Report - pardaisybrohnny.com/b50507a3-3eb6-4f7c-8bfc-7603484d932f

Report Overview

Submitted URL
pardaisybrohnny.com/b50507a3-3eb6-4f7c-8bfc-7603484d932f
IP
18.196.84.70
ASN
#16509 AMAZON-02
Submitted
2023-03-28 23:45:47
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
1
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-29T05:09:03Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-29T05:09:31Z	413 B	5.9 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-29T05:09:31Z	333 B	391 B	34.117.237.239
www.ads-fortun365.top	unknown	2023-03-18T07:18:14Z	2023-03-29T10:27:55Z	451 B	433 B	103.164.173.2
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-29T05:09:32Z	606 B	127 B	52.43.88.238
ads-fortun365.top	unknown	2023-03-18T07:18:10Z	2023-03-29T10:27:55Z	7.8 kB	1.7 MB	103.164.173.2
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-29T11:19:48Z	488 B	20 kB	216.58.207.227
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-29T05:09:11Z	2.7 kB	7.1 kB	23.36.76.226
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-29T05:09:12Z	3.2 kB	52 kB	34.120.237.76
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-29T05:09:04Z	1.7 kB	3.5 kB	142.250.74.131
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-29T10:13:53Z	885 B	2.2 kB	142.250.74.106
pardaisybrohnny.com	unknown	2023-03-09T09:24:16Z	2023-03-28T19:42:28Z	903 B	1.2 kB	18.196.84.70

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-03-28 23:45:58	medium	Client IP	Internal IP	ET DNS Query to a *.top domain - Likely Hostile

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (8)

	URL	Size	First Seen	Last Seen
	ads-fortun365.top/	445 B	2023-03-29	2023-03-29
Pretty URL ads-fortun365.top/ IP 103.164.173.2 ASN #138131 CV. NATANETWORK SOLUTION Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:40:30 Last Seen2023-03-29 23:40:30 Times Seen1 Hash 4a1e10eb4717beae98d8f27b298a8063 e579e260e5e2e69a0dae824c3e6d84757044e8c7 bf1b540dd46d5458c917683256819a12564eb4d34cabb2afc539b8ee1d6c8941 Loading...

	ads-fortun365.top/	2.2 kB	2023-03-26	2023-03-29
Pretty URL ads-fortun365.top/ IP 103.164.173.2 ASN #138131 CV. NATANETWORK SOLUTION Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 13:45:32 Last Seen2023-03-29 23:54:07 Times Seen6 Hash 7f596962b23046edc9766b4f9d59a4f8 1dcb9058365e2a66d34c310adaadfbeff8b0b746 ef7fd8521dd6956be27ddc58bdbfc67bcd3ce90533ef377f5844bb7d32695ac9 Loading...

	ads-fortun365.top/wp-includes/js/jquery/jquery.min.js?ver=3.6.1	90 kB	2023-03-08	2024-05-07
Pretty URL ads-fortun365.top/wp-includes/js/jquery/jquery.min.js?ver=3.6.1 IP 103.164.173.2 ASN #138131 CV. NATANETWORK SOLUTION Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-05-07 18:09:18 Times Seen31982 Hash 17738318d61d394f1de8890d589afaec f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3 cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981 Loading...

	ads-fortun365.top/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-05-07
Pretty URL ads-fortun365.top/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 103.164.173.2 ASN #138131 CV. NATANETWORK SOLUTION Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-05-07 18:24:11 Times Seen69104 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	ads-fortun365.top/wp-content/plugins/pagelayer/js/givejs.php?give=pagelayer-frontend.js%2Cnivo-lightbox.min.js%2Cwow.min.js%2Cjquery-numerator.js%2CsimpleParallax.min.js%2Cowl.carousel.min.js&premium&ver=1.7.3	118 kB	2023-03-14	2024-01-06
Pretty URL ads-fortun365.top/wp-content/plugins/pagelayer/js/givejs.php?give=pagelayer-frontend.js%2Cnivo-lightbox.min.js%2Cwow.min.js%2Cjquery-numerator.js%2CsimpleParallax.min.js%2Cowl.carousel.min.js&premium&ver=1.7.3 IP 103.164.173.2 ASN #138131 CV. NATANETWORK SOLUTION Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 06:08:00 Last Seen2024-01-06 03:24:59 Times Seen212 Hash 81122fb44af0fdc9adbcd3eb69413e25 1c59a33a7aef5f146c619c085e5e50319def1c6b b9507c103034b9303d50640dcd434f64c96a65d68e683a8670476b2f582db0f4 Loading...

	ads-fortun365.top/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1	19 kB	2023-03-07	2024-05-07
Pretty URL ads-fortun365.top/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 IP 103.164.173.2 ASN #138131 CV. NATANETWORK SOLUTION Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-05-07 18:09:18 Times Seen38210 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	ads-fortun365.top/	966 B	2023-03-29	2023-04-20
Pretty URL ads-fortun365.top/ IP 103.164.173.2 ASN #138131 CV. NATANETWORK SOLUTION Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:40:30 Last Seen2023-04-20 16:29:43 Times Seen17 Hash 4b5a1c9017da4ac0b7704d2fa9b89c33 bc267053954cf37153dba13e64d79f208082fa51 34754980bcb79a576372c83f5aca4c274f654ae8c26f723430c65d081da9d890 Loading...

	ads-fortun365.top/wp-content/themes/popularfx/js/navigation.js?ver=1.2.4	4.4 kB	2023-03-07	2024-05-02
Pretty URL ads-fortun365.top/wp-content/themes/popularfx/js/navigation.js?ver=1.2.4 IP 103.164.173.2 ASN #138131 CV. NATANETWORK SOLUTION Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:06 Last Seen2024-05-02 17:54:04 Times Seen399 Hash 0ff2a510dfadd3947f3aabe1686e38fc a7f6cff6c7dcfac41b9d5885d2305165f700bb30 2018b22912cd7897fef48bb1e0fbea67125f5a5f15a2c23714ad18431ddb6513 Loading...

HTTP Transactions (47)

	URL	IP	Response	Size
	pardaisybrohnny.com/b50507a3-3eb6-4f7c-8bfc-7603484d932f	18.196.84.70	302	0 B
URL HTTP/1.1 pardaisybrohnny.com/b50507a3-3eb6-4f7c-8bfc-7603484d932f IP 18.196.84.70:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /b50507a3-3eb6-4f7c-8bfc-7603484d932f HTTP/1.1 Host: pardaisybrohnny.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` HTTP/1.1 302 Server: nginx Date: Tue, 28 Mar 2023 23:45:36 GMT Content-Length: 0 Connection: keep-alive Cache-Control: no-store, no-cache, pre-check=0, post-check=0 Expires: Thu, 01 Jan 1970 00:00:00 GMT Location: https://www.ads-fortun365.top Pragma: no-cache Set-Cookie: b50507a3-3eb6-4f7c-8bfc-7603484d932f-v4=hk1yF1IqYrebM7_qUCq-U4vcSVb1foxq2B95kmA0B5c; Max-Age=86400; Expires=Wed, 29-Mar-2023 23:45:36 GMT; Domain=pardaisybrohnny.com; Path=/; HttpOnly cc-v4=eEBj39oB4MTiTeI0UEOnxvQms4E5PStkP9%2Fp9jP8PRUvkz7l7CFLqGPnaAog0NmR0OU6XPML9HylXK0GzSt6jivZQG%2BRFQ5kb6xBBcbYaX283xAJi8M48HNy%2FJCuX7qR6Wle5ezRs78BS3hrdWiVcQ%3D%3D; Max-Age=31536000; Expires=Wed, 27-Mar-2024 23:45:36 GMT; Domain=pardaisybrohnny.com; Path=/; HttpOnly

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 93f633ce30c038eb581544323c5a971e 2f60526cb750c6babccc207f75fb5a8ae6f7598b 0ff6df80a892199848fb943af78541b66efc09a7ab70d4b169906fdbac1eabf8 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "0FF6DF80A892199848FB943AF78541B66EFC09A7AB70D4B169906FDBAC1EABF8" Last-Modified: Mon, 27 Mar 2023 14:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=16769 Expires: Wed, 29 Mar 2023 04:25:05 GMT Date: Tue, 28 Mar 2023 23:45:36 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash c83d39f350161ed2f5d20dcd68e47c92 2695a888e652cb314f8094cc6073c3364336d272 62e5cc6aea61c3c32acd964d4bbe143806416008181eebc4451a8f035b69a0bc HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "62E5CC6AEA61C3C32ACD964D4BBE143806416008181EEBC4451A8F035B69A0BC" Last-Modified: Mon, 27 Mar 2023 06:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12609 Expires: Wed, 29 Mar 2023 03:15:45 GMT Date: Tue, 28 Mar 2023 23:45:36 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash c0d9353dc46e88bf564ed464b0b073c7 0b5ce170e7db24267a3ba5b79a48548b1acd2e5b 7c7ef189b14109b44aa96454ea1b94bcbd3d69599cc7ba429f8234f6acd88a9b HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "7C7EF189B14109B44AA96454EA1B94BCBD3D69599CC7BA429F8234F6ACD88A9B" Last-Modified: Mon, 27 Mar 2023 19:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12925 Expires: Wed, 29 Mar 2023 03:21:01 GMT Date: Tue, 28 Mar 2023 23:45:36 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash ed282214b024a7895d90e229e92bb1cc 1f447aa59287ce2b45860a1a909d005a41305f77 a35ae9f89cbc77ed5fe849acdc2701592799c335f2674776d69c25bca0a00c2e HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Tue, 28 Mar 2023 23:15:53 GMT content-type: application/json age: 1783 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash e7bace7c1e04d44012e37ddffe36e5d5 3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2 6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2 HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK x-amz-id-2: sEedAhAHi3qJWBtKA6hMjFSaIkq8GTG9ryQf4rQZTC9pxeMToP6P/foG+8Xe58Hs4EjXJrANKTM= x-amz-request-id: 7WRKAKET9RX9W2WJ x-amz-server-side-encryption: AES256 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Tue, 28 Mar 2023 22:56:24 GMT age: 2952 last-modified: Sat, 11 Mar 2023 16:53:15 GMT etag: "e7bace7c1e04d44012e37ddffe36e5d5" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Tue, 28 Mar 2023 23:45:36 GMT content-type: application/json content-length: 12 access-control-expose-headers: content-type vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-credentials: true strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Type, ETag, Alert, Last-Modified, Retry-After, Content-Length, Pragma, Backoff, Cache-Control, Expires content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Tue, 28 Mar 2023 23:14:36 GMT age: 1860 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash da5340ee69a1000f751686df9e716663 a5da880a61ed119790a7990bbdcc0c97eecf04f2 d1ff10bfe40f290935abe1feeb975a6af8cf310f9ce9d45bbf482a604da73560 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "D1FF10BFE40F290935ABE1FEEB975A6AF8CF310F9CE9D45BBF482A604DA73560" Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=19188 Expires: Wed, 29 Mar 2023 05:05:25 GMT Date: Tue, 28 Mar 2023 23:45:37 GMT Connection: keep-alive`

	www.ads-fortun365.top/	103.164.173.2	301 Moved Permanently	0 B
URL HTTP/2 www.ads-fortun365.top/ IP 103.164.173.2:0 ASN #138131 CV. NATANETWORK SOLUTION File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET / HTTP/1.1 Host: www.ads-fortun365.top User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1` `HTTP/2 301 Moved Permanently x-powered-by: PHP/7.4.33 content-type: text/html; charset=UTF-8 x-redirect-by: WordPress location: https://ads-fortun365.top/ content-length: 0 date: Tue, 28 Mar 2023 23:45:37 GMT server: LiteSpeed alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" X-Firefox-Spdy: h2`

	push.services.mozilla.com/	52.43.88.238	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 52.43.88.238:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: w35UTJ2cDKpOBRPFikBWnw== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: KgEv5uUbaRkFqs/0gpxSpOkH+dE=`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash bfa3fc96de14a80af0187a7c3ee285d4 e60c9b3124ec2a611286af0b777319cf10230c1b ccdfe9029ede4a2535fb88ed1d74b419cf65a63b204e7d28f215722c6fdd160b HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 28 Mar 2023 23:45:37 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash d2d4415f4eeb34e663d209eeddd8d25d 5d239718d7235d1f62e10d7d381c5a063e94c73a cc35be0a21b7442cc2628ea8cd42023f81eb2deea66e5149a22776228b105213 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 28 Mar 2023 23:45:37 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	fonts.googleapis.com/css?family=Muli%3A400%2C500%2C600%7CQuestrial%3A400%2C500&ver=1.7.3	142.250.74.106	200 OK	962 B
URL HTTP/2 fonts.googleapis.com/css?family=Muli%3A400%2C500%2C600%7CQuestrial%3A400%2C500&ver=1.7.3 IP 142.250.74.106:0 ASN #15169 GOOGLE File type data Size 962 B (962 bytes) Hash 32e4b9cd63cfd18b13afb0d1c6997572 ecc69b5d4900a93e9a662f94b71a3b1261fc0614 6d5e17cde4278ff04c6412d07e3f9a956f7b8458e0d825f993c99272ff44c25b HTTP Headers `GET /css?family=Muli%3A400%2C500%2C600%7CQuestrial%3A400%2C500&ver=1.7.3 HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ads-fortun365.top/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Tue, 28 Mar 2023 23:45:37 GMT date: Tue, 28 Mar 2023 23:45:37 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ads-fortun365.top/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1	103.164.173.2	200 OK	12 kB
URL HTTP/2 ads-fortun365.top/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 IP 103.164.173.2:0 ASN #138131 CV. NATANETWORK SOLUTION File type ASCII text, with very long lines (47826) Size 12 kB (11616 bytes) Hash c4d7cc056b49b00e05cc29cc59aa3d5a 48c426bec60099d2a8628df430ed682c72aab42a 8009c12f2674a8d38401f4b5faad1fef2cfcd18a8c927ed2561ae9d7de9b57b5 HTTP Headers `GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1 Host: ads-fortun365.top User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ads-fortun365.top/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK cache-control: public, max-age=604800 expires: Tue, 04 Apr 2023 23:45:37 GMT content-type: text/css last-modified: Fri, 11 Nov 2022 13:26:46 GMT accept-ranges: bytes content-encoding: br vary: Accept-Encoding content-length: 11616 date: Tue, 28 Mar 2023 23:45:37 GMT server: LiteSpeed X-Firefox-Spdy: h2`

	ads-fortun365.top/	103.164.173.2	200 OK	8.1 kB
URL HTTP/2 ads-fortun365.top/ IP 103.164.173.2:0 ASN #138131 CV. NATANETWORK SOLUTION File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (9381), with CRLF, LF line terminators Size 8.1 kB (8110 bytes) Hash 6bbf3879dc26d29151e79e35b57ef108 2d6cfb3aa62002ba01e4db48574a282b65f27c7f c91026cc4f73916725b1732b4d09db28e64e96f90a08a1078832fc62237eccdc HTTP Headers `GET / HTTP/1.1 Host: ads-fortun365.top User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 TE: trailers` `HTTP/2 200 OK x-powered-by: PHP/7.4.33 content-type: text/html; charset=UTF-8 link: <https://ads-fortun365.top/wp-json/>; rel="https://api.w.org/", <https://ads-fortun365.top/wp-json/wp/v2/pages/31>; rel="alternate"; type="application/json", <https://ads-fortun365.top/>; rel=shortlink content-encoding: br vary: Accept-Encoding date: Tue, 28 Mar 2023 23:45:37 GMT server: LiteSpeed X-Firefox-Spdy: h2`

	ads-fortun365.top/wp-content/uploads/popularfx-templates/conceptial/style.css?ver=1.2.4	103.164.173.2	200 OK	994 B
URL HTTP/2 ads-fortun365.top/wp-content/uploads/popularfx-templates/conceptial/style.css?ver=1.2.4 IP 103.164.173.2:0 ASN #138131 CV. NATANETWORK SOLUTION File type ASCII text, with very long lines (1739) Size 994 B (994 bytes) Hash b97b5513c9dc6e7e8b1edea9124462aa dd7615b94eee6187555a912d3251fbcd046c88f3 6e5e155425f345ad92ff1499085e1ab0a8728bc51d2b8f4c779429921190493a HTTP Headers `GET /wp-content/uploads/popularfx-templates/conceptial/style.css?ver=1.2.4 HTTP/1.1 Host: ads-fortun365.top User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ads-fortun365.top/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK cache-control: public, max-age=604800 expires: Tue, 04 Apr 2023 23:45:37 GMT content-type: text/css last-modified: Fri, 29 Oct 2021 09:03:48 GMT accept-ranges: bytes content-encoding: br vary: Accept-Encoding content-length: 994 date: Tue, 28 Mar 2023 23:45:37 GMT server: LiteSpeed X-Firefox-Spdy: h2`

	ads-fortun365.top/wp-content/themes/popularfx/sidebar.css?ver=1.2.4	103.164.173.2	200 OK	2.1 kB
URL HTTP/2 ads-fortun365.top/wp-content/themes/popularfx/sidebar.css?ver=1.2.4 IP 103.164.173.2:0 ASN #138131 CV. NATANETWORK SOLUTION File type ASCII text Size 2.1 kB (2079 bytes) Hash 62416500b0cbbba154e971a4b6b03785 0c32dd557ca71e320e122474706e674e2214a598 783f6f461f167189cca10f5683fb1045eacf6c0255d8ee80302db6d13ebaa46e HTTP Headers `GET /wp-content/themes/popularfx/sidebar.css?ver=1.2.4 HTTP/1.1 Host: ads-fortun365.top User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ads-fortun365.top/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK cache-control: public, max-age=604800 expires: Tue, 04 Apr 2023 23:45:37 GMT content-type: text/css last-modified: Wed, 15 Dec 2021 05:31:38 GMT accept-ranges: bytes content-encoding: br vary: Accept-Encoding content-length: 2079 date: Tue, 28 Mar 2023 23:45:37 GMT server: LiteSpeed X-Firefox-Spdy: h2`

	ads-fortun365.top/wp-includes/js/jquery/jquery.min.js?ver=3.6.1	103.164.173.2	200 OK	30 kB
URL HTTP/2 ads-fortun365.top/wp-includes/js/jquery/jquery.min.js?ver=3.6.1 IP 103.164.173.2:0 ASN #138131 CV. NATANETWORK SOLUTION File type ASCII text, with very long lines (65447) Size 30 kB (30324 bytes) Hash 3a1740685bd5c0bbd5f2b812e1eb7fb4 488e07695da787fed18361c50292aef35abb5e81 4a07aed2d8cf88afdec0b56b365b951c76d387db3459166b5a0d25e2e6cc95ef HTTP Headers `GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1 Host: ads-fortun365.top User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ads-fortun365.top/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK cache-control: public, max-age=604800 expires: Tue, 04 Apr 2023 23:45:37 GMT content-type: application/javascript last-modified: Mon, 19 Sep 2022 12:46:24 GMT accept-ranges: bytes content-encoding: br vary: Accept-Encoding content-length: 30324 date: Tue, 28 Mar 2023 23:45:37 GMT server: LiteSpeed X-Firefox-Spdy: h2`

	ads-fortun365.top/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	103.164.173.2	200 OK	4.0 kB
URL HTTP/2 ads-fortun365.top/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 103.164.173.2:0 ASN #138131 CV. NATANETWORK SOLUTION File type ASCII text, with very long lines (11126) Size 4.0 kB (3995 bytes) Hash 7e058b51f939eacfa31cdface14dded5 9d732e5afdeb42edef9e1b9631b7e95e054787cc 4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1 HTTP Headers `GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1 Host: ads-fortun365.top User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ads-fortun365.top/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK cache-control: public, max-age=604800 expires: Tue, 04 Apr 2023 23:45:37 GMT content-type: application/javascript last-modified: Wed, 18 Nov 2020 07:36:06 GMT accept-ranges: bytes content-encoding: br vary: Accept-Encoding content-length: 3995 date: Tue, 28 Mar 2023 23:45:37 GMT server: LiteSpeed X-Firefox-Spdy: h2`

	ads-fortun365.top/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1	103.164.173.2	200 OK	4.6 kB
URL HTTP/2 ads-fortun365.top/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 IP 103.164.173.2:0 ASN #138131 CV. NATANETWORK SOLUTION File type ASCII text, with very long lines (15660) Size 4.6 kB (4619 bytes) Hash 0232689bd203f330529b36a437f41a68 9046583f7469ad38297969f10a9513eb895d5316 feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886 HTTP Headers `GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1 Host: ads-fortun365.top User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ads-fortun365.top/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK cache-control: public, max-age=604800 expires: Tue, 04 Apr 2023 23:45:37 GMT content-type: application/javascript last-modified: Tue, 12 Apr 2022 04:26:24 GMT accept-ranges: bytes content-encoding: br vary: Accept-Encoding content-length: 4619 date: Tue, 28 Mar 2023 23:45:37 GMT server: LiteSpeed X-Firefox-Spdy: h2`

	ads-fortun365.top/wp-content/themes/popularfx/js/navigation.js?ver=1.2.4	103.164.173.2	200 OK	1.5 kB
URL HTTP/2 ads-fortun365.top/wp-content/themes/popularfx/js/navigation.js?ver=1.2.4 IP 103.164.173.2:0 ASN #138131 CV. NATANETWORK SOLUTION File type ASCII text Size 1.5 kB (1529 bytes) Hash b551d4719e5bae3fe592fed521640655 09e3ef26d9f743221b03d7ca06434c0b6efcaed7 0f11ffb9985542721627f695ed0261cb5ef8466c1fc95cc13fdc3783516e7eda HTTP Headers `GET /wp-content/themes/popularfx/js/navigation.js?ver=1.2.4 HTTP/1.1 Host: ads-fortun365.top User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ads-fortun365.top/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK cache-control: public, max-age=604800 expires: Tue, 04 Apr 2023 23:45:37 GMT content-type: application/javascript last-modified: Wed, 15 Dec 2021 05:31:38 GMT accept-ranges: bytes content-encoding: br vary: Accept-Encoding content-length: 1529 date: Tue, 28 Mar 2023 23:45:37 GMT server: LiteSpeed X-Firefox-Spdy: h2`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 7927fa1bac0e5bcc27ed32b6b5107bd3 68da43f59df9c524940efc35f40e3599b9a1995b f48f276b9dee3b509dd0554b8e660039fe61020bd793cbf9a0381d3e5f76ae59 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 28 Mar 2023 23:45:38 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 7927fa1bac0e5bcc27ed32b6b5107bd3 68da43f59df9c524940efc35f40e3599b9a1995b f48f276b9dee3b509dd0554b8e660039fe61020bd793cbf9a0381d3e5f76ae59 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 28 Mar 2023 23:45:38 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ads-fortun365.top/wp-content/plugins/pagelayer/js/givejs.php?give=pagelayer-frontend.js%2Cnivo-lightbox.min.js%2Cwow.min.js%2Cjquery-numerator.js%2CsimpleParallax.min.js%2Cowl.carousel.min.js&premium&ver=1.7.3	103.164.173.2	200 OK	61 kB
URL HTTP/2 ads-fortun365.top/wp-content/plugins/pagelayer/js/givejs.php?give=pagelayer-frontend.js%2Cnivo-lightbox.min.js%2Cwow.min.js%2Cjquery-numerator.js%2CsimpleParallax.min.js%2Cowl.carousel.min.js&premium&ver=1.7.3 IP 103.164.173.2:0 ASN #138131 CV. NATANETWORK SOLUTION File type data Size 61 kB (61179 bytes) Hash b4ecce70def3e3cb96dde17c2b50a818 b1579de4c124a0eead4d0dd383e97f4bb8e3a8bd a709bb4bfb4804a1fd16f22cd6088350d8999299cf4c815c7cd04a460ca93813 HTTP Headers GET /wp-content/plugins/pagelayer/js/givejs.php?give=pagelayer-frontend.js%2Cnivo-lightbox.min.js%2Cwow.min.js%2Cjquery-numerator.js%2CsimpleParallax.min.js%2Cowl.carousel.min.js&premium&ver=1.7.3 HTTP/1.1 Host: ads-fortun365.top User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ads-fortun365.top/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK x-powered-by: PHP/7.4.33 content-type: text/javascript; charset: UTF-8;charset=UTF-8 cache-control: must-revalidate last-modified: Tue, 07 Feb 2023 06:13:44 GMT vary: Accept-Encoding content-encoding: gzip date: Tue, 28 Mar 2023 23:45:37 GMT server: LiteSpeed X-Firefox-Spdy: h2`

	fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2	216.58.207.227	200 OK	19 kB
URL HTTP/2 fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2 IP 216.58.207.227:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 19292, version 1.0\012- data Size 19 kB (19292 bytes) Hash 19007b17e56daa60133bce9e9b352a95 bac1384caeae5762e7a1d8c18037f69c8cd21bc4 fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546 HTTP Headers `GET /s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://ads-fortun365.top Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 19292 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Fri, 24 Mar 2023 10:27:23 GMT expires: Sat, 23 Mar 2024 10:27:23 GMT cache-control: public, max-age=31536000 last-modified: Wed, 27 Apr 2022 16:12:54 GMT content-type: font/woff2 age: 393495 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash e74baca1ac97b7e56ede5d3c6275b0b6 42d00f7402dff5c40a733d0b13d0bf97f779d072 d270ad25df7752707d30a41ddd2aef306c10d0396baccaa25ffd98fb148acaf8 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 28 Mar 2023 23:45:38 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 0505690dd725ca3238512356777e3c53 b2e56162fc059c3104e8eb098393a23c0617834c 3ffedcdcacbaae5f124ae94a1b8767252ae29d64043675d9168c2aec53708e0d HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "3FFEDCDCACBAAE5F124AE94A1B8767252AE29D64043675D9168C2AEC53708E0D" Last-Modified: Mon, 27 Mar 2023 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=21573 Expires: Wed, 29 Mar 2023 05:45:11 GMT Date: Tue, 28 Mar 2023 23:45:38 GMT Connection: keep-alive`

	pardaisybrohnny.com/d/.js?oref=&ourl=https%3A%2F%2Fads-fortun365.top%2F&opt=ada%20fortun%20%E2%80%93%20situs%20slot%20gacor%20tanpa%20potongan%20dan%20terpercaya&vtm=1680047160019	18.196.84.70	400 Bad Request	152 B
URL HTTP/2 pardaisybrohnny.com/d/.js?oref=&ourl=https%3A%2F%2Fads-fortun365.top%2F&opt=ada%20fortun%20%E2%80%93%20situs%20slot%20gacor%20tanpa%20potongan%20dan%20terpercaya&vtm=1680047160019 IP 18.196.84.70:0 ASN #16509 AMAZON-02 File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators Size 152 B (152 bytes) Hash d9bacc468aa23334526933389545e120 e26288b4bada404ce340ca72989f9f1193dc649c 0605685efb44dd3decd77517436c575731b61f807247587de67080c579ffa2d4 HTTP Headers GET /d/.js?oref=&ourl=https%3A%2F%2Fads-fortun365.top%2F&opt=ada%20fortun%20%E2%80%93%20situs%20slot%20gacor%20tanpa%20potongan%20dan%20terpercaya&vtm=1680047160019 HTTP/1.1 Host: pardaisybrohnny.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ads-fortun365.top/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site `HTTP/2 400 Bad Request server: nginx date: Tue, 28 Mar 2023 23:45:38 GMT content-type: text/html content-length: 152 cache-control: no-store, no-cache, pre-check=0, post-check=0 expires: Thu, 01 Jan 1970 00:00:00 GMT pragma: no-cache X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash be1cd1cf8e462ca6f6acb2f132e614d5 037f3bc7ab850fa2c69f2584bb24340b25bb6f3c e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA" Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5289 Expires: Wed, 29 Mar 2023 01:13:47 GMT Date: Tue, 28 Mar 2023 23:45:38 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash be1cd1cf8e462ca6f6acb2f132e614d5 037f3bc7ab850fa2c69f2584bb24340b25bb6f3c e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA" Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5289 Expires: Wed, 29 Mar 2023 01:13:47 GMT Date: Tue, 28 Mar 2023 23:45:38 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash be1cd1cf8e462ca6f6acb2f132e614d5 037f3bc7ab850fa2c69f2584bb24340b25bb6f3c e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA" Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5289 Expires: Wed, 29 Mar 2023 01:13:47 GMT Date: Tue, 28 Mar 2023 23:45:38 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb4ab271-45be-41d0-93c0-528d0d9367e3.jpeg	34.120.237.76	200 OK	5.4 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb4ab271-45be-41d0-93c0-528d0d9367e3.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 5.4 kB (5414 bytes) Hash 8afbc872d18847aaed67054dbfc2d31b 6eb894c4aa4fa53d9a3d4b948b5e65b7e9a76d5b 65c2b5fe2a3df654cfed7e7721b2d8f08665a72bb358b4d6e30e7cba853336e3 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb4ab271-45be-41d0-93c0-528d0d9367e3.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 5414 x-amzn-requestid: b6795b2f-1460-4516-bac0-9148e9868fa1 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CguaYF5jIAMFmiQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64235ddb-42762e4f0aa5e6050f82d138;Sampled=0 x-amzn-remapped-date: Tue, 28 Mar 2023 21:36:27 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Miss from cloudfront x-amz-cf-id: 2uZtp6TgGSem59CZMyKKtawyKTmNiLyj5wu7RXTGq04n2tN_gefzsw== via: 1.1 8591441a35c0af61913aec9af012bc38.cloudfront.net (CloudFront), 1.1 2241406ac19fffc8f35d6ddef8e22f56.cloudfront.net (CloudFront), 1.1 google date: Tue, 28 Mar 2023 21:43:08 GMT age: 7350 etag: "6eb894c4aa4fa53d9a3d4b948b5e65b7e9a76d5b" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8819ddc-015a-4da7-bf88-9a5f6fac4462.jpeg	34.120.237.76	200 OK	9.9 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8819ddc-015a-4da7-bf88-9a5f6fac4462.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 9.9 kB (9886 bytes) Hash 9ab378a6531b886829e1762f72866500 9509f3e388d0f2627468b5ff8afd408eb19297a4 9535702379130bbc5e3439b2c226d3d8c51c6ee07690e64cbccf71e49085615c HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8819ddc-015a-4da7-bf88-9a5f6fac4462.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 9886 x-amzn-requestid: efa3e368-7941-467c-a4d7-f303b50a32a6 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CK848FbOoAMFnXg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641aa838-5357cad3565e7b230505442f;Sampled=0 x-amzn-remapped-date: Wed, 22 Mar 2023 07:03:20 GMT x-amz-cf-pop: SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: UjD8avDwm-zEFik18U34bWU06SOeb-fBjelZcoGyzcie0Z1CAj6JUQ== via: 1.1 b6cdb2111444305bd4957a473b711ad6.cloudfront.net (CloudFront), 1.1 49cdeca097624936e070b73619df7da8.cloudfront.net (CloudFront), 1.1 google date: Tue, 28 Mar 2023 18:08:57 GMT age: 20201 etag: "9509f3e388d0f2627468b5ff8afd408eb19297a4" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4e3c3bc-43f8-468d-b787-f16eff36fbce.jpeg	34.120.237.76	200 OK	7.6 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4e3c3bc-43f8-468d-b787-f16eff36fbce.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 7.6 kB (7567 bytes) Hash 55681b318ad65a83ce3b28438541f441 2682cc516dd93c5ed51cfc73391fe783c0e32242 298cba8ba116f9362b75a5a2f7c544ee3688beba6278ccd184e47e136a26e021 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4e3c3bc-43f8-468d-b787-f16eff36fbce.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 7567 x-amzn-requestid: f16e529f-0b85-4d95-8f2f-aba526b5cf1f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Cb5i5H0noAMFkRQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64216fab-330ba5f8478d562c713c16b5;Sampled=0 x-amzn-remapped-date: Mon, 27 Mar 2023 10:27:55 GMT x-amz-cf-pop: SEA19-C1 x-cache: Miss from cloudfront x-amz-cf-id: Qneus5sBhAvbVWHrecONA06GyzQnZm5qFx0J1aNRPHI_8_JXBihCBQ== via: 1.1 185f4b03b711932fc7e735c08fdc5abe.cloudfront.net (CloudFront), 1.1 0a2ce08fa1ec3c33302a7547d3305978.cloudfront.net (CloudFront), 1.1 google date: Tue, 28 Mar 2023 11:29:19 GMT age: 44179 etag: "2682cc516dd93c5ed51cfc73391fe783c0e32242" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c5af8f2-ee9b-4523-9e4f-ccf10f8bd1c0.jpeg	34.120.237.76	200 OK	7.2 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c5af8f2-ee9b-4523-9e4f-ccf10f8bd1c0.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 7.2 kB (7199 bytes) Hash cfefd241a9587632888525f214ca606a ad42fd2dd4d8a4754865dee63761bd278e8c788b 59f2479f48272a3194fe6bd8772cde967e7e90ae2017652a55d3e4f9f9d2094e HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c5af8f2-ee9b-4523-9e4f-ccf10f8bd1c0.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 7199 x-amzn-requestid: 8839997d-37d7-4eb5-bfc6-85bdc2fcadf3 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Cb5exF2YIAMFhkA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64216f91-56cb6439391dcec94fbecd47;Sampled=0 x-amzn-remapped-date: Mon, 27 Mar 2023 10:27:29 GMT x-amz-cf-pop: HIO50-C1, SEA19-C1 x-cache: Miss from cloudfront x-amz-cf-id: yynX8huN2CRrIU-rbyZwSkkXstuQJ4qr5eiuemFhKgtjEkklc4hdYA== via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 536063cb28bfc05fcb7a78183dd89b72.cloudfront.net (CloudFront), 1.1 google date: Tue, 28 Mar 2023 10:25:59 GMT age: 47979 etag: "ad42fd2dd4d8a4754865dee63761bd278e8c788b" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F11872cd2-625f-4516-9957-6a061caffeaf.jpeg	34.120.237.76	200 OK	5.4 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F11872cd2-625f-4516-9957-6a061caffeaf.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 5.4 kB (5430 bytes) Hash 07f8cdea68b9cc0574754fec41f74b81 6324f51339ed8cec15ffa0c2f827acb3bf668f2f 681735818d525d3d597a64f0430031089e5768eb77e86e26fa9c1ee120621b2c HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F11872cd2-625f-4516-9957-6a061caffeaf.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 5430 x-amzn-requestid: 3e038453-6363-4ed3-adc8-f0ccbfb59720 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CguI_G7AIAMFpQQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64235d6c-35f15a9358be6d6811c0989f;Sampled=0 x-amzn-remapped-date: Tue, 28 Mar 2023 21:34:36 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: gFaNK8ksqkkgIZhvteW3Ge_SWNbV1cGEToTIHiWv8CoG23wNDI0d6w== via: 1.1 50cc3f0b039433daebdf343a3f4489ae.cloudfront.net (CloudFront), 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 google date: Tue, 28 Mar 2023 21:44:37 GMT age: 7261 etag: "6324f51339ed8cec15ffa0c2f827acb3bf668f2f" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf3e4f0a-faba-451d-ad59-1fb691753e14.jpeg	34.120.237.76	200 OK	9.8 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf3e4f0a-faba-451d-ad59-1fb691753e14.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 9.8 kB (9781 bytes) Hash b6bd3d6c290e2be5effe451fddc92288 456c678dd0b64d84021c41383a534afeaa4d7af0 3d645c8b903b9f5593d068feb00b1c04cf8444ed78a292458e69d5c553cb1691 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf3e4f0a-faba-451d-ad59-1fb691753e14.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 9781 x-amzn-requestid: 9a919196-e536-4ef7-a2b2-9637aa75abff x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Ceq6FGAJIAMF7Zw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64228b73-769c33f459c985ab427ed47b;Sampled=0 x-amzn-remapped-date: Tue, 28 Mar 2023 06:38:43 GMT x-amz-cf-pop: SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: EFPuF3xknmH1frUX8bIJXNMjLoHEk_0V9Jd5sNxj16MR5cun53Xe1A== via: 1.1 1cbc126937aab64e42a05f9bf2f8daee.cloudfront.net (CloudFront), 1.1 44cd593d82a2d200a94217033c614c6a.cloudfront.net (CloudFront), 1.1 google date: Tue, 28 Mar 2023 22:30:02 GMT age: 4536 etag: "456c678dd0b64d84021c41383a534afeaa4d7af0" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	ads-fortun365.top/wp-content/uploads/2023/03/Cool-Text-DEPOSIT-BANK-EWALLET-PULSA-DAN-QRIS-431887821925880.png	103.164.173.2	200 OK	111 kB
URL HTTP/2 ads-fortun365.top/wp-content/uploads/2023/03/Cool-Text-DEPOSIT-BANK-EWALLET-PULSA-DAN-QRIS-431887821925880.png IP 103.164.173.2:0 ASN #138131 CV. NATANETWORK SOLUTION File type PNG image data, 2667 x 110, 8-bit/color RGBA, non-interlaced\012- data Size 111 kB (111317 bytes) Hash 2d030ed2342ffa4ac1f2b26564067065 ba94d6402a9a892250a5d9486e730934f1bdbe67 686772f4a7f4d3d81c3a7413f2bd7e20d2c3836a0e2411a1a824e4b2ab0ee0c5 HTTP Headers `GET /wp-content/uploads/2023/03/Cool-Text-DEPOSIT-BANK-EWALLET-PULSA-DAN-QRIS-431887821925880.png HTTP/1.1 Host: ads-fortun365.top User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ads-fortun365.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK cache-control: public, max-age=604800 expires: Tue, 04 Apr 2023 23:45:37 GMT content-type: image/png last-modified: Sat, 18 Mar 2023 07:09:17 GMT accept-ranges: bytes content-length: 111317 date: Tue, 28 Mar 2023 23:45:37 GMT server: LiteSpeed X-Firefox-Spdy: h2`

	ads-fortun365.top/wp-content/uploads/2023/03/Cool-Text-LAYANAN-CUSTOMER-SERVICE-ONLINE-24-JAM-431887858204093.png	103.164.173.2	200 OK	111 kB
URL HTTP/2 ads-fortun365.top/wp-content/uploads/2023/03/Cool-Text-LAYANAN-CUSTOMER-SERVICE-ONLINE-24-JAM-431887858204093.png IP 103.164.173.2:0 ASN #138131 CV. NATANETWORK SOLUTION File type PNG image data, 2867 x 84, 8-bit/color RGBA, non-interlaced\012- data Size 111 kB (111421 bytes) Hash ef98ad0c4df3f1ebc5e1783ec3695972 70844ffce6df57b9ce270a3c1e7b2706ff5c6bea e0396bae9338bad1cbf6608233ea708411f3e12d6d183c89f05d1a545fece39b HTTP Headers `GET /wp-content/uploads/2023/03/Cool-Text-LAYANAN-CUSTOMER-SERVICE-ONLINE-24-JAM-431887858204093.png HTTP/1.1 Host: ads-fortun365.top User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ads-fortun365.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK cache-control: public, max-age=604800 expires: Tue, 04 Apr 2023 23:45:37 GMT content-type: image/png last-modified: Sat, 18 Mar 2023 07:10:48 GMT accept-ranges: bytes content-length: 111421 date: Tue, 28 Mar 2023 23:45:37 GMT server: LiteSpeed X-Firefox-Spdy: h2`

	ads-fortun365.top/wp-content/uploads/2023/03/cooltext431887475361242.gif	103.164.173.2	200 OK	170 kB
URL HTTP/2 ads-fortun365.top/wp-content/uploads/2023/03/cooltext431887475361242.gif IP 103.164.173.2:0 ASN #138131 CV. NATANETWORK SOLUTION File type GIF image data, version 89a, 773 x 89\012- data Size 170 kB (169545 bytes) Hash 5a6159c8947fc2c03abdf81925774c5a 584e638e1f006dc27335e758070769c6e92d1864 c85d3ed3cda95f41e9459867277b4412cc5cc8c183dcf49c3730b7880483bac1 HTTP Headers `GET /wp-content/uploads/2023/03/cooltext431887475361242.gif HTTP/1.1 Host: ads-fortun365.top User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ads-fortun365.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK cache-control: public, max-age=604800 expires: Tue, 04 Apr 2023 23:45:37 GMT content-type: image/gif last-modified: Sat, 18 Mar 2023 07:00:07 GMT accept-ranges: bytes content-length: 169545 date: Tue, 28 Mar 2023 23:45:37 GMT server: LiteSpeed X-Firefox-Spdy: h2`

	ads-fortun365.top/wp-content/uploads/2023/03/cooltext431887311676000.gif	103.164.173.2	200 OK	162 kB
URL HTTP/2 ads-fortun365.top/wp-content/uploads/2023/03/cooltext431887311676000.gif IP 103.164.173.2:0 ASN #138131 CV. NATANETWORK SOLUTION File type GIF image data, version 89a, 686 x 89\012- data Size 162 kB (161597 bytes) Hash e0b59ef6829b891992bf3fa1fbf32242 5f4526ffdab14f06e8c265b0e854eafe1d141d0d 74aa9d5fc04376f428cfe7d83cae3c8772b6cdae955da4766384326dd5aac1a8 HTTP Headers `GET /wp-content/uploads/2023/03/cooltext431887311676000.gif HTTP/1.1 Host: ads-fortun365.top User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ads-fortun365.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK cache-control: public, max-age=604800 expires: Tue, 04 Apr 2023 23:45:37 GMT content-type: image/gif last-modified: Sat, 18 Mar 2023 07:00:08 GMT accept-ranges: bytes content-length: 161597 date: Tue, 28 Mar 2023 23:45:37 GMT server: LiteSpeed X-Firefox-Spdy: h2`

	ads-fortun365.top/wp-content/uploads/2023/03/cooltext431887538764618.gif	103.164.173.2	200 OK	151 kB
URL HTTP/2 ads-fortun365.top/wp-content/uploads/2023/03/cooltext431887538764618.gif IP 103.164.173.2:0 ASN #138131 CV. NATANETWORK SOLUTION File type GIF image data, version 89a, 609 x 89\012- data Size 151 kB (151248 bytes) Hash 7b89b9701b1c0f3d39e6477198a822f9 30c2dd12fca7d1d54c1b4981f2cf97a1ab01b898 601e50f96fae749f673d854efca244d4c568be7faba405f1b3e60c230952a1da HTTP Headers `GET /wp-content/uploads/2023/03/cooltext431887538764618.gif HTTP/1.1 Host: ads-fortun365.top User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ads-fortun365.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK cache-control: public, max-age=604800 expires: Tue, 04 Apr 2023 23:45:37 GMT content-type: image/gif last-modified: Sat, 18 Mar 2023 07:01:35 GMT accept-ranges: bytes content-length: 151248 date: Tue, 28 Mar 2023 23:45:37 GMT server: LiteSpeed X-Firefox-Spdy: h2`

	ads-fortun365.top/wp-content/uploads/2023/03/cooltext431888053133020.gif	103.164.173.2	200 OK	273 kB
URL HTTP/2 ads-fortun365.top/wp-content/uploads/2023/03/cooltext431888053133020.gif IP 103.164.173.2:0 ASN #138131 CV. NATANETWORK SOLUTION File type GIF image data, version 89a, 821 x 108\012- data Size 273 kB (272911 bytes) Hash 7c8f59be988f08bb29dbd6ae12519d41 78c895ec51555c59a318b2c9858322077b25a499 a08c7fd961490584e629347daca8edff7e1411249d3dc23125b5562575e81ad9 HTTP Headers `GET /wp-content/uploads/2023/03/cooltext431888053133020.gif HTTP/1.1 Host: ads-fortun365.top User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ads-fortun365.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK cache-control: public, max-age=604800 expires: Tue, 04 Apr 2023 23:45:37 GMT content-type: image/gif last-modified: Sat, 18 Mar 2023 07:15:53 GMT accept-ranges: bytes content-length: 272911 date: Tue, 28 Mar 2023 23:45:37 GMT server: LiteSpeed X-Firefox-Spdy: h2`

	ads-fortun365.top/wp-content/uploads/2023/03/fortungif2.gif	103.164.173.2	200 OK	554 kB
URL HTTP/2 ads-fortun365.top/wp-content/uploads/2023/03/fortungif2.gif IP 103.164.173.2:0 ASN #138131 CV. NATANETWORK SOLUTION File type GIF image data, version 89a, 480 x 720\012- data Size 554 kB (553973 bytes) Hash b61d58375f79523dd9313cdcc6c64737 130fb2cc591caef761c7e41ccf41eebcde513b82 532d2f1ad21f443cd7e05b58e26bdc1a96e49a065ca8b6fbd1063cc287fa6913 HTTP Headers `GET /wp-content/uploads/2023/03/fortungif2.gif HTTP/1.1 Host: ads-fortun365.top User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ads-fortun365.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK cache-control: public, max-age=604800 expires: Tue, 04 Apr 2023 23:45:37 GMT content-type: image/gif last-modified: Sat, 18 Mar 2023 07:04:10 GMT accept-ranges: bytes content-length: 553973 date: Tue, 28 Mar 2023 23:45:37 GMT server: LiteSpeed X-Firefox-Spdy: h2`

	ads-fortun365.top/wp-content/plugins/pagelayer/css/givecss.php?give=pagelayer-frontend.css%2Cnivo-lightbox.css%2Canimate.min.css%2Cowl.carousel.min.css%2Cowl.theme.default.min.css%2Cfont-awesome5.min.css&premium&ver=1.7.3	103.164.173.2	200 OK	0 B
URL HTTP/2 ads-fortun365.top/wp-content/plugins/pagelayer/css/givecss.php?give=pagelayer-frontend.css%2Cnivo-lightbox.css%2Canimate.min.css%2Cowl.carousel.min.css%2Cowl.theme.default.min.css%2Cfont-awesome5.min.css&premium&ver=1.7.3 IP 103.164.173.2:0 ASN #138131 CV. NATANETWORK SOLUTION File type Size 0 B (0 bytes) Hash HTTP Headers GET /wp-content/plugins/pagelayer/css/givecss.php?give=pagelayer-frontend.css%2Cnivo-lightbox.css%2Canimate.min.css%2Cowl.carousel.min.css%2Cowl.theme.default.min.css%2Cfont-awesome5.min.css&premium&ver=1.7.3 HTTP/1.1 Host: ads-fortun365.top User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ads-fortun365.top/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK x-powered-by: PHP/7.4.33 content-type: text/css; charset: UTF-8;charset=UTF-8 cache-control: must-revalidate last-modified: Fri, 05 Aug 2022 00:55:00 GMT vary: Accept-Encoding content-encoding: gzip date: Tue, 28 Mar 2023 23:45:37 GMT server: LiteSpeed X-Firefox-Spdy: h2`

	fonts.googleapis.com/css?family=Muli%3A400%2C500%2C600%7CQuestrial%3A400%2C500	142.250.74.106	200 OK	0 B
URL HTTP/2 fonts.googleapis.com/css?family=Muli%3A400%2C500%2C600%7CQuestrial%3A400%2C500 IP 142.250.74.106:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash HTTP Headers `GET /css?family=Muli%3A400%2C500%2C600%7CQuestrial%3A400%2C500 HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://ads-fortun365.top Connection: keep-alive Referer: https://ads-fortun365.top/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Tue, 28 Mar 2023 23:45:37 GMT date: Tue, 28 Mar 2023 23:45:37 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (8)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML