| zee.gl/YrU0XJ |  188.114.96.1 | 302 Found | 0 B |
IP188.114.96.1:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /YrU0XJ HTTP/1.1
Host: zee.gl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Sun, 15 Jan 2023 21:24:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://za.gl/YrU0XJ
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lQZjtFQ9EInN5Os8H7jeh1Nx2fNu1ig5%2FpbPGpc8mBR3RlFGaXs6SNXBNXY%2BcsvbC6VK0S5Ce3xTkZd9%2Fe22Q3M1OZGEztGMxivYnXGdXTM0s7ed%2FJ194ns%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78a1ade26affb4f9-OSL
alt-svc: h2=":443"; ma=60
|
|
| r3.o.lencr.org/ |  23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash2258cd6b877a3aca8f4c84074e65ac4b 4e46c70941f8e497e8afc8d078644e7f81761a1c faac4e0d123f2112b58953c104ea746cd53047fc1ada0ef5d669feecf78ddfff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FAAC4E0D123F2112B58953C104EA746CD53047FC1ADA0EF5D669FEECF78DDFFF"
Last-Modified: Sat, 14 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16039
Expires: Mon, 16 Jan 2023 01:51:56 GMT
Date: Sun, 15 Jan 2023 21:24:37 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash0643dc6b6fed33b3537160b6bb77bcbf aa43bd1fbb30d2219f3285c1ee4991ffb33562c5 f137438e30e0d69cba77ca2eb736687873e4a9c06cf88d23c6d55ea930fde09f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F137438E30E0D69CBA77CA2EB736687873E4A9C06CF88D23C6D55EA930FDE09F"
Last-Modified: Sat, 14 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6878
Expires: Sun, 15 Jan 2023 23:19:15 GMT
Date: Sun, 15 Jan 2023 21:24:37 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ |  35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash14cd9a0afb6ba9a763651d5112760d1e 75d7b104ab9ab11fbb73c3f348b43b0119b5adfa 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 15 Jan 2023 20:49:06 GMT
content-type: application/json
age: 2131
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashd6e2abd68203014e8e24d4a9e20e980a 5edbbb1a36083d5077b90b82e7aa10049e90c5d6 88cf8dae194a5e92a8c36a4c54ae71a609eaaed6e99d3986b3834c40d2fceeaa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "88CF8DAE194A5E92A8C36A4C54AE71A609EAAED6E99D3986B3834C40D2FCEEAA"
Last-Modified: Sun, 15 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14920
Expires: Mon, 16 Jan 2023 01:33:17 GMT
Date: Sun, 15 Jan 2023 21:24:37 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: BjHMqskZEnICl6/MUIKItm4mRAECwlkUk/uGM3Myh5erewy/w97/ewbTXB0a/DY4mvpywqp6u14=
x-amz-request-id: VGH43TEBGMNFAZ17
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 15 Jan 2023 20:55:30 GMT
age: 1747
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 15 Jan 2023 21:24:37 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 15 Jan 2023 20:33:45 GMT
age: 3052
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/aes.js |  104.17.24.14 | 200 OK | 4.3 kB |
URL HTTP/2cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/aes.js IP104.17.24.14:0
File typeASCII text, with very long lines (548) Hash4dc1890d39b14772f9579894d823296e ae5c8609bcf332695e4669f817c91a20a81e3208 e8280ea3c6c000fb1d319cc116e7ebe934818e2091fcf87dd6cc450b62d00b48
GET /ajax/libs/crypto-js/3.1.2/rollups/aes.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 15 Jan 2023 21:24:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 4256
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e2d-3430"
last-modified: Mon, 04 May 2020 16:09:17 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 785808
expires: Fri, 05 Jan 2024 21:24:37 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WeCQVIz%2BV9cKJ5ir777Mli9kJi%2FGofYDjnYyQYrfTmw3qseBNud9O6t4d23y3yMYlxldtNQTGdzgW0HxZ9k7d6THjgMEs25JLUlCsl7yI43AlnsZG1zxCQ8orpyKDDZdbyr%2Bf7Ug"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78a1ade87a36b4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick.js | 104.17.24.14 | 200 OK | 12 kB |
URL HTTP/2cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick.js IP104.17.24.14:0
Hashfab824518fd82853ed2698f39d8ec43e df19bf45131085a88eb2cd4c07e2bda44cef0e98 d55908906f498a577e0f9cc6ffeac157765acb67643c23d22c0d51b352e208c4
GET /ajax/libs/slick-carousel/1.6.0/slick.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 15 Jan 2023 21:24:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 12032
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fd5-14929"
last-modified: Mon, 04 May 2020 16:16:21 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2135611
expires: Fri, 05 Jan 2024 21:24:37 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BGVv3YZRAWwXHUGZKNV9xlpiXqa5WZQPlANSsqGC9ScVYROZeLBCBzPYJOYFJBQijtq%2FPaP785ADvDMncipEhcLEqaEphlJX8Yluoife4WzAmvvQrUBfCIYtGHuE33%2FuN77bVdo1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78a1ade88a40b4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ |  93.184.220.29 | 200 OK | 1.2 kB |
IP93.184.220.29:0
Hash403e1db2ef680762f268e6f87e7e4a7c a8fa3095c30af5d3c7d4d69fe42ac48e293c216a a7cb530d36900d0d1a3c7fca65cb4508ddc4ff36a64067fc54fda9e62c15d69b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3008
Cache-Control: max-age=131537
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 21:24:37 GMT
Etag: "63c3c226-1d7"
Expires: Tue, 17 Jan 2023 09:56:54 GMT
Last-Modified: Sun, 15 Jan 2023 09:06:46 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 31 kB |
IP142.250.74.131:0
Hash05cfcdd49013086337259b6405755f84 c7d89abd76d8a1687a879beec653961456595643 12cf5234c67f1d12e8c10eb0f69dc9cfaca404512ba67739bf291b36c4b30603
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 21:24:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 743 B |
IP142.250.74.131:0
Hashfd35d10a529b2a3c8451b9379f308cae 7721d456b73ff673d509e0663c88e1f86b184b9e d6729e0ad4d6415d33a433e69ce7c75013add439ef9c4c41e32d7666d9a40084
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 21:24:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash6db0ab20925a64068987b60dd6f72f9a 38d0bea36fbf16ec63bec71cb3bbe743541458b1 74082ea963e7afe8094d2e187e40309b5848948822467c62f1ef0852ae688564
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 21:24:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 2.8 kB |
IP142.250.74.131:0
Hashcb303cb54d9cf6dbe6034c2f74c5628e fc9c4b2c58e453d6d35f3181a7e84e8f88474e76 e19094aeed2925778f8fd7d75780f1dc786e46060f01b2667cc080791858cc66
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 21:24:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js | 142.250.74.42 | 200 OK | 30 kB |
URL HTTP/2ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js IP142.250.74.42:0
File typeASCII text, with very long lines (32058) Hashfc3fc31e5e7c0933dc18e562c1c071bf a44c31323f6bd29e583cc585036e6eb39f7014a6 ddad766fb94b23efeb5574cdedc5e8446d496fb91bd0b08cd80be212e001055d
GET /ajax/libs/jquery/3.2.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30306
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 12 Jan 2023 22:24:40 GMT
expires: Fri, 12 Jan 2024 22:24:40 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 255597
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| www.google.com/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit | 216.58.211.4 | 200 OK | 582 B |
URL HTTP/2www.google.com/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit IP216.58.211.4:0
File typeASCII text, with very long lines (918), with no line terminators Hash44738931d10456448b8b7a9478c872f8 b5e01713f430cd6aa59d73bab080417c9cb4d6ec 8c6ee476a67ee5e019e73b9deff6c9db83e06bef49c3b64b3b069168d5a6258e
GET /recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sun, 15 Jan 2023 21:24:37 GMT
date: Sun, 15 Jan 2023 21:24:37 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 582
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=UA-120643151-1 | 142.250.74.40 | 200 OK | 44 kB |
URL HTTP/2www.googletagmanager.com/gtag/js?id=UA-120643151-1 IP142.250.74.40:0
File typeASCII text, with very long lines (1921) Hash5d3b8c61fdd01f092c76d09e5431b6d8 030e528621c0ef0e9dbd65f4d13e09c445efc3a5 0972cf8073a55c01cc6183c1741002af2af4352cc6fac9c56ef5fdb0dad3903e
GET /gtag/js?id=UA-120643151-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 15 Jan 2023 21:24:37 GMT
expires: Sun, 15 Jan 2023 21:24:37 GMT
cache-control: private, max-age=900
last-modified: Sun, 15 Jan 2023 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44194
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-6QVVMFTPT3 | 142.250.74.40 | 200 OK | 77 kB |
URL HTTP/2www.googletagmanager.com/gtag/js?id=G-6QVVMFTPT3 IP142.250.74.40:0
File typeASCII text, with very long lines (20080) Hashce793847bbae741d2dedbb7c4532ac39 370c3591abcdd17ab17ee73dca3bfff008796217 99eb01d4f5812295a9b0605b340e2c0f99665e77700cd6806e7c59338f005dd2
GET /gtag/js?id=G-6QVVMFTPT3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 15 Jan 2023 21:24:37 GMT
expires: Sun, 15 Jan 2023 21:24:37 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77386
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hashf3ee298482e8025b16b90899b84c98d1 ce5050ce27200b3408a8e5113adcc7a8d14b4796 4c3dd7d296e502765b2de450a4ecb5f8c872ed477b464b9913d2633125680ff0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 21:24:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 1.4 kB |
IP142.250.74.131:0
Hash005127415d545121eb742f7ac39cb4be ccf741c90fad0dea68bc4a7a93c40a0ac93fc4ce 96ed2bfdbb442f7b8628c773ef9966a04c11c8d246322ff68d546adcba0874e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 21:24:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 10 kB |
IP142.250.74.131:0
Hash2731915ab206bf23a4eb385953cc6062 6c4665db0517d437c5d39e2926761ef50b6dbcf8 6f2047c8318136bf4e30d3a18472364529e18bfa5c5dfc8cb43a1e2dfab1ff59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 21:24:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash63931ff97eb1381a053be3c3e3e15109 936c6ff2f38aa0533a06f3e86a83fda70fb55082 190074a5719a32e42ef57a8a5a2f68c70f0f67204e0fc18bf77afad64a7d418f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 21:24:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 566 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashb3c2f13687238de2c86d37cb888a2578 4f41c266aba772ea6235c2a4ecbc163f502078ed 6a9ab16b11ec61f21160f2ba1c1cc26936b2f41671da7281d1745868f69516b6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26003A6F5DF3FE412B590CFC0BE1448B4951B217F0E75CECF80E36A1A59643EB"
Last-Modified: Sat, 14 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20141
Expires: Mon, 16 Jan 2023 03:00:19 GMT
Date: Sun, 15 Jan 2023 21:24:38 GMT
Connection: keep-alive
|
|
| opticlygremio.com/1clkn/14927 |  23.109.82.181 | 200 OK | 26 B |
URL HTTP/1.1opticlygremio.com/1clkn/14927 IP23.109.82.181:0
File typeASCII text, with no line terminators Hash414a242a6fee8464282857e475d3ef61 f669890350347f53aa9bd19c1a355692e8d17d2f d4914e81dd0b4c1d8ee8e789f6b369d107b93ac886f862930e1a98580e79aafa
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /1clkn/14927 HTTP/1.1
Host: opticlygremio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 15 Jan 2023 21:24:38 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Mon, 16-Jan-2023 21:24:38 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjM0KgkAYRW0qSwrjQg%2FQC2T%2Fi7bVMnThAwxmXzFg84kz%2FdjTpwbR5nI4cK7jOGLsQ6gcw%2B0i2M6D9TJYbNZoX4khwgjDlO%2FaFqXUyY3ghlw8kxJuQVfFGmK%2BwuDLMuUzoRtG0z%2FXRIPIZDzZ1z8lOqmqt1bwav52vaprXFuZHP4uU69JzNndVi8GniYrTU50hrdPThnNDvER%2Fs82H24LfWVkXvCrrHhk1Y3erEny5WLIVqr1cMUHDLFHVQ%3D%3D; expires=Mon, 16-Jan-2023 21:24:38 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4 | 104.18.20.226 | 200 OK | 1.5 kB |
URL HTTP/1.1ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4 IP104.18.20.226:0
Hashe34b4b9c91cc8b168a6688ed8dc76d51 e123a5f6988aac1fa643e4fbc0044eeecc231966 66d5b81dbe2b0aac5415a5ba384c61b736dbf99214d5956888240821459a4bf1
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 21:24:38 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "C2B6DD8E23DBAE567B4DB292571997573FB22AF8"
Expires: Mon, 16 Jan 2023 08:00:00 GMT
Last-Modified: Sun, 15 Jan 2023 20:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 304
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78a1adea8f7ab517-OSL
|
|
| push.services.mozilla.com/ | 34.217.239.19 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP34.217.239.19:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: m96eYMZ/h4eaHP5DeTtCiw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: uHEJ55hREg5AOps9wPUgxkMkM3k=
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hash9442f1d8864feb84a623305a281e4c56 45250ab44f89bf1a0f665da8b47da06dc1af2af0 2086a32de0797aa6146b8fe1d7422342dbc9f1da0d81093915f42b69a5dcbc65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 21:24:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hash9442f1d8864feb84a623305a281e4c56 45250ab44f89bf1a0f665da8b47da06dc1af2af0 2086a32de0797aa6146b8fe1d7422342dbc9f1da0d81093915f42b69a5dcbc65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 21:24:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/dmsans/v11/rP2Hp2ywxg089UriCZOIHQ.woff2 | 142.250.74.35 | 200 OK | 18 kB |
URL HTTP/2fonts.gstatic.com/s/dmsans/v11/rP2Hp2ywxg089UriCZOIHQ.woff2 IP142.250.74.35:0
File typeWeb Open Font Format (Version 2), TrueType, length 18096, version 1.0\012- data Hashf29503a1895affee5ed85d0246238af8 f474c6e8a3e4e28fb68cf7fb29bd448cdfeb0278 7164a212fb4df27bf1e006342d1686badcba58f5a5d301772c14cc7adf1d4821
GET /s/dmsans/v11/rP2Hp2ywxg089UriCZOIHQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://za.gl
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18096
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 12 Jan 2023 22:11:39 GMT
expires: Fri, 12 Jan 2024 22:11:39 GMT
cache-control: public, max-age=31536000
age: 256379
last-modified: Thu, 21 Apr 2022 16:54:12 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/dmsans/v11/rP2Cp2ywxg089UriASitCBimCw.woff2 | 142.250.74.35 | 200 OK | 18 kB |
URL HTTP/2fonts.gstatic.com/s/dmsans/v11/rP2Cp2ywxg089UriASitCBimCw.woff2 IP142.250.74.35:0
File typeWeb Open Font Format (Version 2), TrueType, length 18212, version 1.0\012- data Hashca72fb4e277e59be50b8850190822581 159b97b22006fe2a483da0a13d33cfb3cc5aa031 f3c0fa2cd71bb91d0e3acf5d77b93c49a184e9ad941532ca8c07c82eb0bd6a6c
GET /s/dmsans/v11/rP2Cp2ywxg089UriASitCBimCw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://za.gl
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18212
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 11 Jan 2023 14:34:47 GMT
expires: Thu, 11 Jan 2024 14:34:47 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 21 Apr 2022 16:54:14 GMT
content-type: font/woff2
age: 370191
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.sca1b.amazontrust.com/ | 54.230.245.110 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP54.230.245.110:0
Hash75c52872f8eb4b37b9d9512f4b64b07f de0f391ff7b7a901bd9fd2a99f4b5ed62223bfdd fbb39ff6a8fb666f05e7b718224b59836f13cc7373cb532d3e1b0d72f5d70e9a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 15 Jan 2023 21:24:38 GMT
Last-Modified: Sun, 15 Jan 2023 20:44:26 GMT
Server: ECS (bsa/EB20)
X-Cache: Miss from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: kvOLm8ZXdvJyY989i8x_zChoCtQT93Ro1LWfW2x8MHP3uaiacCv1Cw==
Age: 2412
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 3.9 kB |
IP142.250.74.131:0
Hashe3dad4d43b5ae52d354e5f3c0a118f68 ff74540edc01a464885ab1468aae4c616eb6df7b 744b5c1e7849c206d8b846b53972cfb1c55370796228cf1c61b5b15eeb2d3dfa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 21:24:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.gstatic.com/recaptcha/releases/u35fw2Dx4G0WsO6SztVYg4cV/recaptcha__en.js | 142.250.74.35 | 200 OK | 163 kB |
URL HTTP/2www.gstatic.com/recaptcha/releases/u35fw2Dx4G0WsO6SztVYg4cV/recaptcha__en.js IP142.250.74.35:0
File typeASCII text, with very long lines (534) Size163 kB (162972 bytes) Hash76ec8636078661afbc2c6fdd811b0b76 035c5fe2d57e0363a7abaedc294ef890a6e2a081 194068b0223ebb32c7e7026851a4c1eb6b70c988b269c7fa10f4dd3362bd650a
GET /recaptcha/releases/u35fw2Dx4G0WsO6SztVYg4cV/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://za.gl
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162972
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 11 Jan 2023 02:20:28 GMT
expires: Thu, 11 Jan 2024 02:20:28 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 Jan 2023 00:08:35 GMT
content-type: text/javascript
age: 414250
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| www.google-analytics.com/analytics.js | 142.250.74.46 | 200 OK | 20 kB |
URL HTTP/2www.google-analytics.com/analytics.js IP142.250.74.46:0
File typeASCII text, with very long lines (1490) Hashca7fbbfd120e3e329633044190bbf134 d17f81e03dd827554ddd207ea081fb46b3415445 847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sun, 15 Jan 2023 20:21:54 GMT
expires: Sun, 15 Jan 2023 22:21:54 GMT
cache-control: public, max-age=7200
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
age: 3764
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash8e1eced10c7e48b76fd47dcbbe92035e 6cb5147e182b56f9481b989d5c3b32a2bc28e4ce a3d8c11b0ea31d7bde6341d8e7c413d1b68a586b27697669a39c68dc6bef2a95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3D8C11B0EA31D7BDE6341D8E7C413D1B68A586B27697669A39C68DC6BEF2A95"
Last-Modified: Sun, 15 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21380
Expires: Mon, 16 Jan 2023 03:20:58 GMT
Date: Sun, 15 Jan 2023 21:24:38 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash8e1eced10c7e48b76fd47dcbbe92035e 6cb5147e182b56f9481b989d5c3b32a2bc28e4ce a3d8c11b0ea31d7bde6341d8e7c413d1b68a586b27697669a39c68dc6bef2a95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3D8C11B0EA31D7BDE6341D8E7C413D1B68A586B27697669A39C68DC6BEF2A95"
Last-Modified: Sun, 15 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12466
Expires: Mon, 16 Jan 2023 00:52:24 GMT
Date: Sun, 15 Jan 2023 21:24:38 GMT
Connection: keep-alive
|
|
| fishermanslush.com/ae/5b/60/ae5b60e24661bf9ec039fadca57ec6c7.js | 192.243.59.20 | 200 OK | 21 kB |
URL HTTP/1.1fishermanslush.com/ae/5b/60/ae5b60e24661bf9ec039fadca57ec6c7.js IP192.243.59.20:0 ASN#39572 DataWeb Global Group B.V.
File typeHTML document, ASCII text, with very long lines (60164), with no line terminators Hash7cd101a1b8eee7379cb26dc0b45de0d9 1db20954bec1965ea6ab33d3d251f8e236ff0a75 c00e16cc900b0bb40e0befb0ba72bb8d14f58d94656a5d5995b0d4ee53917cd4
GET /ae/5b/60/ae5b60e24661bf9ec039fadca57ec6c7.js HTTP/1.1
Host: fishermanslush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sun, 15 Jan 2023 21:24:38 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 60c5d9a715b8816ddfaac891b4bfe86c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| fishermanslush.com/3e/c0/90/3ec0905094195898e97f189a6f59b52b.js | 192.243.59.20 | 200 OK | 13 kB |
URL HTTP/1.1fishermanslush.com/3e/c0/90/3ec0905094195898e97f189a6f59b52b.js IP192.243.59.20:0 ASN#39572 DataWeb Global Group B.V.
File typeASCII text, with very long lines (37172), with no line terminators Hashb7dc8e1a39cf984b79691dc35dfc5f30 1800e9272f3fa99b3109c283fde910d526b7ff61 4aecd580008f8a05e906fab1004db09b4c14636cbac848ab33aaf14c1c04d33a
GET /3e/c0/90/3ec0905094195898e97f189a6f59b52b.js HTTP/1.1
Host: fishermanslush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sun, 15 Jan 2023 21:24:38 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f750a206910406ab98c2e10ac02e36f8
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| region1.google-analytics.com/g/collect?v=2&tid=G-6QVVMFTPT3>m=2oe1a1&_p=782915552&cid=467039895.1673817879&ul=en-us&sr=1280x1024&_s=1&sid=1673817878&sct=1&seg=0&dl=https%3A%2F%2Fza.gl%2FYrU0XJ&dt=za.gl&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 | 216.239.32.36 | 204 No Content | 0 B |
URL HTTP/2region1.google-analytics.com/g/collect?v=2&tid=G-6QVVMFTPT3>m=2oe1a1&_p=782915552&cid=467039895.1673817879&ul=en-us&sr=1280x1024&_s=1&sid=1673817878&sct=1&seg=0&dl=https%3A%2F%2Fza.gl%2FYrU0XJ&dt=za.gl&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 IP216.239.32.36:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-6QVVMFTPT3>m=2oe1a1&_p=782915552&cid=467039895.1673817879&ul=en-us&sr=1280x1024&_s=1&sid=1673817878&sct=1&seg=0&dl=https%3A%2F%2Fza.gl%2FYrU0XJ&dt=za.gl&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://za.gl
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://za.gl
date: Sun, 15 Jan 2023 21:24:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.36.77.32 | 200 OK | 345 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashf37152869236d1c2a34432a27d90672d 7423529d2caff0cdc49934bbf8dc44664853daf6 7ce566d4db07adc41d7000426e48a99ba7ae92a376b81713e1de2bf06309cbf4
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "7CE566D4DB07ADC41D7000426E48A99BA7AE92A376B81713E1DE2BF06309CBF4"
Last-Modified: Fri, 13 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11036
Expires: Mon, 16 Jan 2023 00:28:35 GMT
Date: Sun, 15 Jan 2023 21:24:39 GMT
Connection: keep-alive
|
|
| ocsp.sca1b.amazontrust.com/ | 54.230.245.110 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP54.230.245.110:0
Hashe077a5e00dc0fbf96e2357886aefa811 9b8233ed9f2c42f364efffb8d5771c5b3a09a303 ddbf3f3d376963f06af6c8e98bef35906b9ffe5f1270f2565815774a31f04f57
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=145787
Date: Sun, 15 Jan 2023 21:24:39 GMT
Etag: "63c4001b-1d7"
Expires: Tue, 17 Jan 2023 13:54:26 GMT
Last-Modified: Sun, 15 Jan 2023 13:31:07 GMT
Server: ECS (bsa/EB21)
X-Cache: Miss from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ypZ_0d4MyTw8ljvdMBepYDRpF3I70AVYBPm6Y-HGNZCrjWVNbPNAVg==
Age: 1399
|
|
| ocsp.sca1b.amazontrust.com/ | 54.230.245.110 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP54.230.245.110:0
Hashe077a5e00dc0fbf96e2357886aefa811 9b8233ed9f2c42f364efffb8d5771c5b3a09a303 ddbf3f3d376963f06af6c8e98bef35906b9ffe5f1270f2565815774a31f04f57
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 15 Jan 2023 21:24:39 GMT
Last-Modified: Sun, 15 Jan 2023 20:57:32 GMT
Server: ECS (bsa/EB1A)
X-Cache: Miss from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 8LQCso57BkTuUr_W8NCqy-DVzWUUhUOseknkVNz5FQC9mUtqp4QDpQ==
Age: 1627
|
|
| simplewebanalysis.com/stats |  52.58.124.101 | 200 OK | 40 B |
URL HTTP/2simplewebanalysis.com/stats IP52.58.124.101:0
File typeASCII text, with no line terminators Hash2ac916e6dc0e6ba5204ba6a678f58bbb bcee037bef6c51aa367dafb0d328ab87777dbd2d 61a5b0574b4c7db5a67f7b3ef55d9e5d91ac11f13a157bc98d45b3047e696b1f
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://za.gl
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 15 Jan 2023 21:24:39 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://za.gl
access-control-allow-credentials: true
set-cookie: uid_id2=7f844212-7753-4b20-a5d5-f0134695b910:3:1; expires=Wed, 12 Jan 2033 21:24:39 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| simplewebanalysis.com/stats | 52.58.124.101 | 200 OK | 40 B |
URL HTTP/2simplewebanalysis.com/stats IP52.58.124.101:0
File typeASCII text, with no line terminators Hashc909f464f24f4a67b75bff3f94083483 40b3dabfbd4cde0e60b12c3c6a71f8822d242b40 62aaf6166e519821a26eb98131000df184f7aba033b906fd959b6694ca99e99d
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://za.gl
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 15 Jan 2023 21:24:39 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://za.gl
access-control-allow-credentials: true
set-cookie: uid_id2=00b3b21d-d9d2-422d-8b95-809240754597:1:1; expires=Wed, 12 Jan 2033 21:24:39 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash371799e5b07b082291d5ee89473736bc 8148d5b3aae70792c8d55aa279010dee3d7e4c21 0422643bb774d60cfd5fb596a791fa3532cd083e047f524f2d16f74ca5832661
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0422643BB774D60CFD5FB596A791FA3532CD083E047F524F2D16F74CA5832661"
Last-Modified: Sat, 14 Jan 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9584
Expires: Mon, 16 Jan 2023 00:04:23 GMT
Date: Sun, 15 Jan 2023 21:24:39 GMT
Connection: keep-alive
|
|
| friendshipmale.com/sfp.js | 172.64.140.24 | 200 OK | 28 kB |
URL HTTP/2friendshipmale.com/sfp.js IP172.64.140.24:0
File typeUnicode text, UTF-8 text, with very long lines (65529), with no line terminators Hash91643f85ff19de60f9eaa0cea81c165a 790e689408f3ac0a1096ba57d9b3c8249e049f1b ec0ec8a2a17460b7fa49e36ace08830f27850bb889b0bf4327d37211fd638fce
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 15 Jan 2023 21:24:39 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 47baa42b728733447c0a4acf51c20b73
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 15 Jan 2023 21:24:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3wqkU4kqMrEWcWE2RTQdbMpHBJpZROG5EoPyCoPg24Y4hl8ZdKgVpVPMqsym9EFVWq3Nf1RyqTiCWq8xdBOnCNEBkqyJ5nmRIN%2BJ5kJcrQDckedqAkEgzwMnDzYnh6CTCdW9Sdg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78a1adf13a2174a9-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| preventionconsciousflea.com/pixel/purst?dl=0&th=0&sc=0&rs=2310&rd=2310&fd=917&bv=22.10.v.9&tmpl=70 | 173.233.137.36 | 200 OK | 0 B |
URL HTTP/1.1preventionconsciousflea.com/pixel/purst?dl=0&th=0&sc=0&rs=2310&rd=2310&fd=917&bv=22.10.v.9&tmpl=70 IP173.233.137.36:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /pixel/purst?dl=0&th=0&sc=0&rs=2310&rd=2310&fd=917&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: preventionconsciousflea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 15 Jan 2023 21:24:39 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash6b6a65d2536cc8f99e68793ae265b595 f65e75f8419bd83e26f49def7fa2604db5f77b4d 94b31f7663e4917e8e97079202ef9fa340766f1ebfc2601360618d947f7dabc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94B31F7663E4917E8E97079202EF9FA340766F1EBFC2601360618D947F7DABC9"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3614
Expires: Sun, 15 Jan 2023 22:24:53 GMT
Date: Sun, 15 Jan 2023 21:24:39 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash6b6a65d2536cc8f99e68793ae265b595 f65e75f8419bd83e26f49def7fa2604db5f77b4d 94b31f7663e4917e8e97079202ef9fa340766f1ebfc2601360618d947f7dabc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94B31F7663E4917E8E97079202EF9FA340766F1EBFC2601360618D947F7DABC9"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3614
Expires: Sun, 15 Jan 2023 22:24:53 GMT
Date: Sun, 15 Jan 2023 21:24:39 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash6b6a65d2536cc8f99e68793ae265b595 f65e75f8419bd83e26f49def7fa2604db5f77b4d 94b31f7663e4917e8e97079202ef9fa340766f1ebfc2601360618d947f7dabc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94B31F7663E4917E8E97079202EF9FA340766F1EBFC2601360618D947F7DABC9"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3614
Expires: Sun, 15 Jan 2023 22:24:53 GMT
Date: Sun, 15 Jan 2023 21:24:39 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash6b6a65d2536cc8f99e68793ae265b595 f65e75f8419bd83e26f49def7fa2604db5f77b4d 94b31f7663e4917e8e97079202ef9fa340766f1ebfc2601360618d947f7dabc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94B31F7663E4917E8E97079202EF9FA340766F1EBFC2601360618D947F7DABC9"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3614
Expires: Sun, 15 Jan 2023 22:24:53 GMT
Date: Sun, 15 Jan 2023 21:24:39 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77d2ca2b-548c-4f63-b8a5-e55b6e92d5e9.jpeg | 34.120.237.76 | 200 OK | 5.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77d2ca2b-548c-4f63-b8a5-e55b6e92d5e9.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash5c609c89120eef87bbdd0d8ee5ee18f9 be8e369be0ccc707b904546798aacc9afe413cfa feaa9f41b45aaa71d87008fe3112bc09e41cf6c2c500b4bc1adc125c7c82eee1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77d2ca2b-548c-4f63-b8a5-e55b6e92d5e9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4981
x-amzn-requestid: b6c3a2c1-b88e-4eb9-9c22-788748559fea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ewISXEQ9oAMFbkg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c320db-0a9f9ac1084e4f02006598cf;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 21:38:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: a8kL20Yet_IuO2ZztlKmenTGOFa4BCYHi2B-4B1W1eq5-tCqGK3isg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 21:38:35 GMT
etag: "be8e369be0ccc707b904546798aacc9afe413cfa"
content-type: image/jpeg
age: 85564
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg | 34.120.237.76 | 200 OK | 9.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hasha23d61d610c7b55d943fcb2636a01b65 82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065 28bf3039cc8c1213e64893c71bc150eda573223feb2cc15ad0814a44960d434a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9539
x-amzn-requestid: 33735807-3403-41ee-a488-a3f25f9b12d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ewX9XFvoIAMFzMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c339ee-65def8747314ecb63b000a4c;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 23:25:34 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: D6FaDcaWbJehldBR7ASM60ey56hQS1H4ZpLlGqI-ptDupfJT-iugfw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 05:58:31 GMT
age: 55568
etag: "82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c678ae9-1df5-47c4-bbe3-ec12e97322d9.jpeg | 34.120.237.76 | 200 OK | 5.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c678ae9-1df5-47c4-bbe3-ec12e97322d9.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash90fc5463f271bab652af099cb526f189 805c27d8f82a5eb6583814313c36f5e7699408e5 749dca33aa337b494fb113896bf035bc9dcb17068ecffdf30fc5ac85a4ac5185
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c678ae9-1df5-47c4-bbe3-ec12e97322d9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5495
x-amzn-requestid: d76b8f1d-37a2-47ac-9acf-1b0a44a4a5fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eqsroF62IAMF-mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c0f4b0-67700bfd11f1ad5d0aaab92d;Sampled=0
x-amzn-remapped-date: Fri, 13 Jan 2023 06:05:36 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: i1qN9bIaz5ekgkM81KehmDDQpzBULDfPkp-fjEOHiZxFVogDBOIGzg==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 23:08:05 GMT
age: 80194
etag: "805c27d8f82a5eb6583814313c36f5e7699408e5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6eabf5f-7d91-476e-9896-3162652163aa.jpeg | 34.120.237.76 | 200 OK | 5.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6eabf5f-7d91-476e-9896-3162652163aa.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash9365e4ddb0fa0d3f6dbdec98433e02a9 a9e0dc338dabcdebb33b35a162b0fb6950b31ddb cbe4cdf59e5a2f7433485637c88c3fba9c022de1c7559e42ceb9a2c8a872fd21
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6eabf5f-7d91-476e-9896-3162652163aa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5463
x-amzn-requestid: 5e0c891d-c5f0-48a9-8f69-6ca2290039b2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ejsaSEHpoAMFW6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63be2774-55e5f2937d688fb00a12d61b;Sampled=0
x-amzn-remapped-date: Wed, 11 Jan 2023 03:05:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3hggMHuhCbQp66miHL5WSjLEyg-J_BwLJnliLAUzdJfCj0Eim5jgPg==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 06:29:56 GMT
age: 53683
etag: "a9e0dc338dabcdebb33b35a162b0fb6950b31ddb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3456fd70-5207-41e6-abed-adbc381fd7a4.jpeg | 34.120.237.76 | 200 OK | 9.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3456fd70-5207-41e6-abed-adbc381fd7a4.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash74ac30be02dee9dcfeee79a7dc54edff 1368d81de22ea2e4054a3e1a8f01ef337c63e35b 8abc2f276906dfb9ce75c2526d2c2cfa6aea6dbe13f4046de1040cd611cbbc1f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3456fd70-5207-41e6-abed-adbc381fd7a4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9801
x-amzn-requestid: 39d84a20-55f7-4b7c-abc4-9ac1ff100da9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eqSkoGCZoAMF1zA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c0caea-4f7a1cf676335cc83018dc51;Sampled=0
x-amzn-remapped-date: Fri, 13 Jan 2023 03:07:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rUFicgD94yxyZhMtQm-aYS-QpZXn07rLRBhnBLMTIQh6qHKOX_LRFg==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 05:32:33 GMT
age: 57126
etag: "1368d81de22ea2e4054a3e1a8f01ef337c63e35b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5689dc6-f9f1-44f4-ad5b-5f82342c4d61.jpeg | 34.120.237.76 | 200 OK | 6.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5689dc6-f9f1-44f4-ad5b-5f82342c4d61.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashdfa0e66c7a8ac9ed5fdf326c75762e17 35294b3a5def1ecd2558ae4a29f7fef66a788045 91497e98350b39da877473470b9ed26305e621ad60db3afd85e45cd7b5de1be3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5689dc6-f9f1-44f4-ad5b-5f82342c4d61.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6357
x-amzn-requestid: 416afdbc-f09b-47f3-9711-5ab5c8a5b75f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eniq0FX2IAMFoAw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bfb178-0f777a3a7f3dba1c1c0e7317;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 07:06:32 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GjHyt_h4kH3RaegYXtLysZJ31fsfN34fUw6Sxza7A3aj8LfM55iuhA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 07:11:25 GMT
age: 51194
etag: "35294b3a5def1ecd2558ae4a29f7fef66a788045"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash2d42a371e2a8f5ed269a040edde04705 fac4159ccda4ac9624bc395f25067b1fe116383a 67f0be50a5edc3928dee89dde92d852d42cd64d60ff37f691526a964f3b78036
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "67F0BE50A5EDC3928DEE89DDE92D852D42CD64D60FF37F691526A964F3B78036"
Last-Modified: Fri, 13 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9695
Expires: Mon, 16 Jan 2023 00:06:14 GMT
Date: Sun, 15 Jan 2023 21:24:39 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashffa4176a77544b2eb9550ee2bafbd578 a2473bfa84349de504b4784106d96dd065aea5bc 0c4cc932462aacd445d8e0a4990693095a92d3664de856339697d6cdaf4b93a2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0C4CC932462AACD445D8E0A4990693095A92D3664DE856339697D6CDAF4B93A2"
Last-Modified: Sat, 14 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12360
Expires: Mon, 16 Jan 2023 00:50:39 GMT
Date: Sun, 15 Jan 2023 21:24:39 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashffa4176a77544b2eb9550ee2bafbd578 a2473bfa84349de504b4784106d96dd065aea5bc 0c4cc932462aacd445d8e0a4990693095a92d3664de856339697d6cdaf4b93a2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0C4CC932462AACD445D8E0A4990693095A92D3664DE856339697D6CDAF4B93A2"
Last-Modified: Sat, 14 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12360
Expires: Mon, 16 Jan 2023 00:50:39 GMT
Date: Sun, 15 Jan 2023 21:24:39 GMT
Connection: keep-alive
|
|
| unseenreport.com/pxf.gif?uuid=00b3b21d-d9d2-422d-8b95-809240754597&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=3ec0905094195898e97f189a6f59b52b&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21 | 192.243.61.227 | 200 OK | 1 B |
URL HTTP/1.1unseenreport.com/pxf.gif?uuid=00b3b21d-d9d2-422d-8b95-809240754597&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=3ec0905094195898e97f189a6f59b52b&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21 IP192.243.61.227:0 ASN#39572 DataWeb Global Group B.V.
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /pxf.gif?uuid=00b3b21d-d9d2-422d-8b95-809240754597&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=3ec0905094195898e97f189a6f59b52b&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 15 Jan 2023 21:24:40 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3f25ef7055da0acc981b1e42adb42fe2
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| unseenreport.com/pxf.gif?uuid=00b3b21d-d9d2-422d-8b95-809240754597&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=ae5b60e24661bf9ec039fadca57ec6c7&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21 | 192.243.61.227 | 200 OK | 1 B |
URL HTTP/1.1unseenreport.com/pxf.gif?uuid=00b3b21d-d9d2-422d-8b95-809240754597&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=ae5b60e24661bf9ec039fadca57ec6c7&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21 IP192.243.61.227:0 ASN#39572 DataWeb Global Group B.V.
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /pxf.gif?uuid=00b3b21d-d9d2-422d-8b95-809240754597&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=ae5b60e24661bf9ec039fadca57ec6c7&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 15 Jan 2023 21:24:40 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 60aab5f06850203be3f3d63d4447d8dc
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| distributionrealmoth.com/sbar.json?key=3ec0905094195898e97f189a6f59b52b&uuid=00b3b21d-d9d2-422d-8b95-809240754597%3A1%3A1 | 173.233.137.60 | 200 OK | 4.8 kB |
URL HTTP/1.1distributionrealmoth.com/sbar.json?key=3ec0905094195898e97f189a6f59b52b&uuid=00b3b21d-d9d2-422d-8b95-809240754597%3A1%3A1 IP173.233.137.60:0
File typeJSON data\012- , Unicode text, UTF-8 text, with very long lines (6946), with no line terminators Hashd3e2ec229d5800517641487c8bbae5f7 4ef31f6bfebfcc2c7f9894b1ecce3df5b38c4d09 8e99172470124ef388252c479930803df1657a6f2de0966ddc5026778d017750
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /sbar.json?key=3ec0905094195898e97f189a6f59b52b&uuid=00b3b21d-d9d2-422d-8b95-809240754597%3A1%3A1 HTTP/1.1
Host: distributionrealmoth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://za.gl
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 15 Jan 2023 21:24:40 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://za.gl
Access-Control-Allow-Origin: https://za.gl
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16908321; expires=Mon, 16 Jan 2023 21:24:40 GMT; secure; SameSite=None
uid_id2=00b3b21d-d9d2-422d-8b95-809240754597:1:1; expires=Sun, 22 Jan 2023 21:24:40 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 16 Jan 2023 21:24:40 GMT; secure; SameSite=None
uncs=1; expires=Mon, 16 Jan 2023 21:24:40 GMT; secure; SameSite=None
pdhtkv29=true; expires=Mon, 16 Jan 2023 21:24:40 GMT; secure; SameSite=None
uncs29=1; expires=Mon, 16 Jan 2023 21:24:40 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9ea17f28ed8aca32f4da0aee62e7d73b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash8d21c11d27d426a1a36bd21372633a93 27ef15e0c5d22b1cb82676f8f59269e421fb670b 11cca01c4774096fd0daa67e7ad634a41d0566eba6c4c00fa955684c2823706a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "11CCA01C4774096FD0DAA67E7AD634A41D0566EBA6C4C00FA955684C2823706A"
Last-Modified: Sat, 14 Jan 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11146
Expires: Mon, 16 Jan 2023 00:30:26 GMT
Date: Sun, 15 Jan 2023 21:24:40 GMT
Connection: keep-alive
|
|
| distributionrealmoth.com/ren.gif?sid=H4sIAAAAAAAC%2F5RTz4scxRev3m%2B%2B4A%2FQRDyoILSOSoTsbHXPdGZ6Q1g3yW4YsplddlcCIoSqrurZcqq7mq7u6dk9BSOSWybBg%2BaS3jeZrNFgkoMHD4LM5CJ7MSMic3D%2FAyEgepaZXYgKHnxQ9d7jU%2FXq837Ux9vpHsKQktHKebUlpCQzThGbRy%2BIkKlMm%2FV108JFfMK8IMLj5RNme7zFrVkLO0X8tnmWe001Y2MLYwtb5qKIua%2FaMxMURHTXtYouLpbtouWUoR3%2F3depAZoYwFp76AUQbPj%2Fje8fgPD6EAb3z3DdTFR0bCFIJUlUDC22827YDFUWQvDE9GMD%2FHDn4DQoPUTo0ylQ4c5BBqBat8YZABVDZPxsAQ13DmgCbfX2mVIJPATKnoWs1Qcu%2ByBIHzx1GQR7hAA8BvVlCIPbdRVnZHMfJWN0iA798RuIbIgO%2FfIihMFXp6Rom2tKpolQoYa2n4No90E0%2BhClA0i2DBDZALzkQxAMQRjkINjoDYxpidoWm2Yus6fLts2mq9R1pqvYtcu44pQdtzIpjRB9EH4fJO8A0Qak4yUMSH0D0siAgI1M4rg%2BxhWf%2BqVStex5XqnkeU71OHNYqVz1MaTemHsHkqgDnuyAF1%2BCKL4ETdGBOP0O9EYOmhmgEwQtlkPGEWQaQUYQZAJBliDIWnmPSW3r%2FDaTOqXWgbYPdCnvqqSxTXoqafAQbUd76Mi4YMYUeg2afGSWuIdd7GC3bLlO1a1yt%2BJbVZcc9x2XOjYFLXIQemqS5ta4ez8YEI11dhgoGYCWA%2FDEYSDpq0CybsXGQDa65SqGrbC3RYoNCUzlECWHINk0tuUeennSMfvXn4B7u%2B88PZW%2BufjMbfDiHKI4hw%2FEQwQNeaW7qjJ0a1VlGj1YjhIRiC0y7uZaQhKOvjjHNzMVs9oZ3bkz742BsXl3netkiYRMhA2NvjwlGOPxooo9jr6t6QucrqR641Qah2m0tHJ6sRZEMddaqLAPRDxqvweeGKKnvr42mdNX5hsg4gHE6ejYRpJEszMznhResxh5slkMScD3%2FTlx0q7XV2ptsuTWyhcxBOnu3DefjeUGCNUHL%2Fro80Khdnq5XiiMZv8lVLKRBjQkQv4z3FsiaCQnhafCO4XCem19aaFQGM08vvlJb10wTXkj5qHmiZkISVM2a1oYY7O%2BfM70VWwy3jAf37xx6V6hcGZh7fRqbWW9NqHx%2BlpzM2QTfNAz%2FUHPbHHZVIFOqApT%2Ffjm9fv3CoWl%2BdWzCxdr5%2BfPjh%2FF%2F5U66GgXHQhohSCWT3waGZCleTe26e5cblzfqRx5DqQYotmTz4Pku3PDq%2B8f%2Fb1%2FFQjNQfO%2FXHxib%2Bsr0IgNIMnlySduxTm0ZA5EdkCn%2F%2BsmUbw792NpIkCl0aUyNm5RGctr%2BxOoxcjkjo99jm1OfZf6FYKZ65ddSlyLV6hDLEj00HuoXvoTAAD%2F%2FwEAAP%2F%2FVwd3E6YFAAA%3D | 173.233.137.60 | 200 OK | 7 B |
URL HTTP/1.1distributionrealmoth.com/ren.gif?sid=H4sIAAAAAAAC%2F5RTz4scxRev3m%2B%2B4A%2FQRDyoILSOSoTsbHXPdGZ6Q1g3yW4YsplddlcCIoSqrurZcqq7mq7u6dk9BSOSWybBg%2BaS3jeZrNFgkoMHD4LM5CJ7MSMic3D%2FAyEgepaZXYgKHnxQ9d7jU%2FXq837Ux9vpHsKQktHKebUlpCQzThGbRy%2BIkKlMm%2FV108JFfMK8IMLj5RNme7zFrVkLO0X8tnmWe001Y2MLYwtb5qKIua%2FaMxMURHTXtYouLpbtouWUoR3%2F3depAZoYwFp76AUQbPj%2Fje8fgPD6EAb3z3DdTFR0bCFIJUlUDC22827YDFUWQvDE9GMD%2FHDn4DQoPUTo0ylQ4c5BBqBat8YZABVDZPxsAQ13DmgCbfX2mVIJPATKnoWs1Qcu%2ByBIHzx1GQR7hAA8BvVlCIPbdRVnZHMfJWN0iA798RuIbIgO%2FfIihMFXp6Rom2tKpolQoYa2n4No90E0%2BhClA0i2DBDZALzkQxAMQRjkINjoDYxpidoWm2Yus6fLts2mq9R1pqvYtcu44pQdtzIpjRB9EH4fJO8A0Qak4yUMSH0D0siAgI1M4rg%2BxhWf%2BqVStex5XqnkeU71OHNYqVz1MaTemHsHkqgDnuyAF1%2BCKL4ETdGBOP0O9EYOmhmgEwQtlkPGEWQaQUYQZAJBliDIWnmPSW3r%2FDaTOqXWgbYPdCnvqqSxTXoqafAQbUd76Mi4YMYUeg2afGSWuIdd7GC3bLlO1a1yt%2BJbVZcc9x2XOjYFLXIQemqS5ta4ez8YEI11dhgoGYCWA%2FDEYSDpq0CybsXGQDa65SqGrbC3RYoNCUzlECWHINk0tuUeennSMfvXn4B7u%2B88PZW%2BufjMbfDiHKI4hw%2FEQwQNeaW7qjJ0a1VlGj1YjhIRiC0y7uZaQhKOvjjHNzMVs9oZ3bkz742BsXl3netkiYRMhA2NvjwlGOPxooo9jr6t6QucrqR641Qah2m0tHJ6sRZEMddaqLAPRDxqvweeGKKnvr42mdNX5hsg4gHE6ejYRpJEszMznhResxh5slkMScD3%2FTlx0q7XV2ptsuTWyhcxBOnu3DefjeUGCNUHL%2Fro80Khdnq5XiiMZv8lVLKRBjQkQv4z3FsiaCQnhafCO4XCem19aaFQGM08vvlJb10wTXkj5qHmiZkISVM2a1oYY7O%2BfM70VWwy3jAf37xx6V6hcGZh7fRqbWW9NqHx%2BlpzM2QTfNAz%2FUHPbHHZVIFOqApT%2Ffjm9fv3CoWl%2BdWzCxdr5%2BfPjh%2FF%2F5U66GgXHQhohSCWT3waGZCleTe26e5cblzfqRx5DqQYotmTz4Pku3PDq%2B8f%2Fb1%2FFQjNQfO%2FXHxib%2Bsr0IgNIMnlySduxTm0ZA5EdkCn%2F%2BsmUbw792NpIkCl0aUyNm5RGctr%2BxOoxcjkjo99jm1OfZf6FYKZ65ddSlyLV6hDLEj00HuoXvoTAAD%2F%2FwEAAP%2F%2FVwd3E6YFAAA%3D IP173.233.137.60:0
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /ren.gif?sid=H4sIAAAAAAAC%2F5RTz4scxRev3m%2B%2B4A%2FQRDyoILSOSoTsbHXPdGZ6Q1g3yW4YsplddlcCIoSqrurZcqq7mq7u6dk9BSOSWybBg%2BaS3jeZrNFgkoMHD4LM5CJ7MSMic3D%2FAyEgepaZXYgKHnxQ9d7jU%2FXq837Ux9vpHsKQktHKebUlpCQzThGbRy%2BIkKlMm%2FV108JFfMK8IMLj5RNme7zFrVkLO0X8tnmWe001Y2MLYwtb5qKIua%2FaMxMURHTXtYouLpbtouWUoR3%2F3depAZoYwFp76AUQbPj%2Fje8fgPD6EAb3z3DdTFR0bCFIJUlUDC22827YDFUWQvDE9GMD%2FHDn4DQoPUTo0ylQ4c5BBqBat8YZABVDZPxsAQ13DmgCbfX2mVIJPATKnoWs1Qcu%2ByBIHzx1GQR7hAA8BvVlCIPbdRVnZHMfJWN0iA798RuIbIgO%2FfIihMFXp6Rom2tKpolQoYa2n4No90E0%2BhClA0i2DBDZALzkQxAMQRjkINjoDYxpidoWm2Yus6fLts2mq9R1pqvYtcu44pQdtzIpjRB9EH4fJO8A0Qak4yUMSH0D0siAgI1M4rg%2BxhWf%2BqVStex5XqnkeU71OHNYqVz1MaTemHsHkqgDnuyAF1%2BCKL4ETdGBOP0O9EYOmhmgEwQtlkPGEWQaQUYQZAJBliDIWnmPSW3r%2FDaTOqXWgbYPdCnvqqSxTXoqafAQbUd76Mi4YMYUeg2afGSWuIdd7GC3bLlO1a1yt%2BJbVZcc9x2XOjYFLXIQemqS5ta4ez8YEI11dhgoGYCWA%2FDEYSDpq0CybsXGQDa65SqGrbC3RYoNCUzlECWHINk0tuUeennSMfvXn4B7u%2B88PZW%2BufjMbfDiHKI4hw%2FEQwQNeaW7qjJ0a1VlGj1YjhIRiC0y7uZaQhKOvjjHNzMVs9oZ3bkz742BsXl3netkiYRMhA2NvjwlGOPxooo9jr6t6QucrqR641Qah2m0tHJ6sRZEMddaqLAPRDxqvweeGKKnvr42mdNX5hsg4gHE6ejYRpJEszMznhResxh5slkMScD3%2FTlx0q7XV2ptsuTWyhcxBOnu3DefjeUGCNUHL%2Fro80Khdnq5XiiMZv8lVLKRBjQkQv4z3FsiaCQnhafCO4XCem19aaFQGM08vvlJb10wTXkj5qHmiZkISVM2a1oYY7O%2BfM70VWwy3jAf37xx6V6hcGZh7fRqbWW9NqHx%2BlpzM2QTfNAz%2FUHPbHHZVIFOqApT%2Ffjm9fv3CoWl%2BdWzCxdr5%2BfPjh%2FF%2F5U66GgXHQhohSCWT3waGZCleTe26e5cblzfqRx5DqQYotmTz4Pku3PDq%2B8f%2Fb1%2FFQjNQfO%2FXHxib%2Bsr0IgNIMnlySduxTm0ZA5EdkCn%2F%2BsmUbw792NpIkCl0aUyNm5RGctr%2BxOoxcjkjo99jm1OfZf6FYKZ65ddSlyLV6hDLEj00HuoXvoTAAD%2F%2FwEAAP%2F%2FVwd3E6YFAAA%3D HTTP/1.1
Host: distributionrealmoth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Cookie: u_pl=16908321; uid_id2=00b3b21d-d9d2-422d-8b95-809240754597:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 15 Jan 2023 21:24:40 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: da36128f4c73b6c94cfe689a71d79c79
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| e1.o.lencr.org/ | 23.36.77.32 | 200 OK | 345 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashc331e41511bd05226650d40b8134e1c1 6b0f9c3b3417bbe2e1517fe27f233ba22b5f9653 d64e1826a4046fe7ca0dfae40e5a93b617e1d1de12b40d40cec60b120a29bd77
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D64E1826A4046FE7CA0DFAE40E5A93B617E1D1DE12B40D40CEC60B120A29BD77"
Last-Modified: Sat, 14 Jan 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19966
Expires: Mon, 16 Jan 2023 02:57:26 GMT
Date: Sun, 15 Jan 2023 21:24:40 GMT
Connection: keep-alive
|
|
| distributionrealmoth.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Finterstitial%2Frtb%2Fdefault%2F3%2Findex.html&l=1317&fd=131 | 173.233.137.60 | 200 OK | 0 B |
URL HTTP/1.1distributionrealmoth.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Finterstitial%2Frtb%2Fdefault%2F3%2Findex.html&l=1317&fd=131 IP173.233.137.60:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Finterstitial%2Frtb%2Fdefault%2F3%2Findex.html&l=1317&fd=131 HTTP/1.1
Host: distributionrealmoth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Cookie: u_pl=16908321; uid_id2=00b3b21d-d9d2-422d-8b95-809240754597:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 15 Jan 2023 21:24:40 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.barscreative1.com/sb/interstitial/rtb/default/3/index.html | 45.133.44.4 | 200 OK | 834 B |
URL HTTP/2cdn.barscreative1.com/sb/interstitial/rtb/default/3/index.html IP45.133.44.4:0 ASN#39572 DataWeb Global Group B.V.
Hash54814a26f4af1a7e89e210bfae166156 01728f1ce3d712d36aff9518d7b73067f595292e fe4d034d11517e463a6b8433bae9ea0ed750f044f17b4eddc543a4fcd883621e
GET /sb/interstitial/rtb/default/3/index.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://za.gl
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 15 Jan 2023 21:24:40 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Sat, 07 May 2022 03:21:27 GMT
etag: W/"6275e5b7-525"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Sun, 15 Jan 2023 22:24:40 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/interstitial/rtb/default/3/img/close.png | 172.64.166.9 | 200 OK | 49 kB |
URL HTTP/2cdn.creative-bars1.com/sb/interstitial/rtb/default/3/img/close.png IP172.64.166.9:0
File typePNG image data, 2063 x 2063, 8-bit/color RGBA, non-interlaced\012- data Hashc468e1d251e84cbbd9fd43f1bf756866 29512569a2da569797a545eb36c6176d6285a8da b0da14eff7c6fe39d973148b55c51ee6ce3948e76e488c401eb6dca5dfbd1cd8
GET /sb/interstitial/rtb/default/3/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 15 Jan 2023 21:24:40 GMT
content-type: image/png
content-length: 48623
last-modified: Wed, 23 Jun 2021 13:33:23 GMT
etag: "60d33823-bdef"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5297489
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gRGdSAqg%2BKoxuBdWGkz%2B4USlhgIYlNwcf3OWkBt4aCE9Gmnf0FkDXsPD3R09N%2FlqoK7lov%2FXVb6DpOB9eqHReI5UTiP9kZB7hVkDN9OLQRNsytAUBTPe5KRFEEFlpKtpoa%2FKD6pGWFnc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78a1adf9ee6b8895-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.36.77.32 | 200 OK | 345 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashc331e41511bd05226650d40b8134e1c1 6b0f9c3b3417bbe2e1517fe27f233ba22b5f9653 d64e1826a4046fe7ca0dfae40e5a93b617e1d1de12b40d40cec60b120a29bd77
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D64E1826A4046FE7CA0DFAE40E5A93B617E1D1DE12B40D40CEC60B120A29BD77"
Last-Modified: Sat, 14 Jan 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19966
Expires: Mon, 16 Jan 2023 02:57:26 GMT
Date: Sun, 15 Jan 2023 21:24:40 GMT
Connection: keep-alive
|
|
| click.pclk.name/thumbnail?i=2NNPIxaL9I4_0&imgt=icon | 173.239.53.24 | 302 Found | 0 B |
URL HTTP/1.1click.pclk.name/thumbnail?i=2NNPIxaL9I4_0&imgt=icon IP173.239.53.24:0 ASN#27257 WEBAIR-INTERNET
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /thumbnail?i=2NNPIxaL9I4_0&imgt=icon HTTP/1.1
Host: click.pclk.name
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 302 Found
Cache-Control: no-store
Content-Length: 0
Age: 0
Connection: keep-alive
Location: https://us.doctorpost.net/metrics/save.img?event=impressions&bid-id=v2-1673817880053-7-8077-1178228-5c629ead-9d92-bd0c-2914-a8b5ff785d4a&img=https%3A%2F%2Ftrack.trackingtraffo.com%2Fpush%2Fic%3Fauth%3Dpz6u78%26c%3DsRi2lJwataI-u4cSjebAI1az66RNxyBsw92QTaHw1HzGUOnamUrnfVMHbzCNhLqke3NYFQo0cDDWKpQ_2ftgZG7DbceQFxr76NW_b5aK2CmyU_f_Ub262CilVlngBmwQH9zc9HCecUlAQ5zOKbyedGRljUc-K0TRMWgi1oyFD3KZeAjKKOpZsWhYb8zYkLPhe-H-tTS7Fn_SiQgLyJYxfkZgY-8PV0Hi3jaJJ_TNDz9QhL4ns03wCdLFwVgbopTP_u9NtY17e0J-cOocFdyAiCsp6oX9536OcwIPzHYeidXJGrADkpdsiN83ei_6M2vAWj13skD327Ef3E1f49Y3SY_QQ0rzRbe11WAHnjq5gYamRD1GrsgO0jdmrNWi8Xu1_Q7t-Mqh_ef8WPqwyNtYD1ZsPRm4Ez-h4-uo9GmNhtihai16kbFYVHt7i2ZpHWMxfC7GiO2jT5wmX6bcr5CJnm1CFgDW886O-YckJA_89ratnqwRecn01Wew7sQcLzz9at7xnk0qQKWadRwFI1F1f6UDhX75fumuWQLU_PHpUOR4baQE4z4AvkO9VUs4naeHeESHsXFgPmvy7kCsEOBDUTUTEHiatN21Y3wqi59fYZb__lQN
Pragma: no-cache
|
|
| distributionrealmoth.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Frtb%2Fdefault%2F3%2Fcss%2Fanimate.css&l=79249&fd=370 | 173.233.137.60 | 200 OK | 0 B |
URL HTTP/1.1distributionrealmoth.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Frtb%2Fdefault%2F3%2Fcss%2Fanimate.css&l=79249&fd=370 IP173.233.137.60:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Frtb%2Fdefault%2F3%2Fcss%2Fanimate.css&l=79249&fd=370 HTTP/1.1
Host: distributionrealmoth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Cookie: u_pl=16908321; uid_id2=00b3b21d-d9d2-422d-8b95-809240754597:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 15 Jan 2023 21:24:40 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.creative-bars1.com/sb/interstitial/rtb/default/3/css/style.css | 172.64.166.9 | 200 OK | 1.5 kB |
URL HTTP/2cdn.creative-bars1.com/sb/interstitial/rtb/default/3/css/style.css IP172.64.166.9:0
Hash79abab276cc2d87b2d112c4bba430632 c40c356482cd9050de7b116c5c197f1405bbafe7 14c967a07f792fd99b5a2230b8c512ba32b57989dea8b045a5440ee6234b23e8
GET /sb/interstitial/rtb/default/3/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://za.gl
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 15 Jan 2023 21:24:40 GMT
content-type: text/css
last-modified: Wed, 23 Jun 2021 13:33:21 GMT
etag: W/"60d33821-14da"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3VFCqFM4LFE2gXotF34PlwbKVhWe4pGhYzQdhJD2pnTUhpFmAW6Zes3PyFT0X%2Frrb%2BhxsP8m7sagPkHWAYnuExde6%2Bj93HxgMQyeWaHPtlY7idPpalOZwny2Om3Gc12BDlKkMC08wf1K"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78a1adf9883d24db-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| distributionrealmoth.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Frtb%2Fdefault%2F3%2Fjs%2Fjquery-3.2.1.min.js&l=129575&fd=720 | 173.233.137.60 | 200 OK | 0 B |
URL HTTP/1.1distributionrealmoth.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Frtb%2Fdefault%2F3%2Fjs%2Fjquery-3.2.1.min.js&l=129575&fd=720 IP173.233.137.60:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Frtb%2Fdefault%2F3%2Fjs%2Fjquery-3.2.1.min.js&l=129575&fd=720 HTTP/1.1
Host: distributionrealmoth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Cookie: u_pl=16908321; uid_id2=00b3b21d-d9d2-422d-8b95-809240754597:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 15 Jan 2023 21:24:41 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash2e384cea1da0241d28cddb481b1367d4 276918f50533c9a2010fca060cd8d9a6608a2499 ca8b44e32d597b4c4c5a97860fb445605ba35f2f36e8efe548f4f8ee6f0404bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CA8B44E32D597B4C4C5A97860FB445605BA35F2F36E8EFE548F4F8EE6F0404BB"
Last-Modified: Sat, 14 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4783
Expires: Sun, 15 Jan 2023 22:44:24 GMT
Date: Sun, 15 Jan 2023 21:24:41 GMT
Connection: keep-alive
|
|
| cdn.creative-bars1.com/sb/interstitial/rtb/default/3/css/animate.css | 172.64.166.9 | 200 OK | 4.8 kB |
URL HTTP/2cdn.creative-bars1.com/sb/interstitial/rtb/default/3/css/animate.css IP172.64.166.9:0
Hashc91016401e0a0b7b3d7572de48c76597 12fb634abb5e708b4f55d1489055b4f626d3cdd1 2472e286e0bf6f54cef9d99e9c63301c873fa02bc4e3979e1a18587a6d973120
GET /sb/interstitial/rtb/default/3/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://za.gl
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 15 Jan 2023 21:24:40 GMT
content-type: text/css
last-modified: Wed, 23 Jun 2021 13:33:20 GMT
etag: W/"60d33820-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4EmTiKO2GuUd8rSuGxR0Udq5g9Z7%2FQzuhf8EV2c3Qqa2Ns392%2Bi1UmCrv8YzCAvOHTYXS3mCcrz9lyElthrzUg0YzAf4rGxS8tdOcmb6T29BJhY2xjDf1X2YtUJN8Z9sW9M7N6yONqu6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78a1adf9782724db-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/interstitial/rtb/default/3/js/script.js | 172.64.166.9 | 200 OK | 316 B |
URL HTTP/2cdn.creative-bars1.com/sb/interstitial/rtb/default/3/js/script.js IP172.64.166.9:0
Hash1277f0e5d469d328e9709e5884238c2d 339d08096b319770e367ee5d194cd304b0929721 7ced985e0d182a6ceff10861f3afdc2b15eb9dca3b214139f12ce4cfa9d74221
GET /sb/interstitial/rtb/default/3/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://za.gl
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 15 Jan 2023 21:24:41 GMT
content-type: application/javascript
last-modified: Wed, 23 Jun 2021 13:33:24 GMT
etag: W/"60d33824-2ed"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b9AFw0OoXtOzTAJg%2FDLhu3CD8tKbGhV6%2BqBIXqtA4XvJplA52AfBCauPVS3ZUafsQU2zsd1lfDDf%2B97ZioIV98eOtZrJWAMHyIOa4Fu8XZMRxTvptqinNxRfZPs7xRwCWuX1IKU3aPe7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78a1adfd4dc124db-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| distributionrealmoth.com/impr.gif?sid=H4sIAAAAAAAC%2F5RTz4scxRev3m%2B%2B4A%2FQRDyoILSOSoTsbHXPdGZ6Q1g3yW4YsplddlcCIoTuqurZcqq7mqru6dk9BSOSWybBg%2BaS3jeZrNFgkoMHD4LM5CJ7MSMic3D%2FAyEgepaZXYgKHnxQ9d7jU4%2F3Pu%2B9%2Bng73UMYUm%2B0cl5ucSG8GaeIzaMXeERlps36umnhIj5hXuDR8fIJsz2%2BVGvWwk4Rv22eZaQpZ2xsYWxhy1zkigWyPTNBgcd3Xavo4mLZLlpOGdrq775ODdCeAbS1h14ATof%2F3%2Fj%2BAXDShyi8f4bpZiLjYwthKrxEKmjRnXejZiSzCMInZqAMCKKdg9cg9RChT6dARjsHDEC2bo0ZgM%2BHyPjZAj%2FaOSgT%2FFZvv1JfAIvAp89C1uoDE33gXh%2BIvAycPkIAhEJ9GaLwdl2qzNvcR70xOkSH%2FvgNeDZEh355EaLwq1OCt801KdKEy0hDO8iBt%2FvAG32I0wEkWwbwbAAk%2BRA4RRCFOXA6egNjv%2BTbFp2mLrWny7ZNp6u%2B60xXsWuXccUpO25l0hrO%2B8CDPgjWAU8bkI4PNyANDEhjA0I6Mj3HDTCuBH5QKlXLhJBSiRCnepw6tFSuBhhSMq69A0ncASI6QNQliNUlaPIOqPQ70Bs5aGqAThC0aA4ZQ5BpBJmHIOMIsgRB1sp7VGhb57ep0KlvHWj7QJfyrkwa215PJg0Woe14Dx0ZN8yYQq9Bk43MEiPYxQ52y5brVN0qcyuBVXW944Hj%2Bo7tg%2BY5cD01obk1nt4PBsRjnR0G3xuAFgMg%2FDB46avgZd2KjcHb6JarGLai3pZXbAigMoc4OQTJprEt9tDLk4nZv%2F4EjOy%2B8%2FRU%2BubiM7eBqBxilcMH%2FCGChrjSXZUZurUqM40eLMcJD%2FmWN57mWuIlDH1xjm1mUtHaGd25M0%2FGwNi8u850suRFlEcNjb48xSllalEqwtC3NX2B%2BSup3jiVqiiNl1ZOL9bCWDGtuYz64PFH7feA8CF66utrkz19Zb4BXA1ApaNjG0kSz87MEMFJsxgT0SxGXsj2%2FTl%2B0q7XV2ptb8mtlS9iCNPduW8%2BG8sN4LIPJP7oTqGwXltfWigURjOPb37SW%2BdU%2B6yhWKRZYiZc%2BCmdNS2MsVlfPmcGUpmUNczHN29culconFlYO71aW1mvLdcLhdHra83NiE7wQc8MBj2zxURThjrxZZTqxzev379XKCzNr55duFg7P392nBT%2FC4FkIw39yOPinyQ%2BLxRqpyfpZv9r6Fs8bCQnOZER6HgXHQhoiUCJJ74fG5CleVfZ%2Fu5cblzfqRx5DgQfotmTz4Ngu3PDq%2B8f%2Fb1%2FFTw%2FB83%2BEvjE3tZXoKEM8JLLk0%2FcUjm0RA6e6IBO%2F9dNYrU792NpIuALo%2BsLZdzyhRLX9jdQ85HpWGVW9asVQqnPCLUqdqlawtimtFxxmeVCoofkoXzpTwAAAP%2F%2FAQAA%2F%2F%2BoujpypgUAAA%3D%3D | 173.233.137.60 | 200 OK | 7 B |
URL HTTP/1.1distributionrealmoth.com/impr.gif?sid=H4sIAAAAAAAC%2F5RTz4scxRev3m%2B%2B4A%2FQRDyoILSOSoTsbHXPdGZ6Q1g3yW4YsplddlcCIoTuqurZcqq7mqru6dk9BSOSWybBg%2BaS3jeZrNFgkoMHD4LM5CJ7MSMic3D%2FAyEgepaZXYgKHnxQ9d7jU4%2F3Pu%2B9%2Bng73UMYUm%2B0cl5ucSG8GaeIzaMXeERlps36umnhIj5hXuDR8fIJsz2%2BVGvWwk4Rv22eZaQpZ2xsYWxhy1zkigWyPTNBgcd3Xavo4mLZLlpOGdrq775ODdCeAbS1h14ATof%2F3%2Fj%2BAXDShyi8f4bpZiLjYwthKrxEKmjRnXejZiSzCMInZqAMCKKdg9cg9RChT6dARjsHDEC2bo0ZgM%2BHyPjZAj%2FaOSgT%2FFZvv1JfAIvAp89C1uoDE33gXh%2BIvAycPkIAhEJ9GaLwdl2qzNvcR70xOkSH%2FvgNeDZEh355EaLwq1OCt801KdKEy0hDO8iBt%2FvAG32I0wEkWwbwbAAk%2BRA4RRCFOXA6egNjv%2BTbFp2mLrWny7ZNp6u%2B60xXsWuXccUpO25l0hrO%2B8CDPgjWAU8bkI4PNyANDEhjA0I6Mj3HDTCuBH5QKlXLhJBSiRCnepw6tFSuBhhSMq69A0ncASI6QNQliNUlaPIOqPQ70Bs5aGqAThC0aA4ZQ5BpBJmHIOMIsgRB1sp7VGhb57ep0KlvHWj7QJfyrkwa215PJg0Woe14Dx0ZN8yYQq9Bk43MEiPYxQ52y5brVN0qcyuBVXW944Hj%2Bo7tg%2BY5cD01obk1nt4PBsRjnR0G3xuAFgMg%2FDB46avgZd2KjcHb6JarGLai3pZXbAigMoc4OQTJprEt9tDLk4nZv%2F4EjOy%2B8%2FRU%2BubiM7eBqBxilcMH%2FCGChrjSXZUZurUqM40eLMcJD%2FmWN57mWuIlDH1xjm1mUtHaGd25M0%2FGwNi8u850suRFlEcNjb48xSllalEqwtC3NX2B%2BSup3jiVqiiNl1ZOL9bCWDGtuYz64PFH7feA8CF66utrkz19Zb4BXA1ApaNjG0kSz87MEMFJsxgT0SxGXsj2%2FTl%2B0q7XV2ptb8mtlS9iCNPduW8%2BG8sN4LIPJP7oTqGwXltfWigURjOPb37SW%2BdU%2B6yhWKRZYiZc%2BCmdNS2MsVlfPmcGUpmUNczHN29culconFlYO71aW1mvLdcLhdHra83NiE7wQc8MBj2zxURThjrxZZTqxzev379XKCzNr55duFg7P392nBT%2FC4FkIw39yOPinyQ%2BLxRqpyfpZv9r6Fs8bCQnOZER6HgXHQhoiUCJJ74fG5CleVfZ%2Fu5cblzfqRx5DgQfotmTz4Ngu3PDq%2B8f%2Fb1%2FFTw%2FB83%2BEvjE3tZXoKEM8JLLk0%2FcUjm0RA6e6IBO%2F9dNYrU792NpIuALo%2BsLZdzyhRLX9jdQ85HpWGVW9asVQqnPCLUqdqlawtimtFxxmeVCoofkoXzpTwAAAP%2F%2FAQAA%2F%2F%2BoujpypgUAAA%3D%3D IP173.233.137.60:0
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /impr.gif?sid=H4sIAAAAAAAC%2F5RTz4scxRev3m%2B%2B4A%2FQRDyoILSOSoTsbHXPdGZ6Q1g3yW4YsplddlcCIoTuqurZcqq7mqru6dk9BSOSWybBg%2BaS3jeZrNFgkoMHD4LM5CJ7MSMic3D%2FAyEgepaZXYgKHnxQ9d7jU4%2F3Pu%2B9%2Bng73UMYUm%2B0cl5ucSG8GaeIzaMXeERlps36umnhIj5hXuDR8fIJsz2%2BVGvWwk4Rv22eZaQpZ2xsYWxhy1zkigWyPTNBgcd3Xavo4mLZLlpOGdrq775ODdCeAbS1h14ATof%2F3%2Fj%2BAXDShyi8f4bpZiLjYwthKrxEKmjRnXejZiSzCMInZqAMCKKdg9cg9RChT6dARjsHDEC2bo0ZgM%2BHyPjZAj%2FaOSgT%2FFZvv1JfAIvAp89C1uoDE33gXh%2BIvAycPkIAhEJ9GaLwdl2qzNvcR70xOkSH%2FvgNeDZEh355EaLwq1OCt801KdKEy0hDO8iBt%2FvAG32I0wEkWwbwbAAk%2BRA4RRCFOXA6egNjv%2BTbFp2mLrWny7ZNp6u%2B60xXsWuXccUpO25l0hrO%2B8CDPgjWAU8bkI4PNyANDEhjA0I6Mj3HDTCuBH5QKlXLhJBSiRCnepw6tFSuBhhSMq69A0ncASI6QNQliNUlaPIOqPQ70Bs5aGqAThC0aA4ZQ5BpBJmHIOMIsgRB1sp7VGhb57ep0KlvHWj7QJfyrkwa215PJg0Woe14Dx0ZN8yYQq9Bk43MEiPYxQ52y5brVN0qcyuBVXW944Hj%2Bo7tg%2BY5cD01obk1nt4PBsRjnR0G3xuAFgMg%2FDB46avgZd2KjcHb6JarGLai3pZXbAigMoc4OQTJprEt9tDLk4nZv%2F4EjOy%2B8%2FRU%2BubiM7eBqBxilcMH%2FCGChrjSXZUZurUqM40eLMcJD%2FmWN57mWuIlDH1xjm1mUtHaGd25M0%2FGwNi8u850suRFlEcNjb48xSllalEqwtC3NX2B%2BSup3jiVqiiNl1ZOL9bCWDGtuYz64PFH7feA8CF66utrkz19Zb4BXA1ApaNjG0kSz87MEMFJsxgT0SxGXsj2%2FTl%2B0q7XV2ptb8mtlS9iCNPduW8%2BG8sN4LIPJP7oTqGwXltfWigURjOPb37SW%2BdU%2B6yhWKRZYiZc%2BCmdNS2MsVlfPmcGUpmUNczHN29culconFlYO71aW1mvLdcLhdHra83NiE7wQc8MBj2zxURThjrxZZTqxzev379XKCzNr55duFg7P392nBT%2FC4FkIw39yOPinyQ%2BLxRqpyfpZv9r6Fs8bCQnOZER6HgXHQhoiUCJJ74fG5CleVfZ%2Fu5cblzfqRx5DgQfotmTz4Ngu3PDq%2B8f%2Fb1%2FFTw%2FB83%2BEvjE3tZXoKEM8JLLk0%2FcUjm0RA6e6IBO%2F9dNYrU792NpIuALo%2BsLZdzyhRLX9jdQ85HpWGVW9asVQqnPCLUqdqlawtimtFxxmeVCoofkoXzpTwAAAP%2F%2FAQAA%2F%2F%2BoujpypgUAAA%3D%3D HTTP/1.1
Host: distributionrealmoth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Cookie: u_pl=16908321; uid_id2=00b3b21d-d9d2-422d-8b95-809240754597:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 15 Jan 2023 21:24:41 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 52d31d1f204989e8794784bbac63f1a9
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| distributionrealmoth.com/pixel/sbs?c=1 | 173.233.137.60 | 200 OK | 0 B |
URL HTTP/1.1distributionrealmoth.com/pixel/sbs?c=1 IP173.233.137.60:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /pixel/sbs?c=1 HTTP/1.1
Host: distributionrealmoth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Cookie: u_pl=16908321; uid_id2=00b3b21d-d9d2-422d-8b95-809240754597:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 15 Jan 2023 21:24:41 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| ocsp.sectigo.com/ | 104.18.32.68 | 200 OK | 471 B |
IP104.18.32.68:0
Hash617bd8818b9c1ed26c05020b0141b872 063e3d21d2ae3a1f17b265ce662ed229aff2401e 54f4d69d4baff9b848ee4ca27c49469e634dbed6d3eeb4342f8cad275b4777aa
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 21:24:41 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 14 Jan 2023 18:28:18 GMT
Expires: Sat, 21 Jan 2023 18:28:17 GMT
Etag: "063e3d21d2ae3a1f17b265ce662ed229aff2401e"
Cache-Control: max-age=507215,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78a1ae012c921c02-OSL
|
|
| track.trackingtraffo.com/push/ic?auth=pz6u78&c=sRi2lJwataI-u4cSjebAI1az66RNxyBsw92QTaHw1HzGUOnamUrnfVMHbzCNhLqke3NYFQo0cDDWKpQ_2ftgZG7DbceQFxr76NW_b5aK2CmyU_f_Ub262CilVlngBmwQH9zc9HCecUlAQ5zOKbyedGRljUc-K0TRMWgi1oyFD3KZeAjKKOpZsWhYb8zYkLPhe-H-tTS7Fn_SiQgLyJYxfkZgY-8PV0Hi3jaJJ_TNDz9QhL4ns03wCdLFwVgbopTP_u9NtY17e0J-cOocFdyAiCsp6oX9536OcwIPzHYeidXJGrADkpdsiN83ei_6M2vAWj13skD327Ef3E1f49Y3SY_QQ0rzRbe11WAHnjq5gYamRD1GrsgO0jdmrNWi8Xu1_Q7t-Mqh_ef8WPqwyNtYD1ZsPRm4Ez-h4-uo9GmNhtihai16kbFYVHt7i2ZpHWMxfC7GiO2jT5wmX6bcr5CJnm1CFgDW886O-YckJA_89ratnqwRecn01Wew7sQcLzz9at7xnk0qQKWadRwFI1F1f6UDhX75fumuWQLU_PHpUOR4baQE4z4AvkO9VUs4naeHeESHsXFgPmvy7kCsEOBDUTUTEHiatN21Y3wqi59fYZb__lQN | 88.214.195.156 | 302 Found | 0 B |
URL HTTP/1.1track.trackingtraffo.com/push/ic?auth=pz6u78&c=sRi2lJwataI-u4cSjebAI1az66RNxyBsw92QTaHw1HzGUOnamUrnfVMHbzCNhLqke3NYFQo0cDDWKpQ_2ftgZG7DbceQFxr76NW_b5aK2CmyU_f_Ub262CilVlngBmwQH9zc9HCecUlAQ5zOKbyedGRljUc-K0TRMWgi1oyFD3KZeAjKKOpZsWhYb8zYkLPhe-H-tTS7Fn_SiQgLyJYxfkZgY-8PV0Hi3jaJJ_TNDz9QhL4ns03wCdLFwVgbopTP_u9NtY17e0J-cOocFdyAiCsp6oX9536OcwIPzHYeidXJGrADkpdsiN83ei_6M2vAWj13skD327Ef3E1f49Y3SY_QQ0rzRbe11WAHnjq5gYamRD1GrsgO0jdmrNWi8Xu1_Q7t-Mqh_ef8WPqwyNtYD1ZsPRm4Ez-h4-uo9GmNhtihai16kbFYVHt7i2ZpHWMxfC7GiO2jT5wmX6bcr5CJnm1CFgDW886O-YckJA_89ratnqwRecn01Wew7sQcLzz9at7xnk0qQKWadRwFI1F1f6UDhX75fumuWQLU_PHpUOR4baQE4z4AvkO9VUs4naeHeESHsXFgPmvy7kCsEOBDUTUTEHiatN21Y3wqi59fYZb__lQN IP88.214.195.156:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /push/ic?auth=pz6u78&c=sRi2lJwataI-u4cSjebAI1az66RNxyBsw92QTaHw1HzGUOnamUrnfVMHbzCNhLqke3NYFQo0cDDWKpQ_2ftgZG7DbceQFxr76NW_b5aK2CmyU_f_Ub262CilVlngBmwQH9zc9HCecUlAQ5zOKbyedGRljUc-K0TRMWgi1oyFD3KZeAjKKOpZsWhYb8zYkLPhe-H-tTS7Fn_SiQgLyJYxfkZgY-8PV0Hi3jaJJ_TNDz9QhL4ns03wCdLFwVgbopTP_u9NtY17e0J-cOocFdyAiCsp6oX9536OcwIPzHYeidXJGrADkpdsiN83ei_6M2vAWj13skD327Ef3E1f49Y3SY_QQ0rzRbe11WAHnjq5gYamRD1GrsgO0jdmrNWi8Xu1_Q7t-Mqh_ef8WPqwyNtYD1ZsPRm4Ez-h4-uo9GmNhtihai16kbFYVHt7i2ZpHWMxfC7GiO2jT5wmX6bcr5CJnm1CFgDW886O-YckJA_89ratnqwRecn01Wew7sQcLzz9at7xnk0qQKWadRwFI1F1f6UDhX75fumuWQLU_PHpUOR4baQE4z4AvkO9VUs4naeHeESHsXFgPmvy7kCsEOBDUTUTEHiatN21Y3wqi59fYZb__lQN HTTP/1.1
Host: track.trackingtraffo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 15 Jan 2023 21:24:41 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Location: https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1659514995116-National Casino black.png
|
|
| ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1659514995116-National%20Casino%20black.png | 142.132.194.196 | 200 OK | 4.5 kB |
URL HTTP/1.1ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1659514995116-National%20Casino%20black.png IP142.132.194.196:0 ASN#24940 Hetzner Online GmbH
File typePNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data Hash58be17b22d6e1178a54c92cf862c817e b821bc2f016751647df49e49863077e927a70322 9cc4f3f40313b08baf54c956685ac7a21ac8a3573908b9763865c6f613ce1b5f
GET /creatives/k1qy286gxmd5g3dpr397nw5v/1659514995116-National%20Casino%20black.png HTTP/1.1
Host: ads.trackingtraffo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 15 Jan 2023 21:24:42 GMT
Content-Type: image/png
Content-Length: 4456
Last-Modified: Wed, 03 Aug 2022 08:23:15 GMT
Connection: keep-alive
ETag: "62ea3073-1168"
Accept-Ranges: bytes
|
|
| za.gl/YrU0XJ | 172.67.73.23 | 200 OK | 0 B |
IP172.67.73.23:0
GET /YrU0XJ HTTP/1.1
Host: za.gl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 15 Jan 2023 21:24:37 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
set-cookie: AppSession=o1sqnk63jt4t1e2t1l5q2lebf4; path=/; HttpOnly
zagl_publisher=515782; expires=Sun, 15-Jan-2023 21:25:37 GMT; Max-Age=60; path=/
scr=0.45; expires=Sun, 15-Jan-2023 21:25:37 GMT; Max-Age=60; path=/
zagl_publisher=515782; expires=Sun, 15-Jan-2023 21:25:37 GMT; Max-Age=60; path=/
scr=0.45; expires=Sun, 15-Jan-2023 21:25:37 GMT; Max-Age=60; path=/
csrfToken=21dd42436e3bf31324c0187a36b976e855aab039c7a3375a44cd290bf7c0430ab0aa7d37c2403e397e1f0b13975be52db8c5b7aa723f652dd66de763c4224aa5; path=/
visitor=Q2FrZQ%3D%3D.MTBjODcwOTg1MGMwMzk0ZjQwY2JiYmU2NTYxNTkwZjUzZDkzMjg3OGQxNDRmNTE1YzM4MzYzYzllNmIxYWNmYUIAsxQjzf89wwPJXIwolKnYeE47vDOpiLuuxPyQcHFpn72Jn6seOaE%2Fu6%2F8qdJbtsRVupnw%2B%2Bj0BN8RpQyR542Ep9xFXF6masBA5d7WyRw%2B; expires=Mon, 16-Jan-2023 21:24:37 GMT; Max-Age=86400; path=/; HttpOnly
hash=Q2FrZQ%3D%3D.NjI1NGE4MmYzOWYxNDM1YmMzMzViMWMzMDJjY2ZkOGFmMjM5NzIxNzFhZGRkMzg0OWFmZjE0ZGUxNTBlN2RkNmHHPAFaiq4%2BMKyE2WKwoh77ixgAB4Mi8yQbsl3mYQRyQc3AmeuRi13YBVm5E8V%2BKX7cl6IA6rfzUie%2F4c8WsuE%3D; expires=Wed, 15-Feb-2023 21:24:37 GMT; Max-Age=2678400; path=/
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2FpEfZ6EHuAQfIHCh3EyB0njgFmyjXMh%2B0H5myqrIsUmTvCXPkeL8rbJ7%2FMZppsdFUPXhxcT8Gi2OUqMV7HWHTDoiizt41zIiolybQuPDtJmKeSlzJam"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78a1ade48fedb50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 | 104.16.57.101 | 200 OK | 0 B |
URL HTTP/2static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 IP104.16.57.101:0
GET /beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://za.gl
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 15 Jan 2023 21:24:37 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2022.10.1
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 78a1ade8eed5b51d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| polyfill.io/v3/polyfill.js?features=Intl%2Cfetch | 151.101.65.26 | 200 OK | 0 B |
URL HTTP/2polyfill.io/v3/polyfill.js?features=Intl%2Cfetch IP151.101.65.26:0
GET /v3/polyfill.js?features=Intl%2Cfetch HTTP/1.1
Host: polyfill.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
content-type: text/javascript; charset=UTF-8
accept-ranges: bytes
last-modified: Sun, 15 Jan 2023 12:53:31 GMT
content-encoding: br
useragent_normaliser: firefox/105.0.0
age: 0
date: Sun, 15 Jan 2023 21:24:38 GMT
vary: User-Agent, Accept-Encoding
server-timing: PASS, fastly;desc="Edge time";dur=202
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=DM+Sans:wght@400;700&display=swap | 142.250.74.106 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/css2?family=DM+Sans:wght@400;700&display=swap IP142.250.74.106:0
GET /css2?family=DM+Sans:wght@400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 15 Jan 2023 21:24:37 GMT
date: Sun, 15 Jan 2023 21:24:37 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| openfpcdn.io/fingerprintjs/v3 | 54.230.111.24 | 200 OK | 0 B |
URL HTTP/2openfpcdn.io/fingerprintjs/v3 IP54.230.111.24:0
GET /fingerprintjs/v3 HTTP/1.1
Host: openfpcdn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://za.gl
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
server: CloudFront
date: Sun, 15 Jan 2023 19:02:38 GMT
cache-control: public, max-age=579510, s-maxage=10514
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
etag: W/"iGPd/qM5rvpVhWvx3vVSNedX/OA"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: C7d6CK-nIwyyn-Wv4FlN10QB3ekjb4tf6F3YAKDf1z4lM9gW6kvC6w==
age: 8520
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/interstitial/rtb/default/3/js/jquery-3.2.1.min.js | 172.64.166.9 | 200 OK | 0 B |
URL HTTP/2cdn.creative-bars1.com/sb/interstitial/rtb/default/3/js/jquery-3.2.1.min.js IP172.64.166.9:0
GET /sb/interstitial/rtb/default/3/js/jquery-3.2.1.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://za.gl
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 15 Jan 2023 21:24:41 GMT
content-type: application/javascript
last-modified: Wed, 23 Jun 2021 13:33:25 GMT
etag: W/"60d33825-1fa27"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FOnnhJqjan7l89iq3fzlxMd1tpwoCZZuhGg1ixzsJfe%2BK3gvEUt872jASXEbFPOGkSE4w%2Fje67X9a9u1NxE1CalHzDykXK8%2B%2FCnPkqQ0yiLe0vB%2FTwP9pHDaPIOGN%2FltjJXzAToduaA0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78a1adf9884324db-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|