Report - easy-lay.com/tt/16?affiliate_id=15001&sub1=jnob5r5lhpuk&sub2=422425&sub8=&sub7=42&source=242542&c1=arb|1037|

Report Overview

Submitted URL
easy-lay.com/tt/16?affiliate_id=15001&sub1=jnob5r5lhpuk&sub2=422425&sub8=&sub7=42&source=242542&c1=arb|1037|
IP
104.21.48.74
ASN
#13335 CLOUDFLARENET
Submitted
2023-01-07 19:14:52
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
icalendar.datingtopgirls.com	260095	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	373 B	2.4 kB	31.220.24.141
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	236 B	35.162.52.254
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	350 B	1.0 kB	143.204.42.158
static.cloudflareinsights.com	1294	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	449 B	393 B	104.16.56.101
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	477 B	559 B	74.125.131.155
easy-lay.com	254260	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	976 B	4.2 kB	104.21.48.74
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	337 B	1.4 kB	35.241.9.150
el.datingtopgirls.com	392973	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	393 B	30 kB	31.220.24.141
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	393 B	31 kB	142.250.74.106
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341 B	737 B	93.184.220.29
region1.analytics.google.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	793 B	619 B	216.239.34.36
c.bing.com	247	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	468 B	795 B	204.79.197.200
b.clarity.ms	3462	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	843 B	20.75.32.255
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	68 kB	34.120.237.76
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.4 kB	8.9 kB	23.33.119.27
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.9 kB	34.160.144.191
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	20 kB	142.250.74.131
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	378 B	60 kB	172.217.21.168
my.rtmark.net	9054	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	950 B	1.9 kB	139.45.195.8
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	477 B	694 B	142.250.74.131
botd.fpapi.io	297160	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	450 B	510 B	18.210.159.190
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
analitits.com	186712	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	987 B	168 B	31.220.24.19
c.clarity.ms	803	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	837 B	1.2 kB	20.234.93.27
www.googleoptimize.com	1604	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	381 B	763 B	142.250.74.174
www.clarity.ms	1404	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	753 B	1.2 kB	13.107.238.53

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-07	medium	icalendar.datingtopgirls.com/icalendar.js	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (25)

	URL	Size	First Seen	Last Seen
	www.googletagmanager.com/gtm.js?id=GTM-T76Q9QX	162 kB	2023-03-12	2023-03-12
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-T76Q9QX IP 172.217.21.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 17:12:41 Last Seen2023-03-12 17:12:41 Times Seen1 Hash 6111ae195f9fa03cd5b35a8706fbebc8 e4d96b4bad7f82a60b3869f4d7f31e94343d0896 5935603dac2bd700cd61013fa4bf7d68454063efda73b8b5423cb9585d3a7a20 Loading...

	unknown	0 B	2023-03-07	2024-04-24
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-24 02:27:29 Times Seen37029485 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.googleoptimize.com/optimize.js?id=OPT-NN2R6FM	116 kB	2023-03-12	2023-03-12
Pretty URL www.googleoptimize.com/optimize.js?id=OPT-NN2R6FM IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 15:33:04 Last Seen2023-03-12 19:32:23 Times Seen1 Hash abfb02aa9af15c79883fd2de8f474d0f dad4380fcca0750758e7a9d3cfb3b3368b83ba0d b608ad6593fd1672cc107fc712b10e3fc22a140dd5fbee9bc1442858d78335c9 Loading...

	easy-lay.com/fav/el/js/jquery-3.3.1.min.js	87 kB	2023-03-07	2024-04-21
Pretty URL easy-lay.com/fav/el/js/jquery-3.3.1.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:26 Last Seen2024-04-21 17:57:43 Times Seen12142 Hash af4078402c5e090d3f81d1abd71e2250 9592732de681f4365e9b7016dc5cf76e2a55ee9b 8603b20b548270423fb03c2138c16f5f863ead4c48eb0999167df869e2eef8a6 Loading...

	easy-lay.com/fav/el/js/script.js?82	182 B	2023-03-07	2023-03-17
Pretty URL easy-lay.com/fav/el/js/script.js?82 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:20:39 Last Seen2023-03-17 12:47:52 Times Seen1 Hash 67d8b2043b84a7fbda205f5e6e69cc57 57fc3af147cad3c441628c56c200e338f79ea7c2 6a397734fd24fd54fab407d0244016fe3dfcd2edee93ba425f778b4181b251a0 Loading...

	icalendar.datingtopgirls.com/icalendar.js	7.6 kB	2023-03-12	2024-02-08
Pretty URL icalendar.datingtopgirls.com/icalendar.js IP 31.220.24.141 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 11:28:31 Last Seen2024-02-08 04:04:46 Times Seen883 Hash 6305e17ce1f228a52ae7bb5293323418 0e2b4ddddb1197b8f3f1bd6adfe2840ffc0182f3 7e6613a50eaf24e896aa9b18eec7158ce12fd40cbe02a1d3f4af355fd553a28b Loading...

	http:blank	708 B	2023-03-12	2023-03-12
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 17:12:41 Last Seen2023-03-12 17:12:41 Times Seen1 Hash 62aa1debdb0914f8f40c0e9cbcd8de7f c65156fdaa0da77d3ee6df3ad1b493d2059a9a0e 973cd84c634f29b835dd756239f17b02933e97a969309339d0b54f17bb8ad6f3 Loading...

	www.clarity.ms/tag/bvsqia2v2y?ref=gtm	866 B	2023-03-09	2023-03-13
Pretty URL www.clarity.ms/tag/bvsqia2v2y?ref=gtm IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 10:46:08 Last Seen2023-03-13 07:02:09 Times Seen1 Hash 06e83702dd7d36c46572da45443c6559 9e9a2cc2c603f78735827970915dc520bb91ff2a b18389236d2a7ea144fc8f55eabc15fd927e5bc1b18c53ea23b1aeb60073dcb3 Loading...

	easy-lay.com/tt/16?affiliate_id=15001&sub1=jnob5r5lhpuk&sub2=422425&sub8=&sub7=42&source=242542&c1=arb\|1037\|	100 B	2023-03-07	2024-02-02
Pretty URL easy-lay.com/tt/16?affiliate_id=15001&sub1=jnob5r5lhpuk&sub2=422425&sub8=&sub7=42&source=242542&c1=arb\|1037\| IP 104.21.48.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:26 Last Seen2024-02-02 00:56:36 Times Seen139 Hash 6657d5cb319244c6cf4c7378f47596e1 cb008f36db33ff73fa420f12425c18e65a3053ff 1bbc661e1e53aa8c4b872fba1e02a35e276b0a21bfe29d3c93a57257d6546aa6 Loading...

	easy-lay.com/tt/16?affiliate_id=15001&sub1=jnob5r5lhpuk&sub2=422425&sub8=&sub7=42&source=242542&c1=arb\|1037\|	381 B	2023-03-07	2024-02-08
Pretty URL easy-lay.com/tt/16?affiliate_id=15001&sub1=jnob5r5lhpuk&sub2=422425&sub8=&sub7=42&source=242542&c1=arb\|1037\| IP 104.21.48.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:26 Last Seen2024-02-08 04:04:46 Times Seen482 Hash 2d63d2fc063a3b79517968ef422bfae2 3f5020fc07330429b607f808fc5373f5bede54a0 5c0085f5aec987d46f3ebd4a6ed616c806878b0a82cf6f8c926cb41925d637d1 Loading...

	easy-lay.com/tt/16?affiliate_id=15001&sub1=jnob5r5lhpuk&sub2=422425&sub8=&sub7=42&source=242542&c1=arb\|1037\|	1.7 kB	2023-03-12	2023-03-12
Pretty URL easy-lay.com/tt/16?affiliate_id=15001&sub1=jnob5r5lhpuk&sub2=422425&sub8=&sub7=42&source=242542&c1=arb\|1037\| IP 104.21.48.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 17:12:41 Last Seen2023-03-12 17:12:41 Times Seen1 Hash 8011275b979ea238e0d1585f034e207f d653a8ab5e6ea1f586b0562f63d9f65b9ee4625c 70ee6ea125c2d8de8b0171af273e37f597bace3462a1803aea7e0ce90f57a2a5 Loading...

	easy-lay.com/tt/16?affiliate_id=15001&sub1=jnob5r5lhpuk&sub2=422425&sub8=&sub7=42&source=242542&c1=arb\|1037\|	549 B	2023-03-07	2024-01-27
Pretty URL easy-lay.com/tt/16?affiliate_id=15001&sub1=jnob5r5lhpuk&sub2=422425&sub8=&sub7=42&source=242542&c1=arb\|1037\| IP 104.21.48.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:20:39 Last Seen2024-01-27 00:28:52 Times Seen16 Hash 8cb5927ea644de865ad4e031bf42e51a eba9139c96ad1a98da622d259333b76c094570f5 e30c7634986a5453d76cdaff0eae5cf67ec0f24650f21a09e88b644f025b6d25 Loading...

	easy-lay.com/tt/16?affiliate_id=15001&sub1=jnob5r5lhpuk&sub2=422425&sub8=&sub7=42&source=242542&c1=arb\|1037\|	571 B	2023-03-12	2024-01-27
Pretty URL easy-lay.com/tt/16?affiliate_id=15001&sub1=jnob5r5lhpuk&sub2=422425&sub8=&sub7=42&source=242542&c1=arb\|1037\| IP 104.21.48.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 10:48:31 Last Seen2024-01-27 00:28:52 Times Seen16 Hash 1f2ce403f3ef4fc2478f375c6fdaad81 788aeb58ce21815329b9128a72c8ed1fac3d5d3e 09543bcfd1d951065d2c6a51f5317b2044bd3ace3683afb0704e811183145244 Loading...

	easy-lay.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1673107200	33 kB	2023-03-12	2023-03-12
Pretty URL easy-lay.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1673107200 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 17:12:41 Last Seen2023-03-12 17:12:41 Times Seen1 Hash b4c44548639be702a6fea11800e7dfd5 93344fdfb86d57ad31915c3fa54721e80f54b62a 600c694342f0ab20f4d0fff17a866360e2ccff6e709bdeb4507263f9e45780bf Loading...

	www.clarity.ms/eus2/s/0.7.1/clarity.js	57 kB	2023-03-09	2023-11-05
Pretty URL www.clarity.ms/eus2/s/0.7.1/clarity.js IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 10:22:27 Last Seen2023-11-05 22:32:51 Times Seen3 Hash b9b253f431c87fd6d386778bb4f53db8 7e1615b8e242a06e0631ed4e0662cc3fb6487fc6 da5186fe0bb5dd59e7ece6ee7efac70c31755611e385fa423585572cb9628fcf Loading...

	easy-lay.com/js/main.js?82	24 kB	2023-03-12	2023-03-14
Pretty URL easy-lay.com/js/main.js?82 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 10:43:55 Last Seen2023-03-14 15:23:08 Times Seen1 Hash c8a8b587ee7ecbab27adbf000cca24a4 b9ef83d02f6bd30c2d837d7a027013b1570d52f4 7ccdc3b2c447d03a4ce29753f6dd2c85bdbc27c4cafc9d715142faa0c9d019bd Loading...

	easy-lay.com/tt/16?affiliate_id=15001&sub1=jnob5r5lhpuk&sub2=422425&sub8=&sub7=42&source=242542&c1=arb\|1037\|	894 B	2023-03-12	2023-03-12
Pretty URL easy-lay.com/tt/16?affiliate_id=15001&sub1=jnob5r5lhpuk&sub2=422425&sub8=&sub7=42&source=242542&c1=arb\|1037\| IP 104.21.48.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 17:12:41 Last Seen2023-03-12 17:12:41 Times Seen1 Hash a4c00ee8ed15944fdfa7fb0c586c9b12 e9e79d9ed6f9b05fcb034f4a6c66d49c0084e6a5 a3bcbfabc4fdaf54dcda6fede902215b54f5768b8df9efd91970526aeebdb71d Loading...

	easy-lay.com/js/script.js?82	12 kB	2023-03-08	2023-03-26
Pretty URL easy-lay.com/js/script.js?82 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:24:10 Last Seen2023-03-26 00:16:44 Times Seen8 Hash 6855532b091e028a339171c55834e4a3 8c2f4a43bd7fc25d532392105b8e830769b43a20 ea4e519e27a134a65801c8498d0f57c16f8bde82799f951fe59748f8f2eabfe2 Loading...

	easy-lay.com/tt/16?affiliate_id=15001&sub1=jnob5r5lhpuk&sub2=422425&sub8=&sub7=42&source=242542&c1=arb\|1037\|	1.0 kB	2023-03-12	2023-03-12
Pretty URL easy-lay.com/tt/16?affiliate_id=15001&sub1=jnob5r5lhpuk&sub2=422425&sub8=&sub7=42&source=242542&c1=arb\|1037\| IP 104.21.48.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 17:12:41 Last Seen2023-03-12 17:12:41 Times Seen1 Hash b582fb17057e97e395e4764b2a40bf99 29ea91fe93e662c6de9ae4d6f88d01f3dabd3dd1 c321a6890ee157e5f53c589941151f52f89d5f1392c1f891c2fe3cef0673cf8d Loading...

	easy-lay.com/js/sp.js	74 kB	2023-03-12	2024-04-04
Pretty URL easy-lay.com/js/sp.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 07:47:14 Last Seen2024-04-04 09:43:16 Times Seen12283 Hash 3fb00dbb8acb3c68fd5ddb674f22bb88 cf7bc4f71f0ff66037ac2e564963ff4c2737e766 7d3d84e73da67922341950d1542a5a5da2420ea18026e314a9aec22f631e4246 Loading...

	easy-lay.com/t/event/v4?e_t=pageview&url=https%253A%252F%252Feasy-lay.com%252Ftt%252F16%253Faffiliate_id%253D15001%2526sub1%253Djnob5r5lhpuk%2526sub2%253D422425%2526sub8%253D%2526sub7%253D42%2526source%253D242542%2526c1%253Darb%257C1037%257C&ref=&d_r=1&d_s=1280x1024&d_w=1280x939&t_s=1673118869502&t_i=1673118869764&u_tz=0&u_l=en-US&u_l2=&u_l3=&n_c=&n_s=&pv_uid=e642b49f-2918-4a4a-ae5b-62beea3e5db2&nav_rc=0&nav_nt=NAVIGATE&p_nn=easy-lay&p_pt=&p_tt=desktop&p_l=en&p_z=NONAUTHORIZED&p_u_m_id=&p_u_s=GUEST&p_u_v_id=jnob5r5lhpuk&fpid_sa=1673118869764&fpid=&feid_sa=1&sid_sa=1&feid=26bd04fbb2cc9c6efd7d1073031b54cc&sid=ea779d9b45bf97143ff8b4517dfe0fbe&u_adb=0&vn=S-2.8.3&s_rst=1&st_d=%7B%7D&e_d=%7B%22affid%22%3A%2215001%22%2C%22source%22%3A%22242542%22%2C%22page_id%22%3A%22f541e1ad5047291e288215b949ae1eb3%22%2C%22tour%22%3A%22t%2F16%22%7D&t_op=1.149&cb=gl.cb.pv	65 B	2023-03-12	2023-03-12
Pretty URL easy-lay.com/t/event/v4?e_t=pageview&url=https%253A%252F%252Feasy-lay.com%252Ftt%252F16%253Faffiliate_id%253D15001%2526sub1%253Djnob5r5lhpuk%2526sub2%253D422425%2526sub8%253D%2526sub7%253D42%2526source%253D242542%2526c1%253Darb%257C1037%257C&ref=&d_r=1&d_s=1280x1024&d_w=1280x939&t_s=1673118869502&t_i=1673118869764&u_tz=0&u_l=en-US&u_l2=&u_l3=&n_c=&n_s=&pv_uid=e642b49f-2918-4a4a-ae5b-62beea3e5db2&nav_rc=0&nav_nt=NAVIGATE&p_nn=easy-lay&p_pt=&p_tt=desktop&p_l=en&p_z=NONAUTHORIZED&p_u_m_id=&p_u_s=GUEST&p_u_v_id=jnob5r5lhpuk&fpid_sa=1673118869764&fpid=&feid_sa=1&sid_sa=1&feid=26bd04fbb2cc9c6efd7d1073031b54cc&sid=ea779d9b45bf97143ff8b4517dfe0fbe&u_adb=0&vn=S-2.8.3&s_rst=1&st_d=%7B%7D&e_d=%7B%22affid%22%3A%2215001%22%2C%22source%22%3A%22242542%22%2C%22page_id%22%3A%22f541e1ad5047291e288215b949ae1eb3%22%2C%22tour%22%3A%22t%2F16%22%7D&t_op=1.149&cb=gl.cb.pv IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 17:12:41 Last Seen2023-03-12 17:12:41 Times Seen1 Hash 9a746473301b18486c968ae8a5debd0e e44032534a74b4fcb9558be1d5fc5c9f5fd99e16 51ed31e0161878497ad66ea9421d0de137b5bfe5bd14c2aaaf99787087878cc9 Loading...

	my.rtmark.net/p.js?f=sync&lr=1&partner=bea467c9e34e8272bd1bf9a4a452ac3653f0e23d224530e911cd838f39a107cc	697 B	2023-03-08	2024-02-25
Pretty URL my.rtmark.net/p.js?f=sync&lr=1&partner=bea467c9e34e8272bd1bf9a4a452ac3653f0e23d224530e911cd838f39a107cc IP 139.45.195.8 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:15 Last Seen2024-02-25 15:06:23 Times Seen1042 Hash 1ba2794f0f7dd2b29159959320fd42bd 8e73fa295266b44f59b5bc53cafb7febe3c85e39 3ae0c3406428498610c125ba13450e55a412406359bd6b2cf21bdf5f5be4486c Loading...

	static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993	17 kB	2023-03-08	2024-02-28
Pretty URL static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 IP 104.16.56.101 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:25:00 Last Seen2024-02-28 12:44:37 Times Seen1362 Hash 33100f2355611b2375f05486299abf05 0b2d1b75f6695e67b884bee2eb72165d6e881a26 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3 Loading...

	easy-lay.com/tt/16?affiliate_id=15001&sub1=jnob5r5lhpuk&sub2=422425&sub8=&sub7=42&source=242542&c1=arb\|1037\|	219 B	2023-03-12	2023-03-12
Pretty URL easy-lay.com/tt/16?affiliate_id=15001&sub1=jnob5r5lhpuk&sub2=422425&sub8=&sub7=42&source=242542&c1=arb\|1037\| IP 104.21.48.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 17:12:41 Last Seen2023-03-12 17:12:41 Times Seen1 Hash 2f874544d246c6bab08fd8bc00574cd8 6eab41976248487c71d1804a9ac9a3384bce41f0 40174c994981ab0113397a9b3614d299f07f0a2eb41254eec5059a1360c99b4f Loading...

	easy-lay.com/tt/16?affiliate_id=15001&sub1=jnob5r5lhpuk&sub2=422425&sub8=&sub7=42&source=242542&c1=arb\|1037\|	1.6 kB	2023-03-12	2023-03-12
Pretty URL easy-lay.com/tt/16?affiliate_id=15001&sub1=jnob5r5lhpuk&sub2=422425&sub8=&sub7=42&source=242542&c1=arb\|1037\| IP 104.21.48.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 17:12:41 Last Seen2023-03-12 17:12:41 Times Seen1 Hash dc9b05501c7f1d343382b5d010b5d8be 6c409b58e05d35471327b2de87142916929cef87 4010974abda7f2d282b3d825fb727287629a709b6585aad40fce1d5e542db889 Loading...

HTTP Transactions (53)

URL IP Response Size

easy-lay.com/tt/16?affiliate_id=15001&sub1=jnob5r5lhpuk&sub2=422425&sub8=&sub7=42&source=242542&c1=arb|1037|

104.21.48.74

301 Moved Permanently

549 B

URL HTTP/1.1
easy-lay.com/tt/16?affiliate_id=15001&sub1=jnob5r5lhpuk&sub2=422425&sub8=&sub7=42&source=242542&c1=arb|1037|
IP
104.21.48.74:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (386), with CRLF, LF line terminators
Size
549 B (549 bytes)
Hash
dadb5ffabe36094bc10c052c81218b67
9b845f79720946ffd661102e651ee867d75048b4
e37d1b2d3be6b49c5b9499ed86ddacfd260bf38af786cbc65bd5e205d64412ac

HTTP Headers

GET /tt/16?affiliate_id=15001&sub1=jnob5r5lhpuk&sub2=422425&sub8=&sub7=42&source=242542&c1=arb|1037| HTTP/1.1
Host: easy-lay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Sat, 07 Jan 2023 19:14:40 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://easy-lay.com/tt/16?affiliate_id=15001&sub1=jnob5r5lhpuk&sub2=422425&sub8=&sub7=42&source=242542&c1=arb|1037|
CF-Cache-Status: DYNAMIC
Server-Timing: cf-q-config;dur=6.9999987317715e-06
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=87YCKewyc5AckeX8QKc32yNQK7dA5tLi0q5oU2bcj%2BlbTgmXNho%2BE0bYvHdwTLONetnWMsLcYjD3bLedYB%2FqG5vS2deeKdOfGqgKF7EsGCI28CrB5nH%2Fk8Q8sybgLiI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 785f048cffb60b59-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b782882bdabaf3b08e64120922b4a4b7
2035ed7fc9fb5b6ee9715601ba43de5f94d0c0e9
3fe7d1a9a55b86ec25d02634749ccfae11f3477033ba8cd7ac4131b7948ba619

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3FE7D1A9A55B86EC25D02634749CCFAE11F3477033BA8CD7AC4131B7948BA619"
Last-Modified: Sat, 07 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14973
Expires: Sat, 07 Jan 2023 23:24:14 GMT
Date: Sat, 07 Jan 2023 19:14:41 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
516b9d6951b09439a51d5284994ed92f
5c78edb38bae36caa8e2db8ed6635a32e46c91dd
eaaf4ebc59d2a06d02b552154c5adb7c713ffc4a7f5caabcff1c2b4cd6ec5c7b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EAAF4EBC59D2A06D02B552154C5ADB7C713FFC4A7F5CAABCFF1C2B4CD6EC5C7B"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15609
Expires: Sat, 07 Jan 2023 23:34:50 GMT
Date: Sat, 07 Jan 2023 19:14:41 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 07 Jan 2023 18:41:25 GMT
content-type: application/json
age: 1996
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
75f0037a1d53a9a5321a796206ec3e24
70d42c9bf1334f20e1cea4ce3c8212e0e780ee77
80ec1e61f9563e799c9f44ea31e616c37daea1b9670091fbbc6efc39ebafe3d3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "80EC1E61F9563E799C9F44EA31E616C37DAEA1B9670091FBBC6EFC39EBAFE3D3"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15821
Expires: Sat, 07 Jan 2023 23:38:22 GMT
Date: Sat, 07 Jan 2023 19:14:41 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 1KRdKzTL62Q5x374uMHPFBgRiXVNKeOL44ytdbfYXCPfhWnZfmh0GO6ofKujwtq/9X9mAUl9h0fGlHwj49Clcg==
x-amz-request-id: R8ZRGET2CWC088MT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 07 Jan 2023 19:00:31 GMT
age: 850
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 07 Jan 2023 19:14:41 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

1.4 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
1.4 kB (1357 bytes)
Hash
6780b5076edd6874a7a5e230fde72cee
8b16eb06b5d6be6cbf0667dbf33c96ac951c3e38
ebf45fd6f84e489e3740b2ae10407a651852eef3d23b4bd81cc0da2a38af6781

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 19:14:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
654b573a8f63539369a38e6bc0f20d01
a51cfb6dc79a2dc5ae7f443ddb19d6754fd69f7b
520df2088ec767f857d0e6f8778d47b2190fd146e43a6b8f319e2c4ce7a45b9f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "520DF2088EC767F857D0E6F8778D47B2190FD146E43A6B8F319E2C4CE7A45B9F"
Last-Modified: Sat, 07 Jan 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15157
Expires: Sat, 07 Jan 2023 23:27:18 GMT
Date: Sat, 07 Jan 2023 19:14:41 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
604d970ca83426b73099de3b84eef639
fcc565524ae4206a253bb4dfe7ae292b907361a9
d6fa3b716492b1351964ae7f25e471dbb29218342cfb50b2dcb53aabd1f14621

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D6FA3B716492B1351964AE7F25E471DBB29218342CFB50B2DCB53AABD1F14621"
Last-Modified: Thu, 05 Jan 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2744
Expires: Sat, 07 Jan 2023 20:00:25 GMT
Date: Sat, 07 Jan 2023 19:14:41 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
623e85ff33837eb6c59e11ae2759237a
cea1948490802e652e7f6678dc76694e0d6ab61a
1fb30f3579d3277435c860f472008bea3680db1202d838ad4669d943ec88ba65

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 19:14:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

el.datingtopgirls.com/util/102-small.jpg

31.220.24.141

200 OK

30 kB

URL HTTP/1.1
el.datingtopgirls.com/util/102-small.jpg
IP
31.220.24.141:0
ASN
#39572 DataWeb Global Group B.V.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 240x240, components 3\012- data
Size
30 kB (29659 bytes)
Hash
ff1a9f98b982ee76898d06af6bac36a6
763a12226dc5da922a5672ce48c4c7839ff312a5
6a0bc17d46ef62942644d09395a77db0ba4d18cb14df24dbca3e170838befe87

HTTP Headers

GET /util/102-small.jpg HTTP/1.1
Host: el.datingtopgirls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://easy-lay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Sat, 07 Jan 2023 19:14:41 GMT
Content-Type: image/jpeg
Content-Length: 29659
Last-Modified: Fri, 02 Apr 2021 14:16:22 GMT
Connection: keep-alive
ETag: "60672736-73db"
Accept-Ranges: bytes

icalendar.datingtopgirls.com/icalendar.js

31.220.24.141

200 OK

2.2 kB

URL HTTP/1.1
icalendar.datingtopgirls.com/icalendar.js
IP
31.220.24.141:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text
Size
2.2 kB (2171 bytes)
Hash
ee5ff51b385e058b2c9877d81f9d5d65
352f9c19bf07dec79a78e07481d8ae94e717cd87
d1ba9d269e7826b85e539634b6f57cded11b472b3b839f6994409acb9e35319a

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /icalendar.js HTTP/1.1
Host: icalendar.datingtopgirls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://easy-lay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Sat, 07 Jan 2023 19:14:41 GMT
Content-Type: application/javascript
Last-Modified: Fri, 30 Dec 2022 14:40:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63aef87a-1d8c"
Content-Encoding: gzip

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
17cf9dce587a0172ed5024014092613a
c4d54d41bb2065c443b71ce4cb0765afcf25ff5d
c9e7f02104dba48ac14728545d4e4fbc2393ab6c2cb4b36504aad9626f8d10b1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 19:14:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtm.js?id=GTM-T76Q9QX

172.217.21.168

200 OK

59 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-T76Q9QX
IP
172.217.21.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2985)
Size
59 kB (58968 bytes)
Hash
72cfb3de1308be1b2a0920c40af86ed8
65cb7936ade73b24152f04ebfe773721a8538041
b85928a81be716b6a05ee80ae802ec5a5a208ef949c3eb70a128dea929be0f05

HTTP Headers

GET /gtm.js?id=GTM-T76Q9QX HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://easy-lay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 07 Jan 2023 19:14:41 GMT
expires: Sat, 07 Jan 2023 19:14:41 GMT
cache-control: private, max-age=900
last-modified: Sat, 07 Jan 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 58968
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/icon?family=Material+Icons

142.250.74.106

200 OK

30 kB

URL HTTP/2
fonts.googleapis.com/icon?family=Material+Icons
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
30 kB (30400 bytes)
Hash
fabf3b20f0ddef76bd48e573c483ac59
16edf75b496fdd0cd953ce88d3e1d9611068ee4d
05689e79da17ebc713f392f436db0f763462322b8ad879209c226ff22aa0da78

HTTP Headers

GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://easy-lay.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 07 Jan 2023 19:14:41 GMT
date: Sat, 07 Jan 2023 19:14:41 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

14 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
14 kB (14289 bytes)
Hash
0102912d5577ac94d67ecfb1c9d9d946
3e6bbefec0ac6486c33de2991fea1b4325143cdc
af601381b85e8187aabb7e503d978a0985d5eee643f00ea1445105f0cb6f2f85

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 19:14:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
8589b6a84dd5a09ec546aff38bbd2515
1c3a3d8a69ae7a3ebda64292caf0e0f5968e81f7
f013da155203f0509d56e8174c2ae5ed23aad413b4391f276efd388519743b17

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3643
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 19:14:42 GMT
Last-Modified: Sat, 07 Jan 2023 18:13:59 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

35.162.52.254

101 Switching Protocols

109 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.162.52.254:0
ASN
#16509 AMAZON-02

File type
data
Size
109 B (109 bytes)
Hash
e82c4f519caa9c55470d553bf96e0b4e
8974b6482982863d98044e19c685d58c06b78064
9951754f8a94cbfabe1195d93cd653bbc07725e3630835c1566fbba5f8ebd279

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: VjUFJ/9VsESgod77zW4qwQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: L8gb39Bv2HAHL31tnFi/j57aRdo=

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
41cfba48de8388bdca058369852e5ccd
ffc475a1afb5d42498593c8d6bc0282502a1acb3
c0fef8ebac1da710707e19de92bc3600ac616fbe90d499856c279b54ed8ec4fe

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C0FEF8EBAC1DA710707E19DE92BC3600AC616FBE90D499856C279B54ED8EC4FE"
Last-Modified: Fri, 06 Jan 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2738
Expires: Sat, 07 Jan 2023 20:00:20 GMT
Date: Sat, 07 Jan 2023 19:14:42 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

570 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
570 B (570 bytes)
Hash
566118e1dd05c69df63b5255ea9924aa
293f97bd7647527803ae59396ef470e6305b04bb
f0c47341cee1bb077440678f13027ce59c49955016c249b1ce0f9d2ee844b36c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F75AD74FDCF9B9B4BFE1F0E477BFB46CCB5CF8AD948FC1BBE60639644CD51E3F"
Last-Modified: Fri, 06 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9104
Expires: Sat, 07 Jan 2023 21:46:26 GMT
Date: Sat, 07 Jan 2023 19:14:42 GMT
Connection: keep-alive

my.rtmark.net/p.js?f=sync&lr=1&partner=bea467c9e34e8272bd1bf9a4a452ac3653f0e23d224530e911cd838f39a107cc

139.45.195.8

200 OK

703 B

URL HTTP/2
my.rtmark.net/p.js?f=sync&lr=1&partner=bea467c9e34e8272bd1bf9a4a452ac3653f0e23d224530e911cd838f39a107cc
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
data
Size
703 B (703 bytes)
Hash
806858f6544931de2c3de2b4a3e5d7b7
94ecdade011cdca0a55200f3b4312ab656589ea1
e7ac5be4ab4d74877bfa159d9ed0c0ee612ed198249cac627859fb9b3ddad0d8

HTTP Headers

GET /p.js?f=sync&lr=1&partner=bea467c9e34e8272bd1bf9a4a452ac3653f0e23d224530e911cd838f39a107cc HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://easy-lay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 07 Jan 2023 19:14:42 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

analitits.com/t/errors/v1?msg=ReferenceError%3A%20AppNotify%20is%20not%20defined&file=https%3A%2F%2Feasy-lay.com%2Fjs%2Fmain.js%3F82&line=232&col=11&stack=processPushState%40https%3A%2F%2Feasy-lay.com%2Fjs%2Fmain.js%3F82%3A232%3A11%0Ainit_p_func%40https%3A%2F%2Feasy-lay.com%2Fjs%2Fmain.js%3F82%3A863%3A9%0A%40https%3A%2F%2Feasy-lay.com%2Fjs%2Fmain.js%3F82%3A866%3A3%0Al%40https%3A%2F%2Feasy-lay.com%2Ffav%2Fel%2Fjs%2Fjquery-3.3.1.min.js%3A1%3A29375%0ADeferred%2Fthen%2Fa%2F%3C%2Fc%3C%40https%3A%2F%2Feasy-lay.com%2Ffav%2Fel%2Fjs%2Fjquery-3.3.1.min.js%3A1%3A29677%0A

31.220.24.19

200 OK

0 B

URL HTTP/1.1
analitits.com/t/errors/v1?msg=ReferenceError%3A%20AppNotify%20is%20not%20defined&file=https%3A%2F%2Feasy-lay.com%2Fjs%2Fmain.js%3F82&line=232&col=11&stack=processPushState%40https%3A%2F%2Feasy-lay.com%2Fjs%2Fmain.js%3F82%3A232%3A11%0Ainit_p_func%40https%3A%2F%2Feasy-lay.com%2Fjs%2Fmain.js%3F82%3A863%3A9%0A%40https%3A%2F%2Feasy-lay.com%2Fjs%2Fmain.js%3F82%3A866%3A3%0Al%40https%3A%2F%2Feasy-lay.com%2Ffav%2Fel%2Fjs%2Fjquery-3.3.1.min.js%3A1%3A29375%0ADeferred%2Fthen%2Fa%2F%3C%2Fc%3C%40https%3A%2F%2Feasy-lay.com%2Ffav%2Fel%2Fjs%2Fjquery-3.3.1.min.js%3A1%3A29677%0A
IP
31.220.24.19:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /t/errors/v1?msg=ReferenceError%3A%20AppNotify%20is%20not%20defined&file=https%3A%2F%2Feasy-lay.com%2Fjs%2Fmain.js%3F82&line=232&col=11&stack=processPushState%40https%3A%2F%2Feasy-lay.com%2Fjs%2Fmain.js%3F82%3A232%3A11%0Ainit_p_func%40https%3A%2F%2Feasy-lay.com%2Fjs%2Fmain.js%3F82%3A863%3A9%0A%40https%3A%2F%2Feasy-lay.com%2Fjs%2Fmain.js%3F82%3A866%3A3%0Al%40https%3A%2F%2Feasy-lay.com%2Ffav%2Fel%2Fjs%2Fjquery-3.3.1.min.js%3A1%3A29375%0ADeferred%2Fthen%2Fa%2F%3C%2Fc%3C%40https%3A%2F%2Feasy-lay.com%2Ffav%2Fel%2Fjs%2Fjquery-3.3.1.min.js%3A1%3A29677%0A HTTP/1.1
Host: analitits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1
Origin: https://easy-lay.com
Connection: keep-alive
Referer: https://easy-lay.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Sat, 07 Jan 2023 19:14:42 GMT
Content-Type: application/octet-stream
Content-Length: 0
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
69c3f0bdbb90c95313c7de5255c3b6e8
8edcbfcc3b87aeecc9f3ca84537512e01039ad6a
754d91c7500f67369c1ea04649eddef7e4201932f81405a0662a6d5f4b80a3da

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 19:14:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Q7W6GLM2DR&cid=333050211.1673118871&gtm=2oe120&aip=1&z=564774865

142.250.74.131

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Q7W6GLM2DR&cid=333050211.1673118871&gtm=2oe120&aip=1&z=564774865
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Q7W6GLM2DR&cid=333050211.1673118871&gtm=2oe120&aip=1&z=564774865 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://easy-lay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 07 Jan 2023 19:14:43 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
69c3f0bdbb90c95313c7de5255c3b6e8
8edcbfcc3b87aeecc9f3ca84537512e01039ad6a
754d91c7500f67369c1ea04649eddef7e4201932f81405a0662a6d5f4b80a3da

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 19:14:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sca1b.amazontrust.com/

143.204.42.158

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.158:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
683d097a2b6bcdbd6f267bb69264e7c4
ff4bcd000e973278c7d9e6dad9333930c1ffa011
f15f4a97f1a71e3f900fa9286aa330e340bf5a5e9d329633575a5f81b4dbd835

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=114669
Date: Sat, 07 Jan 2023 19:14:43 GMT
Etag: "63b8ddab-1d7"
Expires: Mon, 09 Jan 2023 03:05:52 GMT
Last-Modified: Sat, 07 Jan 2023 02:49:15 GMT
Server: ECS (dcb/7EEA)
X-Cache: Miss from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ANQ_7GGjYyWE5XzDX-KCQJ0LtjSFpf5ydteblZnJa7WVBkqCbpM1Yg==
Age: 997

botd.fpapi.io/api/v1/detect?version=0.1.23

18.210.159.190

401 Unauthorized

69 B

URL HTTP/2
botd.fpapi.io/api/v1/detect?version=0.1.23
IP
18.210.159.190:0
ASN
#14618 AMAZON-AES

File type
data
Size
69 B (69 bytes)
Hash
32ba2944a9fb9f71e7edc24a56593f3d
52b5da6230916b04a19d6f712ef247513831038c
e2d1e1dce80588c0d6bd72d2ab94eb6ed4ea63771f52fc16d4ef2b96fef2dac9

HTTP Headers

POST /api/v1/detect?version=0.1.23 HTTP/1.1
Host: botd.fpapi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://easy-lay.com/
Content-Type: text/plain
Origin: https://easy-lay.com
Content-Length: 22015
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 401 Unauthorized
date: Sat, 07 Jan 2023 19:14:43 GMT
content-type: application/octet-stream
content-length: 69
server: nginx
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Origin, Content-Length, Accept-Encoding, Authorization, Auth-Subscriptions, Botd-Password
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://easy-lay.com
X-Firefox-Spdy: h2

c.clarity.ms/c.gif

20.234.93.27

302 Found

0 B

URL HTTP/2
c.clarity.ms/c.gif
IP
20.234.93.27:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://easy-lay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=2306604F534248B4B731BCF122B7DBEE&RedC=c.clarity.ms&MXFR=29622B7DA2876E55132439EFA6876000
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=29622B7DA2876E55132439EFA6876000; domain=.clarity.ms; expires=Thu, 01-Feb-2024 19:14:43 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Sat, 07 Jan 2023 19:14:42 GMT
content-length: 0
X-Firefox-Spdy: h2

my.rtmark.net/img.gif?f=sync&partner=bea467c9e34e8272bd1bf9a4a452ac3653f0e23d224530e911cd838f39a107cc&ttl=&rurl=https%3A%2F%2Feasy-lay.com%2Ftt%2F16

139.45.195.8

200 OK

43 B

URL HTTP/2
my.rtmark.net/img.gif?f=sync&partner=bea467c9e34e8272bd1bf9a4a452ac3653f0e23d224530e911cd838f39a107cc&ttl=&rurl=https%3A%2F%2Feasy-lay.com%2Ftt%2F16
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /img.gif?f=sync&partner=bea467c9e34e8272bd1bf9a4a452ac3653f0e23d224530e911cd838f39a107cc&ttl=&rurl=https%3A%2F%2Feasy-lay.com%2Ftt%2F16 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://easy-lay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 07 Jan 2023 19:14:43 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=bd2462abcddd44908accf7fa1829a154; expires=Sun, 07 Jan 2024 19:14:43 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-Q7W6GLM2DR&gtm=2oe120&_p=583366056&_gaz=1&cid=333050211.1673118871&ul=en-us&sr=1280x1024&_s=1&sid=1673118871&sct=1&seg=0&dl=https%3A%2F%2Feasy-lay.com%2Ftt%2F16&dt=EasyLay.com%20-%20search%20all%20best%20free%20online%20dating%20sites&en=page_view&_fv=1&_nsi=1&_ss=1&up.visitor_id=jnob5r5lhpuk&up.member_id=&up.tour=16&up.user_status=GUEST&up.networkname=easy-lay

216.239.34.36

204 No Content

60 B

URL HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-Q7W6GLM2DR&gtm=2oe120&_p=583366056&_gaz=1&cid=333050211.1673118871&ul=en-us&sr=1280x1024&_s=1&sid=1673118871&sct=1&seg=0&dl=https%3A%2F%2Feasy-lay.com%2Ftt%2F16&dt=EasyLay.com%20-%20search%20all%20best%20free%20online%20dating%20sites&en=page_view&_fv=1&_nsi=1&_ss=1&up.visitor_id=jnob5r5lhpuk&up.member_id=&up.tour=16&up.user_status=GUEST&up.networkname=easy-lay
IP
216.239.34.36:0
ASN
#15169 GOOGLE

File type
data
Size
60 B (60 bytes)
Hash
d6be50d0a61b38a09973797cb12f4b14
b3f9d42e3a6329b84883589f8ffb13f6be1bbe3e
9cef16b0a7818757895e934fc996fc36387b9a81767a632007b2156e5a09efdf

HTTP Headers

POST /g/collect?v=2&tid=G-Q7W6GLM2DR&gtm=2oe120&_p=583366056&_gaz=1&cid=333050211.1673118871&ul=en-us&sr=1280x1024&_s=1&sid=1673118871&sct=1&seg=0&dl=https%3A%2F%2Feasy-lay.com%2Ftt%2F16&dt=EasyLay.com%20-%20search%20all%20best%20free%20online%20dating%20sites&en=page_view&_fv=1&_nsi=1&_ss=1&up.visitor_id=jnob5r5lhpuk&up.member_id=&up.tour=16&up.user_status=GUEST&up.networkname=easy-lay HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://easy-lay.com
Connection: keep-alive
Referer: https://easy-lay.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://easy-lay.com
date: Sat, 07 Jan 2023 19:14:43 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
0521e41515d6353221b262052a1379d0
093c1306189c79f1cadc7b17f2a70ea34c0bc1d6
81d59ed2135bdc6f5987a5a3ff39fd7073c158f0a6fe1b79137799d7b2963a3f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 19:14:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

c.bing.com/c.gif?CtsSyncId=2306604F534248B4B731BCF122B7DBEE&RedC=c.clarity.ms&MXFR=29622B7DA2876E55132439EFA6876000

204.79.197.200

302 Found

0 B

URL HTTP/2
c.bing.com/c.gif?CtsSyncId=2306604F534248B4B731BCF122B7DBEE&RedC=c.clarity.ms&MXFR=29622B7DA2876E55132439EFA6876000
IP
204.79.197.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c.gif?CtsSyncId=2306604F534248B4B731BCF122B7DBEE&RedC=c.clarity.ms&MXFR=29622B7DA2876E55132439EFA6876000 HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://easy-lay.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=2306604F534248B4B731BCF122B7DBEE&MUID=1BECF81541C8673B3B73EA87409F6640
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=1BECF81541C8673B3B73EA87409F6640; domain=c.bing.com; expires=Thu, 01-Feb-2024 19:14:43 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8FD5D82DB6A24683AA7D44F7B95B6120 Ref B: OSL30EDGE0310 Ref C: 2023-01-07T19:14:43Z
date: Sat, 07 Jan 2023 19:14:43 GMT
content-length: 0
X-Firefox-Spdy: h2

stats.g.doubleclick.net/g/collect?v=2&tid=G-Q7W6GLM2DR&cid=333050211.1673118871&gtm=2oe120&aip=1

74.125.131.155

204 No Content

0 B

URL HTTP/2
stats.g.doubleclick.net/g/collect?v=2&tid=G-Q7W6GLM2DR&cid=333050211.1673118871&gtm=2oe120&aip=1
IP
74.125.131.155:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-Q7W6GLM2DR&cid=333050211.1673118871&gtm=2oe120&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://easy-lay.com
Connection: keep-alive
Referer: https://easy-lay.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://easy-lay.com
date: Sat, 07 Jan 2023 19:14:43 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

c.clarity.ms/c.gif?CtsSyncId=2306604F534248B4B731BCF122B7DBEE&MUID=1BECF81541C8673B3B73EA87409F6640

20.234.93.27

200 OK

42 B

URL HTTP/2
c.clarity.ms/c.gif?CtsSyncId=2306604F534248B4B731BCF122B7DBEE&MUID=1BECF81541C8673B3B73EA87409F6640
IP
20.234.93.27:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

HTTP Headers

GET /c.gif?CtsSyncId=2306604F534248B4B731BCF122B7DBEE&MUID=1BECF81541C8673B3B73EA87409F6640 HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://easy-lay.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Thu, 05 Jan 2023 17:40:42 GMT
accept-ranges: bytes
etag: "d59a6ed52c21d91:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Sat, 07-Jan-2023 19:24:43 GMT; path=/; SameSite=None; Secure;
date: Sat, 07 Jan 2023 19:14:42 GMT
content-length: 42
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
bca7f62d320a595159ceae1b30ef4c65
0e0c7a42f0d017f617b40aea757cf0a0a4d71d9a
e30f2266b5b10dd868954bba127f6a8e85ba6f8422b565ca17aee0e9074b9d99

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 19:14:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
11aea3c23fce2f77cadf7a551f4e8b17
4963aafedcf3fc5f28f1b4a6b0212abfd5526702
d2ada7d592878b58921cd0568efa62abefd7423d40bec16133886e2c67a791b3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2ADA7D592878B58921CD0568EFA62ABEFD7423D40BEC16133886E2C67A791B3"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10533
Expires: Sat, 07 Jan 2023 22:10:16 GMT
Date: Sat, 07 Jan 2023 19:14:43 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
11aea3c23fce2f77cadf7a551f4e8b17
4963aafedcf3fc5f28f1b4a6b0212abfd5526702
d2ada7d592878b58921cd0568efa62abefd7423d40bec16133886e2c67a791b3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2ADA7D592878B58921CD0568EFA62ABEFD7423D40BEC16133886E2C67A791B3"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10533
Expires: Sat, 07 Jan 2023 22:10:16 GMT
Date: Sat, 07 Jan 2023 19:14:43 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
11aea3c23fce2f77cadf7a551f4e8b17
4963aafedcf3fc5f28f1b4a6b0212abfd5526702
d2ada7d592878b58921cd0568efa62abefd7423d40bec16133886e2c67a791b3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2ADA7D592878B58921CD0568EFA62ABEFD7423D40BEC16133886E2C67A791B3"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10533
Expires: Sat, 07 Jan 2023 22:10:16 GMT
Date: Sat, 07 Jan 2023 19:14:43 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb5ffe4f-5ae5-4938-b3ca-b004d549afe4.jpeg

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb5ffe4f-5ae5-4938-b3ca-b004d549afe4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6801 bytes)
Hash
b068b261514833df29c3081c7681bc1e
d55b98ad8b8720a934ce41132d3e5821f7956511
e9852eb569b9f28d070ba51af9dc8a36698ed9b5afa771d123ce89391f9d7d00

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb5ffe4f-5ae5-4938-b3ca-b004d549afe4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6801
x-amzn-requestid: 974e4e95-8a57-4d85-b587-aa37bab3faf6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eVxGDEf3IAMF52Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b89559-2984a4fb36910d535abe2856;Sampled=0
x-amzn-remapped-date: Fri, 06 Jan 2023 21:40:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 1_FaLJqdAPcmO1By5BQa71NxFK2ELnXpwXqs-9BMPSdRTxrGRhnJUQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 74ab105148338444981d1b2277ffd9c4.cloudfront.net (CloudFront), 1.1 google
date: Fri, 06 Jan 2023 21:49:18 GMT
age: 77125
etag: "d55b98ad8b8720a934ce41132d3e5821f7956511"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

18 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe337b2fa-7f8d-45d1-9c3b-36a6e16363af.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
data
Size
18 kB (18464 bytes)
Hash
95decee888a65d2cfaaee8a255f47830
9a7e5c39bca2790f87cd8e3f93f40cb5618cb0d2
4e715dea210b8c96b51635b48e25eea956be09617041f31b6c69852870376d7d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe337b2fa-7f8d-45d1-9c3b-36a6e16363af.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13620
x-amzn-requestid: 0858cbd0-5965-477b-9d5f-015243f86e12
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ePk56F4JoAMF5Uw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b61b72-705a9ad403bb7795397926fd;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 00:36:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: DoKiNkOKV6r5zqczq2ckoyb9UJyMABXfyn6WE1NerYovg8yg-AeePQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 10:11:59 GMT
age: 32564
etag: "625cfd3806740998c859fef8c1153efea72f5342"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.6 kB (5578 bytes)
Hash
e832123ea0c92a446b5894e75efc86ae
bb438ca635b43819701067ef07a3d910ad29a0c7
e1b0c6cd873f304de15664f96af6b6914e13fbbfb3e2179ba43369e116446773

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5578
x-amzn-requestid: 93353c3e-1b26-424c-b4c6-0d113703edd6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eFvpBFGvIAMFobw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b22c9f-1d07cff31ae39320693642f0;Sampled=0
x-amzn-remapped-date: Mon, 02 Jan 2023 01:00:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vIFVXgt2RmoplkAVOtUrOkXj3LmhRw-XEPe7fugZ2-mv_iDY07XzUg==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 08:42:42 GMT
age: 37921
etag: "bb438ca635b43819701067ef07a3d910ad29a0c7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1787721-cbc0-4d0c-9ab8-c2bf14e3c622.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10064 bytes)
Hash
65a13b7b11843a364e80dbc2d54345ff
5b24f4bf17da840e61d96b0ed7452911539dbf67
8dea14e05eb2a0c850fe9441b605f50ec6206baf57da4293f2297cab0a82fe37

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1787721-cbc0-4d0c-9ab8-c2bf14e3c622.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10064
x-amzn-requestid: 7b970f82-e9fa-43e8-8757-60ae808a2cff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eP6kCEsSIAMFVBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b63e19-4884229c1545eef72380e7d2;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 03:03:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wWDCvYZY8VpfF4a5AWmjrZZx3vzUv7qWCz_g9vNlkMz5Sy3NaaWMVQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 03:33:10 GMT
age: 56493
etag: "5b24f4bf17da840e61d96b0ed7452911539dbf67"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82e9dc28-a1b8-4185-9eb1-6856bb670646.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10695 bytes)
Hash
3c0fd17757d97ed3b4570387623f465f
889b2e3d0db6f9bc03393ff59a5eb7bee816cac3
1035a9d3c973762adfc08529b59642c3839ef95a7e8cfcced63e61ec154ad092

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82e9dc28-a1b8-4185-9eb1-6856bb670646.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10695
x-amzn-requestid: ae69c1c3-22f6-49de-91ec-8e7a854e4b27
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eGCNWFo5IAMFUKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b24a55-75032a3e7ab3eb897382cad4;Sampled=0
x-amzn-remapped-date: Mon, 02 Jan 2023 03:07:01 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: kkpb41RwNIWi4GQrpRiCAGUGsFyv9v-lpjPdStHiI1KxfkRi4tFCOQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 b2d3922a177f6cecf9222a78a0a1ad32.cloudfront.net (CloudFront), 1.1 google
date: Fri, 06 Jan 2023 21:59:50 GMT
age: 76493
etag: "889b2e3d0db6f9bc03393ff59a5eb7bee816cac3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc669500c-8275-41bd-b6b4-d69a9275759e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.8 kB (9770 bytes)
Hash
ccdaacaeb226b8983f1b55d507ae524d
782045319594ae6857c39fd1b952e4d4751aab14
1e7c4ec9e00c156bb1e199b459c2c55bcff909e21718ae28458ab50413112aa6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc669500c-8275-41bd-b6b4-d69a9275759e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9770
x-amzn-requestid: eaf4c707-3e01-4438-8b4f-31206790e907
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eScvCHsHIAMFSXw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b74193-58158d857b40d7fd411f6c0c;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 21:30:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: efXBHjn8uw-4s557QTErT8Z1x4BS9ZW15fswtdR6us7cPNJxIqNeRQ==
via: 1.1 6ca7826fb0f4c565b1af9c7737725c48.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Fri, 06 Jan 2023 22:15:04 GMT
age: 75579
etag: "782045319594ae6857c39fd1b952e4d4751aab14"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

b.clarity.ms/collect

20.75.32.255

204 No Content

0 B

URL HTTP/2
b.clarity.ms/collect
IP
20.75.32.255:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 23383
Origin: https://easy-lay.com
Connection: keep-alive
Referer: https://easy-lay.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://easy-lay.com
access-control-allow-credentials: true
date: Sat, 07 Jan 2023 19:14:43 GMT
X-Firefox-Spdy: h2

b.clarity.ms/collect

20.75.32.255

204 No Content

0 B

URL HTTP/2
b.clarity.ms/collect
IP
20.75.32.255:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 561
Origin: https://easy-lay.com
Connection: keep-alive
Referer: https://easy-lay.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://easy-lay.com
access-control-allow-credentials: true
date: Sat, 07 Jan 2023 19:14:43 GMT
X-Firefox-Spdy: h2

b.clarity.ms/collect

20.75.32.255

204 No Content

0 B

URL HTTP/2
b.clarity.ms/collect
IP
20.75.32.255:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 74792
Origin: https://easy-lay.com
Connection: keep-alive
Referer: https://easy-lay.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://easy-lay.com
access-control-allow-credentials: true
date: Sat, 07 Jan 2023 19:14:47 GMT
X-Firefox-Spdy: h2

easy-lay.com/tt/16?affiliate_id=15001&sub1=jnob5r5lhpuk&sub2=422425&sub8=&sub7=42&source=242542&c1=arb|1037|

172.67.181.117

200 OK

0 B

URL HTTP/2
easy-lay.com/tt/16?affiliate_id=15001&sub1=jnob5r5lhpuk&sub2=422425&sub8=&sub7=42&source=242542&c1=arb|1037|
IP
172.67.181.117:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /tt/16?affiliate_id=15001&sub1=jnob5r5lhpuk&sub2=422425&sub8=&sub7=42&source=242542&c1=arb|1037| HTTP/1.1
Host: easy-lay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Sat, 07 Jan 2023 19:14:41 GMT
content-type: text/html; charset=UTF-8
set-cookie: hashid=1bf43b1c9f5d72d379a0825f8dfa93d3; expires=Sun, 07-Jan-2024 19:14:41 GMT; Max-Age=31536000; path=/
country=Norway; expires=Sun, 07-Jan-2024 19:14:41 GMT; Max-Age=31536000; path=/
region=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
country_code=no; expires=Sun, 07-Jan-2024 19:14:41 GMT; Max-Age=31536000; path=/
city=Oslo; expires=Sun, 07-Jan-2024 19:14:41 GMT; Max-Age=31536000; path=/
latitude=59.9127; expires=Sun, 07-Jan-2024 19:14:41 GMT; Max-Age=31536000; path=/
longitude=10.7461; expires=Sun, 07-Jan-2024 19:14:41 GMT; Max-Age=31536000; path=/
tour=16; expires=Tue, 06-Jan-2026 19:14:41 GMT; Max-Age=94608000; path=/
hashid=08a5943bbe5d14a0ec60fe92ce02af8f; expires=Sun, 07-Jan-2024 19:14:41 GMT; Max-Age=31536000; path=/
sub1=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
sub1=jnob5r5lhpuk; expires=Sun, 07-Jan-2024 19:14:41 GMT; Max-Age=31536000; path=/
sub2=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
sub2=422425; expires=Sun, 07-Jan-2024 19:14:41 GMT; Max-Age=31536000; path=/
sub3=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
sub4=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
sub5=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
sub6=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
sub7=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
sub7=42; expires=Sun, 07-Jan-2024 19:14:41 GMT; Max-Age=31536000; path=/
sub8=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
source=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
source=242542; expires=Sun, 07-Jan-2024 19:14:41 GMT; Max-Age=31536000; path=/
affiliate_id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
affiliate_id=15001; expires=Sun, 07-Jan-2024 19:14:41 GMT; Max-Age=31536000; path=/
cid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
mst=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
ot=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
st=1673118881; expires=Sun, 08-Jan-2023 19:14:41 GMT; Max-Age=86400; path=/
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wTFBY5RPTKES%2FE7cXdaGSyNnTI5losDj%2BD3LrRiwCwvFlnye8%2FdKxAO20egJAcCVY2wJu7%2B7kFMz4rOfYh6dtBrYT4ZSKPNGIsQpeBiK983mV5CA9KO7ezIM1tp%2BS9M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 785f048f1e7fb52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993

104.16.56.101

200 OK

0 B

URL HTTP/2
static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
IP
104.16.56.101:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://easy-lay.com
Connection: keep-alive
Referer: https://easy-lay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 07 Jan 2023 19:14:41 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2022.10.1
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 785f0490fbe11c02-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.googleoptimize.com/optimize.js?id=OPT-NN2R6FM

142.250.74.174

200 OK

0 B

URL HTTP/2
www.googleoptimize.com/optimize.js?id=OPT-NN2R6FM
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /optimize.js?id=OPT-NN2R6FM HTTP/1.1
Host: www.googleoptimize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://easy-lay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 07 Jan 2023 19:14:42 GMT
expires: Sat, 07 Jan 2023 19:14:42 GMT
cache-control: private, max-age=900
last-modified: Sat, 07 Jan 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45603
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.clarity.ms/tag/bvsqia2v2y?ref=gtm

13.107.238.53

200 OK

0 B

URL HTTP/2
www.clarity.ms/tag/bvsqia2v2y?ref=gtm
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /tag/bvsqia2v2y?ref=gtm HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://easy-lay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=75ab9f5ace4c4030963cad80fb717f4f.20230107.20240107; expires=Sun, 07 Jan 2024 19:14:43 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
x-cache: CONFIG_NOCACHE
x-azure-ref: 0o8S5YwAAAABRV2bUuApBQb2b5WWj++uxU1ZHMjBFREdFMDUxNQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Sat, 07 Jan 2023 19:14:42 GMT
X-Firefox-Spdy: h2

www.clarity.ms/eus2/s/0.7.1/clarity.js

13.107.238.53

200 OK

0 B

URL HTTP/2
www.clarity.ms/eus2/s/0.7.1/clarity.js
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /eus2/s/0.7.1/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://easy-lay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=86400
content-type: application/javascript;charset=utf-8
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d9162aa06b059e"
server: Microsoft-IIS/10.0
x-cache: TCP_HIT
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-azure-ref-originshield: 0WJe5YwAAAADhQMJIA/vsSaW5wCtN1YzrQU1TMDRFREdFMTkyMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-azure-ref: 0o8S5YwAAAAA0rGN1vafeSZMnIvmSFwI2U1ZHMjBFREdFMDUxNQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Sat, 07 Jan 2023 19:14:42 GMT
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (25)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP