Report - keepvid.works/

Report Overview

Submitted URL
keepvid.works/
IP
193.218.118.205
ASN
#207656 Epinatura LLC
Submitted
2022-11-06 14:59:15
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
18

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
offerimage.com	304078	2019-06-10T13:11:53Z	2023-03-10T12:35:45Z	847 B	56 kB	172.67.22.216
www.google.com	7	2015-05-10T13:11:19Z	2023-03-10T12:19:40Z	428 B	1.2 kB	142.250.74.164
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-10T05:09:10Z	3.4 kB	8.9 kB	23.36.77.32
maxcdn.bootstrapcdn.com	724	2014-06-18T02:37:31Z	2023-03-10T13:32:40Z	1.4 kB	67 kB	104.18.11.207
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-10T05:10:02Z	606 B	127 B	52.39.126.109
cultergoy.com	204237	2021-10-07T14:43:43Z	2023-03-07T20:25:04Z	383 B	1.4 kB	172.255.6.144
fleraprt.com	unknown	2022-01-14T23:55:14Z	2023-03-10T09:36:39Z	483 B	481 B	139.45.195.254
inpage-push.com	40496	2020-11-23T21:48:16Z	2023-03-10T08:03:49Z	5.6 kB	4.4 kB	139.45.197.239
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-10T13:35:34Z	370 B	21 kB	142.250.74.174
keepvid.works	unknown	2018-05-18T10:19:36Z	2023-03-08T21:55:42Z	6.5 kB	137 kB	193.218.118.205
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-10T05:11:10Z	2.4 kB	4.9 kB	142.250.74.35
my.rtmark.net	9054	2015-02-04T10:54:57Z	2023-03-10T07:03:43Z	380 B	742 B	139.45.195.8
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-10T05:10:04Z	3.2 kB	68 kB	34.120.237.76
www.gstatic.com	unknown	2016-07-26T11:37:06Z	2023-03-10T12:47:01Z	437 B	163 kB	142.250.74.163
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-10T14:37:36Z	472 B	16 kB	216.58.207.195
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-10T13:49:44Z	2.4 kB	4.8 kB	93.184.220.29
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-10T05:10:00Z	364 B	1.5 kB	34.102.187.140
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-10T05:10:00Z	333 B	229 B	34.117.237.239
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-10T14:35:32Z	680 B	1.9 kB	172.64.155.188
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-10T13:03:15Z	399 B	44 kB	142.250.74.168
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-10T05:12:35Z	413 B	5.8 kB	34.160.144.191
ajax.googleapis.com	12905	2013-08-16T11:51:31Z	2023-03-10T15:05:48Z	390 B	35 kB	142.250.74.74
tzegilo.com	unknown	2022-01-14T16:27:15Z	2023-03-10T09:14:07Z	355 B	6.4 kB	104.21.84.149

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-11-06	medium	cultergoy.com	Sinkholed
2022-11-06	medium	fleraprt.com	Sinkholed
2022-11-06	medium	inpage-push.com	Sinkholed
2022-11-06	medium	inpage-push.com	Sinkholed
2022-11-06	medium	inpage-push.com	Sinkholed
2022-11-06	medium	inpage-push.com	Sinkholed
2022-11-06	medium	inpage-push.com	Sinkholed
2022-11-06	medium	inpage-push.com	Sinkholed
2022-11-06	medium	inpage-push.com	Sinkholed

JavaScript (23)

	URL	Size	First Seen	Last Seen
	www.google.com/recaptcha/api2/anchor?ar=1&k=6LfoWsQcAAAAACyoTdC9goAzkfFl4WC11-Xhx1dv&co=aHR0cHM6Ly9rZWVwdmlkLndvcmtzOjQ0Mw..&hl=en&v=Ixi5IiChXmIG6rRkjUa1qXHT&size=invisible&cb=ikjw4v9hp0rg	69 B	2023-03-07	2024-04-20
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LfoWsQcAAAAACyoTdC9goAzkfFl4WC11-Xhx1dv&co=aHR0cHM6Ly9rZWVwdmlkLndvcmtzOjQ0Mw..&hl=en&v=Ixi5IiChXmIG6rRkjUa1qXHT&size=invisible&cb=ikjw4v9hp0rg IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-04-20 00:14:28 Times Seen99087 Hash 45ecf7458f42da80ac248ad42d610372 a5b3edf8328769bc754e6e616a957ceed4fdadd7 75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LfoWsQcAAAAACyoTdC9goAzkfFl4WC11-Xhx1dv&co=aHR0cHM6Ly9rZWVwdmlkLndvcmtzOjQ0Mw..&hl=en&v=Ixi5IiChXmIG6rRkjUa1qXHT&size=invisible&cb=ikjw4v9hp0rg	35 kB	2023-03-10	2023-03-10
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LfoWsQcAAAAACyoTdC9goAzkfFl4WC11-Xhx1dv&co=aHR0cHM6Ly9rZWVwdmlkLndvcmtzOjQ0Mw..&hl=en&v=Ixi5IiChXmIG6rRkjUa1qXHT&size=invisible&cb=ikjw4v9hp0rg IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 22:29:22 Last Seen2023-03-10 22:29:22 Times Seen1 Hash a2579aca48f0ad90a1dd660ed99fc254 18bc6f164532b624c13e19efcf3278de29929429 fa94d47e750de8ee5f0df31c85a088e5d59d977a98fa6bc5f285717fd1622589 Loading...

	www.gstatic.com/recaptcha/releases/Ixi5IiChXmIG6rRkjUa1qXHT/recaptcha__en.js	407 kB	2023-03-10	2023-03-17
Pretty URL www.gstatic.com/recaptcha/releases/Ixi5IiChXmIG6rRkjUa1qXHT/recaptcha__en.js IP 142.250.74.163 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 19:41:16 Last Seen2023-03-17 20:01:39 Times Seen1 Hash 35e20d99f31d725cd04ae5c18176a4cb 5388866755fc16c244bebd58fdc732a7035e0818 ac5e804e070b663bb35d913da74cb9d61aa24caa2135d0578f6b1b433b975761 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LfoWsQcAAAAACyoTdC9goAzkfFl4WC11-Xhx1dv&co=aHR0cHM6Ly9rZWVwdmlkLndvcmtzOjQ0Mw..&hl=en&v=Ixi5IiChXmIG6rRkjUa1qXHT&size=invisible&sa=submit&cb=3pkd811icvn9	35 kB	2023-03-10	2023-03-10
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LfoWsQcAAAAACyoTdC9goAzkfFl4WC11-Xhx1dv&co=aHR0cHM6Ly9rZWVwdmlkLndvcmtzOjQ0Mw..&hl=en&v=Ixi5IiChXmIG6rRkjUa1qXHT&size=invisible&sa=submit&cb=3pkd811icvn9 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 22:29:22 Last Seen2023-03-10 22:29:22 Times Seen1 Hash 681038be0f2d8e034515546b58fc49e4 41489f053628085a1a0727d5663e34aed7eb3891 fddb13102865df115c21789926594e9e3e685493278d32f5e85278b24555ef6c Loading...

	keepvid.works/socialsharekit/js/social-share-kit.min.js	6.4 kB	2023-03-07	2023-11-12
Pretty URL keepvid.works/socialsharekit/js/social-share-kit.min.js IP 193.218.118.205 ASN #207656 Epinatura LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:16:13 Last Seen2023-11-12 00:16:17 Times Seen24 Hash 3f1d24bfc2eca31517fef7536b0877d5 8ee6799aba7a49be8a639e5f2d3d483d8cdb9fe5 c5e0dfe7c67c57b81ccbe43199f96b6fb5c63a216b6bb4a8ca9de8d32d24a174 Loading...

	keepvid.works/v3/	71 B	2023-03-07	2023-03-11
Pretty URL keepvid.works/v3/ IP 193.218.118.205 ASN #207656 Epinatura LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:07:46 Last Seen2023-03-11 21:36:19 Times Seen1 Hash f3ef50e6852f5e34ba72b6bfe1824cc0 5995d93015a4c150af018d1a8ac3027f67c0b8a7 43fba03874763f70b92832d401c37147077074e7fd809fdd30fafa521786794d Loading...

	keepvid.works/v3/	340 B	2023-03-10	2023-03-10
Pretty URL keepvid.works/v3/ IP 193.218.118.205 ASN #207656 Epinatura LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 22:29:22 Last Seen2023-03-10 22:29:22 Times Seen1 Hash ac5976a905659cd151119eb4b329892c 27d00bb510957576e41030289e5dadbca816a6df 0c7a7fc2c73f40d2db9cb6739f5a5ff140f9e394b52df84ff0d1a94d82c111fe Loading...

	www.googletagmanager.com/gtag/js?id=UA-117141830-1&_=1667746742340	111 kB	2023-03-10	2023-03-10
Pretty URL www.googletagmanager.com/gtag/js?id=UA-117141830-1&_=1667746742340 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 22:29:22 Last Seen2023-03-10 22:29:22 Times Seen1 Hash 8f9d88aa966ee151e4d80680b1299f8a 7a274981556097824dbb219d638c292076cc433c 8cc0875bbe3f4a5d5b56c248185391338bbeba750282af55fb99b96583f891a0 Loading...

	inpage-push.com/400/4378921?_=1667746742337	82 kB	2023-03-10	2023-03-10
Pretty URL inpage-push.com/400/4378921?_=1667746742337 IP 139.45.197.239 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 22:29:22 Last Seen2023-03-10 22:29:22 Times Seen1 Hash 391fa9f397ebc140fafe2aa7ee5a7d95 5349a598ada5666b688cf03f41b049fc881c7708 1ce6ac853736bf30d2adb9121542b43191487a6deb71aaafe266f298853e99b9 Loading...

	unknown	0 B	2023-03-07	2024-04-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-20 05:36:23 Times Seen36969737 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-19
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-19 19:03:21 Times Seen1521 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	tzegilo.com/stattag.js	13 kB	2023-03-10	2023-03-11
Pretty URL tzegilo.com/stattag.js IP 104.21.84.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:53:52 Last Seen2023-03-11 19:05:14 Times Seen1 Hash 44c40fdee96d172d73fdb26f6258c3bf e0fddaf008b67747907ef3bfd11b679866d7a3df 3b791712086001011a3a913120c1bc35bb8238c72e9d3d0dba6f80b687e0d1f4 Loading...

	www.google.com/recaptcha/api.js?render=6LfoWsQcAAAAACyoTdC9goAzkfFl4WC11-Xhx1dv&_=1667746742339	884 B	2023-03-10	2023-03-10
Pretty URL www.google.com/recaptcha/api.js?render=6LfoWsQcAAAAACyoTdC9goAzkfFl4WC11-Xhx1dv&_=1667746742339 IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 22:29:22 Last Seen2023-03-10 22:29:22 Times Seen1 Hash c48b8f36df9ac9ff941a854343a238e3 d9414adb678e2907bfa98c9671f6c2f44411467c c717ccd0a105b93b7106efa78b3cf31d27d7c9b71b5665eccbbd989a3234f893 Loading...

	maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js	37 kB	2023-03-07	2024-04-20
Pretty URL maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js IP 104.18.11.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-04-20 00:16:23 Times Seen54370 Hash 5869c96cc8f19086aee625d670d741f9 430a443d74830fe9be26efca431f448c1b3740f9 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js	97 kB	2023-03-07	2024-04-19
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js IP 142.250.74.74 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-19 19:14:44 Times Seen118542 Hash 4f252523d4af0b478c810c2547a63e19 5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Loading...

	keepvid.works/keepvid.js?v20011023	6.5 kB	2023-03-10	2023-03-11
Pretty URL keepvid.works/keepvid.js?v20011023 IP 193.218.118.205 ASN #207656 Epinatura LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 22:29:22 Last Seen2023-03-11 21:36:19 Times Seen1 Hash 3f9ac397031cfd5eee2986e4fb6e018f cdcce646c76cc90daf515d8ff1b22a5268051222 cdac82cfb97a4357c55588586484375dc769936752b86dec5f98977075c93efb Loading...

	keepvid.works/jquery-ui.min.js	32 kB	2023-03-07	2023-11-12
Pretty URL keepvid.works/jquery-ui.min.js IP 193.218.118.205 ASN #207656 Epinatura LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:07:46 Last Seen2023-11-12 00:16:17 Times Seen13 Hash 288ec85a6bf5b67aa5b514e38e36939a 973d2f903b05f14c574a8443b8fbf226ef494d2e ebd9b012f2a01a5a059c5d435303366fb11c383fb3b07b045e5547c8978f6e4e Loading...

		Size	First Seen	Last Seen
	#1 Eval - 41b07ca0c056b6bd459fe6ad2d8150b5	16 kB	2023-03-10	2023-03-10
Pretty Observations First Seen2023-03-10 22:29:22 Last Seen2023-03-10 22:29:22 Times Seen1 Hash 41b07ca0c056b6bd459fe6ad2d8150b5 6b844ca9905d682bd44afbf43aefc63128022c6f 6af8e7ba4184855c42eb460f882d8d92f51c2d6f6f9b31f93cefde79c50b7eb2 Loading...

	#2 Eval - 6d9348cf910a7e6ba5c56c2cfd354365	16 kB	2023-03-10	2023-03-17
Pretty Observations First Seen2023-03-10 21:13:43 Last Seen2023-03-17 20:01:39 Times Seen1 Hash 6d9348cf910a7e6ba5c56c2cfd354365 13b3fa128c5d0dc7e80f3c872a46d2148e0526f7 8ba8531bf15181c2d28041af9b73730380934c867679c2f674cc0e92fe5f5210 Loading...

	#3 Eval - dccc651f8a5d2fa27ab25f5f9f21655d	18 kB	2023-03-10	2023-03-10
Pretty Observations First Seen2023-03-10 22:29:22 Last Seen2023-03-10 22:29:22 Times Seen1 Hash dccc651f8a5d2fa27ab25f5f9f21655d 81b925a31b0a1340bd64e7ac65c91784567c3dd0 7e7e640d0721c92a57a5f5ea92655eef4640d8a7db1e7edb5284f9fa9e811d52 Loading...

	#4 Eval - 972791a40a0b0aad93485a7dabcb71d3	22 B	2023-03-10	2023-03-17
Pretty Observations First Seen2023-03-10 21:13:43 Last Seen2023-03-17 20:01:39 Times Seen1 Hash 972791a40a0b0aad93485a7dabcb71d3 7fa1c103a2b4a826e36f52fca2a43543af24eef3 dfd55ef42c15d74a48aa4c0b0642d8bddc365525fd97a979d61196d132fee637 Loading...

	#5 Eval - ddf6eeee8203e46b6e69d5d7544a3482	60 B	2023-03-10	2023-03-17
Pretty Observations First Seen2023-03-10 21:13:43 Last Seen2023-03-17 20:01:39 Times Seen1 Hash ddf6eeee8203e46b6e69d5d7544a3482 9176e8e2889cd92aeb8516366f8200ab6c5f2b1a 50a742b79bde52a21cb0dd6297bfcc215de7930f03dd910c5b60b863723c79fc Loading...

	#6 Eval - 223d98f30d680e5b6fea33ac4a708b03	22 B	2023-03-10	2023-03-17
Pretty Observations First Seen2023-03-10 21:13:43 Last Seen2023-03-17 20:01:39 Times Seen1 Hash 223d98f30d680e5b6fea33ac4a708b03 cbe512391f2c8c2e38e50a1ad68211173de16bce cbaa1253a51917af7651b4fa25dbaea52f5e10e8bc256a3e553c0657927ca13d Loading...

HTTP Transactions (73)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c7a8ba48383a0e56baca8c8c41b81a04
b04c1f1e730a71f17ff639c9db697c532d4e5421
7860552382285e6eddddc5226c6f6400caa3f6fc3cb4b8a2d550c6fc653f78bb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7860552382285E6EDDDDC5226C6F6400CAA3F6FC3CB4B8A2D550C6FC653F78BB"
Last-Modified: Sun, 06 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14381
Expires: Sun, 06 Nov 2022 18:58:44 GMT
Date: Sun, 06 Nov 2022 14:59:03 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
05978511215be8462d0b69e33b3a91a3
61535ba131d547f1c5108d9e7763ee3fc8d8c824
cfdbf0f9e88e3c1ae8eb03e46c352633a75d4b2edbfbd57c1c6b52ff1623a109

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1909
Cache-Control: max-age=158629
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:59:03 GMT
Etag: "63678ce7-1d7"
Expires: Tue, 08 Nov 2022 11:02:52 GMT
Last-Modified: Sun, 06 Nov 2022 10:31:03 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
05978511215be8462d0b69e33b3a91a3
61535ba131d547f1c5108d9e7763ee3fc8d8c824
cfdbf0f9e88e3c1ae8eb03e46c352633a75d4b2edbfbd57c1c6b52ff1623a109

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2578
Cache-Control: max-age=159298
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:59:03 GMT
Etag: "63678ce7-1d7"
Expires: Tue, 08 Nov 2022 11:14:01 GMT
Last-Modified: Sun, 06 Nov 2022 10:31:03 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9a21dcd6794c5ba4178522096f695511
d731cf49db5e048d0d820d5cee03417cdd8c1c7b
c4981ce849fcfce045d1c9eeb2978767d87fcbf6087626f3d6541ec8b1938a37

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C4981CE849FCFCE045D1C9EEB2978767D87FCBF6087626F3D6541EC8B1938A37"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7146
Expires: Sun, 06 Nov 2022 16:58:09 GMT
Date: Sun, 06 Nov 2022 14:59:03 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
4736bac84ca28f2b1e961159fb4ea098
1319612979f53896fcfeacd4215c2715d4951e4c
5e81213e111ddf68c7f884f72b4e06fc4dc95eb902c3cf0762236b2418840dba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
Alt-Used: 0

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Length, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 06 Nov 2022 14:43:13 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 950
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: Ns7WXTvdz3qVfWkxBR2Eva1yhDDak9qSFyl9fkj0Pitub3EvwoSMMsPjQEjgil9rIVWPCHrVqCM=
x-amz-request-id: W3SDB4BRFHK96K3D
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 06 Nov 2022 14:47:40 GMT
age: 683
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:59:03 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

keepvid.works/

193.218.118.205

301 Moved Permanently

162 B

URL HTTP/1.1
keepvid.works/
IP
193.218.118.205:0
ASN
#207656 Epinatura LLC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET / HTTP/1.1
Host: keepvid.works
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 06 Nov 2022 14:59:03 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://keepvid.works/

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a2a89bd7f11809155332a66be3cf05c1
e525548763d7010985051142e0eb30cd09d1e7be
f03c09936646c389c9ebc0b988b225cbd35592165220fc5f1a95b91ae49feefa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F03C09936646C389C9EBC0B988B225CBD35592165220FC5F1A95B91AE49FEEFA"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10462
Expires: Sun, 06 Nov 2022 17:53:25 GMT
Date: Sun, 06 Nov 2022 14:59:03 GMT
Connection: keep-alive

keepvid.works/

193.218.118.205

301 Moved Permanently

162 B

URL HTTP/1.1
keepvid.works/
IP
193.218.118.205:0
ASN
#207656 Epinatura LLC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET / HTTP/1.1
Host: keepvid.works
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 06 Nov 2022 14:59:03 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://keepvid.works/v3/

keepvid.works/v3/

193.218.118.205

200 OK

9.0 kB

URL HTTP/1.1
keepvid.works/v3/
IP
193.218.118.205:0
ASN
#207656 Epinatura LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (564), with CRLF, LF line terminators
Size
9.0 kB (9025 bytes)
Hash
019f566841cf586962c12f715782458b
6c36422b4d0058fdecb86f3c04e6d7e92ee621f6
6886e48b56ac078436ecb5f8dabcc57a0e337bc7982ab754ff0e919e5bbdda7e

HTTP Headers

GET /v3/ HTTP/1.1
Host: keepvid.works
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 14:59:04 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=un09ent466def4utn1inkt85mt; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d862f992e9902530594e7aca425f129b
25b414fe833d30b52928535d659a1ee281b82e3a
0c6286152fe8bb5fdf1505f2001d530a65ee53aa6d9601bbb1eecb683036071d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5046
Cache-Control: max-age=156713
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:59:04 GMT
Etag: "6367792b-1d7"
Expires: Tue, 08 Nov 2022 10:30:57 GMT
Last-Modified: Sun, 06 Nov 2022 09:06:51 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
7bb75cda180838bb141d84bc6237047c
3bfc21e05d99392259a744b8b6246c4e87c121f4
97b56f9370203a7d906a51562dc75f23414138e8d82423410bce14ac5c1fcca2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2346
Cache-Control: max-age=142875
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:59:04 GMT
Etag: "63674daa-117"
Expires: Tue, 08 Nov 2022 06:40:19 GMT
Last-Modified: Sun, 06 Nov 2022 06:01:14 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
7bb75cda180838bb141d84bc6237047c
3bfc21e05d99392259a744b8b6246c4e87c121f4
97b56f9370203a7d906a51562dc75f23414138e8d82423410bce14ac5c1fcca2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3970
Cache-Control: max-age=144500
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:59:04 GMT
Etag: "63674daa-117"
Expires: Tue, 08 Nov 2022 07:07:24 GMT
Last-Modified: Sun, 06 Nov 2022 06:01:14 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 279

keepvid.works/default.css?v000012

193.218.118.205

200 OK

6.9 kB

URL HTTP/1.1
keepvid.works/default.css?v000012
IP
193.218.118.205:0
ASN
#207656 Epinatura LLC

File type
assembler source, ASCII text, with CRLF line terminators
Size
6.9 kB (6872 bytes)
Hash
048d885d5213ad5c9992d559a73ae2ad
a5ed732abeeb2eca805448273fc9a9150b2590ae
fbe0a51470b60a1afac1ce2c1ad37162316cc4f574b0bef5041cdea1006eca71

HTTP Headers

GET /default.css?v000012 HTTP/1.1
Host: keepvid.works
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keepvid.works/v3/
Cookie: PHPSESSID=un09ent466def4utn1inkt85mt
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 14:59:04 GMT
Content-Type: text/css
Content-Length: 6872
Last-Modified: Wed, 21 Sep 2022 21:10:39 GMT
Connection: keep-alive
ETag: "632b7dcf-1ad8"
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3ebbd65a2bdd5c6f3dea5a6b99b25f0d
484be27b25b736a7e7e2b1d5ef9760aecdcec01b
5616e6c097b0b7680eeee193b58950faa38c9792e8793c16c315e2554a34cdd1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:59:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

104.18.11.207

200 OK

10 kB

URL HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
IP
104.18.11.207:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (32033)
Size
10 kB (10534 bytes)
Hash
f1d4abdd419028234b78bf98c6e60897
ef5dcee3a1b37e96a8aceec9a9f8fb73bf55b0fe
8310758e66d7f80c56ddaf505fb6e7add6ea6f25f2236f6b48ef3ac96e0f6dfd

HTTP Headers

GET /bootstrap/3.3.7/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://keepvid.works
Connection: keep-alive
Referer: https://keepvid.works/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 06 Nov 2022 14:59:04 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-cachedat: 12/13/2021 20:18:53
cdn-edgestorageid: 755
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-proxyver: 1.02
cdn-requestid: 2c7a069c589a7687b380401b478c3e7a
cdn-cache: HIT
cf-cache-status: HIT
age: 13193166
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 765eb0df4e7db4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

142.250.74.74

200 OK

34 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (32077)
Size
34 kB (33951 bytes)
Hash
fd2b58574f9637ba7ef639267349d848
6eda5ea93f549ceb5693f6f1c038893fa56a510d
75627d4b97e5e6294a8f88f5eeaf9b616696dc8600db9701c47ef05f067880ec

HTTP Headers

GET /ajax/libs/jquery/1.12.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keepvid.works/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33951
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Nov 2022 17:11:14 GMT
expires: Thu, 02 Nov 2023 17:11:14 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 337670
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

keepvid.works/socialsharekit/js/social-share-kit.min.js

193.218.118.205

200 OK

6.4 kB

URL HTTP/1.1
keepvid.works/socialsharekit/js/social-share-kit.min.js
IP
193.218.118.205:0
ASN
#207656 Epinatura LLC

File type
ASCII text, with very long lines (6112)
Size
6.4 kB (6380 bytes)
Hash
3f1d24bfc2eca31517fef7536b0877d5
8ee6799aba7a49be8a639e5f2d3d483d8cdb9fe5
c5e0dfe7c67c57b81ccbe43199f96b6fb5c63a216b6bb4a8ca9de8d32d24a174

HTTP Headers

GET /socialsharekit/js/social-share-kit.min.js HTTP/1.1
Host: keepvid.works
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keepvid.works/v3/
Cookie: PHPSESSID=un09ent466def4utn1inkt85mt
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 14:59:04 GMT
Content-Type: application/javascript
Content-Length: 6380
Last-Modified: Fri, 21 May 2021 01:40:41 GMT
Connection: keep-alive
ETag: "60a70f99-18ec"
Accept-Ranges: bytes

maxcdn.bootstrapcdn.com/bootstrap/3.3.7/fonts/glyphicons-halflings-regular.woff2

104.18.11.207

200 OK

18 kB

URL HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/fonts/glyphicons-halflings-regular.woff2
IP
104.18.11.207:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 18028, version 1.589\012- data
Size
18 kB (18028 bytes)
Hash
448c34a56d699c29117adc64c43affeb
ca35b697d99cae4d1b60f2d60fcd37771987eb07
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

HTTP Headers

GET /bootstrap/3.3.7/fonts/glyphicons-halflings-regular.woff2 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://keepvid.works
Connection: keep-alive
Referer: https://maxcdn.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 06 Nov 2022 14:59:04 GMT
content-type: font/woff2
content-length: 18028
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "448c34a56d699c29117adc64c43affeb"
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-cachedat: 08/20/2022 02:30:41
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 864
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 49efa2d8b53406249af2d412c6207e9b
cdn-cache: HIT
cf-cache-status: HIT
age: 2093221
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 765eb0dfaf09b4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b8988c44d656e4521aa7d84091f926d3
debd55429e2a0f0bcd257201f2efe00d2e7ed35f
e04704fa687f5daa90436f47c59fabadc7779f604a68cef3baf6b97a0bc5e92b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:59:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

keepvid.works/socialsharekit/css/social-share-kit.css

193.218.118.205

200 OK

13 kB

URL HTTP/1.1
keepvid.works/socialsharekit/css/social-share-kit.css
IP
193.218.118.205:0
ASN
#207656 Epinatura LLC

File type
ASCII text, with very long lines (12395)
Size
13 kB (12656 bytes)
Hash
f77336d9604ac9760c94fa0c181c40d3
7024aa84addfb5d542fe76d56a939e3a141cf0fa
8999b18b7b370af9fef7fc290a2861914ad02219d63e51f958870e54e4e54167

HTTP Headers

GET /socialsharekit/css/social-share-kit.css HTTP/1.1
Host: keepvid.works
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keepvid.works/v3/
Cookie: PHPSESSID=un09ent466def4utn1inkt85mt
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 14:59:04 GMT
Content-Type: text/css
Content-Length: 12656
Last-Modified: Fri, 21 May 2021 01:40:37 GMT
Connection: keep-alive
ETag: "60a70f95-3170"
Accept-Ranges: bytes

keepvid.works/keepvid.js?v20011023

193.218.118.205

200 OK

6.5 kB

URL HTTP/1.1
keepvid.works/keepvid.js?v20011023
IP
193.218.118.205:0
ASN
#207656 Epinatura LLC

File type
ASCII text, with CRLF line terminators
Size
6.5 kB (6549 bytes)
Hash
3f9ac397031cfd5eee2986e4fb6e018f
cdcce646c76cc90daf515d8ff1b22a5268051222
cdac82cfb97a4357c55588586484375dc769936752b86dec5f98977075c93efb

HTTP Headers

GET /keepvid.js?v20011023 HTTP/1.1
Host: keepvid.works
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keepvid.works/v3/
Cookie: PHPSESSID=un09ent466def4utn1inkt85mt
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 14:59:04 GMT
Content-Type: application/javascript
Content-Length: 6549
Last-Modified: Thu, 06 Oct 2022 01:53:59 GMT
Connection: keep-alive
ETag: "633e3537-1995"
Accept-Ranges: bytes

push.services.mozilla.com/

52.39.126.109

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.39.126.109:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Ls7oornAxRO1B8An6zFKlA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: uqq1qZNBcKsMpeKmM523ttIAAig=

keepvid.works/jquery-ui.min.css

193.218.118.205

200 OK

17 kB

URL HTTP/1.1
keepvid.works/jquery-ui.min.css
IP
193.218.118.205:0
ASN
#207656 Epinatura LLC

File type
ASCII text, with very long lines (15374)
Size
17 kB (16753 bytes)
Hash
35c627bf11e7b7fb371ab525fd75211c
c3c5989d658e933a48487eccd06694aede3a55b0
7824372caba242b82f290f8cff1966601ffc052c2f66cc1fb26d02cfd014a72f

HTTP Headers

GET /jquery-ui.min.css HTTP/1.1
Host: keepvid.works
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keepvid.works/v3/
Cookie: PHPSESSID=un09ent466def4utn1inkt85mt
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 14:59:04 GMT
Content-Type: text/css
Content-Length: 16753
Last-Modified: Fri, 21 May 2021 01:40:19 GMT
Connection: keep-alive
ETag: "60a70f83-4171"
Accept-Ranges: bytes

keepvid.works/jquery-ui.min.js

193.218.118.205

200 OK

32 kB

URL HTTP/1.1
keepvid.works/jquery-ui.min.js
IP
193.218.118.205:0
ASN
#207656 Epinatura LLC

File type
ASCII text, with very long lines (31929)
Size
32 kB (32162 bytes)
Hash
288ec85a6bf5b67aa5b514e38e36939a
973d2f903b05f14c574a8443b8fbf226ef494d2e
ebd9b012f2a01a5a059c5d435303366fb11c383fb3b07b045e5547c8978f6e4e

HTTP Headers

GET /jquery-ui.min.js HTTP/1.1
Host: keepvid.works
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keepvid.works/v3/
Cookie: PHPSESSID=un09ent466def4utn1inkt85mt
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 14:59:04 GMT
Content-Type: application/javascript
Content-Length: 32162
Last-Modified: Fri, 21 May 2021 01:40:19 GMT
Connection: keep-alive
ETag: "60a70f83-7da2"
Accept-Ranges: bytes

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e934aac9a8fa06a4278006ad782db92c
b6cb5c219b47ae8c3de1da16dcaa58fa6325e734
4b69146edfabceb5ccbf8257849ced0f7004384cae0083b0b100fc2273a42adc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B69146EDFABCEB5CCBF8257849CED0F7004384CAE0083B0B100FC2273A42ADC"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3158
Expires: Sun, 06 Nov 2022 15:51:42 GMT
Date: Sun, 06 Nov 2022 14:59:04 GMT
Connection: keep-alive

keepvid.works/images/keepvid-works-log-icon.png

193.218.118.205

200 OK

4.1 kB

URL HTTP/1.1
keepvid.works/images/keepvid-works-log-icon.png
IP
193.218.118.205:0
ASN
#207656 Epinatura LLC

File type
PNG image data, 64 x 64, 8-bit/color RGB, non-interlaced\012- data
Size
4.1 kB (4140 bytes)
Hash
a02a3ad140113b95abd404a2f8367d34
9881b9b13240821eb309b80eade893f00265d287
dd3b1ba52ff77fd3e8462862d2d27af322e800cb003027e925139ab8373c8429

HTTP Headers

GET /images/keepvid-works-log-icon.png HTTP/1.1
Host: keepvid.works
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keepvid.works/v3/
Cookie: PHPSESSID=un09ent466def4utn1inkt85mt
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 14:59:04 GMT
Content-Type: image/png
Content-Length: 4140
Last-Modified: Fri, 21 May 2021 01:40:43 GMT
Connection: keep-alive
ETag: "60a70f9b-102c"
Accept-Ranges: bytes

keepvid.works/socialsharekit/fonts/social-share-kit.woff

193.218.118.205

200 OK

7.2 kB

URL HTTP/1.1
keepvid.works/socialsharekit/fonts/social-share-kit.woff
IP
193.218.118.205:0
ASN
#207656 Epinatura LLC

File type
Web Open Font Format, CFF, length 7160, version 1.0\012- data
Size
7.2 kB (7160 bytes)
Hash
8a2ad25bbd5fa27b1c0416768aed10a3
d650e29cea9d132b5e84be07c8b30e1a76851dbc
0458fa0033848d1a830c91ade83e2692154c2e9836eaf7974fd4803d656f6efc

HTTP Headers

GET /socialsharekit/fonts/social-share-kit.woff HTTP/1.1
Host: keepvid.works
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://keepvid.works/socialsharekit/css/social-share-kit.css
Cookie: PHPSESSID=un09ent466def4utn1inkt85mt
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 14:59:04 GMT
Content-Type: application/font-woff
Content-Length: 7160
Last-Modified: Fri, 21 May 2021 01:40:38 GMT
Connection: keep-alive
ETag: "60a70f96-1bf8"
Accept-Ranges: bytes

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
ba5d09c54b98bfc2c7b5f15103e025c4
4aa7eb9e5615c168c0cd80234a6c96836b6024c1
d955461da6913fb1575a92808feef634015a734963f2e438ac968ba1dd69b1b7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5313
Cache-Control: max-age=154103
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:59:04 GMT
Etag: "63676dee-117"
Expires: Tue, 08 Nov 2022 09:47:27 GMT
Last-Modified: Sun, 06 Nov 2022 08:18:54 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 279

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cdd76f81219a3cf33b743d01ee7dc7c5
66dfad3716c75c3e584317ce99fd6fd2bd6c5911
b3acc1bf049ac974c3e91b2cc134a2181f8f0583a9958da82462be33c9b71f60

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B3ACC1BF049AC974C3E91B2CC134A2181F8F0583A9958DA82462BE33C9B71F60"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6618
Expires: Sun, 06 Nov 2022 16:49:22 GMT
Date: Sun, 06 Nov 2022 14:59:04 GMT
Connection: keep-alive

tzegilo.com/stattag.js

104.21.84.149

200 OK

5.5 kB

URL HTTP/2
tzegilo.com/stattag.js
IP
104.21.84.149:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (13017), with no line terminators
Size
5.5 kB (5518 bytes)
Hash
48461a692fba258066a572055089238f
85cc1f065232bb194afdb00600e3b118a6ad97bc
855491d7af9082a01b3bfa8e6aa0fc1cb954965d25002fd02525703553e1f9fb

HTTP Headers

GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keepvid.works/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 06 Nov 2022 14:59:04 GMT
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 14:05:58 GMT
etag: W/"634eb2c6-32d9"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 5769
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RB6fRULFqfstk49jyIfTAQVTFdG%2FW%2FdHGUH8Ozuuphe3FT4aJQLkTSim2d9%2FyqbyU2yE9jcGejUr5J2K%2FuzVN1WdigKcTr4GR4suplTYaQ6PRFICuBrcSWjkyFf%2FIA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 765eb0e26a39b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cultergoy.com/gkIGMdszupsFyd/32220?_=1667746742338

172.255.6.144

200 OK

26 B

URL HTTP/1.1
cultergoy.com/gkIGMdszupsFyd/32220?_=1667746742338
IP
172.255.6.144:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with no line terminators
Size
26 B (26 bytes)
Hash
4e5d65669f8dcd928dad06adf883f025
d771713d758c3348dd7e5b38bb40c7935399ae46
0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /gkIGMdszupsFyd/32220?_=1667746742338 HTTP/1.1
Host: cultergoy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keepvid.works/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 14:59:04 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://keepvid.works
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Mon, 07-Nov-2022 14:59:04 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjM0KgkAYRW0qSwrjQg%2FQC2T%2Fi7bVMnThAwxmXzFg84kz%2FdjTpwbR5nI4cK7jOGLsQ6gcw%2B0i2M6D9TJYbNZoX4khwgjDlO%2FaFqXUyY3ghlw8kxJuQVfFGmK%2BwuDLMuUzoRtG0z%2FXRIPIZDzZ1z8lOqmqt1bwav52vaprXFuZHP4uU69JzNndVi8GniYrTU50hrdPThnNDvER%2Fs82H24LfWVkXvCrrHhk1Y3erEny5WLIVqr1cMUHDLFHVQ%3D%3D; expires=Mon, 07-Nov-2022 14:59:04 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

keepvid.works/sworker.js

193.218.118.205

200 OK

2.6 kB

URL HTTP/1.1
keepvid.works/sworker.js
IP
193.218.118.205:0
ASN
#207656 Epinatura LLC

File type
ASCII text, with CRLF line terminators
Size
2.6 kB (2569 bytes)
Hash
43f1d717adda4b92e8a1617d1dba6db7
1c123108bebf3e912cb47addf84fe5e740644319
4e79575cba19bc26c6187176a643bef1430f42e8f60d1f4ef4d7d1590842b90a

HTTP Headers

GET /sworker.js HTTP/1.1
Host: keepvid.works
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: PHPSESSID=un09ent466def4utn1inkt85mt
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 14:59:04 GMT
Content-Type: application/javascript
Content-Length: 2569
Last-Modified: Mon, 11 Oct 2021 21:31:20 GMT
Connection: keep-alive
ETag: "6164ad28-a09"
Accept-Ranges: bytes

keepvid.works/images/keepvid-works-logo.jpg

193.218.118.205

200 OK

18 kB

URL HTTP/1.1
keepvid.works/images/keepvid-works-logo.jpg
IP
193.218.118.205:0
ASN
#207656 Epinatura LLC

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 400x400, components 3\012- data
Size
18 kB (18174 bytes)
Hash
bfd17b1e1bc18fbe6d315e26a1fddd89
e16e2f3e4960682f9a5532c406fced608df3e636
e4e18c0c927ef0a4a72f46210c2ea101667fce2af21733ff1a47380ee87c27d3

HTTP Headers

GET /images/keepvid-works-logo.jpg HTTP/1.1
Host: keepvid.works
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keepvid.works/v3/
Cookie: PHPSESSID=un09ent466def4utn1inkt85mt
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 14:59:04 GMT
Content-Type: image/jpeg
Content-Length: 18174
Last-Modified: Fri, 21 May 2021 01:40:44 GMT
Connection: keep-alive
ETag: "60a70f9c-46fe"
Accept-Ranges: bytes

keepvid.works/favicon.ico

193.218.118.205

200 OK

1.2 kB

URL HTTP/1.1
keepvid.works/favicon.ico
IP
193.218.118.205:0
ASN
#207656 Epinatura LLC

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
935d2c6261d0c700d3ff899e8f8b72ad
59fc194d76c8ae3383d507a3e880740b840a0e7e
5666e4ed23ccc309458d3815bd48bd2dc1e390e5e600e521c0b140ca41211173

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: keepvid.works
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keepvid.works/v3/
Cookie: PHPSESSID=un09ent466def4utn1inkt85mt
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 14:59:04 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 21 May 2021 01:40:18 GMT
Connection: keep-alive
ETag: "60a70f82-47e"
Accept-Ranges: bytes

keepvid.works/v3/

193.218.118.205

200 OK

9.0 kB

URL HTTP/1.1
keepvid.works/v3/
IP
193.218.118.205:0
ASN
#207656 Epinatura LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (564), with CRLF, LF line terminators
Size
9.0 kB (9025 bytes)
Hash
019f566841cf586962c12f715782458b
6c36422b4d0058fdecb86f3c04e6d7e92ee621f6
6886e48b56ac078436ecb5f8dabcc57a0e337bc7982ab754ff0e919e5bbdda7e

HTTP Headers

GET /v3/ HTTP/1.1
Host: keepvid.works
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://keepvid.works/sworker.js
Connection: keep-alive
Cookie: PHPSESSID=un09ent466def4utn1inkt85mt
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 14:59:05 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
4a071aba7e415d8fef076431afd5cf35
8fd4984046851a3fbd44b60e5449652a5e35d831
3b524ec5ba4cdb23f5859fa31bc06ecd94546bfd31545db0f262355503d95088

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 14:59:05 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 03 Nov 2022 12:52:20 GMT
Expires: Thu, 10 Nov 2022 12:52:19 GMT
Etag: "8fd4984046851a3fbd44b60e5449652a5e35d831"
Cache-Control: max-age=337393,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 765eb0e36c0db527-OSL

fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f

139.45.195.254

200 OK

12 B

URL HTTP/1.1
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP
139.45.195.254:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 895
Origin: https://keepvid.works
Connection: keep-alive
Referer: https://keepvid.works/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sun, 06 Nov 2022 14:59:07 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://keepvid.works
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
4410e0283900e769c122cfbcbdbed143
c5588f7f402a41c39405d7459367eadb893fafaf
c9943eb8c4b659d1f5adf76a2d36b70f4ab306c5831b469e07b0fa822056f2b5

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 14:59:05 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 03 Nov 2022 18:25:20 GMT
Expires: Thu, 10 Nov 2022 18:25:19 GMT
Etag: "c5588f7f402a41c39405d7459367eadb893fafaf"
Cache-Control: max-age=357373,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 765eb0e419fab51e-OSL

my.rtmark.net/gid.js

139.45.195.8

200 OK

65 B

URL HTTP/2
my.rtmark.net/gid.js
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
18ccab4aec586681665977df4a11b92e
2993e3b37a676394d2a545ff0c90c7890e8acee3
6aae1de038f4fb2728ab093099ee5efc766d42476a754d659a41f06dcaeb2c03

HTTP Headers

GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://keepvid.works
Connection: keep-alive
Referer: https://keepvid.works/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:59:05 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://keepvid.works
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=cb9274f38038477bb3515a38479f7c39; expires=Mon, 06 Nov 2023 14:59:05 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

inpage-push.com/500/4378921?excludes=&oaid=cb9274f38038477bb3515a38479f7c39&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fkeepvid.works%2Fv3%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

139.45.197.239

200 OK

0 B

URL HTTP/2
inpage-push.com/500/4378921?excludes=&oaid=cb9274f38038477bb3515a38479f7c39&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fkeepvid.works%2Fv3%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.239:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

OPTIONS /500/4378921?excludes=&oaid=cb9274f38038477bb3515a38479f7c39&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fkeepvid.works%2Fv3%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: inpage-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://keepvid.works/
Origin: https://keepvid.works
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:59:05 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://keepvid.works
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2e37c89a5a7f608a21ac42b87ee0f7fc
55132fb03671e178b7e186da48ac7e02d6e96e23
6d71b8c1578f69619e174e61fbe9c92de7df4563e4a413b7b3d1be229f464df2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6D71B8C1578F69619E174E61FBE9C92DE7DF4563E4A413B7B3D1BE229F464DF2"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6948
Expires: Sun, 06 Nov 2022 16:54:53 GMT
Date: Sun, 06 Nov 2022 14:59:05 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2e37c89a5a7f608a21ac42b87ee0f7fc
55132fb03671e178b7e186da48ac7e02d6e96e23
6d71b8c1578f69619e174e61fbe9c92de7df4563e4a413b7b3d1be229f464df2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6D71B8C1578F69619E174E61FBE9C92DE7DF4563E4A413B7B3D1BE229F464DF2"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6948
Expires: Sun, 06 Nov 2022 16:54:53 GMT
Date: Sun, 06 Nov 2022 14:59:05 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2e37c89a5a7f608a21ac42b87ee0f7fc
55132fb03671e178b7e186da48ac7e02d6e96e23
6d71b8c1578f69619e174e61fbe9c92de7df4563e4a413b7b3d1be229f464df2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6D71B8C1578F69619E174E61FBE9C92DE7DF4563E4A413B7B3D1BE229F464DF2"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6948
Expires: Sun, 06 Nov 2022 16:54:53 GMT
Date: Sun, 06 Nov 2022 14:59:05 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2e37c89a5a7f608a21ac42b87ee0f7fc
55132fb03671e178b7e186da48ac7e02d6e96e23
6d71b8c1578f69619e174e61fbe9c92de7df4563e4a413b7b3d1be229f464df2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6D71B8C1578F69619E174E61FBE9C92DE7DF4563E4A413B7B3D1BE229F464DF2"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6948
Expires: Sun, 06 Nov 2022 16:54:53 GMT
Date: Sun, 06 Nov 2022 14:59:05 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2e37c89a5a7f608a21ac42b87ee0f7fc
55132fb03671e178b7e186da48ac7e02d6e96e23
6d71b8c1578f69619e174e61fbe9c92de7df4563e4a413b7b3d1be229f464df2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6D71B8C1578F69619E174E61FBE9C92DE7DF4563E4A413B7B3D1BE229F464DF2"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6948
Expires: Sun, 06 Nov 2022 16:54:53 GMT
Date: Sun, 06 Nov 2022 14:59:05 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5cee1982-fead-41ba-9720-19ae491d0af1.webp

34.120.237.76

200 OK

8.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5cee1982-fead-41ba-9720-19ae491d0af1.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.3 kB (8309 bytes)
Hash
3929fb3c2f0dad9409e9b247ab891518
b8f906e9e3c3addf73e2d387c7238dc1ffe0bb28
64822bf90b140698a0043ea76542823a55daf3bb6ad1b6b3ba972c7fbb256bb5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5cee1982-fead-41ba-9720-19ae491d0af1.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8309
x-amzn-requestid: 377e4474-c2ee-4477-be4b-18d264ca9aa5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJbgwH23IAMF3kA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d937-7692bcd1131d9749085800b0;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:44:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: JpXdvmvvQH1vfmG3IY6l-viZNIwPCuCBMdnRl78XNVFNE2FgSxqXJA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 22:14:38 GMT
age: 60267
etag: "b8f906e9e3c3addf73e2d387c7238dc1ffe0bb28"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78f88d98-b52b-4ad1-8cfc-e60fd17b46e0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11535 bytes)
Hash
b370c4e3b01be9fbbc3e310e6958cd55
cc22e90a0b476215f2fd864d84c9b00dded100a6
f54d90c5854b6f140b63dad3aa92bd858b8f360b8c77d50fdf344e813e9385c5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78f88d98-b52b-4ad1-8cfc-e60fd17b46e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11535
x-amzn-requestid: 0a1d9895-e2e3-4070-921a-736d8c6f254e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJatPGwjoAMFx8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d7ee-101a7f3a2b834d0b411c9de0;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:38:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: gjEERXiPH4yDHtW87u7qRDYz1A2DKKlkYXKVC3F9VshnRvhh2wSaSQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 22:08:57 GMT
age: 60608
etag: "cc22e90a0b476215f2fd864d84c9b00dded100a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56714e2-704b-4327-92b2-54e71d0c4d40.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.0 kB (8961 bytes)
Hash
dcc79e66d1e21452efb26d26650f6739
1f727a7ea032082658944cf4041686446fb6b5f2
af1fe8de442a365a108d5c03f0d3ae8b0beb1abb4f267a46979f9c885ee026c6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56714e2-704b-4327-92b2-54e71d0c4d40.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8961
x-amzn-requestid: 3a50374d-d90e-452e-bb89-82ca14c94b52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJarpGtqIAMFkPg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d7e3-55c356475fb64e6625a338c7;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:38:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OR8zISm84Iz0FL3Km-aQOHSnjROX2-S_lKloAhMAThT17igEWRbxkA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 21:44:20 GMT
age: 62085
etag: "1f727a7ea032082658944cf4041686446fb6b5f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10462 bytes)
Hash
4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 43480a38-fd89-4c47-b8c4-e6ba90b1321c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aMF6oEz_oAMF8Hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634e5043-6617fd2e59cab00135301cdd;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 07:05:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3fDf4aoep5tTAusisXhIdAf0A6SbpM5fYtYaiXtNSb0-VRJo5nu8Vg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Sun, 06 Nov 2022 09:11:34 GMT
age: 20851
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df47f1e-c13a-452f-b0e2-28c141dbb191.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7573 bytes)
Hash
b18a8c9f5539ce33476f843f5811e01d
11d1f2ce72d2aa6686c79f777cd0bdb4ddeb681b
fc20e507eedccb52078979f2132434b11b9d50d917cab512d8e0c99515b1236c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df47f1e-c13a-452f-b0e2-28c141dbb191.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7573
x-amzn-requestid: d56e7b27-f2cb-4cd3-9f67-ba18d1bfe270
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bDkhGHmjoAMFxxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6364813a-3a1c18b13c41f38673890b00;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 03:04:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: c-u9tBFoIve3sEwtbUvIFZoPu6eudy3ZFQi8j2m9mTPNEarihTvddw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Sun, 06 Nov 2022 03:24:54 GMT
age: 41651
etag: "11d1f2ce72d2aa6686c79f777cd0bdb4ddeb681b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7220419a-cf8c-4056-a522-11012e67cf32.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (14415 bytes)
Hash
fa77f05b1af971db287607d9d9a30e0f
276f1493d6da74c8fa3ef83dee77bf48850ff4b4
005d0273b7fe7b68081d1db630df9444c4082140be87c34f3e9e5fb7db9a4160

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7220419a-cf8c-4056-a522-11012e67cf32.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14415
x-amzn-requestid: 9eadfbeb-38b2-483a-894a-375e00f646dd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJabgHcMoAMFTLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d77c-104fa5e61c64aaf230ffb045;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:37:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 1rzBJigxxARLwKhQ_2PvkVnWD2wUH9UPfyVKIe9lmvtmtMRwWjR21g==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 22:17:20 GMT
etag: "276f1493d6da74c8fa3ef83dee77bf48850ff4b4"
content-type: image/jpeg
age: 60105
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
267a98361564c46b0f733ce567024f33
4bbd52ee36fcf08cc0b13a18443e67d9700d0d61
1e2b21e78097bc07ca4fb3a1318bd36d7bc2a58e811b21956c83f4dfe31ec32e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1486
Cache-Control: max-age=120751
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:59:05 GMT
Etag: "6366fa9a-118"
Expires: Tue, 08 Nov 2022 00:31:36 GMT
Last-Modified: Sun, 06 Nov 2022 00:06:50 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 280

offerimage.com/www/images/e27e78d3b01907b714b7d939d7eed85d.png

172.67.22.216

200 OK

43 kB

URL HTTP/2
offerimage.com/www/images/e27e78d3b01907b714b7d939d7eed85d.png
IP
172.67.22.216:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
43 kB (43157 bytes)
Hash
e27e78d3b01907b714b7d939d7eed85d
2d4aa0d84925e5031861258c341788450ba8b43c
37024bac32f0cc3299c2492471b40e6beb2fd7b3cb73b172d68207e87cdfd6e6

HTTP Headers

GET /www/images/e27e78d3b01907b714b7d939d7eed85d.png HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keepvid.works/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 06 Nov 2022 14:59:05 GMT
content-type: image/png
content-length: 43157
last-modified: Thu, 10 Dec 2020 15:48:31 GMT
etag: "5fd2434f-a895"
expires: Mon, 07 Nov 2022 09:07:34 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 21091
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 765eb0e7dd43b4ed-OSL
X-Firefox-Spdy: h2

inpage-push.com/impression/GGlQyGRUauc67drahIPINsquXwE5QQQPgDUVLwxOh_oUQ54WIUOuGSUx1OQ77-spHxOPNaFVwivPH_1ru1TaxuoHGhlfRlKMSBJ-wKBoXZNZ1a3IhOFzD-O7Bb_p7oDdslyK6-IaLEgZZALZil3lSCTw1XMNiIpnQd1FVJ5cH9xiMw1WLvzEwFLxpQE6YTZ418s4jz_0c47D_oJl3xyJS-poSZ1ZtjqH8jJyQSSkGGhF59NfHlwEkoLRPoE81_EiWgGJ_LuEAeCDmEIITEsi6OC4rHW7RAv1p9qXPD0MczPD5v5PlfS1sZ6XGqZx5oAELvW28MoE8s7-lj82L-hSRXNe907VKEShZjrtf6q2Ck5xB2cKTZzWUrFAXIqMP7cPlvXyXx9JDYh2Ra8l-SCWPBxqyBhIT47u0Oy-MlCdhV9NX02uI4nDRDmmQ1CtmGK-VnYU2gdXfAaguugK_0UwapHbiFl6AUTK1SvfuEOH0fRXV1T96bo9g_xIiw-QmALHPC4pMmJsgDG35SBGN0iIflY3w1rjOrCJ80-OGR7LubIZ9TrF?_z=4378921&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fkeepvid.works%2Fv3%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

139.45.197.239

200 OK

43 B

URL HTTP/2
inpage-push.com/impression/GGlQyGRUauc67drahIPINsquXwE5QQQPgDUVLwxOh_oUQ54WIUOuGSUx1OQ77-spHxOPNaFVwivPH_1ru1TaxuoHGhlfRlKMSBJ-wKBoXZNZ1a3IhOFzD-O7Bb_p7oDdslyK6-IaLEgZZALZil3lSCTw1XMNiIpnQd1FVJ5cH9xiMw1WLvzEwFLxpQE6YTZ418s4jz_0c47D_oJl3xyJS-poSZ1ZtjqH8jJyQSSkGGhF59NfHlwEkoLRPoE81_EiWgGJ_LuEAeCDmEIITEsi6OC4rHW7RAv1p9qXPD0MczPD5v5PlfS1sZ6XGqZx5oAELvW28MoE8s7-lj82L-hSRXNe907VKEShZjrtf6q2Ck5xB2cKTZzWUrFAXIqMP7cPlvXyXx9JDYh2Ra8l-SCWPBxqyBhIT47u0Oy-MlCdhV9NX02uI4nDRDmmQ1CtmGK-VnYU2gdXfAaguugK_0UwapHbiFl6AUTK1SvfuEOH0fRXV1T96bo9g_xIiw-QmALHPC4pMmJsgDG35SBGN0iIflY3w1rjOrCJ80-OGR7LubIZ9TrF?_z=4378921&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fkeepvid.works%2Fv3%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.239:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /impression/GGlQyGRUauc67drahIPINsquXwE5QQQPgDUVLwxOh_oUQ54WIUOuGSUx1OQ77-spHxOPNaFVwivPH_1ru1TaxuoHGhlfRlKMSBJ-wKBoXZNZ1a3IhOFzD-O7Bb_p7oDdslyK6-IaLEgZZALZil3lSCTw1XMNiIpnQd1FVJ5cH9xiMw1WLvzEwFLxpQE6YTZ418s4jz_0c47D_oJl3xyJS-poSZ1ZtjqH8jJyQSSkGGhF59NfHlwEkoLRPoE81_EiWgGJ_LuEAeCDmEIITEsi6OC4rHW7RAv1p9qXPD0MczPD5v5PlfS1sZ6XGqZx5oAELvW28MoE8s7-lj82L-hSRXNe907VKEShZjrtf6q2Ck5xB2cKTZzWUrFAXIqMP7cPlvXyXx9JDYh2Ra8l-SCWPBxqyBhIT47u0Oy-MlCdhV9NX02uI4nDRDmmQ1CtmGK-VnYU2gdXfAaguugK_0UwapHbiFl6AUTK1SvfuEOH0fRXV1T96bo9g_xIiw-QmALHPC4pMmJsgDG35SBGN0iIflY3w1rjOrCJ80-OGR7LubIZ9TrF?_z=4378921&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fkeepvid.works%2Fv3%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: inpage-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keepvid.works/
Cookie: OAID=cb9274f38038477bb3515a38479f7c39
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:59:05 GMT
content-type: image/gif
content-length: 43
x-trace-id: 11641d9d9d99fe223ad55e90385d11a9
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

inpage-push.com/500/4378921?excludes=10242826&oaid=cb9274f38038477bb3515a38479f7c39&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fkeepvid.works%2Fv3%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

139.45.197.239

200 OK

0 B

URL HTTP/2
inpage-push.com/500/4378921?excludes=10242826&oaid=cb9274f38038477bb3515a38479f7c39&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fkeepvid.works%2Fv3%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.239:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

OPTIONS /500/4378921?excludes=10242826&oaid=cb9274f38038477bb3515a38479f7c39&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fkeepvid.works%2Fv3%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: inpage-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://keepvid.works/
Origin: https://keepvid.works
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:59:05 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://keepvid.works
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

offerimage.com/www/images/59d005e99dabed8d7a753617b9dfe4d6.jpeg

172.67.22.216

200 OK

12 kB

URL HTTP/2
offerimage.com/www/images/59d005e99dabed8d7a753617b9dfe4d6.jpeg
IP
172.67.22.216:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Size
12 kB (11455 bytes)
Hash
59d005e99dabed8d7a753617b9dfe4d6
5b4b05e20f8496be4f1f8d9e93adc1e1ccfbe383
d09719c31f8376e40f2a23e1e9833214527ec837e61e2e715752d58a1154bd31

HTTP Headers

GET /www/images/59d005e99dabed8d7a753617b9dfe4d6.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keepvid.works/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 06 Nov 2022 14:59:06 GMT
content-type: image/jpeg
content-length: 11455
cache-control: max-age=86400
cf-bgj: h2pri
etag: "631844d9-2cbf"
expires: Mon, 07 Nov 2022 10:05:02 GMT
last-modified: Wed, 07 Sep 2022 07:14:33 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 17644
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 765eb0eb0a09b4ed-OSL
X-Firefox-Spdy: h2

inpage-push.com/impression/AxhsH89bqDce-yLFbDQohYXZHwXAnmNHx8ttAoaFG_Yi5hvqpeXSUOFSlR1RVOYNjJ3Cf6qTx7Gvoz2zVU2DDfL1dAgKlS-MPrQ1tuk-YxYzdVe8P2mb_guM96orm75Sr3rUoBqFaTY12VnWrE_dlY8GLD857t0oLNVXoK8dQDLCyA5Kt7wtUJ2ILzI94ahiCJ5Er1kF7MWLloiD3o9nz1b1lYk_ZCYJ1LUwaUUXS62Vy3jmfnHUDBuObf8XUojjxTqRyeEca7eKXy8ZQOA-ECntx2pHe4Nn37Lhmt47VEJDSYrUb3Ld6cScjKfIOJ8PP2D3dsJoVbBRtzxat-jkd_rH-Jn1mBaNUYHhl3j1IDf0Vl3aHGfW4PQnvuNbxFOTPj3eOyFBJL6DCRyXgPzRWQI4EPbRsIhjxhwakyR-lAfqxBBqiYq-Jz27I38CcCmVB1RN1fI3byJaKqkHrjo-l_eDvI1ZcnAzSdrtWI2blGAiPXAIapALX3V0n1_uX2DM59rvX1sdHpRiseA5W0nVgRWzLLonEaGN_Nxi0tP3fj5WfH-W?_z=4378921&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fkeepvid.works%2Fv3%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

139.45.197.239

200 OK

43 B

URL HTTP/2
inpage-push.com/impression/AxhsH89bqDce-yLFbDQohYXZHwXAnmNHx8ttAoaFG_Yi5hvqpeXSUOFSlR1RVOYNjJ3Cf6qTx7Gvoz2zVU2DDfL1dAgKlS-MPrQ1tuk-YxYzdVe8P2mb_guM96orm75Sr3rUoBqFaTY12VnWrE_dlY8GLD857t0oLNVXoK8dQDLCyA5Kt7wtUJ2ILzI94ahiCJ5Er1kF7MWLloiD3o9nz1b1lYk_ZCYJ1LUwaUUXS62Vy3jmfnHUDBuObf8XUojjxTqRyeEca7eKXy8ZQOA-ECntx2pHe4Nn37Lhmt47VEJDSYrUb3Ld6cScjKfIOJ8PP2D3dsJoVbBRtzxat-jkd_rH-Jn1mBaNUYHhl3j1IDf0Vl3aHGfW4PQnvuNbxFOTPj3eOyFBJL6DCRyXgPzRWQI4EPbRsIhjxhwakyR-lAfqxBBqiYq-Jz27I38CcCmVB1RN1fI3byJaKqkHrjo-l_eDvI1ZcnAzSdrtWI2blGAiPXAIapALX3V0n1_uX2DM59rvX1sdHpRiseA5W0nVgRWzLLonEaGN_Nxi0tP3fj5WfH-W?_z=4378921&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fkeepvid.works%2Fv3%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.239:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /impression/AxhsH89bqDce-yLFbDQohYXZHwXAnmNHx8ttAoaFG_Yi5hvqpeXSUOFSlR1RVOYNjJ3Cf6qTx7Gvoz2zVU2DDfL1dAgKlS-MPrQ1tuk-YxYzdVe8P2mb_guM96orm75Sr3rUoBqFaTY12VnWrE_dlY8GLD857t0oLNVXoK8dQDLCyA5Kt7wtUJ2ILzI94ahiCJ5Er1kF7MWLloiD3o9nz1b1lYk_ZCYJ1LUwaUUXS62Vy3jmfnHUDBuObf8XUojjxTqRyeEca7eKXy8ZQOA-ECntx2pHe4Nn37Lhmt47VEJDSYrUb3Ld6cScjKfIOJ8PP2D3dsJoVbBRtzxat-jkd_rH-Jn1mBaNUYHhl3j1IDf0Vl3aHGfW4PQnvuNbxFOTPj3eOyFBJL6DCRyXgPzRWQI4EPbRsIhjxhwakyR-lAfqxBBqiYq-Jz27I38CcCmVB1RN1fI3byJaKqkHrjo-l_eDvI1ZcnAzSdrtWI2blGAiPXAIapALX3V0n1_uX2DM59rvX1sdHpRiseA5W0nVgRWzLLonEaGN_Nxi0tP3fj5WfH-W?_z=4378921&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fkeepvid.works%2Fv3%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: inpage-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keepvid.works/
Cookie: OAID=cb9274f38038477bb3515a38479f7c39
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:59:08 GMT
content-type: image/gif
content-length: 43
x-trace-id: 79da1f045e1a83f949f384473913f19c
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6b72bfaacba486284aa2ecb4bcd8ebba
89fa4ef09e60380fc432c73b7919a29f26117088
fed14b27362ffe0dfbe0b1696e8dab5f6bba3e08b76bec620e75f0f3f213f69b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:59:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e13e65ad7f6f12300b12d6cd6936d621
575faf606b5c5e39e0fbbef59998bcd3625aa141
10787f99c02b63d52b9b74fcec9497108d67c56c4a9436e0e3c9a7129d727dda

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:59:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/recaptcha/api.js?render=6LfoWsQcAAAAACyoTdC9goAzkfFl4WC11-Xhx1dv&_=1667746742339

142.250.74.164

200 OK

586 B

URL HTTP/2
www.google.com/recaptcha/api.js?render=6LfoWsQcAAAAACyoTdC9goAzkfFl4WC11-Xhx1dv&_=1667746742339
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (884), with no line terminators
Size
586 B (586 bytes)
Hash
9d0ecfdf21ec72f068df9a80ae022025
ff633bfac8a93c80b33c223714238ab367c5e68d
147236d7b72dfae592b0a676d5ea9881bf498726dad95427ff4b0858d2b6363d

HTTP Headers

GET /recaptcha/api.js?render=6LfoWsQcAAAAACyoTdC9goAzkfFl4WC11-Xhx1dv&_=1667746742339 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keepvid.works/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
expires: Sun, 06 Nov 2022 14:59:09 GMT
date: Sun, 06 Nov 2022 14:59:09 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 586
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-117141830-1&_=1667746742340

142.250.74.168

200 OK

44 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-117141830-1&_=1667746742340
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1921)
Size
44 kB (43649 bytes)
Hash
4406960b68dbdcf856a556512b5376bd
8b7769d4bcae48454b1968d34aa774f88d9d7fec
12ef47640a4e93af4710bfc625e044f9175aa8f0d5b7cc4330659a2eab080458

HTTP Headers

GET /gtag/js?id=UA-117141830-1&_=1667746742340 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keepvid.works/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 06 Nov 2022 14:59:09 GMT
expires: Sun, 06 Nov 2022 14:59:09 GMT
cache-control: private, max-age=900
last-modified: Sun, 06 Nov 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43649
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
12a1f191d3251cadd0fce23ca14e1a5d
a95b5c8eafe5d0ae8d78c77d4965ba1c486ec864
95b318059b6735c7221e60eabe0489c228c705c47a5f6adc8f829ac0f3c5f77c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:59:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d2b4c49a0fb79e3d3bc40d2a28b27120
3f53633851cf851451354ccfd2931f2ec7a9e40f
a8a4ca2c09bae5cc3375077e531b357e2c1724693433a085ad038e3e6adfd96b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:59:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
62a8ce6a2338913103618edb2f4a9dbe
0e0850b1aef6ed524d119a41145112b84c257687
51d11b07f58551b5864fb55d4560d8a2237c2351036de0af7e25c81816763b31

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 14:59:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gstatic.com/recaptcha/releases/Ixi5IiChXmIG6rRkjUa1qXHT/recaptcha__en.js

142.250.74.163

200 OK

162 kB

URL HTTP/2
www.gstatic.com/recaptcha/releases/Ixi5IiChXmIG6rRkjUa1qXHT/recaptcha__en.js
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (590)
Size
162 kB (162282 bytes)
Hash
05e06c50dab6f3d7f8bfde22301888db
64b3c20c788d298a672fabf9627eac914d95ed08
95176711feca1110e764a31e36764d5b331b033ed56fb372b42250329b33e1d6

HTTP Headers

GET /recaptcha/releases/Ixi5IiChXmIG6rRkjUa1qXHT/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://keepvid.works
Connection: keep-alive
Referer: https://keepvid.works/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162282
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 06 Nov 2022 09:05:49 GMT
expires: Mon, 06 Nov 2023 09:05:49 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 31 Oct 2022 04:02:45 GMT
content-type: text/javascript
age: 21200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keepvid.works/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sun, 06 Nov 2022 14:41:09 GMT
expires: Sun, 06 Nov 2022 16:41:09 GMT
cache-control: public, max-age=7200
age: 1080
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.195

200 OK

15 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 05 Nov 2022 12:31:58 GMT
expires: Sun, 05 Nov 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 95232
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

104.18.11.207

200 OK

36 kB

URL HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
IP
104.18.11.207:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65371)
Size
36 kB (35798 bytes)
Hash
9601c5e515f7341bc0c09e18c101fe07
27900e06d9953cb2853de5944ca9d34cc95deacd
bb7fda51849a051879c83d2db3823bb2c6adafaa5c1e8103b34b4bc676d24ea0

HTTP Headers

GET /bootstrap/3.3.7/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://keepvid.works
Connection: keep-alive
Referer: https://keepvid.works/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 06 Nov 2022 14:59:04 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 632, 617, 617, 617
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-cachedat: 2021-06-08 21:21:23
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: f7c28877730f9f5e791ec99553c80102
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 21744884
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 765eb0df4e7ab4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

inpage-push.com/400/4378921?_=1667746742337

139.45.197.239

200 OK

0 B

URL HTTP/2
inpage-push.com/400/4378921?_=1667746742337
IP
139.45.197.239:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /400/4378921?_=1667746742337 HTTP/1.1
Host: inpage-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keepvid.works/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:59:04 GMT
content-type: application/javascript
x-trace-id: b6b501c980528256e3222437ea4e9334
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=5975bf95da954b6e8a56744d49391a28; expires=Mon, 06 Nov 2023 14:59:04 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

139.45.197.239

200 OK

0 B

URL HTTP/2
inpage-push.com/500/4378921?excludes=&oaid=cb9274f38038477bb3515a38479f7c39&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fkeepvid.works%2Fv3%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.239:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /500/4378921?excludes=&oaid=cb9274f38038477bb3515a38479f7c39&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fkeepvid.works%2Fv3%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: inpage-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://keepvid.works
Connection: keep-alive
Referer: https://keepvid.works/
Cookie: OAID=5975bf95da954b6e8a56744d49391a28
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:59:05 GMT
content-type: application/javascript
x-trace-id: 533ffc12ac994b6c9e7730f940f8235c
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: https://keepvid.works
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=cb9274f38038477bb3515a38479f7c39; expires=Mon, 06 Nov 2023 14:59:05 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

139.45.197.239

200 OK

0 B

URL HTTP/2
inpage-push.com/500/4378921?excludes=10242826&oaid=cb9274f38038477bb3515a38479f7c39&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fkeepvid.works%2Fv3%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.239:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /500/4378921?excludes=10242826&oaid=cb9274f38038477bb3515a38479f7c39&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fkeepvid.works%2Fv3%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: inpage-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://keepvid.works
Connection: keep-alive
Referer: https://keepvid.works/
Cookie: OAID=cb9274f38038477bb3515a38479f7c39
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 14:59:06 GMT
content-type: application/javascript
x-trace-id: 6b35c590e4dc39f13d3d5c1ce9ea7d8e
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://keepvid.works
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=cb9274f38038477bb3515a38479f7c39; expires=Mon, 06 Nov 2023 14:59:05 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (23)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations