Report - georgewaters.shop/

Report Overview

Submitted URL
georgewaters.shop/
IP
104.21.26.26
ASN
#13335 CLOUDFLARENET
Submitted
2022-09-27 08:16:07
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
12

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
api-public.addthis.com	4111	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	1.4 kB	23.38.200.123
cpa-ebook-assets.site	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	370 B	820 B	172.67.148.67
register.yars10.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	388 B	2.3 kB	178.63.30.218
hewawkward.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	382 B	11 kB	192.243.61.227
v1.addthisedge.com	1721	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	411 B	1.2 kB	23.38.200.123
addresseepaper.com	18169	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	350 B	29 kB	172.64.100.4
invaderannihilationperky.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.1 kB	36 kB	192.243.61.225
cdn.cloudimagesb.com	23099	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	390 B	68 kB	45.133.44.9
kazanwhoeveryowl.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	437 B	467 B	173.233.137.44
m.addthis.com	1448	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	712 B	360 B	23.38.200.123
georgewaters.shop	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	772 B	1.3 kB	172.67.135.53
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	658 B	1.3 kB	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	54.189.35.180
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	56 kB	34.120.237.76
z.moatads.com	374	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	380 B	1.4 kB	23.38.201.146
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	4.4 kB	23.36.76.226
maxcdn.bootstrapcdn.com	724	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	400 B	22 kB	104.18.10.207
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	338 B	944 B	143.204.42.88
simplewebanalysis.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	383 B	410 B	3.66.118.16
s7.addthis.com	1504	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	222 kB	23.38.200.123
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.27
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.6 kB	9.7 kB	23.36.76.226
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.49
books.google.com	16267	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.3 kB	159 kB	142.250.74.174
unseenreport.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	683 B	423 B	192.243.59.13

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-09-27	medium	hewawkward.com	Sinkholed
2022-09-27	medium	invaderannihilationperky.com	Sinkholed
2022-09-27	medium	invaderannihilationperky.com	Sinkholed
2022-09-27	medium	invaderannihilationperky.com	Sinkholed
2022-09-27	medium	kazanwhoeveryowl.com	Sinkholed
2022-09-27	medium	unseenreport.com	Sinkholed

JavaScript (19)

	URL	Size	First Seen	Last Seen
	api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fgeorgewaters.shop%2F&callback=_ate.cbs.rcb_dyds0	33 B	2023-03-08	2023-03-08
Pretty URL api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fgeorgewaters.shop%2F&callback=_ate.cbs.rcb_dyds0 IP 23.38.200.123 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:21:33 Last Seen2023-03-08 02:21:33 Times Seen1 Hash 8829984a73744ad2542d4268e607fc0d 5320c56e2112f1864861836bc16bd41dbfb8ef55 072b9e1feb72f030c28bd9b65b785416d0e0f9a33a97fa3b76028325eae38f62 Loading...

	http:blank	3.3 kB	2023-03-08	2023-03-08
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:21:33 Last Seen2023-03-08 02:21:33 Times Seen1 Hash 1d06e6e97414904a5738e1180ecc2934 90b6821f4cec128fe4036da31994bd7c9dde2f42 3bd364065fe0e7f20e564b5bb2a96a5e99e562879a3859a91014db79e450651a Loading...

	v1.addthisedge.com/live/boost/ra-5243766a0c4cc5a8/_ate.track.config_resp	4.2 kB	2023-03-07	2023-03-08
Pretty URL v1.addthisedge.com/live/boost/ra-5243766a0c4cc5a8/_ate.track.config_resp IP 23.38.200.123 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:23:03 Last Seen2023-03-08 02:21:33 Times Seen1 Hash 9c19c16ea1ac8a63484648137ca5306c 7b0780f3ca9bb70c584e500f1a61454a2c27bd16 aa5946bab6cda02cf6274f89218bc04bbb5968c24fc58f247d58cfd2fb9f4668 Loading...

	hewawkward.com/ed3dbbca1a675ac6215f3ab22cd1d7fa/invoke.js	27 kB	2023-03-08	2023-03-08
Pretty URL hewawkward.com/ed3dbbca1a675ac6215f3ab22cd1d7fa/invoke.js IP 192.243.61.227 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:21:33 Last Seen2023-03-08 02:21:33 Times Seen1 Hash 1b69a6cff40fe519fdcba1f7c7903de7 0aab09e5a2fdaccb21f0f3dddf311d63282376d1 514265b45d9639c77dafec1f9b0fce8ef9cc5bd7a1dd45ff598e895c84cfec0e Loading...

	z.moatads.com/addthismoatframe568911941483/moatframe.js	1.7 kB	2023-03-07	2023-11-01
Pretty URL z.moatads.com/addthismoatframe568911941483/moatframe.js IP 23.38.201.146 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:57 Last Seen2023-11-01 14:42:28 Times Seen4278 Hash dd1a19cb8d13e4571d2b293c0a0d2ccf 18070dd5c894930a8aef7117bf8d49bd4922a723 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd Loading...

	invaderannihilationperky.com/3c/7c/cb/3c7ccbcde902d1992d2782d62d899523.js	85 kB	2023-03-08	2023-03-08
Pretty URL invaderannihilationperky.com/3c/7c/cb/3c7ccbcde902d1992d2782d62d899523.js IP 192.243.61.225 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:21:33 Last Seen2023-03-08 02:21:33 Times Seen1 Hash 484288eadfe7bb6a41b556de50c507db 6e4ada02aea8327ce834982e08a52487540a5b8d 20574ed58668813b0c3eadbe69c58f13347b86e35fb3c48cb551a6f14c43ed5f Loading...

	s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html#rand=0.502464244627729&iit=1664266557992&tmr=load%3D1664266557042%26core%3D1664266557061%26main%3D1664266557990%26ifr%3D1664266557993&cb=0&cdn=0&md=0&kw=&ab=-&dh=georgewaters.shop&dr=&du=https%3A%2F%2Fgeorgewaters.shop%2F&href=https%3A%2F%2Fgeorgewaters.shop%2F&dt=Free%20E-Book%20Download%20-%20Choose%20among%20free%20ebooks%2C%20free%20kindle%20books%2C%20download%20them%20or%20read%20them%20online.&dbg=0&cap=tc%3D0%26ab%3D0&inst=1&jsl=0&prod=undefined&lng=en&ogt=&pc=men&pub=ra-5243766a0c4cc5a8&ssl=1&sid=6332b13d2d65064c&srf=0.01&ver=300&xck=0&xtr=0&og=&csi=undefined&rev=v8.28.8-wp&ct=1&xld=1&xd=1	72 kB	2023-03-07	2023-05-06
Pretty URL s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html#rand=0.502464244627729&iit=1664266557992&tmr=load%3D1664266557042%26core%3D1664266557061%26main%3D1664266557990%26ifr%3D1664266557993&cb=0&cdn=0&md=0&kw=&ab=-&dh=georgewaters.shop&dr=&du=https%3A%2F%2Fgeorgewaters.shop%2F&href=https%3A%2F%2Fgeorgewaters.shop%2F&dt=Free%20E-Book%20Download%20-%20Choose%20among%20free%20ebooks%2C%20free%20kindle%20books%2C%20download%20them%20or%20read%20them%20online.&dbg=0&cap=tc%3D0%26ab%3D0&inst=1&jsl=0&prod=undefined&lng=en&ogt=&pc=men&pub=ra-5243766a0c4cc5a8&ssl=1&sid=6332b13d2d65064c&srf=0.01&ver=300&xck=0&xtr=0&og=&csi=undefined&rev=v8.28.8-wp&ct=1&xld=1&xd=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:57 Last Seen2023-05-06 01:05:13 Times Seen3063 Hash 7d5b5e32745c7b2e10b41554f0dc4142 2fe0a408b06fb8a44f7c1b54ad4f1b70204584ab 7eae26867a4cf6c29d2fbc4cbf3a222058ba71a9ceb7ff0d6d96c3cfb462cc81 Loading...

	m.addthis.com/live/red_lojson/300lo.json?si=6332b13d2d65064c&bkl=0&bl=1&pdt=1432&sid=6332b13d2d65064c&pub=ra-5243766a0c4cc5a8&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=georgewaters.shop&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1664266557996&jsl=0&uvs=6332b13d409f4be7000&skipb=1&callback=addthis.cbs.jsonp__59652648379741470	89 B	2023-03-08	2023-03-08
Pretty URL m.addthis.com/live/red_lojson/300lo.json?si=6332b13d2d65064c&bkl=0&bl=1&pdt=1432&sid=6332b13d2d65064c&pub=ra-5243766a0c4cc5a8&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=georgewaters.shop&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1664266557996&jsl=0&uvs=6332b13d409f4be7000&skipb=1&callback=addthis.cbs.jsonp__59652648379741470 IP 23.38.200.123 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:21:33 Last Seen2023-03-08 02:21:33 Times Seen1 Hash af1a4a83997a9d88a52d6157d6e3038d 717b18e1cf84225e27e1b131fe4218a52813d274 292d5f4ec19c514a54a2aff50c0c4c90fb97a4224f3242801bb4f97d40049f93 Loading...

	georgewaters.shop/	368 B	2023-03-07	2023-03-08
Pretty URL georgewaters.shop/ IP 172.67.135.53 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:23:03 Last Seen2023-03-08 02:21:33 Times Seen1 Hash 249dee1253d63e75abb6f58c76f6338b ec8a58f5a8a02798486be65bf096ba008b109a97 04bf0dcd82f891ed1f438d9c7906270e6b8103d80fe180c01f938a3956902e1c Loading...

	unknown	0 B	2023-03-07	2024-04-18
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-18 17:02:57 Times Seen36946444 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	http:blank	145 B	2023-03-07	2023-03-08
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:23:03 Last Seen2023-03-08 02:21:33 Times Seen1 Hash 07e95cb5b5bec87c67e891d80c4d56d7 5b2ac37440e376b1598f832ba85e9bdd513b8a23 5f1322d09514f482b672491ac0754c1307bab4b64fa6942f5ce20edbf4e6866d Loading...

	s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js	270 kB	2023-03-07	2023-05-06
Pretty URL s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js IP 23.38.200.123 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:00 Last Seen2023-05-06 00:32:51 Times Seen1824 Hash 476d935d6723f9abea1160c155ffb725 477ff2f072c62493be703060b3da7c7a5492f840 6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df Loading...

	api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fgeorgewaters.shop%2F&callback=_ate.cbs.rcb_kzmy0	33 B	2023-03-08	2023-03-08
Pretty URL api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fgeorgewaters.shop%2F&callback=_ate.cbs.rcb_kzmy0 IP 23.38.200.123 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:21:33 Last Seen2023-03-08 02:21:33 Times Seen1 Hash f2aaa0e3f614051b856259fa4b293c5d c5751eece6ec9ad231410dd8f1a717294c53733e 54dc6c54318e3ad9635834121cf3dcdb25e8d1e01099cb487137f82096b91eb6 Loading...

	georgewaters.shop/	210 B	2023-03-07	2023-05-29
Pretty URL georgewaters.shop/ IP 172.67.135.53 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:55 Last Seen2023-05-29 08:28:50 Times Seen20 Hash 7324c3ff39ecc06050e528c0318bb6d4 8fd9a491d8c445a2487ea16fef9ce1bb3728f48b 9450485dc1a0e6288306bb44c91c9ddac4acb3a9446f52bc89f6793271d711a5 Loading...

	georgewaters.shop/	192 B	2023-03-07	2023-03-08
Pretty URL georgewaters.shop/ IP 172.67.135.53 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:23:03 Last Seen2023-03-08 02:21:33 Times Seen1 Hash e3379b59435447ec86610ccb360d597c 3bb64395949a7c88acac0837993d3d620fab977e 6c31e7fe10d775e82e5665df67fca169db51b798a7ea1fc6b2b61c9f5ec43429 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 062687690045026856f53e20000732e7	8 B	2023-03-07	2024-04-14
Pretty Observations First Seen2023-03-07 01:02:58 Last Seen2024-04-14 19:52:56 Times Seen3365 Hash 062687690045026856f53e20000732e7 907a784295139ac62a25fed0fe9636c8a3a5b3af 3c4b9b06fe520e9d07b2150eebd412a59c91d789706d99a2b2dc9bf217604d1f Loading...

	#2 Eval - 449bf5704205ea90d9021bf85b4300cd	11 B	2023-03-07	2024-04-14
Pretty Observations First Seen2023-03-07 01:02:58 Last Seen2024-04-14 19:52:56 Times Seen3353 Hash 449bf5704205ea90d9021bf85b4300cd a8401782462f9e0afe2435dea38cb79ac66d83af 8ee784d797ce97ed9716bb42682346deb0c7ae8ff75d7ad8ae60508907054c16 Loading...

	#3 Eval - e5d42073ec6ebe14bb27250c35070626	2.1 kB	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 02:21:33 Last Seen2023-03-08 02:21:33 Times Seen1 Hash e5d42073ec6ebe14bb27250c35070626 d33eb1329f0702d5facac069271869ef5875d010 5cedadef93cece8cb402c640a6220db819158ce2083c9a5465b62a03ca26ba15 Loading...

		Size	First Seen	Last Seen
	#1 Write - 2a9af5f91b9755610b3a83072ad60d0e	112 B	2023-03-07	2023-03-08
Pretty Observations First Seen2023-03-07 13:23:03 Last Seen2023-03-08 02:21:33 Times Seen1 Hash 2a9af5f91b9755610b3a83072ad60d0e 0f7f6c65090ceb3950ec94e1f35dcc947703d5a0 e4d4823d663ec7be58563c08629dcb243c60dad91a86b02b8600cc988fbfe67c Loading...

HTTP Transactions (64)

URL IP Response Size

georgewaters.shop/

172.67.135.53

301 Moved Permanently

0 B

URL HTTP/1.1
georgewaters.shop/
IP
172.67.135.53:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: georgewaters.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Tue, 27 Sep 2022 08:15:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 27 Sep 2022 09:15:56 GMT
Location: https://georgewaters.shop/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yAcwlh0avgQ8T0K3%2Feop0ldRB80%2Fiql%2BfSeygjOgXdt7adXCXaQBGmmj7NGo81FUW6yw%2FE8P%2BUCi6m5iQl3d%2B%2FcYXvmjWWvOKEq8HdmbPpKVZWPPH6HRA5YaK37zn%2BcuicUkJw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7512cb57eb41b4f7-OSL
alt-svc: h2=":443"; ma=60

firefox.settings.services.mozilla.com/v1/

143.204.55.27

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-stale=0
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 27 Sep 2022 07:45:26 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: kTDTy_r3uym_xhjXQ8JsSzGm1ViyVkL04sG9S0X5-GFRkOreVgBXcA==
Age: 1830

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4638
Expires: Tue, 27 Sep 2022 09:33:14 GMT
Date: Tue, 27 Sep 2022 08:15:56 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.49

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.49:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
date: Mon, 26 Sep 2022 09:17:07 GMT
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: XO_tVqcHpUU4otJMUK8wOISz6IT5igDifqY2Nr1C2McgYV52fVSwrw==
age: 82730
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 08:15:56 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
ede7bbbf8c4fcaefb97f908384a0a375
35bcabb75c5f07863ab34f800d04448da8ade0ff
62472bf7a561a3aeb832aa78ebdd1e96704bcf161bc765a84b5ad124b71a4d3e

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "62472BF7A561A3AEB832AA78EBDD1E96704BCF161BC765A84B5AD124B71A4D3E"
Last-Modified: Tue, 27 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21533
Expires: Tue, 27 Sep 2022 14:14:49 GMT
Date: Tue, 27 Sep 2022 08:15:56 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.27

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 27 Sep 2022 08:10:46 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Tue, 27 Sep 2022 08:38:32 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: n7Q6MwP_EAgNkKvwLLpP-M683x1Sdxir_WGZYtXoydZlnX-ihT8wRg==
Age: 310

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
5adb7eb1d103eadeeafac36e663ffdd3
23b784388dd634fa736cd60aed71570661e73d02
5c95ba48bc342887b4f7ef697bd4def50f6f2f472f654169179e5ac44df883d9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5720
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 08:15:57 GMT
Last-Modified: Tue, 27 Sep 2022 06:40:37 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

54.189.35.180

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.189.35.180:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: nmw883x/w1duXBnZLwbWiQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: utqbkd3KiBoornPP/wVXkwzBgHc=

e1.o.lencr.org/

23.36.76.226

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
ede7bbbf8c4fcaefb97f908384a0a375
35bcabb75c5f07863ab34f800d04448da8ade0ff
62472bf7a561a3aeb832aa78ebdd1e96704bcf161bc765a84b5ad124b71a4d3e

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "62472BF7A561A3AEB832AA78EBDD1E96704BCF161BC765A84B5AD124B71A4D3E"
Last-Modified: Tue, 27 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21532
Expires: Tue, 27 Sep 2022 14:14:49 GMT
Date: Tue, 27 Sep 2022 08:15:57 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
17883491aa4a759d270aefa42730e0ba
8e2f48dbf2b1af81b843f1880b459fdeeb10abd8
03d112eafbd3be87bf30191f6c1eae2cf3f4a665b903f35efe40aca4253cc3da

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5763
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 08:15:57 GMT
Last-Modified: Tue, 27 Sep 2022 06:39:55 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 280

maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css

104.18.10.207

200 OK

21 kB

URL HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css
IP
104.18.10.207:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65371)
Size
21 kB (20648 bytes)
Hash
1ef9ee9f9e9fa68ed6d6b98c394e5965
bca21d0e32a16400325e483aa22185ab342042ad
53b34e368dbcddcf5dac0256a745650383273c574f311ebb3f7b6401a59f8a9b

HTTP Headers

GET /bootstrap/3.3.5/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://georgewaters.shop/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 27 Sep 2022 08:15:57 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"5d5357cb3704e1f43a1f5bfed2aebf42"
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-cachedat: 02/24/2022 14:58:46
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 864
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: fbe7e6fea753e22c4e1fd8ba1cf2b066
cdn-cache: HIT
cf-cache-status: HIT
age: 9715943
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7512cb60f85fb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
e62bfb4fdc23a4be8759dd3c4d3c793e
74d41273c0b0c07f2bff1ec019f80259ebcec33a
62a43476237949ec6c7af1216de4c44bdbabdc47253b84f119835262521e7160

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "62A43476237949EC6C7AF1216DE4C44BDBABDC47253B84F119835262521E7160"
Last-Modified: Mon, 26 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 27 Sep 2022 14:15:57 GMT
Date: Tue, 27 Sep 2022 08:15:57 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
e62bfb4fdc23a4be8759dd3c4d3c793e
74d41273c0b0c07f2bff1ec019f80259ebcec33a
62a43476237949ec6c7af1216de4c44bdbabdc47253b84f119835262521e7160

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "62A43476237949EC6C7AF1216DE4C44BDBABDC47253B84F119835262521E7160"
Last-Modified: Mon, 26 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 27 Sep 2022 14:15:57 GMT
Date: Tue, 27 Sep 2022 08:15:57 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
60e22a7d0b2be93185b171867f649fe5
c8232ab5c67be09211f3794616b5f8fb668a91f2
7d7bc8c9ede03e9e4a6ed362aaf949a63deb0b25dfc58e13fa9b9eed8511afa2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7BC8C9EDE03E9E4A6ED362AAF949A63DEB0B25DFC58E13FA9B9EED8511AFA2"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12583
Expires: Tue, 27 Sep 2022 11:45:40 GMT
Date: Tue, 27 Sep 2022 08:15:57 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
641e243af23074d137f33663e21ed03b
29322050775c97cc01f8a112a77f18d573372919
8cef5ebb6aa5caea31ac1db3fba110a40bf89e6f352547c53d4d3f2fba60f484

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8CEF5EBB6AA5CAEA31AC1DB3FBA110A40BF89E6F352547C53D4D3F2FBA60F484"
Last-Modified: Sat, 24 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3259
Expires: Tue, 27 Sep 2022 09:10:17 GMT
Date: Tue, 27 Sep 2022 08:15:58 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4334
Expires: Tue, 27 Sep 2022 09:28:12 GMT
Date: Tue, 27 Sep 2022 08:15:58 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4334
Expires: Tue, 27 Sep 2022 09:28:12 GMT
Date: Tue, 27 Sep 2022 08:15:58 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4334
Expires: Tue, 27 Sep 2022 09:28:12 GMT
Date: Tue, 27 Sep 2022 08:15:58 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4334
Expires: Tue, 27 Sep 2022 09:28:12 GMT
Date: Tue, 27 Sep 2022 08:15:58 GMT
Connection: keep-alive

hewawkward.com/ed3dbbca1a675ac6215f3ab22cd1d7fa/invoke.js

192.243.61.227

200 OK

9.8 kB

URL HTTP/1.1
hewawkward.com/ed3dbbca1a675ac6215f3ab22cd1d7fa/invoke.js
IP
192.243.61.227:0
ASN
#39572 DataWeb Global Group B.V.

File type
exported SGML document, ASCII text, with very long lines (26996), with no line terminators
Size
9.8 kB (9809 bytes)
Hash
d0a08f50195903ca8e50f48200967296
68bef95840e148c800973f2e88476b1399a9e167
0b13337cd8bd829481bfc4be52da9849c6e42a483ede31415dc3b623a6a39741

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ed3dbbca1a675ac6215f3ab22cd1d7fa/invoke.js HTTP/1.1
Host: hewawkward.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://georgewaters.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 27 Sep 2022 08:15:58 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ef9bf60be1033198c4ecb6345834522b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4334
Expires: Tue, 27 Sep 2022 09:28:12 GMT
Date: Tue, 27 Sep 2022 08:15:58 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg

34.120.237.76

200 OK

6.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.4 kB (6390 bytes)
Hash
14218a43c5e5bbce546735a780c8ccce
61676358cdbb2373bc644e66f8a84fbc8cc5daf6
905b1c30a2273aef69904f2eb1451c756fc1fdba02e86ea5c957629dd056aeda

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6390
x-amzn-requestid: b2681ff8-ab83-41e6-adef-3e6772c93c3f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGFJ6Gc_oAMF44g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63324f0c-3dbf9f4e2047567b5abdbe74;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 01:17:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8JXEBo_L_xKuKdeoOXEJ6FO7ZVsZVQzUmQFe7fYcxaHRQNEq1HWp6w==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:25:52 GMT
age: 24606
etag: "61676358cdbb2373bc644e66f8a84fbc8cc5daf6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63a7aeb3-999a-4e57-9255-c40e0376d08e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.3 kB (5319 bytes)
Hash
46e31aa06b8e86a9a5f9ba1cc3feca08
75df3341e30281fcbf78c7074980356fdf0be8e2
d1fd4f81b7e0f43de960f0ee024d9e87bcb395f032a4ab0360e3829d1ec8a42b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63a7aeb3-999a-4e57-9255-c40e0376d08e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5319
x-amzn-requestid: d4c13fa8-eb03-4abf-9516-b74eac712b87
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFkreHL5IAMFcOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b16-487923453bd27d6a744b5a31;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:35:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: gGfaq_dx7NIHH43-iNn0Ah61HRLT8H3NxPGVoDvkKgBgy8zJWYwRuw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:49:18 GMT
age: 37600
etag: "75df3341e30281fcbf78c7074980356fdf0be8e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F334b6513-7266-4f03-aae2-328c1b58a30e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10864 bytes)
Hash
56c3768b851e6a5206cbfbe3f5a97cae
2a2fabd9f9792daf9c058fc754d5616267b703f1
668dba22a0c81c4580637806c293521b176512b18ebcc2fe951be2f27f43134d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F334b6513-7266-4f03-aae2-328c1b58a30e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10864
x-amzn-requestid: a6be937a-3e8f-4dad-bbca-f28554f5ff21
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YioQqFHsoAMFxXQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632420d0-78fecb9e2f76416044839a35;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 07:08:00 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: l-svEjPVAfeYvCQAHsARjTk9PNdkVGUJA_2415312kWF2x6MDI7o7A==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 13:17:07 GMT
age: 68331
etag: "2a2fabd9f9792daf9c058fc754d5616267b703f1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff092f2d0-abd6-40d2-ad33-9fb0ded1ec0a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11881 bytes)
Hash
91d97447a6a35813e57d942f685544c4
3b660de9902fbfcf2efb477f40480b08545ebc5f
08c1ea19c4918273da12c9a2e962edf4463c486a30f60c8a279a45e5edcf972a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff092f2d0-abd6-40d2-ad33-9fb0ded1ec0a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11881
x-amzn-requestid: 4562e550-9c0f-407b-be2a-3c5d8901d444
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y2apSEPuIAMF5TA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632c0b08-5c5f052f146d25a7190412d1;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 07:13:12 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: EAiLlHN2h6EPX0idrlQG4TIyGBMt_In0_Tpy79foal99j4xoRasO-A==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 22:23:49 GMT
age: 35529
etag: "3b660de9902fbfcf2efb477f40480b08545ebc5f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbde62996-d83a-4f97-a8ad-f7719aff0bff.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.7 kB (7701 bytes)
Hash
9ff2dbdbf6d450f0d9774777b3c5aa6e
2f7876bd0e4b52aa04ccf1c2a45359156eaefb97
4c2184b8150834adf1e9ec807f3175b6fcd574920a98c857db2cfb01b78da2fe

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbde62996-d83a-4f97-a8ad-f7719aff0bff.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7701
x-amzn-requestid: 63bfd7b5-f18e-4396-99a8-fb24dee1ee0c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGCmmGswoAMF2zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63324af6-04fa1b18525182b7213f844c;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 00:59:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: KT47E-2_0O70MgMbGzSjvVaFrWwQybXKo_dkWMw2vnqBElOZtT_Big==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:05:55 GMT
age: 25803
etag: "2f7876bd0e4b52aa04ccf1c2a45359156eaefb97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3823d156-2245-40a3-a9a3-7cb4a5c4a14d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.7 kB (7716 bytes)
Hash
8ef8d9284ebd57a7cf76ceb762291356
2b53c4f836970501a682dae07235215c487d35cc
3529ab97ab2214ee9c67ee234beac96cd40f0bd6092b92b71c60956ed5710b41

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3823d156-2245-40a3-a9a3-7cb4a5c4a14d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7716
x-amzn-requestid: 1cf0b1c7-4611-40bf-b72a-412ebd03ef79
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y2KguFL7IAMFzKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632bf137-2b7c15d3071e0266586fd17d;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 05:23:03 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5XZZKUgjmv2njI3xAPo57u0fBKEGqPmMUcWxHYzoSAaVjIIA2Oi0Aw==
via: 1.1 d042f60a962591f741406f28a8170c5a.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 22:03:16 GMT
age: 36762
etag: "2b53c4f836970501a682dae07235215c487d35cc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
ee09b6ab7cfd6fb00b3abacbba58e7bc
4903c09b843081d2e873e272515d2ac8751a0461
92828a32c13bba32c5986661a9570f69f67020c43f452302d7501f159905b731

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 08:15:58 GMT
Last-Modified: Tue, 27 Sep 2022 07:12:27 GMT
Server: ECS (nyb/1D19)
X-Cache: Miss from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: UC5VVGLCKPW5BM8XwXQgLNtl4CAVm95hpk4leS3Kiei2U8RvcAe8Rg==
Age: 3811

simplewebanalysis.com/stats

3.66.118.16

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
3.66.118.16:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
5a7a1e01f29e929a05d3c6b17103ad4a
3853f7575e0ffcee2249e12df39d7bc50d5a5390
5c25305bc33c0707faf23b04e348cd626a7a4b51f8571e7be52d4871167d531d

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://georgewaters.shop
Connection: keep-alive
Referer: https://georgewaters.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 27 Sep 2022 08:15:58 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://georgewaters.shop
access-control-allow-credentials: true
set-cookie: uid_id2=472c8f53-eb0a-4445-a329-e9e6ead42e88:3:1; expires=Fri, 24 Sep 2032 08:15:58 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

s7.addthis.com/js/300/addthis_widget.js

23.38.200.123

200 OK

116 kB

URL HTTP/2
s7.addthis.com/js/300/addthis_widget.js
IP
23.38.200.123:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (54602)
Size
116 kB (116360 bytes)
Hash
b87cd33d44e99d7bb4fa59f97915a154
429b6461bab5189d6987d39713c3405223c461b8
9ad12a8b1ed82ccdfc74eebce578bd8f146b04ba08476f8a9a237e346f1772b2

HTTP Headers

GET /js/300/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://georgewaters.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx/1.15.8
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: "5f971164-5834c"
cache-control: public, max-age=600
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript
content-encoding: gzip
content-length: 116360
date: Tue, 27 Sep 2022 08:15:59 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3e660df92dedccf0998ad07b96f0f8d5
6fa2572684c4d7b711ac5c608de154b877a627c2
a2db8009a62d30b6fa4abcaa29e903a896c98a96c825ff0240a5712f50c4a060

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A2DB8009A62D30B6FA4ABCAA29E903A896C98A96C825FF0240A5712F50C4A060"
Last-Modified: Sun, 25 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2041
Expires: Tue, 27 Sep 2022 08:50:00 GMT
Date: Tue, 27 Sep 2022 08:15:59 GMT
Connection: keep-alive

books.google.com/books/content?id=sxmVCwAAQBAJ&printsec=frontcover&img=1&zoom=5&edge=curl&source=gbs_api

142.250.74.174

200 OK

18 kB

URL HTTP/1.1
books.google.com/books/content?id=sxmVCwAAQBAJ&printsec=frontcover&img=1&zoom=5&edge=curl&source=gbs_api
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 27x27, segment length 16, baseline, precision 8, 128x233, components 3\012- data
Size
18 kB (17761 bytes)
Hash
773ffce40a264a5c2ac141850c849a3b
c836a866e184108cb8cd8deb97a211a565b6a35b
2a6150f611183fa442ad4dab7acb414856656bdb1950e3b30b2c44a028e8d961

HTTP Headers

GET /books/content?id=sxmVCwAAQBAJ&printsec=frontcover&img=1&zoom=5&edge=curl&source=gbs_api HTTP/1.1
Host: books.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 200 OK
Cache-Control: private, max-age=86400
Accept-Ranges: bytes
Expires: Tue, 27 Sep 2022 08:15:59 GMT
Date: Tue, 27 Sep 2022 08:15:59 GMT
Content-Length: 17761
Content-Type: image/jpeg
X-Content-Type-Options: nosniff
Server: Ocean Content Server
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

books.google.com/books/content?id=hJtIDwAAQBAJ&printsec=frontcover&img=1&zoom=5&edge=curl&source=gbs_api

142.250.74.174

200 OK

17 kB

URL HTTP/1.1
books.google.com/books/content?id=hJtIDwAAQBAJ&printsec=frontcover&img=1&zoom=5&edge=curl&source=gbs_api
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 27x27, segment length 16, baseline, precision 8, 128x195, components 3\012- data
Size
17 kB (17295 bytes)
Hash
550b46f690e350e28540d0f3d805df45
8a5e26fd33cfdcd9dfb16df6191efb1b779acb9b
ca11e6c5b4b1ddca43ae7d2afc87d3974530c51e4625c52cd361d196694cd952

HTTP Headers

GET /books/content?id=hJtIDwAAQBAJ&printsec=frontcover&img=1&zoom=5&edge=curl&source=gbs_api HTTP/1.1
Host: books.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 200 OK
Cache-Control: private, max-age=86400
Accept-Ranges: bytes
Expires: Tue, 27 Sep 2022 08:15:59 GMT
Date: Tue, 27 Sep 2022 08:15:59 GMT
Content-Length: 17295
Content-Type: image/jpeg
X-Content-Type-Options: nosniff
Server: Ocean Content Server
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

books.google.com/books/content?id=9e-YAAAAQBAJ&printsec=frontcover&img=1&zoom=5&edge=curl&source=gbs_api

142.250.74.174

200 OK

16 kB

URL HTTP/1.1
books.google.com/books/content?id=9e-YAAAAQBAJ&printsec=frontcover&img=1&zoom=5&edge=curl&source=gbs_api
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 24x24, segment length 16, baseline, precision 8, 128x206, components 3\012- data
Size
16 kB (16369 bytes)
Hash
137c6f535eb4d5e219aa9a29fb4ff44e
168960f0c1ff0736f56fb50af802702deabdaab8
385463ec9449d70c30c8bc5b429ed1b0612fecbb85d8c67e08de34618d3bce3d

HTTP Headers

GET /books/content?id=9e-YAAAAQBAJ&printsec=frontcover&img=1&zoom=5&edge=curl&source=gbs_api HTTP/1.1
Host: books.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 200 OK
Cache-Control: private, max-age=86400
Accept-Ranges: bytes
Expires: Tue, 27 Sep 2022 08:15:59 GMT
Date: Tue, 27 Sep 2022 08:15:59 GMT
Content-Length: 16369
Content-Type: image/jpeg
X-Content-Type-Options: nosniff
Server: Ocean Content Server
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

192.243.61.225

307 Temporary Redirect

0 B

URL HTTP/1.1
invaderannihilationperky.com/watch.921046037849.js?key=ed3dbbca1a675ac6215f3ab22cd1d7fa&kw=%5B%22free%22%2C%22e-book%22%2C%22download%22%2C%22-%22%2C%22choose%22%2C%22among%22%2C%22free%22%2C%22ebooks%22%2C%22free%22%2C%22kindle%22%2C%22books%22%2C%22download%22%2C%22them%22%2C%22or%22%2C%22read%22%2C%22them%22%2C%22online%22%5D&refer=https%3A%2F%2Fgeorgewaters.shop%2F&tz=0&dev=r&res=12.31&uuid=472c8f53-eb0a-4445-a329-e9e6ead42e88%3A3%3A1
IP
192.243.61.225:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /watch.921046037849.js?key=ed3dbbca1a675ac6215f3ab22cd1d7fa&kw=%5B%22free%22%2C%22e-book%22%2C%22download%22%2C%22-%22%2C%22choose%22%2C%22among%22%2C%22free%22%2C%22ebooks%22%2C%22free%22%2C%22kindle%22%2C%22books%22%2C%22download%22%2C%22them%22%2C%22or%22%2C%22read%22%2C%22them%22%2C%22online%22%5D&refer=https%3A%2F%2Fgeorgewaters.shop%2F&tz=0&dev=r&res=12.31&uuid=472c8f53-eb0a-4445-a329-e9e6ead42e88%3A3%3A1 HTTP/1.1
Host: invaderannihilationperky.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://georgewaters.shop
Connection: keep-alive
Referer: https://georgewaters.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.22.0
Date: Tue, 27 Sep 2022 08:15:59 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://georgewaters.shop
Access-Control-Allow-Origin: https://georgewaters.shop
Access-Control-Allow-Credentials: true
Location: https://invaderannihilationperky.com/watch.921046037849.js?key=ed3dbbca1a675ac6215f3ab22cd1d7fa&kw=%5B%22free%22%2C%22e-book%22%2C%22download%22%2C%22-%22%2C%22choose%22%2C%22among%22%2C%22free%22%2C%22ebooks%22%2C%22free%22%2C%22kindle%22%2C%22books%22%2C%22download%22%2C%22them%22%2C%22or%22%2C%22read%22%2C%22them%22%2C%22online%22%5D&refer=https%3A%2F%2Fgeorgewaters.shop%2F&tz=0&dev=r&res=12.31&uuid=472c8f53-eb0a-4445-a329-e9e6ead42e88%3A3%3A1&shu=f99f6b203716e88d500b9d2dbb24e851edd7c036bb3834afba4b3888730883406981b2b377724e3e11e605dab56543715cc742e46294d89718d0044cdc4bb8cbf10629f81989d1d306800f8a3c5df726442b2a&pst=1664266619&rmtc=t
Set-Cookie: u_pl=16405778; expires=Wed, 28 Sep 2022 08:15:59 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjQwNTc3OCwiayI6ImVkM2RiYmNhMWE2NzVhYzYyMTVmM2FiMjJjZDFkN2ZhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTk2MjY4LCJwaWQiOjMzODcwMSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyNywiYWlkIjoyNywicHQiOjQsInBrIjoidnNwZ2ZqYXRlZCIsImNwa3MiOnsgIjI4IjoiM2M3Y2NiY2RlOTAyZDE5OTJkMjc4MmQ2MmQ4OTk1MjMifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2dlb3JnZXdhdGVycy5zaG9wLyJ9fQ.l-sFGbgAq3zFZHskrBWMpKAMoJZq2vdvKSrcKQZq_Yw; expires=Tue, 27 Sep 2022 08:16:59 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a08dea3a0a37b40d26dc70e168e0f395
Strict-Transport-Security: max-age=0; includeSubdomains

books.google.com/books/content?id=IfYxDwAAQBAJ&printsec=frontcover&img=1&zoom=5&edge=curl&source=gbs_api

142.250.74.174

200 OK

14 kB

URL HTTP/1.1
books.google.com/books/content?id=IfYxDwAAQBAJ&printsec=frontcover&img=1&zoom=5&edge=curl&source=gbs_api
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 27x27, segment length 16, baseline, precision 8, 128x195, components 3\012- data
Size
14 kB (13830 bytes)
Hash
5ca942c92f3f02bae80669916129dd21
e1c3841c47563e1fa6e6676a9c11bcac9b1698ab
82fed006c26568e0e755900550bd794d3d6109bd5abccbbe90e03ff6f8153678

HTTP Headers

GET /books/content?id=IfYxDwAAQBAJ&printsec=frontcover&img=1&zoom=5&edge=curl&source=gbs_api HTTP/1.1
Host: books.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 200 OK
Cache-Control: private, max-age=86400
Accept-Ranges: bytes
Expires: Tue, 27 Sep 2022 08:15:59 GMT
Date: Tue, 27 Sep 2022 08:15:59 GMT
Content-Length: 13830
Content-Type: image/jpeg
X-Content-Type-Options: nosniff
Server: Ocean Content Server
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

books.google.com/books/content?id=md5jAwAAQBAJ&printsec=frontcover&img=1&zoom=5&edge=curl&source=gbs_api

142.250.74.174

200 OK

14 kB

URL HTTP/1.1
books.google.com/books/content?id=md5jAwAAQBAJ&printsec=frontcover&img=1&zoom=5&edge=curl&source=gbs_api
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 27x27, segment length 16, baseline, precision 8, 128x195, components 3\012- data
Size
14 kB (13902 bytes)
Hash
d74f852d7110f64cd5386d806bc19936
0188386d0677f276160958bf6359cfc7b483a815
c7c833b3ecf488a2ebf3312ceab91ec056a84f132c87a5675a69122e8709423a

HTTP Headers

GET /books/content?id=md5jAwAAQBAJ&printsec=frontcover&img=1&zoom=5&edge=curl&source=gbs_api HTTP/1.1
Host: books.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 200 OK
Cache-Control: private, max-age=86400
Accept-Ranges: bytes
Expires: Tue, 27 Sep 2022 08:15:59 GMT
Date: Tue, 27 Sep 2022 08:15:59 GMT
Content-Length: 13902
Content-Type: image/jpeg
X-Content-Type-Options: nosniff
Server: Ocean Content Server
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

invaderannihilationperky.com/3c/7c/cb/3c7ccbcde902d1992d2782d62d899523.js

192.243.61.225

200 OK

29 kB

URL HTTP/1.1
invaderannihilationperky.com/3c/7c/cb/3c7ccbcde902d1992d2782d62d899523.js
IP
192.243.61.225:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Size
29 kB (28744 bytes)
Hash
46792d39cf0e563dc2e921d6a683133b
89520064201fafee23cb3c4ad64ade45f1d59e45
adffe9956ae11ae6df34b84bab5cee0ad09266d5a3463d65793b2fbdc4d301ad

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /3c/7c/cb/3c7ccbcde902d1992d2782d62d899523.js HTTP/1.1
Host: invaderannihilationperky.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://georgewaters.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 27 Sep 2022 08:15:59 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ad9d08a906fb10b3416b63c1613fa384
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

invaderannihilationperky.com/watch.921046037849.js?key=ed3dbbca1a675ac6215f3ab22cd1d7fa&kw=%5B%22free%22%2C%22e-book%22%2C%22download%22%2C%22-%22%2C%22choose%22%2C%22among%22%2C%22free%22%2C%22ebooks%22%2C%22free%22%2C%22kindle%22%2C%22books%22%2C%22download%22%2C%22them%22%2C%22or%22%2C%22read%22%2C%22them%22%2C%22online%22%5D&refer=https%3A%2F%2Fgeorgewaters.shop%2F&tz=0&dev=r&res=12.31&uuid=472c8f53-eb0a-4445-a329-e9e6ead42e88%3A3%3A1&shu=f99f6b203716e88d500b9d2dbb24e851edd7c036bb3834afba4b3888730883406981b2b377724e3e11e605dab56543715cc742e46294d89718d0044cdc4bb8cbf10629f81989d1d306800f8a3c5df726442b2a&pst=1664266619&rmtc=t

192.243.61.225

200 OK

2.1 kB

URL HTTP/1.1
invaderannihilationperky.com/watch.921046037849.js?key=ed3dbbca1a675ac6215f3ab22cd1d7fa&kw=%5B%22free%22%2C%22e-book%22%2C%22download%22%2C%22-%22%2C%22choose%22%2C%22among%22%2C%22free%22%2C%22ebooks%22%2C%22free%22%2C%22kindle%22%2C%22books%22%2C%22download%22%2C%22them%22%2C%22or%22%2C%22read%22%2C%22them%22%2C%22online%22%5D&refer=https%3A%2F%2Fgeorgewaters.shop%2F&tz=0&dev=r&res=12.31&uuid=472c8f53-eb0a-4445-a329-e9e6ead42e88%3A3%3A1&shu=f99f6b203716e88d500b9d2dbb24e851edd7c036bb3834afba4b3888730883406981b2b377724e3e11e605dab56543715cc742e46294d89718d0044cdc4bb8cbf10629f81989d1d306800f8a3c5df726442b2a&pst=1664266619&rmtc=t
IP
192.243.61.225:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document text\012- HTML document, ASCII text, with very long lines (2644)
Size
2.1 kB (2097 bytes)
Hash
b8e80e8feb80e6192f07937b360d02ad
cd747c9ade07e512d198ff37d81a88aa30b30d5a
19cda8cdb2dca0e803fffddfd5e8c425aa1c986b776f9adb4a7848606320e6fb

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /watch.921046037849.js?key=ed3dbbca1a675ac6215f3ab22cd1d7fa&kw=%5B%22free%22%2C%22e-book%22%2C%22download%22%2C%22-%22%2C%22choose%22%2C%22among%22%2C%22free%22%2C%22ebooks%22%2C%22free%22%2C%22kindle%22%2C%22books%22%2C%22download%22%2C%22them%22%2C%22or%22%2C%22read%22%2C%22them%22%2C%22online%22%5D&refer=https%3A%2F%2Fgeorgewaters.shop%2F&tz=0&dev=r&res=12.31&uuid=472c8f53-eb0a-4445-a329-e9e6ead42e88%3A3%3A1&shu=f99f6b203716e88d500b9d2dbb24e851edd7c036bb3834afba4b3888730883406981b2b377724e3e11e605dab56543715cc742e46294d89718d0044cdc4bb8cbf10629f81989d1d306800f8a3c5df726442b2a&pst=1664266619&rmtc=t HTTP/1.1
Host: invaderannihilationperky.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://georgewaters.shop
Referer: https://georgewaters.shop/
Connection: keep-alive
Cookie: u_pl=16405778; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjQwNTc3OCwiayI6ImVkM2RiYmNhMWE2NzVhYzYyMTVmM2FiMjJjZDFkN2ZhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTk2MjY4LCJwaWQiOjMzODcwMSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyNywiYWlkIjoyNywicHQiOjQsInBrIjoidnNwZ2ZqYXRlZCIsImNwa3MiOnsgIjI4IjoiM2M3Y2NiY2RlOTAyZDE5OTJkMjc4MmQ2MmQ4OTk1MjMifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2dlb3JnZXdhdGVycy5zaG9wLyJ9fQ.l-sFGbgAq3zFZHskrBWMpKAMoJZq2vdvKSrcKQZq_Yw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 27 Sep 2022 08:15:59 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://georgewaters.shop
Access-Control-Allow-Origin: https://georgewaters.shop
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=472c8f53-eb0a-4445-a329-e9e6ead42e88:3:1; expires=Tue, 04 Oct 2022 08:15:59 GMT; secure; SameSite=None
iprc8e0f1f6def7b95702a79705fad114cf4=3569807; expires=Tue, 27 Sep 2022 12:15:59 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 28 Sep 2022 08:15:59 GMT; secure; SameSite=None
uncs=1; expires=Wed, 28 Sep 2022 08:15:59 GMT; secure; SameSite=None
pdhtkv27=true; expires=Wed, 28 Sep 2022 08:15:59 GMT; secure; SameSite=None
uncs27=1; expires=Wed, 28 Sep 2022 08:15:59 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ef95e96f2c350eb2c09ab768bb1e8ca9
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

books.google.com/books/content?id=YQO9ZaizNKYC&printsec=frontcover&img=1&zoom=5&edge=curl&source=gbs_api

142.250.74.174

200 OK

21 kB

URL HTTP/1.1
books.google.com/books/content?id=YQO9ZaizNKYC&printsec=frontcover&img=1&zoom=5&edge=curl&source=gbs_api
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 17x17, segment length 16, baseline, precision 8, 128x234, components 3\012- data
Size
21 kB (20697 bytes)
Hash
3043f8ca20f18fecc7e14e5585c5700f
30cebd0364f3717b7a372b6c895530655b47fd5e
776e8d0421cf732143f0d352b137fef42b8a9c1e10535809e18e66619e18a178

HTTP Headers

GET /books/content?id=YQO9ZaizNKYC&printsec=frontcover&img=1&zoom=5&edge=curl&source=gbs_api HTTP/1.1
Host: books.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 200 OK
Cache-Control: private, max-age=86400
Accept-Ranges: bytes
Expires: Tue, 27 Sep 2022 08:15:59 GMT
Date: Tue, 27 Sep 2022 08:15:59 GMT
Content-Length: 20697
Content-Type: image/jpeg
X-Content-Type-Options: nosniff
Server: Ocean Content Server
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

z.moatads.com/addthismoatframe568911941483/moatframe.js

23.38.201.146

200 OK

948 B

URL HTTP/2
z.moatads.com/addthismoatframe568911941483/moatframe.js
IP
23.38.201.146:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (523)
Size
948 B (948 bytes)
Hash
f14b4e1f799b14f798a195f43cf58376
b6fd3b3d407fb4c0a00fb8a31862235e2a6e0a86
92ed3e9fda5fa4d738ff4d9023846b56633617363dda6a750cacb4fba53241ac

HTTP Headers

GET /addthismoatframe568911941483/moatframe.js HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://georgewaters.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: e0HboiVQpjIDEK8WTxqU5+8G8wOtu9bNCFY72alTHLP0/Yb+qoiTOxu6fad89ebRofzHxENxOOg=
x-amz-request-id: 61EC92F13BB22DD4
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
etag: "f14b4e1f799b14f798a195f43cf58376"
content-encoding: gzip
accept-ranges: bytes
content-type: application/x-javascript
content-length: 948
server: AmazonS3
vary: Accept-Encoding
cache-control: max-age=17707
date: Tue, 27 Sep 2022 08:15:59 GMT
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
2917b8abe74403bc4f20b2eed1ac39a2
8421735ad0b1729a0f3467a5fb0fe06db7a6a5fc
6389a79fa621d32138dab9c0fab190c515288ef534b023cc909a156979fcef39

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "6389A79FA621D32138DAB9C0FAB190C515288EF534B023CC909A156979FCEF39"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6771
Expires: Tue, 27 Sep 2022 10:08:50 GMT
Date: Tue, 27 Sep 2022 08:15:59 GMT
Connection: keep-alive

books.google.com/books/content?id=A0NIt94D24UC&printsec=frontcover&img=1&zoom=5&edge=curl&source=gbs_api

142.250.74.174

200 OK

9.2 kB

URL HTTP/1.1
books.google.com/books/content?id=A0NIt94D24UC&printsec=frontcover&img=1&zoom=5&edge=curl&source=gbs_api
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 77x77, segment length 16, baseline, precision 8, 128x190, components 3\012- data
Size
9.2 kB (9153 bytes)
Hash
fcb3288c1d3dd2c69fb277e88f46c8c5
84152d4806cdb0473bcbd8b6849c9bd55d4dcd79
dfc7cb6e5f962ee7fe1108e9fbb14b07c1e914a1ca3d8b05f808e7c9fb75b157

HTTP Headers

GET /books/content?id=A0NIt94D24UC&printsec=frontcover&img=1&zoom=5&edge=curl&source=gbs_api HTTP/1.1
Host: books.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 200 OK
Cache-Control: private, max-age=86400
Accept-Ranges: bytes
Expires: Tue, 27 Sep 2022 08:15:59 GMT
Date: Tue, 27 Sep 2022 08:15:59 GMT
Content-Length: 9153
Content-Type: image/jpeg
X-Content-Type-Options: nosniff
Server: Ocean Content Server
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

books.google.com/books/content?id=W09cOXKTj-cC&printsec=frontcover&img=1&zoom=5&edge=curl&source=gbs_api

142.250.74.174

200 OK

14 kB

URL HTTP/1.1
books.google.com/books/content?id=W09cOXKTj-cC&printsec=frontcover&img=1&zoom=5&edge=curl&source=gbs_api
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 27x27, segment length 16, baseline, precision 8, 128x195, components 3\012- data
Size
14 kB (13644 bytes)
Hash
ad14cd4d0e1027f4756cd065b1a200f5
9b9405e810c2dd0308bc38e854e76cbb4cc2b037
2d5a2e78e4bad835e7e03e8ad2f41f911e36445c76776862d710af1313ce7d54

HTTP Headers

GET /books/content?id=W09cOXKTj-cC&printsec=frontcover&img=1&zoom=5&edge=curl&source=gbs_api HTTP/1.1
Host: books.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 200 OK
Cache-Control: private, max-age=86400
Accept-Ranges: bytes
Expires: Tue, 27 Sep 2022 08:15:59 GMT
Date: Tue, 27 Sep 2022 08:15:59 GMT
Content-Length: 13644
Content-Type: image/jpeg
X-Content-Type-Options: nosniff
Server: Ocean Content Server
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

books.google.com/books/content?id=9mdZ8C3GLHYC&printsec=frontcover&img=1&zoom=5&edge=curl&source=gbs_api

142.250.74.174

200 OK

20 kB

URL HTTP/1.1
books.google.com/books/content?id=9mdZ8C3GLHYC&printsec=frontcover&img=1&zoom=5&edge=curl&source=gbs_api
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 23x23, segment length 16, baseline, precision 8, 128x206, components 3\012- data
Size
20 kB (20066 bytes)
Hash
eb69f7af5f00576f7b9c93099bca0dc2
b9eb47eec00feb9eb1ad78420c19f2a4b0a56e44
acfa7d4391c3acdbe6ab61f1912c62555e5f4b969601837967f2b45a5e69c1f1

HTTP Headers

GET /books/content?id=9mdZ8C3GLHYC&printsec=frontcover&img=1&zoom=5&edge=curl&source=gbs_api HTTP/1.1
Host: books.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 200 OK
Cache-Control: private, max-age=86400
Accept-Ranges: bytes
Expires: Tue, 27 Sep 2022 08:15:59 GMT
Date: Tue, 27 Sep 2022 08:15:59 GMT
Content-Length: 20066
Content-Type: image/jpeg
X-Content-Type-Options: nosniff
Server: Ocean Content Server
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

books.google.com/books/content?id=7MtehxyHMVkC&printsec=frontcover&img=1&zoom=5&edge=curl&source=gbs_api

142.250.74.174

200 OK

13 kB

URL HTTP/1.1
books.google.com/books/content?id=7MtehxyHMVkC&printsec=frontcover&img=1&zoom=5&edge=curl&source=gbs_api
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 27x27, segment length 16, baseline, precision 8, 128x195, components 3\012- data
Size
13 kB (13190 bytes)
Hash
5d3f00756f550b0c2393deaa1e413e8c
fb70b021de80f0681a45cfc98b2b43d492d03b85
8b6cd80c93b3251b88482d4aef01921dffc11e29fa7257fe41f523f8a874df9c

HTTP Headers

GET /books/content?id=7MtehxyHMVkC&printsec=frontcover&img=1&zoom=5&edge=curl&source=gbs_api HTTP/1.1
Host: books.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 200 OK
Cache-Control: private, max-age=86400
Accept-Ranges: bytes
Expires: Tue, 27 Sep 2022 08:15:59 GMT
Date: Tue, 27 Sep 2022 08:15:59 GMT
Content-Length: 13190
Content-Type: image/jpeg
X-Content-Type-Options: nosniff
Server: Ocean Content Server
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
eed381093f60d265bf0cc2970650014c
634000599092742388caef6f1a2c6d5378e6c1bb
2501f62b10b278c0e95705040a281c9dd8df9ee336c30995c85f5329fd8be7c0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2501F62B10B278C0E95705040A281C9DD8DF9EE336C30995C85F5329FD8BE7C0"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2124
Expires: Tue, 27 Sep 2022 08:51:23 GMT
Date: Tue, 27 Sep 2022 08:15:59 GMT
Connection: keep-alive

cdn.cloudimagesb.com/cti/56/ef/55/56ef55f6ef3bc03e69b8d66da27f0cd1/1658920055.png

45.133.44.9

200 OK

67 kB

URL HTTP/2
cdn.cloudimagesb.com/cti/56/ef/55/56ef55f6ef3bc03e69b8d66da27f0cd1/1658920055.png
IP
45.133.44.9:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 468 x 60, 8-bit/color RGBA, non-interlaced\012- data
Size
67 kB (67174 bytes)
Hash
a98b4585db1c6db06d6857c73bb75fcb
02a896b08a79e873b2dd26200ee1f0665dc1c80a
fc08e863ffafe25aa63fe8b60c2d5135fc5f52caf0abae4da3f1a90e0f8ed96c

HTTP Headers

GET /cti/56/ef/55/56ef55f6ef3bc03e69b8d66da27f0cd1/1658920055.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 27 Sep 2022 08:15:59 GMT
content-type: image/png
content-length: 67174
server: nginx/1.17.6
last-modified: Wed, 27 Jul 2022 11:07:43 GMT
etag: "62e11c7f-10666"
expires: Thu, 29 Sep 2022 08:15:59 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
2917b8abe74403bc4f20b2eed1ac39a2
8421735ad0b1729a0f3467a5fb0fe06db7a6a5fc
6389a79fa621d32138dab9c0fab190c515288ef534b023cc909a156979fcef39

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "6389A79FA621D32138DAB9C0FAB190C515288EF534B023CC909A156979FCEF39"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6771
Expires: Tue, 27 Sep 2022 10:08:50 GMT
Date: Tue, 27 Sep 2022 08:15:59 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a9077c0af71e994499eb2eef44e3d59e
24edbb18d684e840bf76b8862138d70c7f4fec70
9df839ab826b15464f753175dc7105a9f25d5f067e7cf9c0f22720d5d30e300a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9DF839AB826B15464F753175DC7105A9F25D5F067E7CF9C0F22720D5D30E300A"
Last-Modified: Tue, 27 Sep 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15485
Expires: Tue, 27 Sep 2022 12:34:04 GMT
Date: Tue, 27 Sep 2022 08:15:59 GMT
Connection: keep-alive

kazanwhoeveryowl.com/pixel/purst?dl=0&th=0&sc=0&rs=3328&rd=3328&fd=820&bv=22.8.v.2&tmpl=136

173.233.137.44

200 OK

0 B

URL HTTP/1.1
kazanwhoeveryowl.com/pixel/purst?dl=0&th=0&sc=0&rs=3328&rd=3328&fd=820&bv=22.8.v.2&tmpl=136
IP
173.233.137.44:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=3328&rd=3328&fd=820&bv=22.8.v.2&tmpl=136 HTTP/1.1
Host: kazanwhoeveryowl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://georgewaters.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 27 Sep 2022 08:16:00 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

23.38.200.123

200 OK

26 kB

URL HTTP/2
s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
IP
23.38.200.123:0
ASN
#16625 AKAMAI-AS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63757)
Size
26 kB (26421 bytes)
Hash
707317ccaabe08d32d1bd781754e6871
bb82dcd3e044c960e0861c2ce878f5504e628f78
d0a164ece41c61aec26517fb645646f5ba91f72ea5448eff1ee6c393b7c53051

HTTP Headers

GET /static/sh.f48a1a04fe8dbf021b4cda1d.html HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://georgewaters.shop/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Tue, 27 Sep 2022 08:16:00 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2

m.addthis.com/live/red_lojson/300lo.json?si=6332b13d2d65064c&bkl=0&bl=1&pdt=1432&sid=6332b13d2d65064c&pub=ra-5243766a0c4cc5a8&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=georgewaters.shop&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1664266557996&jsl=0&uvs=6332b13d409f4be7000&skipb=1&callback=addthis.cbs.jsonp__59652648379741470

23.38.200.123

200 OK

89 B

URL HTTP/2
m.addthis.com/live/red_lojson/300lo.json?si=6332b13d2d65064c&bkl=0&bl=1&pdt=1432&sid=6332b13d2d65064c&pub=ra-5243766a0c4cc5a8&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=georgewaters.shop&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1664266557996&jsl=0&uvs=6332b13d409f4be7000&skipb=1&callback=addthis.cbs.jsonp__59652648379741470
IP
23.38.200.123:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with no line terminators
Size
89 B (89 bytes)
Hash
af1a4a83997a9d88a52d6157d6e3038d
717b18e1cf84225e27e1b131fe4218a52813d274
292d5f4ec19c514a54a2aff50c0c4c90fb97a4224f3242801bb4f97d40049f93

HTTP Headers

GET /live/red_lojson/300lo.json?si=6332b13d2d65064c&bkl=0&bl=1&pdt=1432&sid=6332b13d2d65064c&pub=ra-5243766a0c4cc5a8&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=georgewaters.shop&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1664266557996&jsl=0&uvs=6332b13d409f4be7000&skipb=1&callback=addthis.cbs.jsonp__59652648379741470 HTTP/1.1
Host: m.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://georgewaters.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 89
cache-control: max-age=0, no-cache, no-store, no-transform
pragma: no-cache
content-disposition: attachment; filename=1.txt
date: Tue, 27 Sep 2022 08:16:00 GMT
X-Firefox-Spdy: h2

v1.addthisedge.com/live/boost/ra-5243766a0c4cc5a8/_ate.track.config_resp

23.38.200.123

200 OK

930 B

URL HTTP/2
v1.addthisedge.com/live/boost/ra-5243766a0c4cc5a8/_ate.track.config_resp
IP
23.38.200.123:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (4210), with no line terminators
Size
930 B (930 bytes)
Hash
7929bc664ecee08e1d6493f3a0475bc1
c074626328039f0f69b6097d4b3280ab2a4229d7
dfde078247aaf8e7369435bee20d1f12c59ffe20ad84ce42e0659d969453e8c4

HTTP Headers

GET /live/boost/ra-5243766a0c4cc5a8/_ate.track.config_resp HTTP/1.1
Host: v1.addthisedge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://georgewaters.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 930
etag: 321257075--gzip
content-disposition: attachment; filename=1.txt
content-encoding: gzip
cache-control: public, max-age=60, s-maxage=86400
date: Tue, 27 Sep 2022 08:16:00 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

addresseepaper.com/sfp.js

172.64.100.4

200 OK

28 kB

URL HTTP/2
addresseepaper.com/sfp.js
IP
172.64.100.4:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
28 kB (27622 bytes)
Hash
2ba9ba04f2619196427c1443ce2c99a3
563ef61ec8d0c681eacbcdb31c4a9de66378244d
0f12e70617010298b2486948fa4e6a792a6d1559520a1427d7da9c5a5e3ab4ea

HTTP Headers

GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://georgewaters.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 27 Sep 2022 08:15:59 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 9de7ae26c8d92521f1db87bd8dfdbad1
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Tue, 27 Sep 2022 08:15:59 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZiqJCz4ia5yY3EjdFdvIm5ybGb69mB6oreOxvRMlhUbQHSEDBlb3Y950ZwGbpZ5p4VaRZVtxpWTnGxlGhkRcj9ywz2CogP677Z0erPm4GvezBRBb%2BlkOcQeGIphZcwnv9j5UIdQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7512cb6cce84e638-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

23.38.200.123

200 OK

78 kB

URL HTTP/2
s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
IP
23.38.200.123:0
ASN
#16625 AKAMAI-AS

File type
Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Size
78 kB (77672 bytes)
Hash
9a77dff666eebb6cf4bbc4c67c7b563b
9e98d7824a7b4e34665c2690d6f52caddad1fe4b
6cdf8e597f3cbe759531153fd926d51aeaebd836a1c9bc1436e079645bfd3ad7

HTTP Headers

GET /static/layers.fa6cd1947ce26e890d3d.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://georgewaters.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-41cf5"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 77672
date: Tue, 27 Sep 2022 08:16:00 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2

unseenreport.com/pxf.gif?uuid=472c8f53-eb0a-4445-a329-e9e6ead42e88&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=3c7ccbcde902d1992d2782d62d899523&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=8

192.243.59.13

200 OK

1 B

URL HTTP/1.1
unseenreport.com/pxf.gif?uuid=472c8f53-eb0a-4445-a329-e9e6ead42e88&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=3c7ccbcde902d1992d2782d62d899523&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=8
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=472c8f53-eb0a-4445-a329-e9e6ead42e88&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=3c7ccbcde902d1992d2782d62d899523&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=8 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://georgewaters.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 27 Sep 2022 08:16:00 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: dce38722b9e5d200923e13a69cc3da17
Strict-Transport-Security: max-age=0; includeSubdomains

api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fgeorgewaters.shop%2F&callback=_ate.cbs.rcb_kzmy0

23.38.200.123

200 OK

53 B

URL HTTP/2
api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fgeorgewaters.shop%2F&callback=_ate.cbs.rcb_kzmy0
IP
23.38.200.123:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with no line terminators
Size
53 B (53 bytes)
Hash
2417d366fc066c7803d4ae106140e88f
7c042974534206dfeb1a37649ca273d8231faea0
59a9538fe4bc035a30312bbd83c2e68c22fe268c1cf58f34004d3741ca8de9d2

HTTP Headers

GET /url/shares.json?url=https%3A%2F%2Fgeorgewaters.shop%2F&callback=_ate.cbs.rcb_kzmy0 HTTP/1.1
Host: api-public.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://georgewaters.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
surrogate-key: georgewaters.shop/
last-modified: Tue, 27 Sep 2022 08:16:00 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 53
date: Tue, 27 Sep 2022 08:16:00 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fgeorgewaters.shop%2F&callback=_ate.cbs.rcb_dyds0

23.38.200.123

200 OK

53 B

URL HTTP/2
api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fgeorgewaters.shop%2F&callback=_ate.cbs.rcb_dyds0
IP
23.38.200.123:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with no line terminators
Size
53 B (53 bytes)
Hash
803ebcfe4e9737149f893770eda64b2f
a8e0b59b0f2c95e40c5ab90843374a5e2f133a43
44a9502b50fd411f84964626b68553cb5a378247cbf6107e154bd69f0af766a0

HTTP Headers

GET /url/shares.json?url=http%3A%2F%2Fgeorgewaters.shop%2F&callback=_ate.cbs.rcb_dyds0 HTTP/1.1
Host: api-public.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://georgewaters.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
surrogate-key: georgewaters.shop/
last-modified: Tue, 27 Sep 2022 08:16:00 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 53
date: Tue, 27 Sep 2022 08:16:00 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fgeorgewaters.shop%2F

23.38.200.123

200 OK

2 B

URL HTTP/2
api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fgeorgewaters.shop%2F
IP
23.38.200.123:0
ASN
#16625 AKAMAI-AS

File type
JSON data\012- , ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

HTTP Headers

POST /url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fgeorgewaters.shop%2F HTTP/1.1
Host: api-public.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Origin: https://georgewaters.shop
Connection: keep-alive
Referer: https://georgewaters.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/json
content-length: 2
cache-control: no-transform, max-age=0, s-maxage=14400
surrogate-key: sFbt=https://georgewaters.shop/
last-modified: Tue, 27 Sep 2022 08:00:00 GMT
access-control-allow-origin: https://georgewaters.shop
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
date: Tue, 27 Sep 2022 08:16:01 GMT
X-Firefox-Spdy: h2

georgewaters.shop/

104.21.26.26

200 OK

0 B

URL HTTP/2
georgewaters.shop/
IP
104.21.26.26:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET / HTTP/1.1
Host: georgewaters.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Tue, 27 Sep 2022 08:15:57 GMT
content-type: text/html; charset=UTF-8
link: <http://georgewaters.shop/wp-json/>; rel="https://api.w.org/"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gWiTOtpm8Qde2Jfm%2FtRdecmNCakRyCykPsQ3%2FXO65LaC6Yy9A2sYHttTbDeEFeNl0Qj2e3Nvie9jn5GJHhZNWsbjVuUpRNygpSaqYX8PMzIcI1e8LiwI11pZDg2mYwjX1GdsVw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7512cb5aedb11c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cpa-ebook-assets.site/style.css

172.67.148.67

200 OK

0 B

URL HTTP/2
cpa-ebook-assets.site/style.css
IP
172.67.148.67:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /style.css HTTP/1.1
Host: cpa-ebook-assets.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://georgewaters.shop/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 27 Sep 2022 08:15:57 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400, must-revalidate
cf-bgj: minify
cf-polished: origSize=1784
etag: W/"eeed06b230384483968a2efef31c09fa-ssl-df"
vary: Accept-Encoding
x-nf-request-id: 01GBA8BEQ0HJ9E2PND22SBAYCT
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=57HGFHpz2dNTZazOQxXT6mAQUmf12z6ikd4bOpFymFOqZcbejcNmleRb%2FJ3TKgcWFRKzKPsG4cD9GXTOuX2oiI%2BuwEMsl6bi%2F9cMe9IeEc%2BATVRC5yPpV254dRUO8x4fbl0wurrkZsU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7512cb620d92b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

178.63.30.218

404 Not Found

0 B

URL HTTP/2
register.yars10.net/js/pub.min.js?application=georgewaters.shop
IP
178.63.30.218:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/pub.min.js?application=georgewaters.shop HTTP/1.1
Host: register.yars10.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://georgewaters.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 404 Not Found
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, private
date: Tue, 27 Sep 2022 08:15:58 GMT
vary: Accept-Encoding, Origin
set-cookie: api_push_dog_session=eyJpdiI6IjM5ejFIaENnNXlpaE5BaFpQUThFK3c9PSIsInZhbHVlIjoiWEhEbDV3RUxhb0krRTZnbmpHbjhETnZRMUZNQXdkTVh3Y0IwYVhvNWdkZlBJcFRPTzY3SEh2bXlNb3hnTFg5RzFXRVYzalR1ZHlJV0REeXlTUGtWOVI5OEZ1Rml0NHFLaWJ5MVRLNFdRcitlOEZ1bWJBMGVGNnR0V1NhQk96RnciLCJtYWMiOiI5YTA1YjExMGQwNzUyNjY1Mjc1M2M3YjNhN2Q4ODY5N2YxNmRkM2Y1NjYwODhhNDI1ODhlZjE0NGNlMjJlMDU3IiwidGFnIjoiIn0%3D; expires=Tue, 27-Sep-2022 10:15:58 GMT; Max-Age=7200; path=/; domain=push.dog; secure; httponly; samesite=lax
OoLByNnLTkXkELrnIBF0cRjKUx6Ginjf91z7dS2q=eyJpdiI6Im9zRWwrZS9DWENhbHhQZW5oK1dyeEE9PSIsInZhbHVlIjoiMnp3QmUxRWlmeEMxMnRYeXZ0K2xzaE9tRTJrZEdZNFZxRXlFck85VldFWnJKMGN1L3hRN2V6M1ZhU2t6TDZ0Z3N1emxjNG1EandrajZFaDZnWThQd1pZVWJJOWQrOHZRaWFRL3NaMVBYc0E2ZkNKZGJnWHdqQjdpL2NNVEgxT3B0ayttN1NNUi9iRklmL1BDNVVKdSs2bHZnT0RSSlZjVkgrQlY5N2JEOHVyUHZQNUFDT2J6QkdGQTBoQmo4dUNQRXpBNTJDZi93NU9TS2VacnRzRFpPT2U5NVJZQUNYbHUvU29VcnVOUnNST25PYmdoUEdNOC8wSzc4NW1LNnVhejYwM1B1UFFMQnd0S0NhQUhXOFZ5eUNMbXdja0lVQzhpVzhnM20ybXZ2MUNmK0RkcXlDeE1ZcE1qVUEzcXMxRG0rTjRQZ0UrNHk4MVB5UFUzSW1zZ3dvN0JWdTNZcCszMzdiZDNxZEVVenZZbWl4R09vMmpFUkkvRWVGOURXVUZ0bm80RmpKdUNucEQ0SjM0RC9FMVpaYzhJWTlCQ2QyZWEyc0dPWXdzMHN0R2RKRGJ1M25BcUlBQTl0VXVnUjI5NTNVZ1k1Kzc0VGRPekZVVldROVRuY2NBVzRUWlpsbSt1ckJpNUFBUHpkM3hJWGthNWM3WDhMaDhIQlliVDN4VjdzdUFHVzhJSmo0TzJac3dacFlKcGZRQW14a3pUZ3pHb1ZrUmRGSlFGbDlmVGcwc1pEa2NvQVVlZDlNd3ZmTGdLZmpGL202MlBZVFBOVmtyYTRDcEovcytiRlpxSVVwKzVyeXZqaGtjcVJ3RWVoOUVXV2RDeUJvRU9zZWRpU0JQaVJhdG5kQkFyam1HOExOUk5tajRtdVpYWUVRS2xZdDFIRzgxTGZBdGNEdEF6ZGlWMFBBWmdPT2I5MjNRUXdYandhdjRvcnl5WnRHYW14cGI4bm9vcHp1YzBSU09FenZoMDJ0QTRJL3l4aDN6QmtOSmUzU3lWWFlZdE9YWld1Y0laU3pXQ0dxNGxRMWoralp6WFhMTFFpbXNuR1h4NXlHK1l1SEZaeWowOU1ZSmpScEVjR3E2bGV2eTBRTFJiZXk2bG9xT2xTaTkyc25kMnd4bkhCZ1FKbDNia0Y2SjhVNDk2OWJ6NTJJREQvK29BOEVzNXRMT2RvL1Y5UjV5MmxNZkkiLCJtYWMiOiJlMjU1MWJkZTZkNjUwYWE3NGY2MTIwMjZkYjBmN2U5OTA1MTVmYmE5YzViMGMxMGMwM2FhYWFmNGIxOWU5YTEzIiwidGFnIjoiIn0%3D; expires=Tue, 27-Sep-2022 10:15:58 GMT; Max-Age=7200; path=/; domain=push.dog; secure; httponly; samesite=lax
DSALB=595921988003458c; path=/
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (19)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations