Report - straightboysgonegay.com/t2/?trk=6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2

Report Overview

Visited public
2023-09-10 06:30:03
Tags
URL
straightboysgonegay.com/t2/?trk=6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2
Finishing URL
straightboysgonegay.com/t2/?trk=6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2
IP / ASN
208.74.149.150
#27589 MOJOHOST
Title
Straight Boys Gone Gay

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-09-09 22:31:21	897 B	149 kB	142.250.74.136
ka-p.fontawesome.com	4489	2012-10-18	2019-12-16 21:35:53	2023-09-09 21:02:14	3.5 kB	229 kB	104.18.22.52
straightboysgonegay.com	unknown	2017-07-03	2018-01-31 08:10:23	2023-07-13 07:10:22	12 kB	2.4 MB	208.74.149.150
ocsp.pki.goog	175	2016-06-13	2018-07-01 08:43:07	2023-09-09 18:12:06	3.0 kB	6.3 kB	142.250.74.131
ocsp.r2m02.amazontrust.com	unknown	2007-05-11	2022-10-12 16:01:39	2023-09-09 20:41:04	340 B	863 B	143.204.48.16
ajax.googleapis.com	12905	2005-01-25	2013-08-16 11:51:31	2023-09-09 22:40:48	452 B	32 kB	216.58.207.202
bestlnd.com	unknown	2021-07-01	2021-07-02 02:55:54	2023-08-30 14:17:35	598 B	30 kB	35.83.162.211
plausible.io	48197	2018-12-30	2019-02-01 09:53:03	2023-09-09 21:21:58	900 B	86 kB	194.242.11.186
ajax.aspnetcdn.com	693	2010-10-12	2012-05-24 15:35:31	2023-09-09 21:01:46	898 B	30 kB	152.199.19.160
kit.fontawesome.com	1868	2012-10-18	2019-12-16 20:51:31	2023-09-09 20:30:33	1.3 kB	17 kB	104.18.22.52
admitjoin.com	unknown	2023-02-23	2023-02-23 21:40:28	2023-08-31 05:01:37	724 B	31 kB	163.171.128.172
rfdcxz.com	unknown	2023-05-08	2023-07-06 21:26:59	2023-09-09 21:52:41	8.6 kB	75 kB	207.120.33.35
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-09-09 18:34:13	1.0 kB	140 kB	216.58.207.227
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-09-09 22:29:19	434 B	1.2 kB	142.250.74.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-09-09	medium	rfdcxz.com	Sinkholed
2023-09-09	medium	rfdcxz.com	Sinkholed
2023-09-09	medium	rfdcxz.com	Sinkholed
2023-09-09	medium	rfdcxz.com	Sinkholed
2023-09-09	medium	rfdcxz.com	Sinkholed
2023-09-09	medium	rfdcxz.com	Sinkholed
2023-09-09	medium	rfdcxz.com	Sinkholed
2023-09-09	medium	rfdcxz.com	Sinkholed
2023-09-09	medium	rfdcxz.com	Sinkholed
2023-09-09	medium	rfdcxz.com	Sinkholed
2023-09-09	medium	rfdcxz.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (24)

	URL	From	Size	First Seen	Last Seen
	kit.fontawesome.com/b314bdf1b3.js	ScriptElement	12 kB	2023-06-20	2023-11-22
Pretty URL kit.fontawesome.com/b314bdf1b3.js IP 104.18.22.52 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-20 05:08 Last Seen2023-11-22 21:59 Times Seen16 Hash 4fc6cefe553c0690d16534ebf9d89181 aa7c5a51a88e2dcbdf8b67e8648d35682d19e31f 8f3a8661dafbfffde857c6bbc7abc7c63e929047dfc5e6cc1a805ab8e98dacbb Loading...

	rfdcxz.com/common_tpls/js/validate_form_v2.js?jsv=33	ScriptElement	26 kB	2023-03-14	2024-08-21
Pretty URL rfdcxz.com/common_tpls/js/validate_form_v2.js?jsv=33 IP 207.120.33.35 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 00:51 Last Seen2024-08-21 08:25 Times Seen14 Hash b26223d9940db2288de40d67f6f90731 83fd7db93e9f1c5eb54305c662140d350e81f0f4 82541640f7edc753be5fb44d233216f5906f8f6ebc7200a02f229e263997b0ef Loading...

	rfdcxz.com/3e889512ce122054/?epcVIP=48.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69904.47652-829423.6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2&theme=gsgoneg&f_color=ffffff&epcCID=m233Pb3dpfY7jfMdEc80n4Peyf32b3D55&rtid=02321648121	ScriptElement	127 B	2023-03-07	2024-08-21
Pretty URL rfdcxz.com/3e889512ce122054/?epcVIP=48.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69904.47652-829423.6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2&theme=gsgoneg&f_color=ffffff&epcCID=m233Pb3dpfY7jfMdEc80n4Peyf32b3D55&rtid=02321648121 IP 207.120.33.35 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:27 Last Seen2024-08-21 08:25 Times Seen17 Hash 987cb4cd06cbdbc694458792197453a0 03a7bedae186b4579555956a004744f78497b3e7 b1ec8ca388b07625941809d2bea46f0ba3ed49485c25cf1fe5735c080d81771d Loading...

	straightboysgonegay.com/t2/js/fn.obfuscated.js	ScriptElement	201 kB	2023-03-08	2023-09-16
Pretty URL straightboysgonegay.com/t2/js/fn.obfuscated.js IP 208.74.149.150 ASN #27589 MOJOHOST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:50 Last Seen2023-09-16 05:02 Times Seen2 Hash 3c45f72ef48f173cd2a1a28d55bc9020 fea1d2d981009429b5ddd02410ea7218e958c32e d947a52939afa3f9cd42a060f0debb4a0d41562c7c668c063a0f39af4f9fd7e3 Loading...

	straightboysgonegay.com/t2/?trk=6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2	ScriptElement	0 B	0001-01-01	2025-05-09
Pretty URL straightboysgonegay.com/t2/?trk=6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2 IP 208.74.149.150 ASN #27589 MOJOHOST Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-09 10:33 Times Seen4635342 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	straightboysgonegay.com/t2/sandbox%20eval%20code		147 B	2023-04-11	2025-05-09
Pretty URL straightboysgonegay.com/t2/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-09 10:31 Times Seen341419 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js	ScriptElement	88 kB	2023-03-07	2025-05-09
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js IP 216.58.207.202 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 10:31 Times Seen68111 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

	ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/bootstrap.min.js	ScriptElement	37 kB	2023-03-07	2025-05-09
Pretty URL ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/bootstrap.min.js IP 152.199.19.160 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 10:31 Times Seen27457 Hash 5869c96cc8f19086aee625d670d741f9 430a443d74830fe9be26efca431f448c1b3740f9 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef Loading...

	rfdcxz.com/3e889512ce122054/?epcVIP=48.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69904.47652-829423.6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2&theme=gsgoneg&f_color=ffffff&epcCID=m233Pb3dpfY7jfMdEc80n4Peyf32b3D55&rtid=02321648121	ScriptElement	388 B	2023-08-19	2024-08-21
Pretty URL rfdcxz.com/3e889512ce122054/?epcVIP=48.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69904.47652-829423.6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2&theme=gsgoneg&f_color=ffffff&epcCID=m233Pb3dpfY7jfMdEc80n4Peyf32b3D55&rtid=02321648121 IP 207.120.33.35 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-19 00:11 Last Seen2024-08-21 08:25 Times Seen12 Hash e0dfddef92dfde8d95dc42e03363cc81 ba518d5c70e54c50f3af40a280be1a3f681b7ea5 93850ebe5df1fed9e36047465ada548c828d41ca5810ddc98139fbf0b2c9f4b3 Loading...

	rfdcxz.com/3e889512ce122054/?epcVIP=48.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69904.47652-829423.6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2&theme=gsgoneg&f_color=ffffff&epcCID=m233Pb3dpfY7jfMdEc80n4Peyf32b3D55&rtid=02321648121	ScriptElement	264 B	2023-03-07	2024-08-21
Pretty URL rfdcxz.com/3e889512ce122054/?epcVIP=48.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69904.47652-829423.6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2&theme=gsgoneg&f_color=ffffff&epcCID=m233Pb3dpfY7jfMdEc80n4Peyf32b3D55&rtid=02321648121 IP 207.120.33.35 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2024-08-21 07:54 Times Seen22 Hash 50b8d257c149e4c89eb8fcd42cbb90bd ec36a40fb37b6fcca17ac892e3b274ecff9c5164 04b5d8be7fc682489a5060b6832c7a14ebe5480a284f3f9d55f0a0407aeff7b0 Loading...

	www.googletagmanager.com/gtag/js?id=UA-73753491-24	ScriptElement	188 kB	2023-09-10	2023-09-10
Pretty URL www.googletagmanager.com/gtag/js?id=UA-73753491-24 IP 142.250.74.136 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-10 08:30 Last Seen2023-09-10 08:30 Times Seen1 Hash 2f0ac52f6dae3b934a572c2864064e1d 7d88b8842378bc215ba86c80f9091b94eb62c44c a7598ad66f18a32e1095bc46799aee01c8c03f6211f7eadb6941b731d7da35d0 Loading...

	rfdcxz.com/common_tpls/js/form_support.js?v=1101202201	ScriptElement	3.8 kB	2023-03-08	2024-08-21
Pretty URL rfdcxz.com/common_tpls/js/form_support.js?v=1101202201 IP 207.120.33.35 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:25 Last Seen2024-08-21 08:25 Times Seen40 Hash 4ffa5d12f2aa2394aa284438d9ab1658 66a6678dc24eae37e35b8ee571e78f6e8af796da a35efd7238a1ef4c6581aadc6d001e8554adf949dc6cde5650c2235483f19bf0 Loading...

	rfdcxz.com/3e889512ce122054/?epcVIP=48.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69904.47652-829423.6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2&theme=gsgoneg&f_color=ffffff&epcCID=m233Pb3dpfY7jfMdEc80n4Peyf32b3D55&rtid=02321648121	ScriptElement	166 B	2023-03-07	2024-08-21
Pretty URL rfdcxz.com/3e889512ce122054/?epcVIP=48.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69904.47652-829423.6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2&theme=gsgoneg&f_color=ffffff&epcCID=m233Pb3dpfY7jfMdEc80n4Peyf32b3D55&rtid=02321648121 IP 207.120.33.35 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2024-08-21 08:25 Times Seen35 Hash 30fbeedd3ef42ed4b3c0cedc516b2f71 dff25b928dad51d1d769285bf2a302d2be531927 1a9018c8172241d8aade74fd982307b0171e6b21ce2b4a470342852d92a99ed0 Loading...

	rfdcxz.com/3e889512ce122054/?epcVIP=48.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69904.47652-829423.6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2&theme=gsgoneg&f_color=ffffff&epcCID=m233Pb3dpfY7jfMdEc80n4Peyf32b3D55&rtid=02321648121	ScriptElement	59 B	2023-03-07	2024-08-21
Pretty URL rfdcxz.com/3e889512ce122054/?epcVIP=48.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69904.47652-829423.6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2&theme=gsgoneg&f_color=ffffff&epcCID=m233Pb3dpfY7jfMdEc80n4Peyf32b3D55&rtid=02321648121 IP 207.120.33.35 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 13:58 Last Seen2024-08-21 08:11 Times Seen16 Hash cffd5e347526410b8d4ea84ff7d98463 9ea138c5d82132b2903dfca2bc6de42e3bb4b2c7 4ac6a08906e572c5a01455e972b35ec841a7e0f63619562b1458dac804e7a246 Loading...

	rfdcxz.com/3e889512ce122054/?epcVIP=48.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69904.47652-829423.6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2&theme=gsgoneg&f_color=ffffff&epcCID=m233Pb3dpfY7jfMdEc80n4Peyf32b3D55&rtid=02321648121	ScriptElement	206 B	2023-03-07	2024-08-21
Pretty URL rfdcxz.com/3e889512ce122054/?epcVIP=48.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69904.47652-829423.6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2&theme=gsgoneg&f_color=ffffff&epcCID=m233Pb3dpfY7jfMdEc80n4Peyf32b3D55&rtid=02321648121 IP 207.120.33.35 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 13:58 Last Seen2024-08-21 08:25 Times Seen18 Hash 5f165dbb3feea7b4424a23a8756968d4 b2c2d5ac323753364da55be6246ca5d176a2d74d 3f19399992595664c23c41ba7cb1dd94a995b37dc681622aedc956975fb9ddc3 Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-05-09
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-09 10:31 Times Seen340618 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	www.googletagmanager.com/gtag/js?id=G-9FZDS145QJ&l=dataLayer&cx=c	ScriptElement	220 kB	2023-09-10	2023-09-10
Pretty URL www.googletagmanager.com/gtag/js?id=G-9FZDS145QJ&l=dataLayer&cx=c IP 142.250.74.136 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-10 08:30 Last Seen2023-09-10 08:30 Times Seen1 Hash 6b39a0e0d649430d2528639cacc7d451 941c21ca047fb5bf6f4af5299d5ad905888cce68 6886fe048cab3e01bdfcb528d34de765a4a92ce794ee033e02db1b1d7ce1b432 Loading...

	rfdcxz.com/3e889512ce122054/?epcVIP=48.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69904.47652-829423.6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2&theme=gsgoneg&f_color=ffffff&epcCID=m233Pb3dpfY7jfMdEc80n4Peyf32b3D55&rtid=02321648121	ScriptElement	528 B	2023-03-07	2024-08-21
Pretty URL rfdcxz.com/3e889512ce122054/?epcVIP=48.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69904.47652-829423.6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2&theme=gsgoneg&f_color=ffffff&epcCID=m233Pb3dpfY7jfMdEc80n4Peyf32b3D55&rtid=02321648121 IP 207.120.33.35 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:27 Last Seen2024-08-21 08:11 Times Seen24 Hash 10dd1b2ab36045f6dd30390708c046c8 5ea106d1b689de5bda25b576ae36d26160ed6795 6d5167f39f1f849ab2050bb2429f122ed1e62a41d7bdcf18a9ec09438f087e88 Loading...

	rfdcxz.com/3e889512ce122054/?epcVIP=48.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69904.47652-829423.6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2&theme=gsgoneg&f_color=ffffff&epcCID=m233Pb3dpfY7jfMdEc80n4Peyf32b3D55&rtid=02321648121	ScriptElement	500 B	2023-06-20	2024-08-21
Pretty URL rfdcxz.com/3e889512ce122054/?epcVIP=48.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69904.47652-829423.6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2&theme=gsgoneg&f_color=ffffff&epcCID=m233Pb3dpfY7jfMdEc80n4Peyf32b3D55&rtid=02321648121 IP 207.120.33.35 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-20 05:08 Last Seen2024-08-21 08:25 Times Seen30 Hash b3a1b315d6288a561818ce4d5253d7f6 2ce9c680b598f3cc1e3962a44ef82ae5fa4494fd 91fd13dbb2b63dbb6392347bd6b26447b1e7aa12711de8bd71979cd981ff1cb4 Loading...

	rfdcxz.com/common_tpls/js/iframeResizer.contentWindow.min.js	ScriptElement	13 kB	2023-03-07	2025-04-17
Pretty URL rfdcxz.com/common_tpls/js/iframeResizer.contentWindow.min.js IP 207.120.33.35 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-04-17 05:46 Times Seen84 Hash 2cf9df789476bc39b9906030f639660d de708b4a0fe32f3d77505675eb119b671327a6b4 7d5f5d0fe842536e512b4ca0cac0b48a66577ea091f3a6840365ff6124be034b Loading...

	straightboysgonegay.com/t2/?trk=6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2	ScriptElement	0 B	0001-01-01	2025-05-09
Pretty URL straightboysgonegay.com/t2/?trk=6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2 IP 208.74.149.150 ASN #27589 MOJOHOST Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-09 10:33 Times Seen4635342 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	plausible.io/js/script.js	ScriptElement	1.3 kB	2023-05-22	2025-05-08
Pretty URL plausible.io/js/script.js IP 194.242.11.186 ASN #34989 ServeTheWorld AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-22 17:22 Last Seen2025-05-08 23:04 Times Seen4808 Hash abd4e2373b2e8c4dac2e80159641c5f1 e273656e58ca934d873204e68dd35670fde657ed 021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94 Loading...

	rfdcxz.com/3e889512ce122054/?epcVIP=48.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69904.47652-829423.6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2&theme=gsgoneg&f_color=ffffff&epcCID=m233Pb3dpfY7jfMdEc80n4Peyf32b3D55&rtid=02321648121	ScriptElement	2.5 kB	2023-03-12	2024-08-21
Pretty URL rfdcxz.com/3e889512ce122054/?epcVIP=48.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69904.47652-829423.6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2&theme=gsgoneg&f_color=ffffff&epcCID=m233Pb3dpfY7jfMdEc80n4Peyf32b3D55&rtid=02321648121 IP 207.120.33.35 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 20:48 Last Seen2024-08-21 08:25 Times Seen11 Hash d8f703292262addbd1d29b3e00f14a58 441b15d7a7a85897e4b0bad12229ab2b44f3af5d cfe3ab5d0b2840811465dfdb0be54dab8889a1c51b27fc4edadc54e30874519e Loading...

	rfdcxz.com/3e889512ce122054/?epcVIP=48.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69904.47652-829423.6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2&theme=gsgoneg&f_color=ffffff&epcCID=m233Pb3dpfY7jfMdEc80n4Peyf32b3D55&rtid=02321648121	ScriptElement	62 B	2024-08-21	2024-08-21
Pretty URL rfdcxz.com/3e889512ce122054/?epcVIP=48.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69904.47652-829423.6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2&theme=gsgoneg&f_color=ffffff&epcCID=m233Pb3dpfY7jfMdEc80n4Peyf32b3D55&rtid=02321648121 IP 207.120.33.35 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-21 07:09 Last Seen2024-08-21 07:09 Times Seen1 Hash 853d91763a4781827e205cd5fdcfddd6 d02d670060082593fcf951a8fb6991b898577832 ff0d10f0a9b9fe264966dccf756bd31300368911c05a87bdb85f94db06b77051 Loading...

HTTP Transactions (66)

URL IP Response Size

straightboysgonegay.com/t2/?trk=6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2

208.74.149.150

200 OK

1.8 kB

URL User Request GET HTTP/2
straightboysgonegay.com/t2/?trk=6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2
IP
208.74.149.150:443
ASN
#27589 MOJOHOST

Certificate
IssuerLet's Encrypt
Subjectstraightboysgonegay.com
Fingerprint6F:69:DB:F2:B6:DF:1E:7B:CD:99:D2:4E:39:27:63:5B:A1:AE:A2:44
ValidityMon, 04 Sep 2023 03:18:16 GMT - Sun, 03 Dec 2023 03:18:15 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (3629)
Size
1.8 kB (1751 bytes)
Hash
f3ef5f0262fa19d1085402b20791c13f
f8932099afb709ff5dcf38da9eb879956de11e47
386d440ccea0e01e53da7509fb6553df0fc3896ca4ab7b480405a9edc2a895d0

HTTP Headers

GET /t2/?trk=6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2 HTTP/1.1
Host: straightboysgonegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1751
content-type: text/html; charset=UTF-8
date: Sun, 10 Sep 2023 06:29:44 GMT
server: Apache/2
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c837d5056b9424a7006e574bfc7c03ae
a47e514b93e12d1e333ff23ac9e7977ca1cd07bc
76e19e4cf87ceffa781f75bcaf8343f625c82242facbd389bd54ed288d9199e9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 10 Sep 2023 06:29:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

straightboysgonegay.com/t2/css/styles.min.css

208.74.149.150

200 OK

2.6 kB

URL GET HTTP/2
straightboysgonegay.com/t2/css/styles.min.css
IP
208.74.149.150:443
ASN
#27589 MOJOHOST

Requested by
https://straightboysgonegay.com/t2/?trk=6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2
Certificate
IssuerLet's Encrypt
Subjectstraightboysgonegay.com
Fingerprint6F:69:DB:F2:B6:DF:1E:7B:CD:99:D2:4E:39:27:63:5B:A1:AE:A2:44
ValidityMon, 04 Sep 2023 03:18:16 GMT - Sun, 03 Dec 2023 03:18:15 GMT

File type
ASCII text, with very long lines (9427), with no line terminators
Size
2.6 kB (2642 bytes)
Hash
6069ae63115b715a14fb120059f39506
b8d7993225a7b6f0bd8132e9ca58cf5d2dca458b
9997b4dfacc3861eedaf1627a34550293bb3d81601bf28bbb1fed191155ba225

HTTP Headers

GET /t2/css/styles.min.css HTTP/1.1
Host: straightboysgonegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://straightboysgonegay.com/t2/?trk=6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 01 May 2018 02:50:06 GMT
etag: "24d3-56b1c071ab380-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2642
content-type: text/css
date: Sun, 10 Sep 2023 06:29:44 GMT
server: Apache/2
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-73753491-24

142.250.74.136

200 OK

68 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-73753491-24
IP
142.250.74.136:443
ASN
#15169 GOOGLE

Requested by
https://straightboysgonegay.com/t2/?trk=6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintE6:F7:82:C1:10:AC:08:76:A1:97:70:B7:56:B7:EF:92:30:BA:1E:12
ValidityMon, 14 Aug 2023 08:16:28 GMT - Mon, 06 Nov 2023 08:16:27 GMT

File type
ASCII text, with very long lines (4179)
Size
68 kB (68397 bytes)
Hash
2f0ac52f6dae3b934a572c2864064e1d
7d88b8842378bc215ba86c80f9091b94eb62c44c
a7598ad66f18a32e1095bc46799aee01c8c03f6211f7eadb6941b731d7da35d0

HTTP Headers

GET /gtag/js?id=UA-73753491-24 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://straightboysgonegay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 10 Sep 2023 06:29:44 GMT
expires: Sun, 10 Sep 2023 06:29:44 GMT
cache-control: private, max-age=900
last-modified: Sun, 10 Sep 2023 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 68397
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c837d5056b9424a7006e574bfc7c03ae
a47e514b93e12d1e333ff23ac9e7977ca1cd07bc
76e19e4cf87ceffa781f75bcaf8343f625c82242facbd389bd54ed288d9199e9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 10 Sep 2023 06:29:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

straightboysgonegay.com/t2/js/fn.obfuscated.js

208.74.149.150

200 OK

45 kB

URL GET HTTP/2
straightboysgonegay.com/t2/js/fn.obfuscated.js
IP
208.74.149.150:443
ASN
#27589 MOJOHOST

Requested by
https://straightboysgonegay.com/t2/?trk=6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2
Certificate
IssuerLet's Encrypt
Subjectstraightboysgonegay.com
Fingerprint6F:69:DB:F2:B6:DF:1E:7B:CD:99:D2:4E:39:27:63:5B:A1:AE:A2:44
ValidityMon, 04 Sep 2023 03:18:16 GMT - Sun, 03 Dec 2023 03:18:15 GMT

File type
HTML document, ASCII text, with very long lines (65536), with no line terminators
Size
45 kB (45387 bytes)
Hash
3c45f72ef48f173cd2a1a28d55bc9020
fea1d2d981009429b5ddd02410ea7218e958c32e
d947a52939afa3f9cd42a060f0debb4a0d41562c7c668c063a0f39af4f9fd7e3

HTTP Headers

GET /t2/js/fn.obfuscated.js HTTP/1.1
Host: straightboysgonegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://straightboysgonegay.com/t2/?trk=6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 10 Aug 2019 03:40:59 GMT
etag: "31026-58fbb0f2088c0-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 45387
content-type: application/javascript
date: Sun, 10 Sep 2023 06:29:44 GMT
server: Apache/2
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-9FZDS145QJ&l=dataLayer&cx=c

142.250.74.136

200 OK

79 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-9FZDS145QJ&l=dataLayer&cx=c
IP
142.250.74.136:443
ASN
#15169 GOOGLE

Requested by
https://straightboysgonegay.com/t2/?trk=6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintE6:F7:82:C1:10:AC:08:76:A1:97:70:B7:56:B7:EF:92:30:BA:1E:12
ValidityMon, 14 Aug 2023 08:16:28 GMT - Mon, 06 Nov 2023 08:16:27 GMT

File type
ASCII text, with very long lines (4179)
Size
79 kB (79104 bytes)
Hash
6b39a0e0d649430d2528639cacc7d451
941c21ca047fb5bf6f4af5299d5ad905888cce68
6886fe048cab3e01bdfcb528d34de765a4a92ce794ee033e02db1b1d7ce1b432

HTTP Headers

GET /gtag/js?id=G-9FZDS145QJ&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://straightboysgonegay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 10 Sep 2023 06:29:44 GMT
expires: Sun, 10 Sep 2023 06:29:44 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 79104
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

plausible.io/api/event

194.242.11.186

202 Accepted

2 B

URL POST HTTP/2
plausible.io/api/event
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://straightboysgonegay.com/t2/?trk=6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2
Certificate
IssuerLet's Encrypt
Subjectplausible.io
FingerprintF3:96:67:2D:0A:A7:F5:11:5F:9C:A0:FB:0E:E6:2A:06:2A:97:08:5B
ValidityThu, 03 Aug 2023 00:08:25 GMT - Wed, 01 Nov 2023 00:08:24 GMT

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

HTTP Headers

POST /api/event HTTP/1.1
Host: plausible.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 163
Origin: https://straightboysgonegay.com
DNT: 1
Connection: keep-alive
Referer: https://straightboysgonegay.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 202 Accepted
date: Sun, 10 Sep 2023 06:29:44 GMT
content-type: text/plain; charset=utf-8
content-length: 2
server: BunnyCDN-NO1-830
cdn-pullzone: 682664
cdn-uid: 153cb5b1-399a-48ef-b5bf-098c03770254
cdn-requestcountrycode: NO
access-control-allow-credentials: true
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000
cache-control: must-revalidate, max-age=0, private
application: 10.0.0.3
permissions-policy: interest-cohort=()
x-request-id: F4N1x5QiPPhQuVID1SkB
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 202
cdn-cachedat: 09/10/2023 06:29:44
cdn-edgestorageid: 830
cdn-requestid: 0fb5da7b8b750e4c8432d9c45d41d6f2
X-Firefox-Spdy: h2

straightboysgonegay.com/t2/images/bg-1.jpg

208.74.149.150

200 OK

218 kB

URL GET HTTP/2
straightboysgonegay.com/t2/images/bg-1.jpg
IP
208.74.149.150:443
ASN
#27589 MOJOHOST

Requested by
https://straightboysgonegay.com/t2/?trk=6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2
Certificate
IssuerLet's Encrypt
Subjectstraightboysgonegay.com
Fingerprint6F:69:DB:F2:B6:DF:1E:7B:CD:99:D2:4E:39:27:63:5B:A1:AE:A2:44
ValidityMon, 04 Sep 2023 03:18:16 GMT - Sun, 03 Dec 2023 03:18:15 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1920x1080, components 3\012- data
Size
218 kB (217759 bytes)
Hash
6d70a07edba1050f8f0c6dec5ab4db2b
5dcebaf29db7f6edd9e055067ea9e3608e41bf5d
4bfda0e502c1082fc8db7ac0c08eef673acbb2933ea5ec71e44432ccdd434f40

HTTP Headers

GET /t2/images/bg-1.jpg HTTP/1.1
Host: straightboysgonegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://straightboysgonegay.com/t2/css/styles.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 01 May 2018 02:55:29 GMT
etag: "3529f-56b1c1a5b4a40"
accept-ranges: bytes
content-length: 217759
content-type: image/jpeg
date: Sun, 10 Sep 2023 06:29:44 GMT
server: Apache/2
X-Firefox-Spdy: h2

straightboysgonegay.com/t2/fonts/Impact.woff2

208.74.149.150

200 OK

59 kB

URL GET HTTP/2
straightboysgonegay.com/t2/fonts/Impact.woff2
IP
208.74.149.150:443
ASN
#27589 MOJOHOST

Requested by
https://straightboysgonegay.com/t2/?trk=6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2
Certificate
IssuerLet's Encrypt
Subjectstraightboysgonegay.com
Fingerprint6F:69:DB:F2:B6:DF:1E:7B:CD:99:D2:4E:39:27:63:5B:A1:AE:A2:44
ValidityMon, 04 Sep 2023 03:18:16 GMT - Sun, 03 Dec 2023 03:18:15 GMT

File type
Web Open Font Format (Version 2), TrueType, length 58868, version 5.0\012- data
Size
59 kB (58868 bytes)
Hash
c120c3baa9610364790fd2f3292148d4
01ad0b875780fe5478d394fd35c5cec042a1a434
2043db4bc663d75d0e1aac077e06acadf79a960e36fd038f54c32338e1242a1e

HTTP Headers

GET /t2/fonts/Impact.woff2 HTTP/1.1
Host: straightboysgonegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://straightboysgonegay.com/t2/css/styles.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 01 May 2018 02:50:20 GMT
etag: "e5f4-56b1c07f05300"
accept-ranges: bytes
content-length: 58868
vary: Accept-Encoding,User-Agent
date: Sun, 10 Sep 2023 06:29:44 GMT
server: Apache/2
X-Firefox-Spdy: h2

straightboysgonegay.com/t2/fonts/MyriadProBoldCond.woff2

208.74.149.150

200 OK

35 kB

URL GET HTTP/2
straightboysgonegay.com/t2/fonts/MyriadProBoldCond.woff2
IP
208.74.149.150:443
ASN
#27589 MOJOHOST

Requested by
https://straightboysgonegay.com/t2/?trk=6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2
Certificate
IssuerLet's Encrypt
Subjectstraightboysgonegay.com
Fingerprint6F:69:DB:F2:B6:DF:1E:7B:CD:99:D2:4E:39:27:63:5B:A1:AE:A2:44
ValidityMon, 04 Sep 2023 03:18:16 GMT - Sun, 03 Dec 2023 03:18:15 GMT

File type
Web Open Font Format (Version 2), TrueType, length 35148, version 1.0\012- data
Size
35 kB (35148 bytes)
Hash
47d19f07dc8bb8f8f73f3087c460eb06
a795df7773b937aa2534003bf057757ae6ae00d3
2a9ff3a247a7612a609ebbac53f1d963ac0adad64073758a62720efd62e3fa04

HTTP Headers

GET /t2/fonts/MyriadProBoldCond.woff2 HTTP/1.1
Host: straightboysgonegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://straightboysgonegay.com/t2/css/styles.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 01 May 2018 02:50:30 GMT
etag: "894c-56b1c0888e980"
accept-ranges: bytes
content-length: 35148
vary: Accept-Encoding,User-Agent
date: Sun, 10 Sep 2023 06:29:44 GMT
server: Apache/2
X-Firefox-Spdy: h2

straightboysgonegay.com/t2/images/bg-1-mobile.jpg

208.74.149.150

200 OK

101 kB

URL GET HTTP/2
straightboysgonegay.com/t2/images/bg-1-mobile.jpg
IP
208.74.149.150:443
ASN
#27589 MOJOHOST

Requested by
https://straightboysgonegay.com/t2/?trk=6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2
Certificate
IssuerLet's Encrypt
Subjectstraightboysgonegay.com
Fingerprint6F:69:DB:F2:B6:DF:1E:7B:CD:99:D2:4E:39:27:63:5B:A1:AE:A2:44
ValidityMon, 04 Sep 2023 03:18:16 GMT - Sun, 03 Dec 2023 03:18:15 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 700x1100, components 3\012- data
Size
101 kB (101273 bytes)
Hash
6d90d6534e9a3ac8f8df7a734e1084af
7612bc4bfd716c52e55ae9559860f62a62a61872
9835477e2c749c43a96fb5aab42608ae2a0722b44196fdfd91111516fc07e229

HTTP Headers

GET /t2/images/bg-1-mobile.jpg HTTP/1.1
Host: straightboysgonegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://straightboysgonegay.com/t2/?trk=6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 07 May 2018 23:52:36 GMT
etag: "18b99-56ba65d343900"
accept-ranges: bytes
content-length: 101273
content-type: image/jpeg
date: Sun, 10 Sep 2023 06:29:44 GMT
server: Apache/2
X-Firefox-Spdy: h2

straightboysgonegay.com/t2/images/bg-2-mobile.jpg

208.74.149.150

200 OK

89 kB

URL GET HTTP/2
straightboysgonegay.com/t2/images/bg-2-mobile.jpg
IP
208.74.149.150:443
ASN
#27589 MOJOHOST

Requested by
https://straightboysgonegay.com/t2/?trk=6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2
Certificate
IssuerLet's Encrypt
Subjectstraightboysgonegay.com
Fingerprint6F:69:DB:F2:B6:DF:1E:7B:CD:99:D2:4E:39:27:63:5B:A1:AE:A2:44
ValidityMon, 04 Sep 2023 03:18:16 GMT - Sun, 03 Dec 2023 03:18:15 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 700x1100, components 3\012- data
Size
89 kB (89388 bytes)
Hash
61301dcd3d6970a90c644a86531d096a
6aeeb2974b9ee0ddf08066c356a62e821edaf041
0adfae4a0c535fc3b3a1cd85be8d7a069f80ba97fa9238be09f9861ec963d68b

HTTP Headers

GET /t2/images/bg-2-mobile.jpg HTTP/1.1
Host: straightboysgonegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://straightboysgonegay.com/t2/?trk=6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 07 May 2018 23:58:02 GMT
etag: "15d2c-56ba670a29680"
accept-ranges: bytes
content-length: 89388
content-type: image/jpeg
date: Sun, 10 Sep 2023 06:29:44 GMT
server: Apache/2
X-Firefox-Spdy: h2

straightboysgonegay.com/t2/images/bg-3-mobile.jpg

208.74.149.150

200 OK

105 kB

URL GET HTTP/2
straightboysgonegay.com/t2/images/bg-3-mobile.jpg
IP
208.74.149.150:443
ASN
#27589 MOJOHOST

Requested by
https://straightboysgonegay.com/t2/?trk=6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2
Certificate
IssuerLet's Encrypt
Subjectstraightboysgonegay.com
Fingerprint6F:69:DB:F2:B6:DF:1E:7B:CD:99:D2:4E:39:27:63:5B:A1:AE:A2:44
ValidityMon, 04 Sep 2023 03:18:16 GMT - Sun, 03 Dec 2023 03:18:15 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 700x1100, components 3\012- data
Size
105 kB (104939 bytes)
Hash
7ceff70cf2dd776872fa35eaa5f59af2
b5bbee728871f7450cd65b295dbfa3a04ea9f96e
9bf92ff576b24dcabaf203a29090253349382f6c56f39f685bad43de16dd4680

HTTP Headers

GET /t2/images/bg-3-mobile.jpg HTTP/1.1
Host: straightboysgonegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://straightboysgonegay.com/t2/?trk=6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 08 May 2018 00:05:30 GMT
etag: "199eb-56ba68b568680"
accept-ranges: bytes
content-length: 104939
content-type: image/jpeg
date: Sun, 10 Sep 2023 06:29:44 GMT
server: Apache/2
X-Firefox-Spdy: h2

straightboysgonegay.com/t2/images/bg-4-mobile.jpg

208.74.149.150

200 OK

90 kB

URL GET HTTP/2
straightboysgonegay.com/t2/images/bg-4-mobile.jpg
IP
208.74.149.150:443
ASN
#27589 MOJOHOST

Requested by
https://straightboysgonegay.com/t2/?trk=6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2
Certificate
IssuerLet's Encrypt
Subjectstraightboysgonegay.com
Fingerprint6F:69:DB:F2:B6:DF:1E:7B:CD:99:D2:4E:39:27:63:5B:A1:AE:A2:44
ValidityMon, 04 Sep 2023 03:18:16 GMT - Sun, 03 Dec 2023 03:18:15 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 700x1100, components 3\012- data
Size
90 kB (90508 bytes)
Hash
0c95565ee5adbc0f9085d63873fdf663
624dfcb9dfb4de4a6c2aabb9aaeed5f5e5dd0674
36ca787884dea912eacbb297cf1f1d459a736b30672ec833f1e30bad1376601b

HTTP Headers

GET /t2/images/bg-4-mobile.jpg HTTP/1.1
Host: straightboysgonegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://straightboysgonegay.com/t2/?trk=6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 08 May 2018 00:09:27 GMT
etag: "1618c-56ba69976dbc0"
accept-ranges: bytes
content-length: 90508
content-type: image/jpeg
date: Sun, 10 Sep 2023 06:29:44 GMT
server: Apache/2
X-Firefox-Spdy: h2

straightboysgonegay.com/t2/images/bg-5-mobile.jpg

208.74.149.150

200 OK

90 kB

URL GET HTTP/2
straightboysgonegay.com/t2/images/bg-5-mobile.jpg
IP
208.74.149.150:443
ASN
#27589 MOJOHOST

Requested by
https://straightboysgonegay.com/t2/?trk=6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2
Certificate
IssuerLet's Encrypt
Subjectstraightboysgonegay.com
Fingerprint6F:69:DB:F2:B6:DF:1E:7B:CD:99:D2:4E:39:27:63:5B:A1:AE:A2:44
ValidityMon, 04 Sep 2023 03:18:16 GMT - Sun, 03 Dec 2023 03:18:15 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 700x1100, components 3\012- data
Size
90 kB (90447 bytes)
Hash
5ef01131ab196e5e0f8e556378800ccd
58604b9b89f75cc3a57108b24c725427d18160b6
77667e6d0546a5dadcdd58d91efb2ebbbb5dafc78f6c7c4302f49ffe1ab5c59e

HTTP Headers

GET /t2/images/bg-5-mobile.jpg HTTP/1.1
Host: straightboysgonegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://straightboysgonegay.com/t2/?trk=6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 08 May 2018 00:17:14 GMT
etag: "1614f-56ba6b54cb680"
accept-ranges: bytes
content-length: 90447
content-type: image/jpeg
date: Sun, 10 Sep 2023 06:29:44 GMT
server: Apache/2
X-Firefox-Spdy: h2

straightboysgonegay.com/t2/images/bg-6-mobile.jpg

208.74.149.150

200 OK

91 kB

URL GET HTTP/2
straightboysgonegay.com/t2/images/bg-6-mobile.jpg
IP
208.74.149.150:443
ASN
#27589 MOJOHOST

Requested by
https://straightboysgonegay.com/t2/?trk=6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2
Certificate
IssuerLet's Encrypt
Subjectstraightboysgonegay.com
Fingerprint6F:69:DB:F2:B6:DF:1E:7B:CD:99:D2:4E:39:27:63:5B:A1:AE:A2:44
ValidityMon, 04 Sep 2023 03:18:16 GMT - Sun, 03 Dec 2023 03:18:15 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 700x1100, components 3\012- data
Size
91 kB (91309 bytes)
Hash
784a8621539ed8ed641e7206e31415fb
819415d48e0d25882af6f47a56ab92145df71997
c2eff10784358e8c3c7a661a73b04be7d1f49bd4e908d2045c67515fce818bba

HTTP Headers

GET /t2/images/bg-6-mobile.jpg HTTP/1.1
Host: straightboysgonegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://straightboysgonegay.com/t2/?trk=6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 08 May 2018 00:19:41 GMT
etag: "164ad-56ba6be0fc140"
accept-ranges: bytes
content-length: 91309
content-type: image/jpeg
date: Sun, 10 Sep 2023 06:29:44 GMT
server: Apache/2
X-Firefox-Spdy: h2

straightboysgonegay.com/t2/images/bg-7-mobile.jpg

208.74.149.150

200 OK

88 kB

URL GET HTTP/2
straightboysgonegay.com/t2/images/bg-7-mobile.jpg
IP
208.74.149.150:443
ASN
#27589 MOJOHOST

Requested by
https://straightboysgonegay.com/t2/?trk=6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2
Certificate
IssuerLet's Encrypt
Subjectstraightboysgonegay.com
Fingerprint6F:69:DB:F2:B6:DF:1E:7B:CD:99:D2:4E:39:27:63:5B:A1:AE:A2:44
ValidityMon, 04 Sep 2023 03:18:16 GMT - Sun, 03 Dec 2023 03:18:15 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 700x1100, components 3\012- data
Size
88 kB (87490 bytes)
Hash
f33983143d55a60c8ad3416ab7025884
5cffcaf41227544ead43b7cd709aee394b898be4
b2a06bee28d775f717562899492e4336029dd507109f65670e95480a712d49a2

HTTP Headers

GET /t2/images/bg-7-mobile.jpg HTTP/1.1
Host: straightboysgonegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://straightboysgonegay.com/t2/?trk=6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 25 Apr 2019 20:07:32 GMT
etag: "155c2-587605e48e900"
accept-ranges: bytes
content-length: 87490
content-type: image/jpeg
date: Sun, 10 Sep 2023 06:29:44 GMT
server: Apache/2
X-Firefox-Spdy: h2

plausible.io/js/script.js

194.242.11.186

200 OK

84 kB

URL GET HTTP/2
plausible.io/js/script.js
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://straightboysgonegay.com/t2/?trk=6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2
Certificate
IssuerLet's Encrypt
Subjectplausible.io
FingerprintF3:96:67:2D:0A:A7:F5:11:5F:9C:A0:FB:0E:E6:2A:06:2A:97:08:5B
ValidityThu, 03 Aug 2023 00:08:25 GMT - Wed, 01 Nov 2023 00:08:24 GMT

File type
ASCII text, with very long lines (1346), with no line terminators
Size
84 kB (84328 bytes)
Hash
abd4e2373b2e8c4dac2e80159641c5f1
e273656e58ca934d873204e68dd35670fde657ed
021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94

HTTP Headers

GET /js/script.js HTTP/1.1
Host: plausible.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://straightboysgonegay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 10 Sep 2023 06:29:44 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 682664
cdn-uid: 153cb5b1-399a-48ef-b5bf-098c03770254
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000
cache-control: public, must-revalidate, max-age=86400
application: 10.0.1.2
cross-origin-resource-policy: cross-origin
permissions-policy: interest-cohort=()
x-content-type-options: nosniff
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/09/2023 08:34:06
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: c930d86771f75aeddefedbc9b1a5b242
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

ocsp.r2m02.amazontrust.com/

143.204.48.16

471 B

URL
ocsp.r2m02.amazontrust.com/
IP
143.204.48.16:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
35901420beaf0a89429366d98c50d318
e23f527c39238704fb2de8ca30712b538c160b75
6079573d981988624025dc5dc984c1f6bfdccab809049cbefdd5b53a3be3d8dc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: max-age=7200
Date: Sun, 10 Sep 2023 06:29:45 GMT
Server: ECAcc (amb/6AFD)
X-Cache: Miss from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: YhlmVrxBQiWNKp6Xx7FnVNHa_8BusmCQaGIrl7hN1M8l_PaNMVE2zw==

straightboysgonegay.com/t2/images/bg-3.jpg

208.74.149.150

200 OK

184 kB

URL GET HTTP/2
straightboysgonegay.com/t2/images/bg-3.jpg
IP
208.74.149.150:443
ASN
#27589 MOJOHOST

Requested by
https://straightboysgonegay.com/t2/?trk=6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2
Certificate
IssuerLet's Encrypt
Subjectstraightboysgonegay.com
Fingerprint6F:69:DB:F2:B6:DF:1E:7B:CD:99:D2:4E:39:27:63:5B:A1:AE:A2:44
ValidityMon, 04 Sep 2023 03:18:16 GMT - Sun, 03 Dec 2023 03:18:15 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1920x1080, components 3\012- data
Size
184 kB (184515 bytes)
Hash
02bc5490d6ff1bca6d47bbd52adb811b
d005d4410c7e0e0c52bcaaa745398e5e40e42f63
9efa58735d087d119f6342e3132eccc81888aea5746198099f9585da8fa587ff

HTTP Headers

GET /t2/images/bg-3.jpg HTTP/1.1
Host: straightboysgonegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://straightboysgonegay.com/t2/?trk=6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 01 May 2018 02:53:27 GMT
etag: "2d0c3-56b1c1315b7c0"
accept-ranges: bytes
content-length: 184515
content-type: image/jpeg
date: Sun, 10 Sep 2023 06:29:44 GMT
server: Apache/2
X-Firefox-Spdy: h2

straightboysgonegay.com/t2/images/bg-2.jpg

208.74.149.150

200 OK

201 kB

URL GET HTTP/2
straightboysgonegay.com/t2/images/bg-2.jpg
IP
208.74.149.150:443
ASN
#27589 MOJOHOST

Requested by
https://straightboysgonegay.com/t2/?trk=6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2
Certificate
IssuerLet's Encrypt
Subjectstraightboysgonegay.com
Fingerprint6F:69:DB:F2:B6:DF:1E:7B:CD:99:D2:4E:39:27:63:5B:A1:AE:A2:44
ValidityMon, 04 Sep 2023 03:18:16 GMT - Sun, 03 Dec 2023 03:18:15 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1920x1080, components 3\012- data
Size
201 kB (200796 bytes)
Hash
9cfc4bc31530ba9671bc792e20a34ac0
4c13f8774b96ef000acca2b61e0583f1e8d85f26
d319f13d325ee572a9c284829f880cdd3ac5bcfdb2e978992c002c90eba3fb42

HTTP Headers

GET /t2/images/bg-2.jpg HTTP/1.1
Host: straightboysgonegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://straightboysgonegay.com/t2/?trk=6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 01 May 2018 02:53:24 GMT
etag: "3105c-56b1c12e7f100"
accept-ranges: bytes
content-length: 200796
content-type: image/jpeg
date: Sun, 10 Sep 2023 06:29:44 GMT
server: Apache/2
X-Firefox-Spdy: h2

straightboysgonegay.com/t2/images/bg-4.jpg

208.74.149.150

200 OK

172 kB

URL GET HTTP/2
straightboysgonegay.com/t2/images/bg-4.jpg
IP
208.74.149.150:443
ASN
#27589 MOJOHOST

Requested by
https://straightboysgonegay.com/t2/?trk=6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2
Certificate
IssuerLet's Encrypt
Subjectstraightboysgonegay.com
Fingerprint6F:69:DB:F2:B6:DF:1E:7B:CD:99:D2:4E:39:27:63:5B:A1:AE:A2:44
ValidityMon, 04 Sep 2023 03:18:16 GMT - Sun, 03 Dec 2023 03:18:15 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1920x1080, components 3\012- data
Size
172 kB (172421 bytes)
Hash
ccff24c4bf8e071d17e5aa8b31aa0566
5ecba1d9159db14723d3b7b3303db1ed4d3bac94
7aeecbd19e305225841d1182315230d49f6060e2b33a3a84e11d714562baecbc

HTTP Headers

GET /t2/images/bg-4.jpg HTTP/1.1
Host: straightboysgonegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://straightboysgonegay.com/t2/?trk=6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 01 May 2018 02:53:30 GMT
etag: "2a185-56b1c13437e80"
accept-ranges: bytes
content-length: 172421
content-type: image/jpeg
date: Sun, 10 Sep 2023 06:29:44 GMT
server: Apache/2
X-Firefox-Spdy: h2

straightboysgonegay.com/t2/audio/1.mp3

208.74.149.150

404 Not Found

315 B

URL GET HTTP/2
straightboysgonegay.com/t2/audio/1.mp3
IP
208.74.149.150:443
ASN
#27589 MOJOHOST

Requested by
https://straightboysgonegay.com/t2/?trk=6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2
Certificate
IssuerLet's Encrypt
Subjectstraightboysgonegay.com
Fingerprint6F:69:DB:F2:B6:DF:1E:7B:CD:99:D2:4E:39:27:63:5B:A1:AE:A2:44
ValidityMon, 04 Sep 2023 03:18:16 GMT - Sun, 03 Dec 2023 03:18:15 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

HTTP Headers

GET /t2/audio/1.mp3 HTTP/1.1
Host: straightboysgonegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://straightboysgonegay.com/t2/?trk=6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-length: 315
content-type: text/html; charset=iso-8859-1
date: Sun, 10 Sep 2023 06:29:44 GMT
server: Apache/2
X-Firefox-Spdy: h2

straightboysgonegay.com/t2/images/bg-7.jpg

208.74.149.150

200 OK

158 kB

URL GET HTTP/2
straightboysgonegay.com/t2/images/bg-7.jpg
IP
208.74.149.150:443
ASN
#27589 MOJOHOST

Requested by
https://straightboysgonegay.com/t2/?trk=6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2
Certificate
IssuerLet's Encrypt
Subjectstraightboysgonegay.com
Fingerprint6F:69:DB:F2:B6:DF:1E:7B:CD:99:D2:4E:39:27:63:5B:A1:AE:A2:44
ValidityMon, 04 Sep 2023 03:18:16 GMT - Sun, 03 Dec 2023 03:18:15 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1920x1080, components 3\012- data
Size
158 kB (157891 bytes)
Hash
73e157556965b8986b310f62380b63e4
f7296849a728cbd9f69ac089d93dadce92a5610b
9234bef3a3c53429ea04aaaafb694ef1890bc0b9e6117418a67244bc87279ac9

HTTP Headers

GET /t2/images/bg-7.jpg HTTP/1.1
Host: straightboysgonegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://straightboysgonegay.com/t2/?trk=6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 01 May 2018 02:53:14 GMT
etag: "268c3-56b1c124f5a80"
accept-ranges: bytes
content-length: 157891
content-type: image/jpeg
date: Sun, 10 Sep 2023 06:29:44 GMT
server: Apache/2
X-Firefox-Spdy: h2

straightboysgonegay.com/t2/images/bg-6.jpg

208.74.149.150

200 OK

172 kB

URL GET HTTP/2
straightboysgonegay.com/t2/images/bg-6.jpg
IP
208.74.149.150:443
ASN
#27589 MOJOHOST

Requested by
https://straightboysgonegay.com/t2/?trk=6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2
Certificate
IssuerLet's Encrypt
Subjectstraightboysgonegay.com
Fingerprint6F:69:DB:F2:B6:DF:1E:7B:CD:99:D2:4E:39:27:63:5B:A1:AE:A2:44
ValidityMon, 04 Sep 2023 03:18:16 GMT - Sun, 03 Dec 2023 03:18:15 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1920x1080, components 3\012- data
Size
172 kB (172331 bytes)
Hash
d440e5f8ac2e0a880828b886dc199b16
3b5b77b8e9e7613231eb578b9c26d2183ae86de7
ed8cd61558551a43104ac26918879dc99d94f8aedf35aa6973dcc17e99cff11d

HTTP Headers

GET /t2/images/bg-6.jpg HTTP/1.1
Host: straightboysgonegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://straightboysgonegay.com/t2/?trk=6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 01 May 2018 02:53:19 GMT
etag: "2a12b-56b1c129ba5c0"
accept-ranges: bytes
content-length: 172331
content-type: image/jpeg
date: Sun, 10 Sep 2023 06:29:44 GMT
server: Apache/2
X-Firefox-Spdy: h2

straightboysgonegay.com/t2/images/bg-8.jpg

208.74.149.150

200 OK

176 kB

URL GET HTTP/2
straightboysgonegay.com/t2/images/bg-8.jpg
IP
208.74.149.150:443
ASN
#27589 MOJOHOST

Requested by
https://straightboysgonegay.com/t2/?trk=6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2
Certificate
IssuerLet's Encrypt
Subjectstraightboysgonegay.com
Fingerprint6F:69:DB:F2:B6:DF:1E:7B:CD:99:D2:4E:39:27:63:5B:A1:AE:A2:44
ValidityMon, 04 Sep 2023 03:18:16 GMT - Sun, 03 Dec 2023 03:18:15 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1920x1080, components 3\012- data
Size
176 kB (175768 bytes)
Hash
9d7d089bbc17a85f8fc5b14c19927fac
ebc286ce8df20804ba578b11eebb71f220691f84
66e74a38a3d97f949ebebe26a1e69df606dfd196274e85825d96abf8be9885c4

HTTP Headers

GET /t2/images/bg-8.jpg HTTP/1.1
Host: straightboysgonegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://straightboysgonegay.com/t2/?trk=6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 01 May 2018 02:53:25 GMT
etag: "2ae98-56b1c12f73340"
accept-ranges: bytes
content-length: 175768
content-type: image/jpeg
date: Sun, 10 Sep 2023 06:29:44 GMT
server: Apache/2
X-Firefox-Spdy: h2

straightboysgonegay.com/t2/images/bg-5.jpg

208.74.149.150

200 OK

230 kB

URL GET HTTP/2
straightboysgonegay.com/t2/images/bg-5.jpg
IP
208.74.149.150:443
ASN
#27589 MOJOHOST

Requested by
https://straightboysgonegay.com/t2/?trk=6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2
Certificate
IssuerLet's Encrypt
Subjectstraightboysgonegay.com
Fingerprint6F:69:DB:F2:B6:DF:1E:7B:CD:99:D2:4E:39:27:63:5B:A1:AE:A2:44
ValidityMon, 04 Sep 2023 03:18:16 GMT - Sun, 03 Dec 2023 03:18:15 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1920x1080, components 3\012- data
Size
230 kB (229480 bytes)
Hash
ecb80ca3b2fb72e057da5e63d4c57316
10193ea806b0811c0f6f8d4fd1f09c71fdaa59ad
a8cabab242576018d26c34e3c42796d958cc7e4c73b5acb1766cd0e1a2e1a477

HTTP Headers

GET /t2/images/bg-5.jpg HTTP/1.1
Host: straightboysgonegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://straightboysgonegay.com/t2/?trk=6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 01 May 2018 02:53:22 GMT
etag: "38068-56b1c12c96c80"
accept-ranges: bytes
content-length: 229480
content-type: image/jpeg
date: Sun, 10 Sep 2023 06:29:44 GMT
server: Apache/2
X-Firefox-Spdy: h2

straightboysgonegay.com/favicon.ico

208.74.149.150

404 Not Found

315 B

URL GET HTTP/2
straightboysgonegay.com/favicon.ico
IP
208.74.149.150:443
ASN
#27589 MOJOHOST

Requested by
https://straightboysgonegay.com/t2/?trk=6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2
Certificate
IssuerLet's Encrypt
Subjectstraightboysgonegay.com
Fingerprint6F:69:DB:F2:B6:DF:1E:7B:CD:99:D2:4E:39:27:63:5B:A1:AE:A2:44
ValidityMon, 04 Sep 2023 03:18:16 GMT - Sun, 03 Dec 2023 03:18:15 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: straightboysgonegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://straightboysgonegay.com/t2/?trk=6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2
Cookie: _ga_9FZDS145QJ=GS1.1.1694327385.1.0.1694327385.0.0.0; _ga=GA1.1.1397229205.1694327385
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-length: 315
content-type: text/html; charset=iso-8859-1
date: Sun, 10 Sep 2023 06:29:45 GMT
server: Apache/2
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
14bee7661a70e20720ccfc970f1da1df
685187fc334995bb7d51766d5af831667d544c0b
71d72c05430a03aea95e674c232e5b1a93612b0325d1092ba180d8880afceeab

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 10 Sep 2023 06:29:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
14bee7661a70e20720ccfc970f1da1df
685187fc334995bb7d51766d5af831667d544c0b
71d72c05430a03aea95e674c232e5b1a93612b0325d1092ba180d8880afceeab

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 10 Sep 2023 06:29:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/bootstrap.min.js

152.199.19.160

200 OK

9.8 kB

URL GET HTTP/2
ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/bootstrap.min.js
IP
152.199.19.160:443
ASN
#15133 EDGECAST

Requested by
https://rfdcxz.com/3e889512ce122054/?epcVIP=48.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69904.47652-829423.6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2&theme=gsgoneg&f_color=ffffff&epcCID=m233Pb3dpfY7jfMdEc80n4Peyf32b3D55&rtid=02321648121
Certificate
IssuerDigiCert Inc
Subject*.vo.msecnd.net
Fingerprint0E:7D:A8:CD:FE:61:1E:46:97:A3:57:99:70:DA:E0:59:1D:34:04:80
ValidityFri, 05 May 2023 00:00:00 GMT - Sun, 28 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (32033)
Size
9.8 kB (9839 bytes)
Hash
5869c96cc8f19086aee625d670d741f9
430a443d74830fe9be26efca431f448c1b3740f9
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

HTTP Headers

GET /ajax/bootstrap/3.3.7/bootstrap.min.js HTTP/1.1
Host: ajax.aspnetcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rfdcxz.com
DNT: 1
Connection: keep-alive
Referer: https://rfdcxz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 4423920
cache-control: public,max-age=31536000
content-type: application/javascript
date: Sun, 10 Sep 2023 06:29:47 GMT
etag: "80bdc1e6cb33d21:0"
last-modified: Mon, 31 Oct 2016 23:09:59 GMT
server: ECAcc (ska/F6C5)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 9839
X-Firefox-Spdy: h2

ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/css/bootstrap.min.css

152.199.19.160

200 OK

20 kB

URL GET HTTP/2
ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/css/bootstrap.min.css
IP
152.199.19.160:443
ASN
#15133 EDGECAST

Requested by
https://rfdcxz.com/3e889512ce122054/?epcVIP=48.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69904.47652-829423.6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2&theme=gsgoneg&f_color=ffffff&epcCID=m233Pb3dpfY7jfMdEc80n4Peyf32b3D55&rtid=02321648121
Certificate
IssuerDigiCert Inc
Subject*.vo.msecnd.net
Fingerprint0E:7D:A8:CD:FE:61:1E:46:97:A3:57:99:70:DA:E0:59:1D:34:04:80
ValidityFri, 05 May 2023 00:00:00 GMT - Sun, 28 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65371)
Size
20 kB (19629 bytes)
Hash
ec3bb52a00e176a7181d454dffaea219
6527d8bf3e1e9368bab8c7b60f56bc01fa3afd68
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

HTTP Headers

GET /ajax/bootstrap/3.3.7/css/bootstrap.min.css HTTP/1.1
Host: ajax.aspnetcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rfdcxz.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 13514068
cache-control: public,max-age=31536000
content-type: text/css
date: Sun, 10 Sep 2023 06:29:47 GMT
etag: "0e914f2cb33d21:0"
last-modified: Mon, 31 Oct 2016 23:10:18 GMT
server: ECAcc (ska/F740)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 19629
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

216.58.207.202

200 OK

31 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP
216.58.207.202:443
ASN
#15169 GOOGLE

Requested by
https://rfdcxz.com/3e889512ce122054/?epcVIP=48.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69904.47652-829423.6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2&theme=gsgoneg&f_color=ffffff&epcCID=m233Pb3dpfY7jfMdEc80n4Peyf32b3D55&rtid=02321648121
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint09:AB:BF:F5:D0:04:69:59:E1:EA:AC:DA:8B:68:CF:62:94:2E:50:38
ValidityMon, 14 Aug 2023 08:22:09 GMT - Mon, 06 Nov 2023 08:22:08 GMT

File type
ASCII text, with very long lines (65451)
Size
31 kB (30774 bytes)
Hash
220afd743d9e9643852e31a135a9f3ae
88523924351bac0b5d560fe0c5781e2556e7693d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

HTTP Headers

GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rfdcxz.com
DNT: 1
Connection: keep-alive
Referer: https://rfdcxz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 09 Sep 2023 00:56:25 GMT
expires: Sun, 08 Sep 2024 00:56:25 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 106402
last-modified: Mon, 13 May 2019 14:37:17 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

rfdcxz.com/common_tpls/compactML/css/clickpagay1.css

207.120.33.35

200 OK

7.9 kB

URL GET HTTP/2
rfdcxz.com/common_tpls/compactML/css/clickpagay1.css
IP
207.120.33.35:443
ASN
#3356 LEVEL3

Requested by
https://rfdcxz.com/3e889512ce122054/?epcVIP=48.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69904.47652-829423.6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2&theme=gsgoneg&f_color=ffffff&epcCID=m233Pb3dpfY7jfMdEc80n4Peyf32b3D55&rtid=02321648121
Certificate
IssuerLet's Encrypt
Subjectrfdcxz.com
Fingerprint54:7F:B6:DE:A6:F5:D1:27:F6:38:FF:E8:6B:5B:13:4F:3F:73:57:CB
ValidityWed, 06 Sep 2023 04:43:56 GMT - Tue, 05 Dec 2023 04:43:55 GMT

File type
ASCII text, with very long lines (43186), with no line terminators
Size
7.9 kB (7929 bytes)
Hash
38c71a870156252da1d0beacea6bb845
26aa17e37e42f75f70ae8d4ef7b759b699da3a93
855595666f93ba0ea82842887ca150e0ff41e7cef694fc45ee0b5045f3496d60

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /common_tpls/compactML/css/clickpagay1.css HTTP/1.1
Host: rfdcxz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rfdcxz.com/3e889512ce122054/?epcVIP=48.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69904.47652-829423.6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2&theme=gsgoneg&f_color=ffffff&epcCID=m233Pb3dpfY7jfMdEc80n4Peyf32b3D55&rtid=02321648121
Cookie: PHPSESSID=58bca6c49f5e761c57ac2b5a6822fad3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 10 Sep 2023 06:29:47 GMT
content-type: text/css
content-length: 7929
last-modified: Tue, 08 Mar 2022 19:21:33 GMT
etag: W/"6227acbd-a8b2"
content-encoding: gzip
section-io-cache-id: f0c0f8bdd9d80ec359c6a1c52b0d349b
vary: Accept-Encoding
x-varnish: 1945225 445593
age: 1600
via: 1.1 varnish-65c66bdb8c-7ffsz (Varnish/7.2)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: b0f0078cf7f40d3181c81643689bf536
X-Firefox-Spdy: h2

rfdcxz.com/common_tpls/images/ajax-loader.gif

207.120.33.35

200 OK

3.2 kB

URL GET HTTP/2
rfdcxz.com/common_tpls/images/ajax-loader.gif
IP
207.120.33.35:443
ASN
#3356 LEVEL3

Requested by
https://rfdcxz.com/3e889512ce122054/?epcVIP=48.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69904.47652-829423.6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2&theme=gsgoneg&f_color=ffffff&epcCID=m233Pb3dpfY7jfMdEc80n4Peyf32b3D55&rtid=02321648121
Certificate
IssuerLet's Encrypt
Subjectrfdcxz.com
Fingerprint54:7F:B6:DE:A6:F5:D1:27:F6:38:FF:E8:6B:5B:13:4F:3F:73:57:CB
ValidityWed, 06 Sep 2023 04:43:56 GMT - Tue, 05 Dec 2023 04:43:55 GMT

File type
GIF image data, version 89a, 32 x 32\012- data
Size
3.2 kB (3208 bytes)
Hash
be1cede97289c13920048f238fd37b85
313b867d11fc0dd6bc6ca47c334bbcf18956ca76
fd29b3b084cf11160bfc4e99d98a261f2b36bff29113b07367c5204563c5d355

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /common_tpls/images/ajax-loader.gif HTTP/1.1
Host: rfdcxz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rfdcxz.com/3e889512ce122054/?epcVIP=48.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69904.47652-829423.6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2&theme=gsgoneg&f_color=ffffff&epcCID=m233Pb3dpfY7jfMdEc80n4Peyf32b3D55&rtid=02321648121
Cookie: PHPSESSID=58bca6c49f5e761c57ac2b5a6822fad3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 10 Sep 2023 06:29:47 GMT
content-type: image/gif
content-length: 3208
last-modified: Mon, 07 Oct 2013 22:49:23 GMT
etag: "52533a73-c88"
section-io-cache-id: 105ace5b4c1f754dc66533a445ee1115
x-varnish: 510679 445549
age: 1672
via: 1.1 varnish-65c66bdb8c-7ffsz (Varnish/7.2)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: 278fb9ececc5f19e43d37a4f0428460b
X-Firefox-Spdy: h2

rfdcxz.com/common_tpls/images/icons/email.png

207.120.33.35

200 OK

1.3 kB

URL GET HTTP/2
rfdcxz.com/common_tpls/images/icons/email.png
IP
207.120.33.35:443
ASN
#3356 LEVEL3

Requested by
https://rfdcxz.com/3e889512ce122054/?epcVIP=48.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69904.47652-829423.6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2&theme=gsgoneg&f_color=ffffff&epcCID=m233Pb3dpfY7jfMdEc80n4Peyf32b3D55&rtid=02321648121
Certificate
IssuerLet's Encrypt
Subjectrfdcxz.com
Fingerprint54:7F:B6:DE:A6:F5:D1:27:F6:38:FF:E8:6B:5B:13:4F:3F:73:57:CB
ValidityWed, 06 Sep 2023 04:43:56 GMT - Tue, 05 Dec 2023 04:43:55 GMT

File type
PNG image data, 26 x 26, 8-bit/color RGB, non-interlaced\012- data
Size
1.3 kB (1254 bytes)
Hash
a86d99b9176d82a211cfa29b2f0b353f
62947ddfd87e3a21869818885e4bfa4e55ad0c11
f8e82194c97e2a11a8c77fcd55d1ded51a1943b78eefac8475890f665dc620f1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /common_tpls/images/icons/email.png HTTP/1.1
Host: rfdcxz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rfdcxz.com/3e889512ce122054/?epcVIP=48.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69904.47652-829423.6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2&theme=gsgoneg&f_color=ffffff&epcCID=m233Pb3dpfY7jfMdEc80n4Peyf32b3D55&rtid=02321648121
Cookie: PHPSESSID=58bca6c49f5e761c57ac2b5a6822fad3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 10 Sep 2023 06:29:47 GMT
content-type: image/png
content-length: 1254
last-modified: Mon, 21 Aug 2017 19:32:05 GMT
etag: "599b3535-4e6"
section-io-cache-id: 11b43cfa6dff84e30d10a6a6d17afaa9
x-varnish: 1945227 141209
age: 1684
via: 1.1 varnish-65c66bdb8c-7ffsz (Varnish/7.2)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: e5a87b71fbc5002b7f256eec79bec250
X-Firefox-Spdy: h2

rfdcxz.com/common_tpls/images/icons/password.png

207.120.33.35

200 OK

1.5 kB

URL GET HTTP/2
rfdcxz.com/common_tpls/images/icons/password.png
IP
207.120.33.35:443
ASN
#3356 LEVEL3

Requested by
https://rfdcxz.com/3e889512ce122054/?epcVIP=48.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69904.47652-829423.6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2&theme=gsgoneg&f_color=ffffff&epcCID=m233Pb3dpfY7jfMdEc80n4Peyf32b3D55&rtid=02321648121
Certificate
IssuerLet's Encrypt
Subjectrfdcxz.com
Fingerprint54:7F:B6:DE:A6:F5:D1:27:F6:38:FF:E8:6B:5B:13:4F:3F:73:57:CB
ValidityWed, 06 Sep 2023 04:43:56 GMT - Tue, 05 Dec 2023 04:43:55 GMT

File type
PNG image data, 26 x 26, 8-bit/color RGB, non-interlaced\012- data
Size
1.5 kB (1452 bytes)
Hash
6f100f1cdbdce928118ffa4c9293ca5b
6b1a3593e792d4c00187d60560dd03fb42df1156
8c1a6b9e0c63edc7fa86898148dc6493cd56113fabbf85d901f7af4c180fce74

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /common_tpls/images/icons/password.png HTTP/1.1
Host: rfdcxz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rfdcxz.com/3e889512ce122054/?epcVIP=48.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69904.47652-829423.6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2&theme=gsgoneg&f_color=ffffff&epcCID=m233Pb3dpfY7jfMdEc80n4Peyf32b3D55&rtid=02321648121
Cookie: PHPSESSID=58bca6c49f5e761c57ac2b5a6822fad3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 10 Sep 2023 06:29:47 GMT
content-type: image/png
content-length: 1452
last-modified: Tue, 22 Aug 2017 16:34:59 GMT
etag: "599c5d33-5ac"
section-io-cache-id: e7fbfd2dcbbe1afa62ac78899779eb31
x-varnish: 510680 1160191
age: 1696
via: 1.1 varnish-65c66bdb8c-7ffsz (Varnish/7.2)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: 1d8eb19f3c096fcf6db478b9c5a86cac
X-Firefox-Spdy: h2

rfdcxz.com/common_tpls/images/icons/fname.png

207.120.33.35

200 OK

1.6 kB

URL GET HTTP/2
rfdcxz.com/common_tpls/images/icons/fname.png
IP
207.120.33.35:443
ASN
#3356 LEVEL3

Requested by
https://rfdcxz.com/3e889512ce122054/?epcVIP=48.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69904.47652-829423.6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2&theme=gsgoneg&f_color=ffffff&epcCID=m233Pb3dpfY7jfMdEc80n4Peyf32b3D55&rtid=02321648121
Certificate
IssuerLet's Encrypt
Subjectrfdcxz.com
Fingerprint54:7F:B6:DE:A6:F5:D1:27:F6:38:FF:E8:6B:5B:13:4F:3F:73:57:CB
ValidityWed, 06 Sep 2023 04:43:56 GMT - Tue, 05 Dec 2023 04:43:55 GMT

File type
PNG image data, 26 x 26, 8-bit/color RGBA, non-interlaced\012- data
Size
1.6 kB (1649 bytes)
Hash
5c846870756544f39604e671d4111b9d
304938c74246e228fa82d8ca40201c3db6098074
d43abf8c5665519a3fe3f7e90298fc17b62e06d8ada1b90a44ea9985a62abb4d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /common_tpls/images/icons/fname.png HTTP/1.1
Host: rfdcxz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rfdcxz.com/3e889512ce122054/?epcVIP=48.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69904.47652-829423.6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2&theme=gsgoneg&f_color=ffffff&epcCID=m233Pb3dpfY7jfMdEc80n4Peyf32b3D55&rtid=02321648121
Cookie: PHPSESSID=58bca6c49f5e761c57ac2b5a6822fad3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 10 Sep 2023 06:29:47 GMT
content-type: image/png
content-length: 1649
last-modified: Tue, 28 Nov 2017 20:52:02 GMT
etag: "5a1dcc72-671"
section-io-cache-id: 7e1dbb49ce3f98652a7e8d7a08ce3b80
x-varnish: 1945228 1908366
age: 1700
via: 1.1 varnish-65c66bdb8c-7ffsz (Varnish/7.2)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: d7577ec50c025a9eb021c1c5f98680b0
X-Firefox-Spdy: h2

rfdcxz.com/common_tpls/images/icons/address.png

207.120.33.35

200 OK

1.2 kB

URL GET HTTP/2
rfdcxz.com/common_tpls/images/icons/address.png
IP
207.120.33.35:443
ASN
#3356 LEVEL3

Requested by
https://rfdcxz.com/3e889512ce122054/?epcVIP=48.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69904.47652-829423.6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2&theme=gsgoneg&f_color=ffffff&epcCID=m233Pb3dpfY7jfMdEc80n4Peyf32b3D55&rtid=02321648121
Certificate
IssuerLet's Encrypt
Subjectrfdcxz.com
Fingerprint54:7F:B6:DE:A6:F5:D1:27:F6:38:FF:E8:6B:5B:13:4F:3F:73:57:CB
ValidityWed, 06 Sep 2023 04:43:56 GMT - Tue, 05 Dec 2023 04:43:55 GMT

File type
PNG image data, 26 x 26, 8-bit/color RGB, non-interlaced\012- data
Size
1.2 kB (1167 bytes)
Hash
b579e9868402d708e54e1a980166c444
1c58e2890b934c0b1ab057f3ac28bedd2a082d19
67756f8b542c7823bcdba421219c3b8e1ee472748d8c3463534f667271356dfb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /common_tpls/images/icons/address.png HTTP/1.1
Host: rfdcxz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rfdcxz.com/3e889512ce122054/?epcVIP=48.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69904.47652-829423.6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2&theme=gsgoneg&f_color=ffffff&epcCID=m233Pb3dpfY7jfMdEc80n4Peyf32b3D55&rtid=02321648121
Cookie: PHPSESSID=58bca6c49f5e761c57ac2b5a6822fad3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 10 Sep 2023 06:29:47 GMT
content-type: image/png
content-length: 1167
last-modified: Mon, 21 Aug 2017 19:32:05 GMT
etag: "599b3535-48f"
section-io-cache-id: b28c1a68c44b430f05817f08324c06c9
x-varnish: 510681 47702
age: 1699
via: 1.1 varnish-65c66bdb8c-7ffsz (Varnish/7.2)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: 56b3d0e6a04884019be22da8eabb4367
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
14bee7661a70e20720ccfc970f1da1df
685187fc334995bb7d51766d5af831667d544c0b
71d72c05430a03aea95e674c232e5b1a93612b0325d1092ba180d8880afceeab

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 10 Sep 2023 06:29:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
14bee7661a70e20720ccfc970f1da1df
685187fc334995bb7d51766d5af831667d544c0b
71d72c05430a03aea95e674c232e5b1a93612b0325d1092ba180d8880afceeab

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 10 Sep 2023 06:29:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

rfdcxz.com/common_tpls/js/validate_form_v2.js?jsv=33

207.120.33.35

200 OK

6.0 kB

URL GET HTTP/2
rfdcxz.com/common_tpls/js/validate_form_v2.js?jsv=33
IP
207.120.33.35:443
ASN
#3356 LEVEL3

Requested by
https://rfdcxz.com/3e889512ce122054/?epcVIP=48.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69904.47652-829423.6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2&theme=gsgoneg&f_color=ffffff&epcCID=m233Pb3dpfY7jfMdEc80n4Peyf32b3D55&rtid=02321648121
Certificate
IssuerLet's Encrypt
Subjectrfdcxz.com
Fingerprint54:7F:B6:DE:A6:F5:D1:27:F6:38:FF:E8:6B:5B:13:4F:3F:73:57:CB
ValidityWed, 06 Sep 2023 04:43:56 GMT - Tue, 05 Dec 2023 04:43:55 GMT

File type
Algol 68 source text\012- Pascal source, Unicode text, UTF-8 text
Size
6.0 kB (6004 bytes)
Hash
b26223d9940db2288de40d67f6f90731
83fd7db93e9f1c5eb54305c662140d350e81f0f4
82541640f7edc753be5fb44d233216f5906f8f6ebc7200a02f229e263997b0ef

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /common_tpls/js/validate_form_v2.js?jsv=33 HTTP/1.1
Host: rfdcxz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rfdcxz.com/3e889512ce122054/?epcVIP=48.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69904.47652-829423.6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2&theme=gsgoneg&f_color=ffffff&epcCID=m233Pb3dpfY7jfMdEc80n4Peyf32b3D55&rtid=02321648121
Cookie: PHPSESSID=58bca6c49f5e761c57ac2b5a6822fad3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 10 Sep 2023 06:29:47 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 13 Feb 2023 23:40:03 GMT
etag: W/"63eaca53-63ed"
section-io-cache-id: 946e5f77b016d77fe18d14373137cc4d
x-varnish: 1945226 47695
age: 1702
via: 1.1 varnish-65c66bdb8c-7ffsz (Varnish/7.2)
section-io-cache: Hit
content-encoding: gzip
section-io-id: 7d31e94d2f435e14830cd8bc8c70e91b
X-Firefox-Spdy: h2

kit.fontawesome.com/b314bdf1b3/110588222/kit-upload.css

104.18.22.52

200 OK

0 B

URL GET HTTP/2
kit.fontawesome.com/b314bdf1b3/110588222/kit-upload.css
IP
104.18.22.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://rfdcxz.com/3e889512ce122054/?epcVIP=48.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69904.47652-829423.6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2&theme=gsgoneg&f_color=ffffff&epcCID=m233Pb3dpfY7jfMdEc80n4Peyf32b3D55&rtid=02321648121
Certificate
IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint6C:69:02:A7:9B:07:84:8E:D0:3D:0A:10:61:8E:01:80:88:37:EF:5E
ValidityTue, 22 Nov 2022 00:00:00 GMT - Sat, 23 Dec 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /b314bdf1b3/110588222/kit-upload.css HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rfdcxz.com/
Origin: https://rfdcxz.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 10 Sep 2023 06:29:47 GMT
content-type: text/css
content-length: 0
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926, public, must-revalidate
etag: 54af53b207eef226d6511e0a88e3038e
strict-transport-security: max-age=31536000; preload
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: F3HEz91sxmKZH5yginzj
cf-cache-status: HIT
age: 840005
accept-ranges: bytes
server: cloudflare
cf-ray: 80459e5ccb5856cc-OSL
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2060521e966a6a20a0bf1ababc2286c0
763ffc1aa1a10115e4a0526c747e9202dd085f16
9532f54419572a700481f1d886fe5e95a277ad19ccd7b2df29b1d30f154f00f9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 10 Sep 2023 06:29:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2060521e966a6a20a0bf1ababc2286c0
763ffc1aa1a10115e4a0526c747e9202dd085f16
9532f54419572a700481f1d886fe5e95a277ad19ccd7b2df29b1d30f154f00f9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 10 Sep 2023 06:29:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=b314bdf1b3

104.18.22.52

200 OK

4.2 kB

URL GET HTTP/2
ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=b314bdf1b3
IP
104.18.22.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://rfdcxz.com/3e889512ce122054/?epcVIP=48.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69904.47652-829423.6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2&theme=gsgoneg&f_color=ffffff&epcCID=m233Pb3dpfY7jfMdEc80n4Peyf32b3D55&rtid=02321648121
Certificate
IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint6C:69:02:A7:9B:07:84:8E:D0:3D:0A:10:61:8E:01:80:88:37:EF:5E
ValidityTue, 22 Nov 2022 00:00:00 GMT - Sat, 23 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (26366)
Size
4.2 kB (4194 bytes)
Hash
715826d7cea0f100c00238e5e5dc92b4
ea2a076f73ed3826287a726f35ae5e54136f2cee
4245ecca2a4b50d7fd9adc9a965ed1f9b4ec24e9935e34c80efafc0f856d54c6

HTTP Headers

GET /releases/v5.15.4/css/pro-v4-shims.min.css?token=b314bdf1b3 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rfdcxz.com/
Origin: https://rfdcxz.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 10 Sep 2023 06:29:47 GMT
content-type: text/css
content-length: 4194
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-1062"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 840005
accept-ranges: bytes
server: cloudflare
cf-ray: 80459e5cdb5e56cc-OSL
X-Firefox-Spdy: h2

ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=b314bdf1b3

104.18.22.52

200 OK

54 kB

URL GET HTTP/2
ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=b314bdf1b3
IP
104.18.22.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://rfdcxz.com/3e889512ce122054/?epcVIP=48.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69904.47652-829423.6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2&theme=gsgoneg&f_color=ffffff&epcCID=m233Pb3dpfY7jfMdEc80n4Peyf32b3D55&rtid=02321648121
Certificate
IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint6C:69:02:A7:9B:07:84:8E:D0:3D:0A:10:61:8E:01:80:88:37:EF:5E
ValidityTue, 22 Nov 2022 00:00:00 GMT - Sat, 23 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (65397)
Size
54 kB (54194 bytes)
Hash
486b13730aafe2a39cdaf1666679fa5b
aa0f52f048688ada20d921fef78cf15684a25f04
37c65071f378cc9582aabdda3b52979ef901f2925e3f3c3dc597f41eac0f1b6d

HTTP Headers

GET /releases/v5.15.4/css/pro.min.css?token=b314bdf1b3 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rfdcxz.com/
Origin: https://rfdcxz.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 10 Sep 2023 06:29:47 GMT
content-type: text/css
content-length: 54194
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-d3b2"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 840005
accept-ranges: bytes
server: cloudflare
cf-ray: 80459e5cdb6156cc-OSL
X-Firefox-Spdy: h2

kit.fontawesome.com/b314bdf1b3.js

104.18.22.52

200 OK

8.5 kB

URL GET HTTP/2
kit.fontawesome.com/b314bdf1b3.js
IP
104.18.22.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://rfdcxz.com/3e889512ce122054/?epcVIP=48.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69904.47652-829423.6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2&theme=gsgoneg&f_color=ffffff&epcCID=m233Pb3dpfY7jfMdEc80n4Peyf32b3D55&rtid=02321648121
Certificate
IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint6C:69:02:A7:9B:07:84:8E:D0:3D:0A:10:61:8E:01:80:88:37:EF:5E
ValidityTue, 22 Nov 2022 00:00:00 GMT - Sat, 23 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (26366)
Size
8.5 kB (8453 bytes)
Hash
e1d49d5125581f1ffb732cc8b77341b6
b583c0b7a063ec226d6e54c7853c6bfd04be461a
08c4081d2e6e418912cf2b033c26f88c917cd36e65eb11c3199e658916958c45

HTTP Headers

GET /b314bdf1b3.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rfdcxz.com
DNT: 1
Connection: keep-alive
Referer: https://rfdcxz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 10 Sep 2023 06:29:47 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: F3a06yrBdhpxMJgACU0C
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 80459e5c9b3356cc-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

kit.fontawesome.com/b314bdf1b3.js

104.18.22.52

200 OK

6.9 kB

URL GET HTTP/2
kit.fontawesome.com/b314bdf1b3.js
IP
104.18.22.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://rfdcxz.com/3e889512ce122054/?epcVIP=48.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69904.47652-829423.6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2&theme=gsgoneg&f_color=ffffff&epcCID=m233Pb3dpfY7jfMdEc80n4Peyf32b3D55&rtid=02321648121
Certificate
IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint6C:69:02:A7:9B:07:84:8E:D0:3D:0A:10:61:8E:01:80:88:37:EF:5E
ValidityTue, 22 Nov 2022 00:00:00 GMT - Sat, 23 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (27832)
Size
6.9 kB (6862 bytes)
Hash
a1b53777566d41182aaace38ace00fe1
95ee21178bbf10e66ff092552f1ae2c34074f007
aec30baa0c5c8be1f4b6714d53b6ba9ccfa7a3a14166e1d4af5c88f6303c90a2

HTTP Headers

GET /b314bdf1b3.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rfdcxz.com
DNT: 1
Connection: keep-alive
Referer: https://rfdcxz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 10 Sep 2023 06:29:47 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: F3a06yrBdhpxMJgACU0C
cf-cache-status: HIT
server: cloudflare
cf-ray: 80459e5a39aa56cc-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

rfdcxz.com/common_tpls/js/form_support.js?v=1101202201

207.120.33.35

200 OK

4.0 kB

URL GET HTTP/2
rfdcxz.com/common_tpls/js/form_support.js?v=1101202201
IP
207.120.33.35:443
ASN
#3356 LEVEL3

Requested by
https://rfdcxz.com/3e889512ce122054/?epcVIP=48.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69904.47652-829423.6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2&theme=gsgoneg&f_color=ffffff&epcCID=m233Pb3dpfY7jfMdEc80n4Peyf32b3D55&rtid=02321648121
Certificate
IssuerLet's Encrypt
Subjectrfdcxz.com
Fingerprint54:7F:B6:DE:A6:F5:D1:27:F6:38:FF:E8:6B:5B:13:4F:3F:73:57:CB
ValidityWed, 06 Sep 2023 04:43:56 GMT - Tue, 05 Dec 2023 04:43:55 GMT

File type
ASCII text, with very long lines (27832)
Size
4.0 kB (3999 bytes)
Hash
dff6f9293c0a40aeea4043f3bc9374c8
ec2fd44e862ce5efe22570489c9e6c547dfe93e7
c9c75e27ed56aaeaafb3d91330bbe21757cf0009fa54f08de12f4345f405e059

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /common_tpls/js/form_support.js?v=1101202201 HTTP/1.1
Host: rfdcxz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rfdcxz.com/3e889512ce122054/?epcVIP=48.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69904.47652-829423.6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2&theme=gsgoneg&f_color=ffffff&epcCID=m233Pb3dpfY7jfMdEc80n4Peyf32b3D55&rtid=02321648121
Cookie: PHPSESSID=58bca6c49f5e761c57ac2b5a6822fad3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 10 Sep 2023 06:29:47 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 18 Nov 2022 21:23:38 GMT
etag: W/"6377f7da-ed7"
section-io-cache-id: ca361111427554662c7b09f46bb3f325
x-varnish: 510678 1908356
age: 1702
via: 1.1 varnish-65c66bdb8c-7ffsz (Varnish/7.2)
section-io-cache: Hit
content-encoding: gzip
section-io-id: d291340d99e2ca6abe62192fd50734d7
X-Firefox-Spdy: h2

ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=b314bdf1b3

104.18.22.52

200 OK

54 kB

URL GET HTTP/2
ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=b314bdf1b3
IP
104.18.22.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://rfdcxz.com/3e889512ce122054/?epcVIP=48.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69904.47652-829423.6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2&theme=gsgoneg&f_color=ffffff&epcCID=m233Pb3dpfY7jfMdEc80n4Peyf32b3D55&rtid=02321648121
Certificate
IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint6C:69:02:A7:9B:07:84:8E:D0:3D:0A:10:61:8E:01:80:88:37:EF:5E
ValidityTue, 22 Nov 2022 00:00:00 GMT - Sat, 23 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (65397)
Size
54 kB (54194 bytes)
Hash
486b13730aafe2a39cdaf1666679fa5b
aa0f52f048688ada20d921fef78cf15684a25f04
37c65071f378cc9582aabdda3b52979ef901f2925e3f3c3dc597f41eac0f1b6d

HTTP Headers

GET /releases/v5.15.4/css/pro.min.css?token=b314bdf1b3 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rfdcxz.com/
Origin: https://rfdcxz.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 10 Sep 2023 06:29:47 GMT
content-type: text/css
content-length: 54194
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-d3b2"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 840005
accept-ranges: bytes
server: cloudflare
cf-ray: 80459e5cdb6056cc-OSL
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v19/pxiByp8kv8JHgFVrLGT9V1s.ttf

216.58.207.227

200 OK

69 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v19/pxiByp8kv8JHgFVrLGT9V1s.ttf
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://rfdcxz.com/3e889512ce122054/?epcVIP=48.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69904.47652-829423.6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2&theme=gsgoneg&f_color=ffffff&epcCID=m233Pb3dpfY7jfMdEc80n4Peyf32b3D55&rtid=02321648121
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintAB:14:67:80:B6:91:41:34:54:E4:AE:2E:71:65:B4:8E:65:B2:D2:2D
ValidityMon, 14 Aug 2023 08:22:45 GMT - Mon, 06 Nov 2023 08:22:44 GMT

File type
TrueType Font data, 13 tables, 1st "GDEF", 8 names, Microsoft, language 0x409\012- data
Size
69 kB (68742 bytes)
Hash
614a91afc751f09d049231f828801c20
cf83e7582e60ed83f67c7d68b4f7482ac9fc6958
fcff04f4bec2b3636f05ed894dc1f9a752c4cb587ee49857ec7a82abaf6ca016

HTTP Headers

GET /s/poppins/v19/pxiByp8kv8JHgFVrLGT9V1s.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rfdcxz.com
DNT: 1
Connection: keep-alive
Referer: https://rfdcxz.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 68742
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Sep 2023 20:52:50 GMT
expires: Fri, 06 Sep 2024 20:52:50 GMT
cache-control: public, max-age=31536000
age: 207417
last-modified: Wed, 26 Jan 2022 19:15:44 GMT
content-type: font/ttf
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v19/pxiEyp8kv8JHgFVrFJA.ttf

216.58.207.227

200 OK

70 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v19/pxiEyp8kv8JHgFVrFJA.ttf
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://rfdcxz.com/3e889512ce122054/?epcVIP=48.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69904.47652-829423.6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2&theme=gsgoneg&f_color=ffffff&epcCID=m233Pb3dpfY7jfMdEc80n4Peyf32b3D55&rtid=02321648121
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintAB:14:67:80:B6:91:41:34:54:E4:AE:2E:71:65:B4:8E:65:B2:D2:2D
ValidityMon, 14 Aug 2023 08:22:45 GMT - Mon, 06 Nov 2023 08:22:44 GMT

File type
TrueType Font data, 13 tables, 1st "GDEF", 8 names, Microsoft, language 0x409\012- data
Size
70 kB (69472 bytes)
Hash
cd6b896a19b4babd1a2fa07498e9fc47
52f9413b264e8ecefbbf12830e3dfadebbf72986
cdedb1729acac414ed01744a11da7badb86adf13108e7bd3fa161b9323f7fe54

HTTP Headers

GET /s/poppins/v19/pxiEyp8kv8JHgFVrFJA.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rfdcxz.com
DNT: 1
Connection: keep-alive
Referer: https://rfdcxz.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 69472
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 05 Sep 2023 06:00:03 GMT
expires: Wed, 04 Sep 2024 06:00:03 GMT
cache-control: public, max-age=31536000
age: 433784
last-modified: Wed, 26 Jan 2022 19:11:10 GMT
content-type: font/ttf
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2060521e966a6a20a0bf1ababc2286c0
763ffc1aa1a10115e4a0526c747e9202dd085f16
9532f54419572a700481f1d886fe5e95a277ad19ccd7b2df29b1d30f154f00f9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 10 Sep 2023 06:29:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-brands-400-5.0.0.woff2

104.18.22.52

200 OK

38 kB

URL GET HTTP/2
ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-brands-400-5.0.0.woff2
IP
104.18.22.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://rfdcxz.com/3e889512ce122054/?epcVIP=48.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69904.47652-829423.6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2&theme=gsgoneg&f_color=ffffff&epcCID=m233Pb3dpfY7jfMdEc80n4Peyf32b3D55&rtid=02321648121
Certificate
IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint6C:69:02:A7:9B:07:84:8E:D0:3D:0A:10:61:8E:01:80:88:37:EF:5E
ValidityTue, 22 Nov 2022 00:00:00 GMT - Sat, 23 Dec 2023 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 37796, version 331.-31196\012- data
Size
38 kB (37796 bytes)
Hash
6cdf281bc8af0068561fe6aa361a6a0b
4b11f830ee1b852b8aa46ea7e4cfe709a327bf58
49fd3e0c64f247cf56cb828bc37b88cf139df6e5c7bb4c3a4507f740e9a52c17

HTTP Headers

GET /releases/v5.15.4/webfonts/pro-fa-brands-400-5.0.0.woff2 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rfdcxz.com
DNT: 1
Connection: keep-alive
Referer: https://rfdcxz.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 10 Sep 2023 06:29:47 GMT
content-type: font/woff2
content-length: 37796
access-control-allow-origin: *
cache-control: max-age=31556926
etag: "610ae351-93a4"
last-modified: Wed, 04 Aug 2021 18:58:25 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 791164
accept-ranges: bytes
server: cloudflare
cf-ray: 80459e5dec4456cc-OSL
X-Firefox-Spdy: h2

ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-solid-900-5.0.0.woff2

104.18.22.52

200 OK

20 kB

URL GET HTTP/2
ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-solid-900-5.0.0.woff2
IP
104.18.22.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://rfdcxz.com/3e889512ce122054/?epcVIP=48.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69904.47652-829423.6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2&theme=gsgoneg&f_color=ffffff&epcCID=m233Pb3dpfY7jfMdEc80n4Peyf32b3D55&rtid=02321648121
Certificate
IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint6C:69:02:A7:9B:07:84:8E:D0:3D:0A:10:61:8E:01:80:88:37:EF:5E
ValidityTue, 22 Nov 2022 00:00:00 GMT - Sat, 23 Dec 2023 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 19784, version 331.-31196\012- data
Size
20 kB (19784 bytes)
Hash
c7682b8035fc1d1672d6455631813794
9e2955e5e55b3073e229c218724406425862d4a1
1b50aa1d36ea249991fb44f8f6ad2aa74fe360df9cc04c564b5edf3b053b739c

HTTP Headers

GET /releases/v5.15.4/webfonts/pro-fa-solid-900-5.0.0.woff2 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rfdcxz.com
DNT: 1
Connection: keep-alive
Referer: https://rfdcxz.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 10 Sep 2023 06:29:47 GMT
content-type: font/woff2
content-length: 19784
access-control-allow-origin: *
cache-control: max-age=31556926
etag: "610ae35f-4d48"
last-modified: Wed, 04 Aug 2021 18:58:39 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 840004
accept-ranges: bytes
server: cloudflare
cf-ray: 80459e5e9ca856cc-OSL
X-Firefox-Spdy: h2

rfdcxz.com/acct/trk/?rtid=02321648121

207.120.33.35

200 OK

21 B

URL GET HTTP/2
rfdcxz.com/acct/trk/?rtid=02321648121
IP
207.120.33.35:443
ASN
#3356 LEVEL3

Requested by
https://rfdcxz.com/3e889512ce122054/?epcVIP=48.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69904.47652-829423.6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2&theme=gsgoneg&f_color=ffffff&epcCID=m233Pb3dpfY7jfMdEc80n4Peyf32b3D55&rtid=02321648121
Certificate
IssuerLet's Encrypt
Subjectrfdcxz.com
Fingerprint54:7F:B6:DE:A6:F5:D1:27:F6:38:FF:E8:6B:5B:13:4F:3F:73:57:CB
ValidityWed, 06 Sep 2023 04:43:56 GMT - Tue, 05 Dec 2023 04:43:55 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
21 B (21 bytes)
Hash
66af068e51df72f1f593fe145af81f89
7ce3b8dd2c02380717addbfa3dade9bba6810975
85858d086a2a67446e034133c8e88c717c729b1d78abcb3e09035d0773769ccb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /acct/trk/?rtid=02321648121 HTTP/1.1
Host: rfdcxz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://rfdcxz.com/3e889512ce122054/?epcVIP=48.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69904.47652-829423.6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2&theme=gsgoneg&f_color=ffffff&epcCID=m233Pb3dpfY7jfMdEc80n4Peyf32b3D55&rtid=02321648121
Cookie: PHPSESSID=58bca6c49f5e761c57ac2b5a6822fad3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 10 Sep 2023 06:29:47 GMT
content-type: text/json;charset=UTF-8
content-length: 21
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-varnish: 1909803
age: 0
via: 1.1 varnish-65c66bdb8c-7ffsz (Varnish/7.2)
section-io-cache: Miss
section-io-id: b24c545ae5c26051f5ea93ea9a0c3b8d
X-Firefox-Spdy: h2

ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-font-face.min.css?token=b314bdf1b3

104.18.22.52

200 OK

28 kB

URL GET HTTP/2
ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-font-face.min.css?token=b314bdf1b3
IP
104.18.22.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://rfdcxz.com/3e889512ce122054/?epcVIP=48.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69904.47652-829423.6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2&theme=gsgoneg&f_color=ffffff&epcCID=m233Pb3dpfY7jfMdEc80n4Peyf32b3D55&rtid=02321648121
Certificate
IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint6C:69:02:A7:9B:07:84:8E:D0:3D:0A:10:61:8E:01:80:88:37:EF:5E
ValidityTue, 22 Nov 2022 00:00:00 GMT - Sat, 23 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (27832)
Size
28 kB (27971 bytes)
Hash
1cb05a2f9541200e1fa0a2cd0abc7663
fdf3292a6db22945eb79e08d847834205b749c6f
a8a00b576cc9fad532a52ecdf8024724ddaa83cb0f5ca5d1b1d6eb8841103d60

HTTP Headers

GET /releases/v5.15.4/css/pro-v4-font-face.min.css?token=b314bdf1b3 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rfdcxz.com/
Origin: https://rfdcxz.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 10 Sep 2023 06:29:47 GMT
content-type: text/css
content-length: 2603
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-a2b"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 840005
accept-ranges: bytes
server: cloudflare
cf-ray: 80459e5cdb5d56cc-OSL
X-Firefox-Spdy: h2

rfdcxz.com/3e889512ce122054/?epcVIP=48.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69904.47652-829423.6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2&theme=gsgoneg&f_color=ffffff&epcCID=m233Pb3dpfY7jfMdEc80n4Peyf32b3D55&rtid=02321648121

207.120.33.35

200 OK

30 kB

URL GET HTTP/2
rfdcxz.com/3e889512ce122054/?epcVIP=48.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69904.47652-829423.6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2&theme=gsgoneg&f_color=ffffff&epcCID=m233Pb3dpfY7jfMdEc80n4Peyf32b3D55&rtid=02321648121
IP
207.120.33.35:443
ASN
#3356 LEVEL3

Requested by
https://straightboysgonegay.com/t2/?trk=6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2
Certificate
IssuerLet's Encrypt
Subjectrfdcxz.com
Fingerprint54:7F:B6:DE:A6:F5:D1:27:F6:38:FF:E8:6B:5B:13:4F:3F:73:57:CB
ValidityWed, 06 Sep 2023 04:43:56 GMT - Tue, 05 Dec 2023 04:43:55 GMT

File type

Size
30 kB (29676 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /3e889512ce122054/?epcVIP=48.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69904.47652-829423.6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2&theme=gsgoneg&f_color=ffffff&epcCID=m233Pb3dpfY7jfMdEc80n4Peyf32b3D55&rtid=02321648121 HTTP/1.1
Host: rfdcxz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://straightboysgonegay.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 10 Sep 2023 06:29:46 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=58bca6c49f5e761c57ac2b5a6822fad3; path=/; secure; SameSite=None
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-encoding: gzip
vary: Accept-Encoding
x-varnish: 827544
age: 0
via: 1.1 varnish-65c66bdb8c-7ffsz (Varnish/7.2)
accept-ranges: bytes
section-io-cache: Miss
section-io-id: 6432448057baa1627de652c27cd1375d
X-Firefox-Spdy: h2

admitjoin.com/signup/?epcVIP=48.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69904.47652-829423.6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2&theme=gsgoneg&f_color=ffffff

163.171.128.172

302 Found

30 kB

URL GET HTTP/2
admitjoin.com/signup/?epcVIP=48.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69904.47652-829423.6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2&theme=gsgoneg&f_color=ffffff
IP
163.171.128.172:443
ASN
#54994 QUANTILNETWORKS

Requested by
https://straightboysgonegay.com/t2/?trk=6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2
Certificate
IssuerGlobalSign nv-sa
Subject*.admitjoin.com
FingerprintF6:D7:CD:32:74:52:1E:02:1E:4D:C8:DD:4F:CE:6F:B2:6D:10:0F:98
ValidityThu, 23 Feb 2023 21:19:26 GMT - Tue, 26 Mar 2024 21:19:25 GMT

File type

Size
30 kB (29676 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /signup/?epcVIP=48.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69904.47652-829423.6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2&theme=gsgoneg&f_color=ffffff HTTP/1.1
Host: admitjoin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://straightboysgonegay.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sun, 10 Sep 2023 06:29:45 GMT
content-type: text/html; charset=UTF-8
server: PWS/8.3.1.0.8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=b0094ee97fae7802e8dbb4b2cba02877; path=/; secure; SameSite=None
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location: https://rfdcxz.com/3e889512ce122054/?epcVIP=48.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69904.47652-829423.6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2&theme=gsgoneg&f_color=ffffff&epcCID=m233Pb3dpfY7jfMdEc80n4Peyf32b3D55&rtid=02321648121
via: 1.1 PS-FRA-018SR149:9 (W), 1.1 PSdgflkfFRA1vg90:11 (W)
x-px: ms PSdgflkfFRA1vg90FRA,ms PS-FRA-018SR149FRA(origin)
x-ws-request-id: 64fd6259_PSdgflkfFRA1vg90_15093-63673
X-Firefox-Spdy: h2

straightboysgonegay.com/t2/images/bg-8-mobile.jpg

208.74.149.150

200 OK

84 kB

URL GET HTTP/2
straightboysgonegay.com/t2/images/bg-8-mobile.jpg
IP
208.74.149.150:443
ASN
#27589 MOJOHOST

Requested by
https://straightboysgonegay.com/t2/?trk=6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2
Certificate
IssuerLet's Encrypt
Subjectstraightboysgonegay.com
Fingerprint6F:69:DB:F2:B6:DF:1E:7B:CD:99:D2:4E:39:27:63:5B:A1:AE:A2:44
ValidityMon, 04 Sep 2023 03:18:16 GMT - Sun, 03 Dec 2023 03:18:15 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 700x1100, components 3\012- data
Size
84 kB (83532 bytes)
Hash
32908e091aec2a90e4ed8e1fa9039ac0
8fcd0ed3aa6cc988ccfa7007eeaea3dcc2788d6b
3a5791a3e6b5baf26bc428bf1e662ce465017151fd6af864b7fcf6d0390dc5aa

HTTP Headers

GET /t2/images/bg-8-mobile.jpg HTTP/1.1
Host: straightboysgonegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://straightboysgonegay.com/t2/?trk=6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Tue, 08 May 2018 00:27:34 GMT
etag: "1464c-56ba6da412980"
accept-ranges: bytes
content-length: 83532
content-type: image/jpeg
date: Sun, 10 Sep 2023 06:29:44 GMT
server: Apache/2
X-Firefox-Spdy: h2

rfdcxz.com/common_tpls/js/iframeResizer.contentWindow.min.js

207.120.33.35

200 OK

13 kB

URL GET HTTP/2
rfdcxz.com/common_tpls/js/iframeResizer.contentWindow.min.js
IP
207.120.33.35:443
ASN
#3356 LEVEL3

Requested by
https://rfdcxz.com/3e889512ce122054/?epcVIP=48.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69904.47652-829423.6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2&theme=gsgoneg&f_color=ffffff&epcCID=m233Pb3dpfY7jfMdEc80n4Peyf32b3D55&rtid=02321648121
Certificate
IssuerLet's Encrypt
Subjectrfdcxz.com
Fingerprint54:7F:B6:DE:A6:F5:D1:27:F6:38:FF:E8:6B:5B:13:4F:3F:73:57:CB
ValidityWed, 06 Sep 2023 04:43:56 GMT - Tue, 05 Dec 2023 04:43:55 GMT

File type
ASCII text, with very long lines (12990)
Size
13 kB (13381 bytes)
Hash
2cf9df789476bc39b9906030f639660d
de708b4a0fe32f3d77505675eb119b671327a6b4
7d5f5d0fe842536e512b4ca0cac0b48a66577ea091f3a6840365ff6124be034b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /common_tpls/js/iframeResizer.contentWindow.min.js HTTP/1.1
Host: rfdcxz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rfdcxz.com/3e889512ce122054/?epcVIP=48.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69904.47652-829423.6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2&theme=gsgoneg&f_color=ffffff&epcCID=m233Pb3dpfY7jfMdEc80n4Peyf32b3D55&rtid=02321648121
Cookie: PHPSESSID=58bca6c49f5e761c57ac2b5a6822fad3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 10 Sep 2023 06:29:47 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 04 Feb 2016 15:06:03 GMT
etag: W/"56b368db-3445"
section-io-cache-id: 110d3566f5179c8d6664027b8a27ae84
x-varnish: 1945229 445507
age: 1701
via: 1.1 varnish-65c66bdb8c-7ffsz (Varnish/7.2)
section-io-cache: Hit
content-encoding: gzip
section-io-id: 43291a2780345249582771743d70192b
X-Firefox-Spdy: h2

fonts.googleapis.com/icon?family=Material+Icons

142.250.74.106

200 OK

565 B

URL GET HTTP/2
fonts.googleapis.com/icon?family=Material+Icons
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://rfdcxz.com/3e889512ce122054/?epcVIP=48.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69904.47652-829423.6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2&theme=gsgoneg&f_color=ffffff&epcCID=m233Pb3dpfY7jfMdEc80n4Peyf32b3D55&rtid=02321648121
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint09:AB:BF:F5:D0:04:69:59:E1:EA:AC:DA:8B:68:CF:62:94:2E:50:38
ValidityMon, 14 Aug 2023 08:22:09 GMT - Mon, 06 Nov 2023 08:22:08 GMT

File type
ASCII text, with very long lines (588), with no line terminators
Size
565 B (565 bytes)
Hash
bdcf60bde5544e1017e1f2e60888a9c7
6fb24309b7ff90c1c99d19c0c7a127a16508840e
d701601406acfca6bfc0c58b411446e3e0e96c659f35c143355d3dd72c390952

HTTP Headers

GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rfdcxz.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 10 Sep 2023 06:29:47 GMT
date: Sun, 10 Sep 2023 06:29:47 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-font-face.min.css?token=b314bdf1b3

104.18.22.52

200 OK

28 kB

URL GET HTTP/2
ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-font-face.min.css?token=b314bdf1b3
IP
104.18.22.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://rfdcxz.com/3e889512ce122054/?epcVIP=48.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69904.47652-829423.6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2&theme=gsgoneg&f_color=ffffff&epcCID=m233Pb3dpfY7jfMdEc80n4Peyf32b3D55&rtid=02321648121
Certificate
IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint6C:69:02:A7:9B:07:84:8E:D0:3D:0A:10:61:8E:01:80:88:37:EF:5E
ValidityTue, 22 Nov 2022 00:00:00 GMT - Sat, 23 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (27832)
Size
28 kB (27971 bytes)
Hash
1cb05a2f9541200e1fa0a2cd0abc7663
fdf3292a6db22945eb79e08d847834205b749c6f
a8a00b576cc9fad532a52ecdf8024724ddaa83cb0f5ca5d1b1d6eb8841103d60

HTTP Headers

GET /releases/v5.15.4/css/pro-v4-font-face.min.css?token=b314bdf1b3 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rfdcxz.com/
Origin: https://rfdcxz.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 10 Sep 2023 06:29:47 GMT
content-type: text/css
content-length: 2603
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-a2b"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 840005
accept-ranges: bytes
server: cloudflare
cf-ray: 80459e5cdb6356cc-OSL
X-Firefox-Spdy: h2

bestlnd.com/ep.php/stgngy:75035/69904:6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2

35.83.162.211

302 Found

30 kB

URL GET HTTP/2
bestlnd.com/ep.php/stgngy:75035/69904:6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2
IP
35.83.162.211:443
ASN
#16509 AMAZON-02

Requested by
https://straightboysgonegay.com/t2/?trk=6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2
Certificate
IssuerAmazon
Subjectfirstlnd.com
FingerprintC2:31:F7:32:02:DF:6A:34:F9:25:A1:C0:95:73:C5:49:82:1A:56:BF
ValidityWed, 03 May 2023 00:00:00 GMT - Fri, 31 May 2024 23:59:59 GMT

File type

Size
30 kB (29676 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ep.php/stgngy:75035/69904:6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2 HTTP/1.1
Host: bestlnd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://straightboysgonegay.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sun, 10 Sep 2023 06:29:45 GMT
content-type: text/html; charset=UTF-8
location: https://admitjoin.com/signup/?epcVIP=48.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69904.47652-829423.6126bfe9-24a1-428b-ac21-7d4e035101f3.w4irkqbcfohs86grih5nnae2&theme=gsgoneg&f_color=ffffff
set-cookie: AWSALB=7r/Iwr2NmZNUdrXqT22CRAXqKvMY5SJAnkIyv3vmWcbmX1Uz3hKDpynD1aixpjFfHyTZ7PR/aKKZWsevO1Hehr18tcuFDyknolcpEdEtVjVIVXzhVZLcNgfxl5u9; Expires=Sun, 17 Sep 2023 06:29:45 GMT; Path=/
AWSALBCORS=7r/Iwr2NmZNUdrXqT22CRAXqKvMY5SJAnkIyv3vmWcbmX1Uz3hKDpynD1aixpjFfHyTZ7PR/aKKZWsevO1Hehr18tcuFDyknolcpEdEtVjVIVXzhVZLcNgfxl5u9; Expires=Sun, 17 Sep 2023 06:29:45 GMT; Path=/; SameSite=None; Secure
vip_id=69904.47652-829423; expires=Wed, 13-Sep-2023 06:29:45 GMT; Max-Age=259200; path=/
server: Apache
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (24)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by