Report - 98.biqund.com/index/m3?diff=0&utm_source=ogdd&utm_campaign=26670&utm_content=&utm_clickid=1s044sw8oowo40ks&aurl=d7.hotplayer.ru/downloadm/4d3047f7226472687c69b19b24c5abe5/9515038_456239177/e41231def5b5-806fe56ed88-153b099352ab/%D0%9A%D0%98%D0%9D%D0%9E%20-%20%D0%A1%D0%BF%D0%BE%D0%BA%D0%BE%D0%B9%D0%BD%D0%B0%D1%8F%20%D0%BD%D0%BE%D1%87%D1%8C%20live%202021.mp3?play&an=&utm

Report Overview

Submitted URL
98.biqund.com/index/m3?diff=0&utm_source=ogdd&utm_campaign=26670&utm_content=&utm_clickid=1s044sw8oowo40ks&aurl=d7.hotplayer.ru/downloadm/4d3047f7226472687c69b19b24c5abe5/9515038_456239177/e41231def5b5-806fe56ed88-153b099352ab/%D0%9A%D0%98%D0%9D%D0%9E%20-%20%D0%A1%D0%BF%D0%BE%D0%BA%D0%BE%D0%B9%D0%BD%D0%B0%D1%8F%20%D0%BD%D0%BE%D1%87%D1%8C%20live%202021.mp3?play&an=&utm_term=&site=&isubs=0
IP
172.67.214.84
ASN
#13335 CLOUDFLARENET
Submitted
2022-11-16 18:43:59
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-10T05:10:00Z	782 B	2.4 kB	34.102.187.140
e1.o.lencr.org	6159	2021-08-20T09:36:30Z	2023-03-10T11:39:59Z	338 B	729 B	23.36.76.226
fcgi4.gnezdo.ru	69027	2020-06-11T14:55:54Z	2023-03-10T13:17:40Z	850 B	850 B	93.95.102.105
uuidksinc.net	3420	2015-05-31T10:43:35Z	2023-03-10T12:53:12Z	517 B	166 B	31.220.27.134
98.biqund.com	unknown			2.8 kB	51 kB	172.67.214.84
dm-eu.hybrid.ai	28847	2021-01-25T12:48:59Z	2023-03-09T23:38:55Z	407 B	460 B	37.18.103.22
z.cdn.adtarget.me	31288	2019-12-20T10:03:16Z	2023-03-10T12:52:50Z	403 B	95 B	212.32.253.229
dmpprof.com	19328	2020-05-10T17:06:33Z	2023-03-10T12:52:50Z	425 B	942 B	85.192.12.174
arquivos.blogdainformatica.com.br	unknown	2020-03-04T19:24:27Z	2023-03-10T06:00:32Z	408 B	901 B	172.67.169.137
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-10T05:09:10Z	4.1 kB	11 kB	23.36.77.32
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-10T05:10:00Z	333 B	229 B	34.117.237.239
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-10T05:10:02Z	606 B	127 B	52.35.74.102
ads.go2net.com.ua	194952	2020-04-01T06:59:00Z	2023-03-09T09:06:33Z	431 B	478 B	146.0.227.107
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-10T05:10:04Z	3.2 kB	60 kB	34.120.237.76
apkdl.cloud	unknown	2022-10-29T12:31:40Z	2023-01-15T09:09:20Z	350 B	740 B	172.67.173.191
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-10T13:49:44Z	1.0 kB	2.2 kB	93.184.220.29
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-10T05:12:35Z	413 B	5.8 kB	34.160.144.191
hdtcode.com	unknown	2019-05-01T19:48:45Z	2023-03-10T12:53:12Z	778 B	544 B	185.196.197.130
sartojelius.com	unknown	2021-12-24T08:04:06Z	2023-03-10T12:53:12Z	2.1 kB	5.2 kB	88.208.46.22
s.uuidksinc.net	3423	2015-07-20T14:00:35Z	2023-03-10T12:52:50Z	1.1 kB	705 B	31.220.27.134
dmg.digitaltarget.ru	21471	2015-04-23T16:50:51Z	2023-03-10T12:52:51Z	912 B	1.4 kB	185.15.175.148

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-11-16	medium	hybrid.ai	Sinkholed

JavaScript (9)

	URL	Size	First Seen	Last Seen
	98.biqund.com/index/m3?diff=0&utm_source=ogdd&utm_campaign=26670&utm_content=&utm_clickid=1s044sw8oowo40ks&aurl=https://d7.hotplayer.ru/downloadm/4d3047f7226472687c69b19b24c5abe5/9515038_456239177/e41231def5b5-806fe56ed88-153b099352ab/%D0%9A%D0%98%D0%9D%D0%9E%20-%20%D0%A1%D0%BF%D0%BE%D0%BA%D0%BE%D0%B9%D0%BD%D0%B0%D1%8F%20%D0%BD%D0%BE%D1%87%D1%8C%20live%202021.mp3?play&an=&utm_term=&site=&isubs=0	157 B	2023-03-08	2023-04-02
Pretty URL 98.biqund.com/index/m3?diff=0&utm_source=ogdd&utm_campaign=26670&utm_content=&utm_clickid=1s044sw8oowo40ks&aurl=https://d7.hotplayer.ru/downloadm/4d3047f7226472687c69b19b24c5abe5/9515038_456239177/e41231def5b5-806fe56ed88-153b099352ab/%D0%9A%D0%98%D0%9D%D0%9E%20-%20%D0%A1%D0%BF%D0%BE%D0%BA%D0%BE%D0%B9%D0%BD%D0%B0%D1%8F%20%D0%BD%D0%BE%D1%87%D1%8C%20live%202021.mp3?play&an=&utm_term=&site=&isubs=0 IP 172.67.214.84 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 08:15:07 Last Seen2023-04-02 21:18:42 Times Seen11 Hash 95e3361a66cb84959c93cbefa6421e1c 4ded388f5710fc0b8e2ddb171c29d433efd9f3c7 1b9ad7602755dc40a1462979bd7d054550396d070782786f82c3202b1d5e1b4a Loading...

	98.biqund.com/index/m3?diff=0&utm_source=ogdd&utm_campaign=26670&utm_content=&utm_clickid=1s044sw8oowo40ks&aurl=https://d7.hotplayer.ru/downloadm/4d3047f7226472687c69b19b24c5abe5/9515038_456239177/e41231def5b5-806fe56ed88-153b099352ab/%D0%9A%D0%98%D0%9D%D0%9E%20-%20%D0%A1%D0%BF%D0%BE%D0%BA%D0%BE%D0%B9%D0%BD%D0%B0%D1%8F%20%D0%BD%D0%BE%D1%87%D1%8C%20live%202021.mp3?play&an=&utm_term=&site=&isubs=0	77 B	2023-03-08	2023-04-02
Pretty URL 98.biqund.com/index/m3?diff=0&utm_source=ogdd&utm_campaign=26670&utm_content=&utm_clickid=1s044sw8oowo40ks&aurl=https://d7.hotplayer.ru/downloadm/4d3047f7226472687c69b19b24c5abe5/9515038_456239177/e41231def5b5-806fe56ed88-153b099352ab/%D0%9A%D0%98%D0%9D%D0%9E%20-%20%D0%A1%D0%BF%D0%BE%D0%BA%D0%BE%D0%B9%D0%BD%D0%B0%D1%8F%20%D0%BD%D0%BE%D1%87%D1%8C%20live%202021.mp3?play&an=&utm_term=&site=&isubs=0 IP 172.67.214.84 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 08:15:07 Last Seen2023-04-02 21:18:42 Times Seen11 Hash e0a84365c627d500de4a58d8e0d590ac 379a4ab28f26004ab66dfff739f004ff7eba1c2a bab5d2f5fdb678e12a017d336165de8f48e507774e0d02167ebb76882930d113 Loading...

	98.biqund.com/index/m3?diff=0&utm_source=ogdd&utm_campaign=26670&utm_content=&utm_clickid=1s044sw8oowo40ks&aurl=https://d7.hotplayer.ru/downloadm/4d3047f7226472687c69b19b24c5abe5/9515038_456239177/e41231def5b5-806fe56ed88-153b099352ab/%D0%9A%D0%98%D0%9D%D0%9E%20-%20%D0%A1%D0%BF%D0%BE%D0%BA%D0%BE%D0%B9%D0%BD%D0%B0%D1%8F%20%D0%BD%D0%BE%D1%87%D1%8C%20live%202021.mp3?play&an=&utm_term=&site=&isubs=0	1.1 kB	2023-03-11	2023-03-11
Pretty URL 98.biqund.com/index/m3?diff=0&utm_source=ogdd&utm_campaign=26670&utm_content=&utm_clickid=1s044sw8oowo40ks&aurl=https://d7.hotplayer.ru/downloadm/4d3047f7226472687c69b19b24c5abe5/9515038_456239177/e41231def5b5-806fe56ed88-153b099352ab/%D0%9A%D0%98%D0%9D%D0%9E%20-%20%D0%A1%D0%BF%D0%BE%D0%BA%D0%BE%D0%B9%D0%BD%D0%B0%D1%8F%20%D0%BD%D0%BE%D1%87%D1%8C%20live%202021.mp3?play&an=&utm_term=&site=&isubs=0 IP 172.67.214.84 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 12:50:59 Last Seen2023-03-11 12:50:59 Times Seen1 Hash c8c13425a4968012a06958cf5568877f 9b1ac0ba99a490dd7aa700301a0342716f9cade9 28d58a1b23cb1438608cc4543fdea9f72b236d37b2ddbcf1e521c903f2872315 Loading...

	uuidksinc.net/matchx	1.9 kB	2023-03-11	2023-03-11
Pretty URL uuidksinc.net/matchx IP 31.220.27.134 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 12:50:59 Last Seen2023-03-11 15:16:23 Times Seen1 Hash 2f526fa07ded431344b8705186c197bf 3d6e45732b7e6c9a7fe82dc0121508746f2344f4 652d1253948f0d0c21a1ce2f334f601831f7c130ca413578d486977ef328ef4c Loading...

	98.biqund.com/199f8c6.php?utm_source=ogdd&utm_campaign=26670	43 kB	2023-03-11	2023-03-11
Pretty URL 98.biqund.com/199f8c6.php?utm_source=ogdd&utm_campaign=26670 IP 172.67.214.84 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 12:50:59 Last Seen2023-03-11 15:12:13 Times Seen1 Hash c0ae5e5d30efdbfe1d71cdf66397dd9c 07aa8175f37a54c5c65ca5bd4c4823f6321c7d6d 091e97618ded85929799278a2cd200444fde963d1de27c2ca7bcb0845aacdcc3 Loading...

	98.biqund.com/index/m3?diff=0&utm_source=ogdd&utm_campaign=26670&utm_content=&utm_clickid=1s044sw8oowo40ks&aurl=https://d7.hotplayer.ru/downloadm/4d3047f7226472687c69b19b24c5abe5/9515038_456239177/e41231def5b5-806fe56ed88-153b099352ab/%D0%9A%D0%98%D0%9D%D0%9E%20-%20%D0%A1%D0%BF%D0%BE%D0%BA%D0%BE%D0%B9%D0%BD%D0%B0%D1%8F%20%D0%BD%D0%BE%D1%87%D1%8C%20live%202021.mp3?play&an=&utm_term=&site=&isubs=0	30 kB	2023-03-08	2023-04-05
Pretty URL 98.biqund.com/index/m3?diff=0&utm_source=ogdd&utm_campaign=26670&utm_content=&utm_clickid=1s044sw8oowo40ks&aurl=https://d7.hotplayer.ru/downloadm/4d3047f7226472687c69b19b24c5abe5/9515038_456239177/e41231def5b5-806fe56ed88-153b099352ab/%D0%9A%D0%98%D0%9D%D0%9E%20-%20%D0%A1%D0%BF%D0%BE%D0%BA%D0%BE%D0%B9%D0%BD%D0%B0%D1%8F%20%D0%BD%D0%BE%D1%87%D1%8C%20live%202021.mp3?play&an=&utm_term=&site=&isubs=0 IP 172.67.214.84 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:34:27 Last Seen2023-04-05 01:43:15 Times Seen50 Hash bf5dc2d632990314fa3957bdb7947884 6a3b42f424a7303c46eeedd22ec858d9790db2f4 8c1d60c3544f3a192dd78007c6b2a1f44fe9c576491f2ca85389d4e02cc94cb3 Loading...

	98.biqund.com/index/m3?diff=0&utm_source=ogdd&utm_campaign=26670&utm_content=&utm_clickid=1s044sw8oowo40ks&aurl=https://d7.hotplayer.ru/downloadm/4d3047f7226472687c69b19b24c5abe5/9515038_456239177/e41231def5b5-806fe56ed88-153b099352ab/%D0%9A%D0%98%D0%9D%D0%9E%20-%20%D0%A1%D0%BF%D0%BE%D0%BA%D0%BE%D0%B9%D0%BD%D0%B0%D1%8F%20%D0%BD%D0%BE%D1%87%D1%8C%20live%202021.mp3?play&an=&utm_term=&site=&isubs=0	2.2 kB	2023-03-07	2024-03-29
Pretty URL 98.biqund.com/index/m3?diff=0&utm_source=ogdd&utm_campaign=26670&utm_content=&utm_clickid=1s044sw8oowo40ks&aurl=https://d7.hotplayer.ru/downloadm/4d3047f7226472687c69b19b24c5abe5/9515038_456239177/e41231def5b5-806fe56ed88-153b099352ab/%D0%9A%D0%98%D0%9D%D0%9E%20-%20%D0%A1%D0%BF%D0%BE%D0%BA%D0%BE%D0%B9%D0%BD%D0%B0%D1%8F%20%D0%BD%D0%BE%D1%87%D1%8C%20live%202021.mp3?play&an=&utm_term=&site=&isubs=0 IP 172.67.214.84 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:08:17 Last Seen2024-03-29 16:46:43 Times Seen189 Hash a40976860ec9865090d3e26ffc73cc94 40f16d9869020c5752974e91bd792ba0d1f015e8 65ba0a06506d4e77ec12f1f4f2a2b0709d8a90c5fbf1a56605433347a396f630 Loading...

	98.biqund.com/index/m3?diff=0&utm_source=ogdd&utm_campaign=26670&utm_content=&utm_clickid=1s044sw8oowo40ks&aurl=https://d7.hotplayer.ru/downloadm/4d3047f7226472687c69b19b24c5abe5/9515038_456239177/e41231def5b5-806fe56ed88-153b099352ab/%D0%9A%D0%98%D0%9D%D0%9E%20-%20%D0%A1%D0%BF%D0%BE%D0%BA%D0%BE%D0%B9%D0%BD%D0%B0%D1%8F%20%D0%BD%D0%BE%D1%87%D1%8C%20live%202021.mp3?play&an=&utm_term=&site=&isubs=0	4.4 kB	2023-03-11	2023-03-11
Pretty URL 98.biqund.com/index/m3?diff=0&utm_source=ogdd&utm_campaign=26670&utm_content=&utm_clickid=1s044sw8oowo40ks&aurl=https://d7.hotplayer.ru/downloadm/4d3047f7226472687c69b19b24c5abe5/9515038_456239177/e41231def5b5-806fe56ed88-153b099352ab/%D0%9A%D0%98%D0%9D%D0%9E%20-%20%D0%A1%D0%BF%D0%BE%D0%BA%D0%BE%D0%B9%D0%BD%D0%B0%D1%8F%20%D0%BD%D0%BE%D1%87%D1%8C%20live%202021.mp3?play&an=&utm_term=&site=&isubs=0 IP 172.67.214.84 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 12:50:59 Last Seen2023-03-11 12:50:59 Times Seen1 Hash 59a3a78131f1ed40aaccb8098907a124 34d65bb9773a9bb37bff14367beaff46cd61f0e1 fc2344499add87a89d91cd5cda442e0518a0969fbf85e19ddf2a0049cf8bb672 Loading...

	98.biqund.com/index/m3?diff=0&utm_source=ogdd&utm_campaign=26670&utm_content=&utm_clickid=1s044sw8oowo40ks&aurl=https://d7.hotplayer.ru/downloadm/4d3047f7226472687c69b19b24c5abe5/9515038_456239177/e41231def5b5-806fe56ed88-153b099352ab/%D0%9A%D0%98%D0%9D%D0%9E%20-%20%D0%A1%D0%BF%D0%BE%D0%BA%D0%BE%D0%B9%D0%BD%D0%B0%D1%8F%20%D0%BD%D0%BE%D1%87%D1%8C%20live%202021.mp3?play&an=&utm_term=&site=&isubs=0	695 B	2023-03-07	2024-03-29
Pretty URL 98.biqund.com/index/m3?diff=0&utm_source=ogdd&utm_campaign=26670&utm_content=&utm_clickid=1s044sw8oowo40ks&aurl=https://d7.hotplayer.ru/downloadm/4d3047f7226472687c69b19b24c5abe5/9515038_456239177/e41231def5b5-806fe56ed88-153b099352ab/%D0%9A%D0%98%D0%9D%D0%9E%20-%20%D0%A1%D0%BF%D0%BE%D0%BA%D0%BE%D0%B9%D0%BD%D0%B0%D1%8F%20%D0%BD%D0%BE%D1%87%D1%8C%20live%202021.mp3?play&an=&utm_term=&site=&isubs=0 IP 172.67.214.84 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:08:17 Last Seen2024-03-29 16:46:43 Times Seen193 Hash 9e8d92218ee3ebc50c02807f95053e1d 471165c67069eb5e4a1a96bf3de5f2da1c8a1dff a7f50ca9fb45ef36eadc0461fd33f27d2f3032fcec793bcc869c43dba2b5bb73 Loading...

HTTP Transactions (50)

URL IP Response Size

98.biqund.com/index/m3?diff=0&utm_source=ogdd&utm_campaign=26670&utm_content=&utm_clickid=1s044sw8oowo40ks&aurl=https://d7.hotplayer.ru/downloadm/4d3047f7226472687c69b19b24c5abe5/9515038_456239177/e41231def5b5-806fe56ed88-153b099352ab/%D0%9A%D0%98%D0%9D%D0%9E%20-%20%D0%A1%D0%BF%D0%BE%D0%BA%D0%BE%D0%B9%D0%BD%D0%B0%D1%8F%20%D0%BD%D0%BE%D1%87%D1%8C%20live%202021.mp3?play&an=&utm_term=&site=&isubs=0

172.67.214.84

200 OK

25 kB

URL HTTP/1.1
98.biqund.com/index/m3?diff=0&utm_source=ogdd&utm_campaign=26670&utm_content=&utm_clickid=1s044sw8oowo40ks&aurl=https://d7.hotplayer.ru/downloadm/4d3047f7226472687c69b19b24c5abe5/9515038_456239177/e41231def5b5-806fe56ed88-153b099352ab/%D0%9A%D0%98%D0%9D%D0%9E%20-%20%D0%A1%D0%BF%D0%BE%D0%BA%D0%BE%D0%B9%D0%BD%D0%B0%D1%8F%20%D0%BD%D0%BE%D1%87%D1%8C%20live%202021.mp3?play&an=&utm_term=&site=&isubs=0
IP
172.67.214.84:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (12693), with CRLF, LF line terminators
Size
25 kB (25140 bytes)
Hash
9a603eadc56e2f9441e3a06850f887bb
c66fcb35ca33d3137d3a78617a7d884dc7172253
9e29247ec3ede149b22b5c9637cda3b148215af5e6cdcd1783a630677e1e5185

HTTP Headers

GET /index/m3?diff=0&utm_source=ogdd&utm_campaign=26670&utm_content=&utm_clickid=1s044sw8oowo40ks&aurl=https://d7.hotplayer.ru/downloadm/4d3047f7226472687c69b19b24c5abe5/9515038_456239177/e41231def5b5-806fe56ed88-153b099352ab/%D0%9A%D0%98%D0%9D%D0%9E%20-%20%D0%A1%D0%BF%D0%BE%D0%BA%D0%BE%D0%B9%D0%BD%D0%B0%D1%8F%20%D0%BD%D0%BE%D1%87%D1%8C%20live%202021.mp3?play&an=&utm_term=&site=&isubs=0 HTTP/1.1
Host: 98.biqund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 18:43:30 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-transform
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PwZBijoeWbAVn6Huc7kIlv4HhcI6eHc9kIgTnSv6SJMTFUODF2C36UA8Olxfz08Kgvzj%2FWndyEs88mP4p49d0FHXwt2d%2FnKXUG7o%2FbU%2Bxm9N4FvA0Qz6wNrK%2BZQ5AFL%2F"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76b25f63aea10b4d-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ade0f92f30e7d68787598ca2b5fd30c7
fc7065ecb41bdfc5cbf0d8d568d335426c57f02f
1aac1c0926e545793d2040b114d2e064b175592a131ba27ff820fcd4aff4b4e3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1AAC1C0926E545793D2040B114D2E064B175592A131BA27FF820FCD4AFF4B4E3"
Last-Modified: Wed, 16 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3711
Expires: Wed, 16 Nov 2022 19:45:21 GMT
Date: Wed, 16 Nov 2022 18:43:30 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c88bc06741ab9fb81c2544acfcc34aa2
362cab19cff5aba27f472cc00071d5dfa38192e4
314ba27975f458e13917b2be91c9d5989a3e57c9e94b5a84dd52d0e21d27ae7f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "314BA27975F458E13917B2BE91C9D5989A3E57C9E94B5A84DD52D0E21D27AE7F"
Last-Modified: Mon, 14 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3128
Expires: Wed, 16 Nov 2022 19:35:38 GMT
Date: Wed, 16 Nov 2022 18:43:30 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
9b4e6c72233070ef185ff980135e9555
2f14523a3f6f9532df3b872984fd23e156d2c465
5040e340e60b331b1569d52d66afcd5649a4121e2841d38cca0974e2a4c0af75

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3850
Cache-Control: max-age=147117
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 18:43:30 GMT
Etag: "6374bbf5-1d7"
Expires: Fri, 18 Nov 2022 11:35:27 GMT
Last-Modified: Wed, 16 Nov 2022 10:31:17 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: xhS4/BqcEovKKORUQJq1eNiJFSnuY5MxJertwzBXA4IS9VvFC0zvP4H5NyAEuxLvP9EGa6+yfIQ=
x-amz-request-id: 1SR1D2B01G54YRHZ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 16 Nov 2022 17:52:07 GMT
age: 3083
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
4736bac84ca28f2b1e961159fb4ea098
1319612979f53896fcfeacd4215c2715d4951e4c
5e81213e111ddf68c7f884f72b4e06fc4dc95eb902c3cf0762236b2418840dba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 16 Nov 2022 17:44:46 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3524
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 18:43:30 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

98.biqund.com/assets/styles/arrow.css?v1

172.67.214.84

200 OK

2.1 kB

URL HTTP/1.1
98.biqund.com/assets/styles/arrow.css?v1
IP
172.67.214.84:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
2.1 kB (2149 bytes)
Hash
42f2eac8fc2d717d43b63c19404d009d
f160ecec8abed0763a70ab4c412697cb661bb9a7
2c64ecb52bdbe782356e6b4c2763127a375d1114c858011f73455cfd27232efc

HTTP Headers

GET /assets/styles/arrow.css?v1 HTTP/1.1
Host: 98.biqund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://98.biqund.com/index/m3?diff=0&utm_source=ogdd&utm_campaign=26670&utm_content=&utm_clickid=1s044sw8oowo40ks&aurl=https://d7.hotplayer.ru/downloadm/4d3047f7226472687c69b19b24c5abe5/9515038_456239177/e41231def5b5-806fe56ed88-153b099352ab/%D0%9A%D0%98%D0%9D%D0%9E%20-%20%D0%A1%D0%BF%D0%BE%D0%BA%D0%BE%D0%B9%D0%BD%D0%B0%D1%8F%20%D0%BD%D0%BE%D1%87%D1%8C%20live%202021.mp3?play&an=&utm_term=&site=&isubs=0

HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 18:43:30 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 12:29:48 GMT
ETag: W/"636262bc-1a14"
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2UEZMLdS%2FB%2FIEkwxCK3rqlwDYlNeoB%2Fm6%2FulEk1QVhpIOoq9p14yaMR4KaSKeW4vH4BTkUvi5tjR0mrwqWV4ZeNNcLg1ErHWKxJaLRI5p77DCKq51D8bXPNXNxeHwixM"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76b25f6619020b4d-OSL
alt-svc: h2=":443"; ma=60

98.biqund.com/199f8c6.php?utm_source=ogdd&utm_campaign=26670

172.67.214.84

200 OK

17 kB

URL HTTP/1.1
98.biqund.com/199f8c6.php?utm_source=ogdd&utm_campaign=26670
IP
172.67.214.84:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (42833), with no line terminators
Size
17 kB (17307 bytes)
Hash
3c386f12b46ad74ea888984350c21135
e43f6144c8e44503b5fad7aa3ec88ca48641ddbe
aa70b6f870b56680feccad8954b5585ad7b02ca61cff95a3591e9a720dfa62ae

HTTP Headers

GET /199f8c6.php?utm_source=ogdd&utm_campaign=26670 HTTP/1.1
Host: 98.biqund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://98.biqund.com/index/m3?diff=0&utm_source=ogdd&utm_campaign=26670&utm_content=&utm_clickid=1s044sw8oowo40ks&aurl=https://d7.hotplayer.ru/downloadm/4d3047f7226472687c69b19b24c5abe5/9515038_456239177/e41231def5b5-806fe56ed88-153b099352ab/%D0%9A%D0%98%D0%9D%D0%9E%20-%20%D0%A1%D0%BF%D0%BE%D0%BA%D0%BE%D0%B9%D0%BD%D0%B0%D1%8F%20%D0%BD%D0%BE%D1%87%D1%8C%20live%202021.mp3?play&an=&utm_term=&site=&isubs=0

HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 18:43:30 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iOdXCvyPcOHWjR3K%2BbHDOr41qeBbuFjalYD1jEEuTDJXPs%2FGGHKwiV1vCG9Fzo8Ey46t%2FCixwZH9nve%2BF%2BeXgwWOy%2BM1K0lKosAtKelba7Wf6mD2D5LvYROoaTjPlM2h"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76b25f662bceb4f7-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ec9493c75dda5548e27bcbf11dbc88c6
295689d60fb9a648643370d8ab2a7bf79369f935
81d3f4be1de0ea00416c2105c48ff04c52abca17b4c01e70976ea59be681c80e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "81D3F4BE1DE0EA00416C2105C48FF04C52ABCA17B4C01E70976EA59BE681C80E"
Last-Modified: Tue, 15 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5845
Expires: Wed, 16 Nov 2022 20:20:56 GMT
Date: Wed, 16 Nov 2022 18:43:31 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ddac36f1bb0f42986abca3203727b688
043b4fa60adc57f9394834e8793b46cf75fc9573
37e206e41e8e25867866e5b123bff73fd8ebac1404b2336f21974cf505a74e16

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "37E206E41E8E25867866E5B123BFF73FD8EBAC1404B2336F21974CF505A74E16"
Last-Modified: Tue, 15 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6871
Expires: Wed, 16 Nov 2022 20:38:02 GMT
Date: Wed, 16 Nov 2022 18:43:31 GMT
Connection: keep-alive

hdtcode.com/event?data=&id=10

185.196.197.130

200 OK

0 B

URL HTTP/2
hdtcode.com/event?data=&id=10
IP
185.196.197.130:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /event?data=&id=10 HTTP/1.1
Host: hdtcode.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://98.biqund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx/1.19.0
date: Wed, 16 Nov 2022 18:43:31 GMT
content-length: 0
access-control-allow-headers: X-Requested-With, Cache-Control, Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
X-Firefox-Spdy: h2

sartojelius.com/94821

88.208.46.22

200 OK

3.2 kB

URL HTTP/1.1
sartojelius.com/94821
IP
88.208.46.22:0
ASN
#39572 DataWeb Global Group B.V.

File type
JSON data\012- , ASCII text, with very long lines (3244), with no line terminators
Size
3.2 kB (3244 bytes)
Hash
ccaef3e6facd649fbc4be96f76d5217d
0fa9083262f3e7e46b0b8e5ce4416576a2a88c9a
0b05a7b02c86d3378ebd9b0cbf313dbf0b49d5534241c5bc0837ef81fbee0272

HTTP Headers

POST /94821 HTTP/1.1
Host: sartojelius.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://98.biqund.com/
Content-Type: text/plain;charset=UTF-8
Origin: http://98.biqund.com
Content-Length: 238
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Nov 2022 18:43:31 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: http://98.biqund.com
Access-Control-Allow-Credentials: true
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Set-Cookie: userid=c1d7a7aa-fb13-4fbe-8776-bf17eaa30546; expires=Tue, 16-Nov-2027 18:43:31 GMT; Path=/; SameSite=None; Secure

sartojelius.com/event/set

88.208.46.22

200 OK

20 B

URL HTTP/1.1
sartojelius.com/event/set
IP
88.208.46.22:0
ASN
#39572 DataWeb Global Group B.V.

File type
data
Size
20 B (20 bytes)
Hash
7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2

HTTP Headers

POST /event/set HTTP/1.1
Host: sartojelius.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://98.biqund.com/
Content-Type: text/plain;charset=UTF-8
Origin: http://98.biqund.com
Content-Length: 116
Connection: keep-alive
Cookie: userid=c1d7a7aa-fb13-4fbe-8776-bf17eaa30546
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Nov 2022 18:43:31 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: http://98.biqund.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: PROPFIND, PROPPATCH, COPY, MOVE, DELETE, MKCOL, LOCK, UNLOCK, PUT, GETLIB, VERSION-CONTROL, CHECKIN, CHECKOUT, UNCHECKOUT, REPORT, UPDATE, CANCELUPLOAD, HEAD, OPTIONS, GET, POST
Access-Control-Allow-Headers: Overwrite, Destination, Content-Type, Depth, User-Agent, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control
Content-Encoding: gzip

hdtcode.com/event?data=&id=30

185.196.197.130

200 OK

0 B

URL HTTP/2
hdtcode.com/event?data=&id=30
IP
185.196.197.130:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /event?data=&id=30 HTTP/1.1
Host: hdtcode.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://98.biqund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.19.0
date: Wed, 16 Nov 2022 18:43:31 GMT
content-length: 0
access-control-allow-headers: X-Requested-With, Cache-Control, Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
X-Firefox-Spdy: h2

98.biqund.com/favicon.ico

172.67.214.84

200 OK

4.0 kB

URL HTTP/1.1
98.biqund.com/favicon.ico
IP
172.67.214.84:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size
4.0 kB (4016 bytes)
Hash
a51793fe0317686ba089709c57a35b1a
61575816c708298644a9c26859edc3a17ae91ebd
b81a8f8301df8f22e0ca12689afd9855d710026631f486c9538fdb08b129b084

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 98.biqund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://98.biqund.com/index/m3?diff=0&utm_source=ogdd&utm_campaign=26670&utm_content=&utm_clickid=1s044sw8oowo40ks&aurl=https://d7.hotplayer.ru/downloadm/4d3047f7226472687c69b19b24c5abe5/9515038_456239177/e41231def5b5-806fe56ed88-153b099352ab/%D0%9A%D0%98%D0%9D%D0%9E%20-%20%D0%A1%D0%BF%D0%BE%D0%BA%D0%BE%D0%B9%D0%BD%D0%B0%D1%8F%20%D0%BD%D0%BE%D1%87%D1%8C%20live%202021.mp3?play&an=&utm_term=&site=&isubs=0

HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 18:43:31 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 12:29:48 GMT
ETag: W/"636262bc-1007"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G5ky%2BWQA9NZZzYzR3pVWhYVuryenASjHM8s3sbSDke6%2F0eETk1IcgVCNYfVSv%2FXqwqZKIeitNOVSht%2BzphlihsITJJwJ4YxHfu4RbkMczFrq9QClCiamKWLZZu%2FvzTjW"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76b25f68ff74b4f7-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

sartojelius.com/js/cs?uuid=c1d7a7aa-fb13-4fbe-8776-bf17eaa30546

88.208.46.22

302 Found

0 B

URL HTTP/1.1
sartojelius.com/js/cs?uuid=c1d7a7aa-fb13-4fbe-8776-bf17eaa30546
IP
88.208.46.22:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/cs?uuid=c1d7a7aa-fb13-4fbe-8776-bf17eaa30546 HTTP/1.1
Host: sartojelius.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://98.biqund.com/
Cookie: userid=c1d7a7aa-fb13-4fbe-8776-bf17eaa30546
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 16 Nov 2022 18:43:31 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uuid=c1d7a7aa-fb13-4fbe-8776-bf17eaa30546; expires=Fri, 16-Dec-2022 18:43:31 GMT; Path=/; domain=.sartojelius.com; SameSite=None; Secure
Location: https://s.uuidksinc.net/match/433/c1d7a7aa-fb13-4fbe-8776-bf17eaa30546?cb_url=https%3A%2F%2Fsartojelius.com%2Fjs%2Fcs%3Fuuid%3Dc1d7a7aa-fb13-4fbe-8776-bf17eaa30546%26oid%3D%5BUID%5D

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Cache-Control, Pragma, Retry-After, ETag, Alert, Expires, Backoff, Content-Type, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 16 Nov 2022 17:44:49 GMT
cache-control: public,max-age=3600
age: 3522
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c37d6bf4144fff00c469383a0c0bc756
2dd498beff46957119422d6d4674bf88439684bd
596256108c9a89aef6a4bb732b11257602417be3c36e3e1b8f1730792cb471af

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "596256108C9A89AEF6A4BB732B11257602417BE3C36E3E1B8F1730792CB471AF"
Last-Modified: Tue, 15 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12965
Expires: Wed, 16 Nov 2022 22:19:36 GMT
Date: Wed, 16 Nov 2022 18:43:31 GMT
Connection: keep-alive

s.uuidksinc.net/match/433/c1d7a7aa-fb13-4fbe-8776-bf17eaa30546?cb_url=https%3A%2F%2Fsartojelius.com%2Fjs%2Fcs%3Fuuid%3Dc1d7a7aa-fb13-4fbe-8776-bf17eaa30546%26oid%3D%5BUID%5D

31.220.27.134

302 Found

0 B

URL HTTP/2
s.uuidksinc.net/match/433/c1d7a7aa-fb13-4fbe-8776-bf17eaa30546?cb_url=https%3A%2F%2Fsartojelius.com%2Fjs%2Fcs%3Fuuid%3Dc1d7a7aa-fb13-4fbe-8776-bf17eaa30546%26oid%3D%5BUID%5D
IP
31.220.27.134:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match/433/c1d7a7aa-fb13-4fbe-8776-bf17eaa30546?cb_url=https%3A%2F%2Fsartojelius.com%2Fjs%2Fcs%3Fuuid%3Dc1d7a7aa-fb13-4fbe-8776-bf17eaa30546%26oid%3D%5BUID%5D HTTP/1.1
Host: s.uuidksinc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://98.biqund.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx/1.19.0
date: Wed, 16 Nov 2022 18:43:31 GMT
content-length: 0
location: https://sartojelius.com/js/cs?uuid=c1d7a7aa-fb13-4fbe-8776-bf17eaa30546&oid=dN7CMtD4dLp5tLlcadr4
set-cookie: jcsuuid=dN7CMtD4dLp5tLlcadr4; expires=Thu, 16 Nov 2023 18:43:31 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
8345d8a2ca46c3b181a81d8626d0425f
5d9d088c5dca072bbc9ad23a15450e7af7829400
663b0e6c239177f35b5b48d4203ce95aabc0e5bab7911f5b1d9fb7624cac2e25

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5667
Cache-Control: max-age=143883
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 18:43:31 GMT
Etag: "6374a83b-1d7"
Expires: Fri, 18 Nov 2022 10:41:34 GMT
Last-Modified: Wed, 16 Nov 2022 09:07:07 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

sartojelius.com/js/cs?uuid=c1d7a7aa-fb13-4fbe-8776-bf17eaa30546&oid=dN7CMtD4dLp5tLlcadr4

88.208.46.22

200 OK

43 B

URL HTTP/1.1
sartojelius.com/js/cs?uuid=c1d7a7aa-fb13-4fbe-8776-bf17eaa30546&oid=dN7CMtD4dLp5tLlcadr4
IP
88.208.46.22:0
ASN
#39572 DataWeb Global Group B.V.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

HTTP Headers

GET /js/cs?uuid=c1d7a7aa-fb13-4fbe-8776-bf17eaa30546&oid=dN7CMtD4dLp5tLlcadr4 HTTP/1.1
Host: sartojelius.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://98.biqund.com/
Connection: keep-alive
Cookie: userid=c1d7a7aa-fb13-4fbe-8776-bf17eaa30546; uuid=c1d7a7aa-fb13-4fbe-8776-bf17eaa30546
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Nov 2022 18:43:31 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: oid=dN7CMtD4dLp5tLlcadr4; expires=Fri, 16-Dec-2022 18:43:31 GMT; Path=/; domain=.sartojelius.com; SameSite=None; Secure

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
0dc8ff14c97755c2e8ac5352030169a5
a19b37c36350e1714e67a5d195be269e35ecfdf1
0a95305f2636a9f342c2575e324bc24dd1a36524cdc5633efb90f46895587955

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "0A95305F2636A9F342C2575E324BC24DD1A36524CDC5633EFB90F46895587955"
Last-Modified: Wed, 16 Nov 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21527
Expires: Thu, 17 Nov 2022 00:42:18 GMT
Date: Wed, 16 Nov 2022 18:43:31 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
3706fc36ff64b2a4a3fced4206324e45
b6030d5bef80c0425c9550199f5f5174e01541c1
7e59526da60f72883e6cfa6f15a879678841c1b74aedf9a9fb59bf0c570a6508

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=129933
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 18:43:31 GMT
Etag: "637487e0-116"
Expires: Fri, 18 Nov 2022 06:49:06 GMT
Last-Modified: Wed, 16 Nov 2022 06:49:04 GMT
Server: nginx
Content-Length: 278

push.services.mozilla.com/

52.35.74.102

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.35.74.102:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 8cnNqMJ3pY3P82bKmXACWA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ZGUKmaFU3qbOO8GbAqzhhizZU1U=

dm-eu.hybrid.ai/match?id=158&vid=dN7CMtD4dLp5tLlcadr4

37.18.103.22

204 No Content

0 B

URL HTTP/2
dm-eu.hybrid.ai/match?id=158&vid=dN7CMtD4dLp5tLlcadr4
IP
37.18.103.22:0
ASN
#205675 Hybrid LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /match?id=158&vid=dN7CMtD4dLp5tLlcadr4 HTTP/1.1
Host: dm-eu.hybrid.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Wed, 16 Nov 2022 18:43:33 GMT
cache-control: no-cache, no-store
pragma: no-cache
expires: -1
set-cookie: vid=548cbcf2374fcd954746; expires=Thu, 16 Nov 2023 18:43:32 GMT; domain=.hybrid.ai; path=/; samesite=none
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode: 518
x-xss-protection: 1; mode=block
access-control-allow-origin: *
server: Hybrid Web Server
X-Firefox-Spdy: h2

z.cdn.adtarget.me/smc?s=22&u=dN7CMtD4dLp5tLlcadr4

212.32.253.229

204 No Content

0 B

URL HTTP/2
z.cdn.adtarget.me/smc?s=22&u=dN7CMtD4dLp5tLlcadr4
IP
212.32.253.229:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /smc?s=22&u=dN7CMtD4dLp5tLlcadr4 HTTP/1.1
Host: z.cdn.adtarget.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
server: nginx
date: Wed, 16 Nov 2022 18:37:45 GMT
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3c4ff5da14aae946708cb3b91ff492c6
9782c41c1287dbfe6099b9117d8dd59b9325a01d
c0d41e6916ad510625b55305f3694c9fe8e2d9005dfc117cb1d13b8730c2c9d1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C0D41E6916AD510625B55305F3694C9FE8E2D9005DFC117CB1D13B8730C2C9D1"
Last-Modified: Mon, 14 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2789
Expires: Wed, 16 Nov 2022 19:30:02 GMT
Date: Wed, 16 Nov 2022 18:43:33 GMT
Connection: keep-alive

ads.go2net.com.ua/adxcm.aspx?ssp=cf718592-a39d-4545-9d43-d632e2426981&redir=1

146.0.227.107

302 Found

0 B

URL HTTP/1.1
ads.go2net.com.ua/adxcm.aspx?ssp=cf718592-a39d-4545-9d43-d632e2426981&redir=1
IP
146.0.227.107:0
ASN
#20773 Host Europe GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /adxcm.aspx?ssp=cf718592-a39d-4545-9d43-d632e2426981&redir=1 HTTP/1.1
Host: ads.go2net.com.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 16 Nov 2022 18:43:33 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Xss-Protection: 0
P3p: CP="NID DSP ALL COR"
Location: https://s.uuidksinc.net/match/760/2219502b37884f0e9a997866410261b7
Set-Cookie: am-uid=2219502b37884f0e9a997866410261b7; expires=Tue, 14 Feb 2023 18:43:33 GMT; domain=ads.go2net.com.ua; secure; SameSite=None
Keep-Alive: timeout=25

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3dfc49dee0f02fe7cef3b84a2a0036d7
c025ce7e80fa66114bc618bf6c315fbd632c2819
bd03146e9bd5cf6334e53e69884d01c4a43fd34804f04683d7e5ac3784f587f6

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD03146E9BD5CF6334E53E69884D01C4A43FD34804F04683D7E5AC3784F587F6"
Last-Modified: Tue, 15 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8297
Expires: Wed, 16 Nov 2022 21:01:50 GMT
Date: Wed, 16 Nov 2022 18:43:33 GMT
Connection: keep-alive

s.uuidksinc.net/match/760/2219502b37884f0e9a997866410261b7

31.220.27.134

200 OK

74 B

URL HTTP/2
s.uuidksinc.net/match/760/2219502b37884f0e9a997866410261b7
IP
31.220.27.134:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size
74 B (74 bytes)
Hash
9e24e19b024c44b778301d880bd8e6f4
d2b1b39cb4434d34c22c2cf52cbbe9967b1b688e
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

HTTP Headers

GET /match/760/2219502b37884f0e9a997866410261b7 HTTP/1.1
Host: s.uuidksinc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uuidksinc.net/
Connection: keep-alive
Cookie: jcsuuid=dN7CMtD4dLp5tLlcadr4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.19.0
date: Wed, 16 Nov 2022 18:43:33 GMT
content-type: image/png
content-length: 74
set-cookie: jcsuuid=dN7CMtD4dLp5tLlcadr4; expires=Thu, 16 Nov 2023 18:43:33 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None
X-Firefox-Spdy: h2

fcgi4.gnezdo.ru/cookie_matching/kadam/dN7CMtD4dLp5tLlcadr4/?redirect=1

93.95.102.105

204 No Content

0 B

URL HTTP/2
fcgi4.gnezdo.ru/cookie_matching/kadam/dN7CMtD4dLp5tLlcadr4/?redirect=1
IP
93.95.102.105:0
ASN
#48347 JSC Mediasoft ekspert

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cookie_matching/kadam/dN7CMtD4dLp5tLlcadr4/?redirect=1 HTTP/1.1
Host: fcgi4.gnezdo.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uuidksinc.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Wed, 16 Nov 2022 18:43:33 GMT
set-cookie: uid=XV9maWN1L1UmxIG3bHgsAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=gnezdo.ru; path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
X-Firefox-Spdy: h2

dmg.digitaltarget.ru/1/6573/i/i?a=662&e=dN7CMtD4dLp5tLlcadr4&i=0.5660205654917403

185.15.175.148

307 Temporary Redirect

0 B

URL HTTP/1.1
dmg.digitaltarget.ru/1/6573/i/i?a=662&e=dN7CMtD4dLp5tLlcadr4&i=0.5660205654917403
IP
185.15.175.148:0
ASN
#43226 SafeData LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /1/6573/i/i?a=662&e=dN7CMtD4dLp5tLlcadr4&i=0.5660205654917403 HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Wed, 16 Nov 2022 18:43:33 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/6573/i/i?call_source=awg&ts=1668624213701&a=662&e=dN7CMtD4dLp5tLlcadr4&i=0.5660205654917403
Set-Cookie: viuserid=BUcCxx.W96t5SCj7Q4EM; Max-Age=93312000; Expires=Fri, 31 Oct 2025 18:43:33 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 1
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9426341bb128c1b6ba16e64df78152b4
08859a30ed6dee233cde4d77f2a04f058991502b
209a0520d5fb1eeb6dfa7d2f4c334a7109cc885cf4be8605bfe5a8f52232306d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D"
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2434
Expires: Wed, 16 Nov 2022 19:24:07 GMT
Date: Wed, 16 Nov 2022 18:43:33 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9426341bb128c1b6ba16e64df78152b4
08859a30ed6dee233cde4d77f2a04f058991502b
209a0520d5fb1eeb6dfa7d2f4c334a7109cc885cf4be8605bfe5a8f52232306d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D"
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2434
Expires: Wed, 16 Nov 2022 19:24:07 GMT
Date: Wed, 16 Nov 2022 18:43:33 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9426341bb128c1b6ba16e64df78152b4
08859a30ed6dee233cde4d77f2a04f058991502b
209a0520d5fb1eeb6dfa7d2f4c334a7109cc885cf4be8605bfe5a8f52232306d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D"
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2434
Expires: Wed, 16 Nov 2022 19:24:07 GMT
Date: Wed, 16 Nov 2022 18:43:33 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9426341bb128c1b6ba16e64df78152b4
08859a30ed6dee233cde4d77f2a04f058991502b
209a0520d5fb1eeb6dfa7d2f4c334a7109cc885cf4be8605bfe5a8f52232306d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D"
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2434
Expires: Wed, 16 Nov 2022 19:24:07 GMT
Date: Wed, 16 Nov 2022 18:43:33 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9426341bb128c1b6ba16e64df78152b4
08859a30ed6dee233cde4d77f2a04f058991502b
209a0520d5fb1eeb6dfa7d2f4c334a7109cc885cf4be8605bfe5a8f52232306d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D"
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2434
Expires: Wed, 16 Nov 2022 19:24:07 GMT
Date: Wed, 16 Nov 2022 18:43:33 GMT
Connection: keep-alive

dmpprof.com/matching/external/pixel.gif?sid=14&uid=dN7CMtD4dLp5tLlcadr4

85.192.12.174

200 OK

43 B

URL HTTP/2
dmpprof.com/matching/external/pixel.gif?sid=14&uid=dN7CMtD4dLp5tLlcadr4
IP
85.192.12.174:0
ASN
#12695 LLC Digital Network

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

GET /matching/external/pixel.gif?sid=14&uid=dN7CMtD4dLp5tLlcadr4 HTTP/1.1
Host: dmpprof.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 16 Nov 2022 18:43:33 GMT
content-type: image/gif
content-length: 43
last-modified: Wed, 16 Nov 2022 18:43:33 GMT
expires: Wed, 11 Nov 1998 11:11:11 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: nmatch=14_dN7CMtD4dLp5tLlcadr4; expires=Thu, 17 Nov 2022 06:43:33 GMT; path=/; secure; SameSite=None
uid=temp-91.90.42.154-; expires=Wed, 16 Nov 2022 20:43:33 GMT; path=/; secure; SameSite=None
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH, GET, POST, OPTIONS
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With, DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
X-Firefox-Spdy: h2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a667acc-25d7-4d63-8fab-1711f6b4988c.jpeg

34.120.237.76

200 OK

8.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a667acc-25d7-4d63-8fab-1711f6b4988c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.2 kB (8235 bytes)
Hash
98802857df59f8eacd9211811cc59ae6
87e277a627c1085cad5c6e38bdd5100aa0a9ecee
102e73f690a972da6d3ab609ffab5f29884185d85c4230a19ec74d74c7320cf1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a667acc-25d7-4d63-8fab-1711f6b4988c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8235
x-amzn-requestid: e8a91ec0-fa93-45b6-8dc8-a405c00242fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bqY4_HANoAMFSvw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63740839-3ebbd38b0e3e774923ad019e;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 21:44:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: _u6Uhc-g_xPTRSYys5rD3GC00roubyJdBRuHruvoMLf-UEAB6_zdQw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 aa623e134417515bd2496cb01d5e5626.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 21:46:20 GMT
age: 75434
etag: "87e277a627c1085cad5c6e38bdd5100aa0a9ecee"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

dmg.digitaltarget.ru/awg/custom/6573/i/i?call_source=awg&ts=1668624213701&a=662&e=dN7CMtD4dLp5tLlcadr4&i=0.5660205654917403

185.15.175.148

200 OK

64 B

URL HTTP/1.1
dmg.digitaltarget.ru/awg/custom/6573/i/i?call_source=awg&ts=1668624213701&a=662&e=dN7CMtD4dLp5tLlcadr4&i=0.5660205654917403
IP
185.15.175.148:0
ASN
#43226 SafeData LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
64 B (64 bytes)
Hash
ffd585dfb1ac6320633a0be46d579437
5a6033d23bc9cd5d1de9ee61de69a44428086dcb
df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8

HTTP Headers

GET /awg/custom/6573/i/i?call_source=awg&ts=1668624213701&a=662&e=dN7CMtD4dLp5tLlcadr4&i=0.5660205654917403 HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uuidksinc.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Nov 2022 18:43:33 GMT
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 0
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only

34.120.237.76

200 OK

5.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0be1985-4e6e-4cc3-9b6e-2fc0d94bc02b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.7 kB (5749 bytes)
Hash
96b4478c098865b0d19738098db61d64
0e18a8c51596c8a4d84a142a57ffe376294833cc
9c9e433cf8f2167e4cfc3cff247eee85ebb9977e338e6e144acaea830db17c2c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0be1985-4e6e-4cc3-9b6e-2fc0d94bc02b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5749
x-amzn-requestid: c67c9352-e777-417e-afe1-003d7a072e86
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bkItcGfcoAMFzkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637187ef-670b63160b7d0cdf4a5b609e;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 00:12:31 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: vFDS3_SNf5hbW8NAtNERJbS1jj29nWO0_GSIypgwlv7kymKieO8qNA==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Wed, 16 Nov 2022 08:43:09 GMT
age: 36025
etag: "0e18a8c51596c8a4d84a142a57ffe376294833cc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e399ef-c649-4728-84e9-6fea03ea9b5a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9625 bytes)
Hash
ae0ab55e0e77a4265808a6689f25cbc3
187e6b340b43eb1aa0c724b749db7c20a486706a
3881e5ad44b9b2fae82510794af43d14e304ce624f26f66523f85d58fea063dc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e399ef-c649-4728-84e9-6fea03ea9b5a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9625
x-amzn-requestid: 9bd72b4a-2ac0-423f-b0e2-73fd51e02e97
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bqYEBHTjIAMFvOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637406e6-57f5412d5eca6d640a0f590d;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 21:38:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: UavYBt2WjF4WCRJGtM2zS-dZinNLgs_0HuyORwaVCSlj-32Qd6sNTQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 22:09:56 GMT
age: 74018
etag: "187e6b340b43eb1aa0c724b749db7c20a486706a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30efee28-35ab-4b55-b685-02cbd4c5c8c8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.0 kB (8971 bytes)
Hash
b31091803f98744f4da3b311467300a7
d829c5d23a494bc901d925dd02b84c470a0de479
c1cb88b82d8b5a82019da970f812cd31e13086c2da8498a21a57e7238aa34fe8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30efee28-35ab-4b55-b685-02cbd4c5c8c8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8971
x-amzn-requestid: b5dd68c5-7146-4d31-a7fd-4ac4c474119a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bnb6bGeyoAMFV9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6372d9dc-2ca4003e65d69039389bc676;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 00:14:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8TqIvhJUq_yG_iMFds_btqtYsrNzoaZeIQgOP0-Kc60yuQFOPYEXRA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 16 Nov 2022 09:48:03 GMT
age: 32131
etag: "d829c5d23a494bc901d925dd02b84c470a0de479"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3b00960f-2d08-4518-83c0-1d7f0f3c973c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.0 kB (8990 bytes)
Hash
53d2d9380ba28ed0656b54c22bc56766
757f8e6306effbab70d99757c5672564cfc9f623
6d6c41527ae28cdce016470ec1eb87e0ed384f3ef721838724f29845f3bd8dac

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3b00960f-2d08-4518-83c0-1d7f0f3c973c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8990
x-amzn-requestid: cb142f4b-787e-4b3c-9d75-72579105db60
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bqYFOHi8IAMFpDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637406ee-504a14105d2be58b1ce71c18;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 21:38:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: GLJACvZUJjLdl3O2HUkWjgr7MqT_SRigTSdweSaTxUc-gTDULbYliA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 22:14:18 GMT
age: 73756
etag: "757f8e6306effbab70d99757c5672564cfc9f623"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11715 bytes)
Hash
cd5bdc050716bb76afe8090fc81617e7
5109c156b180727767fc03c411190ccc0d3fb5fc
9b13e7838946c6654dda17886c2ca8d42de934acb93f4bddb1008dfa1bd1ea99

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11715
x-amzn-requestid: 20e508bd-6568-4225-9bee-c683a49d44f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhUHkpIAMFfJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-7dc726b94a37fc667e2e6646;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: X3SUo1LP97TxraRav0ftskBhzWkTJInHaS44PW26yloF-dgD-bHBuA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 21:45:58 GMT
age: 75456
etag: "5109c156b180727767fc03c411190ccc0d3fb5fc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

arquivos.blogdainformatica.com.br/java/jre-8u31-windows-x64.exe?md5=xKBHzRuQ0C7k5ryZbcPXSA&expires=1667526277

172.67.169.137

200 OK

0 B

URL HTTP/2
arquivos.blogdainformatica.com.br/java/jre-8u31-windows-x64.exe?md5=xKBHzRuQ0C7k5ryZbcPXSA&expires=1667526277
IP
172.67.169.137:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /java/jre-8u31-windows-x64.exe?md5=xKBHzRuQ0C7k5ryZbcPXSA&expires=1667526277 HTTP/1.1
Host: arquivos.blogdainformatica.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 16 Nov 2022 18:43:32 GMT
content-type: application/octet-stream
content-length: 93427112
cf-ray: 76b25f6d9e690b3d-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 42
cache-control: max-age=315360000
etag: "605116e5-59195a8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Tue, 16 Mar 2021 20:36:53 GMT
vary: Accept-Encoding
cf-cache-status: HIT
cf-apo-via: origin,host
x-powered-by: EasyEngine v4.3.1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JU0dP6sRg8mFopefgVU6Sg7PaUhSZdNVh13ZOmDpNcbGZEoP3UfLDuh96lxaPGJBirx0cUMMVla24Qk8WIEuuoxHeEvYxajbiLpFusPmEKA5tr%2B6%2BDenbrFOsbEssFaZRIqZbyqwtDeDM13Mnbkn42MFIUA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fcgi4.gnezdo.ru/cookie_matching/kadam/dN7CMtD4dLp5tLlcadr4

93.95.102.105

302 Found

0 B

URL HTTP/2
fcgi4.gnezdo.ru/cookie_matching/kadam/dN7CMtD4dLp5tLlcadr4
IP
93.95.102.105:0
ASN
#48347 JSC Mediasoft ekspert

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /cookie_matching/kadam/dN7CMtD4dLp5tLlcadr4 HTTP/1.1
Host: fcgi4.gnezdo.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Wed, 16 Nov 2022 18:43:33 GMT
location: https://fcgi4.gnezdo.ru/cookie_matching/kadam/dN7CMtD4dLp5tLlcadr4/?redirect=1
access-control-allow-origin: *
access-control-allow-methods: GET, POST, HEAD
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With
access-control-allow-credentials: true
set-cookie: uid=XV9maWN1L1UmxIG3bHb3Ag==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=gnezdo.ru; path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
X-Firefox-Spdy: h2

apkdl.cloud/apps/pixaloop/Motionleap_Pro_v1.3.3.apk

172.67.173.191

200 OK

0 B

URL HTTP/2
apkdl.cloud/apps/pixaloop/Motionleap_Pro_v1.3.3.apk
IP
172.67.173.191:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /apps/pixaloop/Motionleap_Pro_v1.3.3.apk HTTP/1.1
Host: apkdl.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 16 Nov 2022 18:43:32 GMT
content-type: application/octet-stream
content-length: 120094472
last-modified: Sun, 03 Jan 2021 13:14:43 GMT
etag: "5ff1c343-7287f08"
cache-control: max-age=14400
cf-cache-status: HIT
age: 48
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2LPLI03T4L7hhlVRdicNpZEgza3yrSttalZR4qhzQnrkI%2FwSMgmX0uZFx9FAJow98p3GxVMAwU9URKFuFVYHnz1Eoz93gqcgEDGprtGoAWaCOrND3HW8gohXvihWIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76b25f6d5b810b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

uuidksinc.net/matchx

31.220.27.134

200 OK

0 B

URL HTTP/2
uuidksinc.net/matchx
IP
31.220.27.134:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /matchx HTTP/1.1
Host: uuidksinc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://98.biqund.com/
Cookie: jcsuuid=dN7CMtD4dLp5tLlcadr4
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.19.0
date: Wed, 16 Nov 2022 18:43:32 GMT
content-type: text/html
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations