.com/tag.php?goal=cdbcfa949fc6ffc294469b5dae1a472e
IP
95.211.229.246:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /tag.php?goal=cdbcfa949fc6ffc294469b5dae1a472e HTTP/1.1
Host: syndication.exdynsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 03:43:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A77325%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-08%22%3B%7D%7D; expires=Sat, 09 Dec 2023 03:43:02 GMT; path=/; domain=.exdynsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

s.opoxv.com/tag.php?goal=170c73ca45ab90acc02e61427b768795

95.211.229.246

200 OK

20 B

URL HTTP/1.1
s.opoxv.com/tag.php?goal=170c73ca45ab90acc02e61427b768795
IP
95.211.229.246:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /tag.php?goal=170c73ca45ab90acc02e61427b768795 HTTP/1.1
Host: s.opoxv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 03:43:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A69260%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-08%22%3B%7D%7D; expires=Sat, 09 Dec 2023 03:43:02 GMT; path=/; domain=.opoxv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

syndication.realsrv.com/tag.php?goal=cdbcfa949fc6ffc294469b5dae1a472e

95.211.229.246

200 OK

20 B

URL HTTP/1.1
syndication.realsrv.com/tag.php?goal=cdbcfa949fc6ffc294469b5dae1a472e
IP
95.211.229.246:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /tag.php?goal=cdbcfa949fc6ffc294469b5dae1a472e HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: goals=a%3A1%3A%7Bi%3A45506%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-08%22%3B%7D%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 03:43:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A2%3A%7Bi%3A45506%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-08%22%3B%7Di%3A77325%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-08%22%3B%7D%7D; expires=Sat, 09 Dec 2023 03:43:02 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

syndication.exdynsrv.com/tag.php?goal=170c73ca45ab90acc02e61427b768795

95.211.229.246

200 OK

20 B

URL HTTP/1.1
syndication.exdynsrv.com/tag.php?goal=170c73ca45ab90acc02e61427b768795
IP
95.211.229.246:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /tag.php?goal=170c73ca45ab90acc02e61427b768795 HTTP/1.1
Host: syndication.exdynsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 03:43:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A69260%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-08%22%3B%7D%7D; expires=Sat, 09 Dec 2023 03:43:02 GMT; path=/; domain=.exdynsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

syndication.realsrv.com/tag.php?goal=170c73ca45ab90acc02e61427b768795

95.211.229.246

200 OK

20 B

URL HTTP/1.1
syndication.realsrv.com/tag.php?goal=170c73ca45ab90acc02e61427b768795
IP
95.211.229.246:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /tag.php?goal=170c73ca45ab90acc02e61427b768795 HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: goals=a%3A1%3A%7Bi%3A45506%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-08%22%3B%7D%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 03:43:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A2%3A%7Bi%3A45506%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-08%22%3B%7Di%3A69260%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-08%22%3B%7D%7D; expires=Sat, 09 Dec 2023 03:43:02 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

syndication.traffichaus.com/adserve/r.php?k=GAME&adv_id=94511&exp=25920000&dh=969205b0247754250d921d8da45875fa&bh=48c011d2648afe0455d203967aa130a5&dom=&cb=1606322831553

66.254.114.233

200 OK

95 B

URL HTTP/1.1
syndication.traffichaus.com/adserve/r.php?k=GAME&adv_id=94511&exp=25920000&dh=969205b0247754250d921d8da45875fa&bh=48c011d2648afe0455d203967aa130a5&dom=&cb=1606322831553
IP
66.254.114.233:0
ASN
#29789 REFLECTED

File type
PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Size
95 B (95 bytes)
Hash
71a50dbba44c78128b221b7df7bb51f1
0ec63b140374ba704a58fa0c743cb357683313dd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

HTTP Headers

GET /adserve/r.php?k=GAME&adv_id=94511&exp=25920000&dh=969205b0247754250d921d8da45875fa&bh=48c011d2648afe0455d203967aa130a5&dom=&cb=1606322831553 HTTP/1.1
Host: syndication.traffichaus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lostincunt.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
server: nginx
date: Fri, 09 Dec 2022 03:43:02 GMT
content-type: image/png
transfer-encoding: chunked
set-cookie: re_94511_R0FNRQ=eyJ0IjoiR0FNRSIsImEiOiI5NDUxMSIsImQiOiIiLCJkaCI6Ijk2OTIwNWIwMjQ3NzU0MjUwZDkyMWQ4ZGE0NTg3NWZhIiwiYmgiOiI0OGMwMTFkMjY0OGFmZTA0NTVkMjAzOTY3YWExMzBhNSIsImlwIjoiOTEuOTAuNDIuMTU0IiwiZSI6MTY5NjQ3NzM4Mn0%3D; expires=Thu, 05-Oct-2023 03:43:02 GMT; Max-Age=25920000; path=/
RNLBSERVERID=ded5930; path=/
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
x-request-id: 6392AEC6-42FE72E901BB2DE1-69D839E

syndication.exoclick.com/tag.php?goal=cdbcfa949fc6ffc294469b5dae1a472e

95.211.229.247

200 OK

20 B

URL HTTP/1.1
syndication.exoclick.com/tag.php?goal=cdbcfa949fc6ffc294469b5dae1a472e
IP
95.211.229.247:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /tag.php?goal=cdbcfa949fc6ffc294469b5dae1a472e HTTP/1.1
Host: syndication.exoclick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 03:43:03 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A77325%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-08%22%3B%7D%7D; expires=Sat, 09 Dec 2023 03:43:03 GMT; path=/; domain=.exoclick.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

syndication.exoclick.com/tag.php?goal=170c73ca45ab90acc02e61427b768795

95.211.229.247

200 OK

20 B

URL HTTP/1.1
syndication.exoclick.com/tag.php?goal=170c73ca45ab90acc02e61427b768795
IP
95.211.229.247:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /tag.php?goal=170c73ca45ab90acc02e61427b768795 HTTP/1.1
Host: syndication.exoclick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 03:43:03 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A69260%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-08%22%3B%7D%7D; expires=Sat, 09 Dec 2023 03:43:03 GMT; path=/; domain=.exoclick.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

simplewebanalysis.com/px.gif?akey=4bd743ddcc79bd80ae00a9d22a3fcb14

18.185.190.54

307 Temporary Redirect

0 B

URL HTTP/2
simplewebanalysis.com/px.gif?akey=4bd743ddcc79bd80ae00a9d22a3fcb14
IP
18.185.190.54:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /px.gif?akey=4bd743ddcc79bd80ae00a9d22a3fcb14 HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 307 Temporary Redirect
date: Fri, 09 Dec 2022 03:43:03 GMT
content-type: image/gif
content-length: 0
location: https://professionalswebcheck.com/dbs?uuid=cf0fd4cc-2c35-4f02-a726-7e16eabeee08&j=eyJhbGciOiJIUzI1NiJ9.eyJhY2FuIjoxLCJhY3VzIjoxLCJhY2kiOnsgIjI3OSI6MTY3MDU1NzM4Mn0sImFjY2wiOnsgIjIwLDEiOjE2NzA1NTczODJ9fQ.8wc-ZfZh77Bkqh-kiNOElHNF_z85bCzUfuYe6-u8bAo
server: nginx/1.17.6
set-cookie: uid_id2=cf0fd4cc-2c35-4f02-a726-7e16eabeee08:1:1; expires=Mon, 06 Dec 2032 03:43:02 GMT; secure; SameSite=None
ak=279,1670557382; expires=Thu, 09 Mar 2023 03:43:02 GMT; secure; SameSite=None
acl=20,1,1670557382; expires=Thu, 09 Mar 2023 03:43:02 GMT; secure; SameSite=None
expires: Fri, 09 Dec 2022 03:43:03 GMT
cache-control: max-age=0, : no-cache
X-Firefox-Spdy: h2

professionalswebcheck.com/dbs?uuid=50148bac-d918-4719-8a67-de57481d74af&j=eyJhbGciOiJIUzI1NiJ9.eyJhY2FuIjoyLCJhY3VzIjoxLCJhY2kiOnsgIjI5IjoxNjcwNTU3MzgyfSwiYWNjbCI6eyAiMjAsMSI6MTY3MDU1NzM4Mn19.Ynde_KbgJ5WTA1RsLdSZKkwRSrctsGX-zP2rqs2Wawk

18.185.190.54

200 OK

7 B

URL HTTP/2
professionalswebcheck.com/dbs?uuid=50148bac-d918-4719-8a67-de57481d74af&j=eyJhbGciOiJIUzI1NiJ9.eyJhY2FuIjoyLCJhY3VzIjoxLCJhY2kiOnsgIjI5IjoxNjcwNTU3MzgyfSwiYWNjbCI6eyAiMjAsMSI6MTY3MDU1NzM4Mn19.Ynde_KbgJ5WTA1RsLdSZKkwRSrctsGX-zP2rqs2Wawk
IP
18.185.190.54:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

HTTP Headers

GET /dbs?uuid=50148bac-d918-4719-8a67-de57481d74af&j=eyJhbGciOiJIUzI1NiJ9.eyJhY2FuIjoyLCJhY3VzIjoxLCJhY2kiOnsgIjI5IjoxNjcwNTU3MzgyfSwiYWNjbCI6eyAiMjAsMSI6MTY3MDU1NzM4Mn19.Ynde_KbgJ5WTA1RsLdSZKkwRSrctsGX-zP2rqs2Wawk HTTP/1.1
Host: professionalswebcheck.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lostincunt.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 09 Dec 2022 03:43:03 GMT
content-type: image/gif
content-length: 7
server: nginx/1.17.6
set-cookie: uid_id2=50148bac-d918-4719-8a67-de57481d74af:2:1; expires=Mon, 06 Dec 2032 03:43:03 GMT; secure; SameSite=None
ak=29,1670557382; expires=Thu, 09 Mar 2023 03:43:03 GMT; secure; SameSite=None
acl=20,1,1670557382; expires=Thu, 09 Mar 2023 03:43:03 GMT; secure; SameSite=None
expires: Fri, 09 Dec 2022 03:43:03 GMT
cache-control: max-age=0, : no-cache
X-Firefox-Spdy: h2

faptitans.com/api/

138.201.149.27

200 OK

187 B

URL HTTP/2
faptitans.com/api/
IP
138.201.149.27:0
ASN
#24940 Hetzner Online GmbH

File type
JSON data\012- , ASCII text, with very long lines (621), with no line terminators
Size
187 B (187 bytes)
Hash
09a62a0d50ba06af6b74f88c71e89e46
bee29df947b90fe9bf646f8e8c1f52605b6000ee
4c8b8d6a0b8391fda97d33d9ecbede40324c8119affa134fd26ffe1d757597c3

HTTP Headers

POST /api/ HTTP/1.1
Host: faptitans.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-CSRFToken: pea6vXbGNbMfmDfestmNydRFYSw2cM4ufjAeZ4B9ZC4MVRXzuXZv6fRcxRsROtdB
X-Requested-With: XMLHttpRequest
Content-Length: 159
Origin: https://faptitans.com
Connection: keep-alive
Referer: https://faptitans.com/
Cookie: sessionid=qfqn5rk84fd0voviqslwtdyq90ibk1x5; cook=6zesz82y062gso3nai25ngifug54540z; csrftoken=pea6vXbGNbMfmDfestmNydRFYSw2cM4ufjAeZ4B9ZC4MVRXzuXZv6fRcxRsROtdB
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 09 Dec 2022 03:43:03 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding, Cookie, Accept-Language
content-language: en
set-cookie: csrftoken=pea6vXbGNbMfmDfestmNydRFYSw2cM4ufjAeZ4B9ZC4MVRXzuXZv6fRcxRsROtdB; expires=Fri, 08-Dec-2023 03:43:03 GMT; Max-Age=31449600; Path=/
strict-transport-security: max-age=43200
content-encoding: br
X-Firefox-Spdy: h2

rivne.space/iframe/5d839cd6290ea?iframe

104.21.47.163

200 OK

0 B

URL HTTP/2
rivne.space/iframe/5d839cd6290ea?iframe
IP
104.21.47.163:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /iframe/5d839cd6290ea?iframe HTTP/1.1
Host: rivne.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faptitans.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 09 Dec 2022 03:43:02 GMT
content-type: text/html
set-cookie: c_b3ffea71cc29f56d2fba269a968ef7d3=1; Expires=Sat, 10-Dec-22 03:43:02 GMT; Domain=rivne.space; Path=/; Secure; SameSite=None
z_c56a21bde062afcb1f0e6c38cce1c8f7=1; Expires=Sat, 10-Dec-22 03:43:02 GMT; Domain=rivne.space; Path=/; Secure; SameSite=None
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DqSSBVltZCsWs7v9pId0CeGejTQJI6IEQid71GvH%2BMpKXO8oSo7DOzPHPc7kTbQt4LF0YF89IBzXQsNHIabtoB5qUCHoMMlO4qRj%2Bq0x1Lr17DgDQ%2BhcfijiwDoyhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776abbf778fcb51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

faptitans.com/api/

138.201.149.27

200 OK

0 B

URL HTTP/2
faptitans.com/api/
IP
138.201.149.27:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /api/ HTTP/1.1
Host: faptitans.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-CSRFToken: pea6vXbGNbMfmDfestmNydRFYSw2cM4ufjAeZ4B9ZC4MVRXzuXZv6fRcxRsROtdB
X-Requested-With: XMLHttpRequest
Content-Length: 158
Origin: https://faptitans.com
Connection: keep-alive
Referer: https://faptitans.com/
Cookie: sessionid=qfqn5rk84fd0voviqslwtdyq90ibk1x5; cook=6zesz82y062gso3nai25ngifug54540z; csrftoken=pea6vXbGNbMfmDfestmNydRFYSw2cM4ufjAeZ4B9ZC4MVRXzuXZv6fRcxRsROtdB
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 09 Dec 2022 03:43:02 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding, Cookie, Accept-Language
content-language: en
set-cookie: csrftoken=pea6vXbGNbMfmDfestmNydRFYSw2cM4ufjAeZ4B9ZC4MVRXzuXZv6fRcxRsROtdB; expires=Fri, 08-Dec-2023 03:43:02 GMT; Max-Age=31449600; Path=/
strict-transport-security: max-age=43200
content-encoding: br
X-Firefox-Spdy: h2

faptitans.com/api/

138.201.149.27

200 OK

0 B

URL HTTP/2
faptitans.com/api/
IP
138.201.149.27:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /api/ HTTP/1.1
Host: faptitans.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-CSRFToken: pea6vXbGNbMfmDfestmNydRFYSw2cM4ufjAeZ4B9ZC4MVRXzuXZv6fRcxRsROtdB
X-Requested-With: XMLHttpRequest
Content-Length: 156
Origin: https://faptitans.com
Connection: keep-alive
Referer: https://faptitans.com/
Cookie: sessionid=qfqn5rk84fd0voviqslwtdyq90ibk1x5; cook=6zesz82y062gso3nai25ngifug54540z; csrftoken=pea6vXbGNbMfmDfestmNydRFYSw2cM4ufjAeZ4B9ZC4MVRXzuXZv6fRcxRsROtdB
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 09 Dec 2022 03:43:03 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding, Cookie, Accept-Language
content-language: en
set-cookie: csrftoken=pea6vXbGNbMfmDfestmNydRFYSw2cM4ufjAeZ4B9ZC4MVRXzuXZv6fRcxRsROtdB; expires=Fri, 08-Dec-2023 03:43:03 GMT; Max-Age=31449600; Path=/
strict-transport-security: max-age=43200
content-encoding: br
X-Firefox-Spdy: h2

goplayhere.com/?5defa5d178518&ag_custom_domain=tioanime.com

172.67.187.242

302 Found

0 B

URL HTTP/2
goplayhere.com/?5defa5d178518&ag_custom_domain=tioanime.com
IP
172.67.187.242:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /?5defa5d178518&ag_custom_domain=tioanime.com HTTP/1.1
Host: goplayhere.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
date: Fri, 09 Dec 2022 03:42:58 GMT
content-type: text/html
location: https://faptitans.com/?utm_campaign=pu_exo_manga_na&utm_medium=click&utm_source=bn&utm_content=tioanime.com&bnid=direct&crID=4539&zID=95870&land=direct
set-cookie: c_d2f51664adaebc60bcf55c028d773b61=1; Expires=Sat, 10-Dec-22 03:42:58 GMT; Domain=goplayhere.com; Path=/; Secure; SameSite=None
z_1ee83bf51fc9ae04880b726070ec8393=1; Expires=Sat, 10-Dec-22 03:42:58 GMT; Domain=goplayhere.com; Path=/; Secure; SameSite=None
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FQXjAroAj%2FYkJ6lgTS8tCNQNnVjhF%2Bnt1h5dxhiMiO7iqEWpcJhqKsJ%2BHUWFgMJKHaEqwC0Fj8GlFIGZbganrvXl929aUasyrEDt52wsK74uzN%2FQjRHx%2BVXcUfWnzPyOeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776abbe15f20b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

faptitans.com/

138.201.149.27

200 OK

0 B

URL HTTP/2
faptitans.com/
IP
138.201.149.27:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET / HTTP/1.1
Host: faptitans.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: sessionid=koai6hlmzhyazuoqjcfb4k8vvxjcwf1d; cook=6zesz82y062gso3nai25ngifug54540z
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 200 OK
date: Fri, 09 Dec 2022 03:42:59 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding, Cookie, Accept-Language
content-language: en
set-cookie: csrftoken=pea6vXbGNbMfmDfestmNydRFYSw2cM4ufjAeZ4B9ZC4MVRXzuXZv6fRcxRsROtdB; expires=Fri, 08-Dec-2023 03:42:59 GMT; Max-Age=31449600; Path=/
sessionid=qfqn5rk84fd0voviqslwtdyq90ibk1x5; expires=Sun, 11-Dec-2022 03:42:59 GMT; HttpOnly; Max-Age=172800; Path=/
strict-transport-security: max-age=43200
content-encoding: br
X-Firefox-Spdy: h2

cdn.faptitans.com/s1/rc/favicon.ico

104.19.254.19

200 OK

0 B

URL HTTP/2
cdn.faptitans.com/s1/rc/favicon.ico
IP
104.19.254.19:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /s1/rc/favicon.ico HTTP/1.1
Host: cdn.faptitans.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faptitans.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Fri, 09 Dec 2022 03:42:59 GMT
content-type: image/x-icon
last-modified: Mon, 14 Mar 2022 12:16:44 GMT
etag: W/"622f322c-47e"
expires: Mon, 06 Dec 2032 03:42:59 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 16000657
vary: Accept-Encoding
server: cloudflare
cf-ray: 776abbe7bd77b515-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (18)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations