Report - easy-lay.com/tt/16?affiliate_id=15001&sub1=devg2i5ev9p3&sub2=422482&sub8=&sub7=42&source=248242&c1=arb|1062|

Report Overview

Submitted URL
easy-lay.com/tt/16?affiliate_id=15001&sub1=devg2i5ev9p3&sub2=422482&sub8=&sub7=42&source=248242&c1=arb|1062|
IP
104.21.48.74
ASN
#13335 CLOUDFLARENET
Submitted
2022-12-18 20:43:10
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
icalendar.datingtopgirls.com	260095	2022-06-02T09:08:49Z	2023-03-09T10:46:45Z	373 B	2.1 kB	31.220.24.141
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-09T13:40:16Z	378 B	58 kB	142.250.74.168
static.cloudflareinsights.com	1294	2019-09-24T16:34:56Z	2023-03-09T10:55:53Z	449 B	6.6 kB	104.16.56.101
my.rtmark.net	9054	2015-02-04T10:54:57Z	2023-03-09T10:18:28Z	950 B	1.9 kB	139.45.195.8
www.google.no	25607	2016-04-05T21:50:59Z	2023-03-09T09:24:51Z	478 B	694 B	142.250.74.163
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-09T10:04:36Z	3.2 kB	94 kB	34.120.237.76
www.clarity.ms	1404	2018-08-22T09:41:57Z	2023-03-09T05:11:00Z	753 B	1.2 kB	13.107.213.53
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-09T05:09:05Z	3.0 kB	8.0 kB	23.33.119.27
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-09T05:09:18Z	782 B	2.4 kB	35.241.9.150
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-09T11:52:10Z	1.4 kB	2.6 kB	93.184.220.29
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-09T05:09:50Z	2.7 kB	9.2 kB	142.250.74.131
www.googleoptimize.com	1604	2019-07-16T12:17:19Z	2023-03-09T10:58:24Z	381 B	46 kB	142.250.74.78
c.bing.com	247	2012-05-22T12:26:32Z	2023-03-09T05:11:02Z	468 B	795 B	13.107.21.200
ocsp.sca1b.amazontrust.com	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	350 B	1.0 kB	108.157.217.47
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-09T05:09:48Z	333 B	391 B	34.117.237.239
c.clarity.ms	803	2021-02-04T00:22:47Z	2023-03-09T05:11:02Z	837 B	1.2 kB	20.234.93.27
stats.g.doubleclick.net	96	2013-06-10T22:21:11Z	2023-03-09T07:43:12Z	477 B	559 B	209.85.233.154
easy-lay.com	254260	2020-09-18T16:10:27Z	2023-03-09T11:10:56Z	976 B	4.2 kB	188.114.97.1
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-09T05:09:49Z	413 B	5.8 kB	34.160.144.191
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-09T05:09:13Z	606 B	127 B	52.39.94.191
analitits.com	186712	2016-06-11T20:10:30Z	2023-03-09T10:50:51Z	1.1 kB	168 B	31.220.24.19
botd.fpapi.io	297160	2021-06-11T12:56:14Z	2023-03-09T10:46:46Z	450 B	510 B	34.193.232.22
b.clarity.ms	3462	2021-07-27T14:49:08Z	2023-03-09T11:28:47Z	440 B	281 B	20.75.32.255
region1.analytics.google.com	unknown	2022-03-17T12:26:33Z	2023-03-09T08:41:37Z	794 B	559 B	216.239.32.36
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-09T12:17:45Z	393 B	746 B	142.250.74.74

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-18	medium	icalendar.datingtopgirls.com/icalendar.js	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (23)

	URL	Size	First Seen	Last Seen
	www.clarity.ms/eus2/s/0.7.1/clarity.js	57 kB	2023-03-09	2023-11-05
Pretty URL www.clarity.ms/eus2/s/0.7.1/clarity.js IP 13.107.213.53 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 10:22:27 Last Seen2023-11-05 22:32:51 Times Seen3 Hash b9b253f431c87fd6d386778bb4f53db8 7e1615b8e242a06e0631ed4e0662cc3fb6487fc6 da5186fe0bb5dd59e7ece6ee7efac70c31755611e385fa423585572cb9628fcf Loading...

	static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993	17 kB	2023-03-08	2024-02-28
Pretty URL static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 IP 104.16.56.101 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:25:00 Last Seen2024-02-28 12:44:37 Times Seen1362 Hash 33100f2355611b2375f05486299abf05 0b2d1b75f6695e67b884bee2eb72165d6e881a26 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3 Loading...

	easy-lay.com/tt/16?affiliate_id=15001&sub1=devg2i5ev9p3&sub2=422482&sub8=&sub7=42&source=248242&c1=arb\|1062\|	1.6 kB	2023-03-09	2023-03-09
Pretty URL easy-lay.com/tt/16?affiliate_id=15001&sub1=devg2i5ev9p3&sub2=422482&sub8=&sub7=42&source=248242&c1=arb\|1062\| IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 17:18:33 Last Seen2023-03-09 17:18:33 Times Seen1 Hash f265dc96509dfe80460d5b8c5cb13a53 ccab492a46c34ad5d8aaf944b42a8f6009ff8877 6d30435232d6e3961570da4b138262c9e406abf95e358d7ecef0f9b4734ee76f Loading...

	easy-lay.com/tt/16?affiliate_id=15001&sub1=devg2i5ev9p3&sub2=422482&sub8=&sub7=42&source=248242&c1=arb\|1062\|	549 B	2023-03-07	2024-01-27
Pretty URL easy-lay.com/tt/16?affiliate_id=15001&sub1=devg2i5ev9p3&sub2=422482&sub8=&sub7=42&source=248242&c1=arb\|1062\| IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:20:39 Last Seen2024-01-27 00:28:52 Times Seen16 Hash 8cb5927ea644de865ad4e031bf42e51a eba9139c96ad1a98da622d259333b76c094570f5 e30c7634986a5453d76cdaff0eae5cf67ec0f24650f21a09e88b644f025b6d25 Loading...

	www.googleoptimize.com/optimize.js?id=OPT-NN2R6FM	110 kB	2023-03-09	2023-03-12
Pretty URL www.googleoptimize.com/optimize.js?id=OPT-NN2R6FM IP 142.250.74.78 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 12:56:48 Last Seen2023-03-12 15:24:16 Times Seen1 Hash 1ac45db883834ea75f916c6f84660386 c316b3f40eee0196d455c7d196c9a80abdb5e078 53d1fe1fb19694e6b45321567725896bf35b92602287bf8e61b00eae179b7a6b Loading...

	www.googletagmanager.com/gtag/js?id=G-Q7W6GLM2DR&l=dataLayer&cx=c	230 kB	2023-03-09	2023-03-09
Pretty URL www.googletagmanager.com/gtag/js?id=G-Q7W6GLM2DR&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 17:18:33 Last Seen2023-03-09 17:18:33 Times Seen1 Hash 152672503b18c025491e2d5c68ad4565 3c34f7835928ac943c933a5c194e72cc8128f226 8994df1f2d6439e8f74d40c6c09efeb5a61c659af33b12546ad07e7af8ccae51 Loading...

	easy-lay.com/t/event/v4?e_t=pageview&url=https%253A%252F%252Feasy-lay.com%252Ftt%252F16%253Faffiliate_id%253D15001%2526sub1%253Ddevg2i5ev9p3%2526sub2%253D422482%2526sub8%253D%2526sub7%253D42%2526source%253D248242%2526c1%253Darb%257C1062%257C&ref=&d_r=1&d_s=1280x1024&d_w=1280x939&t_s=1671396179324&t_i=1671396179546&u_tz=0&u_l=en-US&u_l2=&u_l3=&n_c=&n_s=&pv_uid=559d495c-2f37-43c1-a13c-5d1119a2541b&nav_rc=0&nav_nt=NAVIGATE&p_nn=easy-lay&p_pt=&p_tt=desktop&p_l=en&p_z=NONAUTHORIZED&p_u_m_id=&p_u_s=GUEST&p_u_v_id=devg2i5ev9p3&fpid_sa=1671396179546&fpid=&feid_sa=1&sid_sa=1&feid=f5ea22b6faed8d298b8a172f047d6f57&sid=1e4343cce7a96152f053dfc9b89e52a5&u_adb=0&vn=S-2.8.3&s_rst=1&st_d=%7B%7D&e_d=%7B%22affid%22%3A%2215001%22%2C%22source%22%3A%22248242%22%2C%22page_id%22%3A%224dbdb8c8c0099d9f43abbed23360786c%22%2C%22tour%22%3A%22t%2F16%22%7D&t_op=0.643&cb=gl.cb.pv	65 B	2023-03-09	2023-03-09
Pretty URL easy-lay.com/t/event/v4?e_t=pageview&url=https%253A%252F%252Feasy-lay.com%252Ftt%252F16%253Faffiliate_id%253D15001%2526sub1%253Ddevg2i5ev9p3%2526sub2%253D422482%2526sub8%253D%2526sub7%253D42%2526source%253D248242%2526c1%253Darb%257C1062%257C&ref=&d_r=1&d_s=1280x1024&d_w=1280x939&t_s=1671396179324&t_i=1671396179546&u_tz=0&u_l=en-US&u_l2=&u_l3=&n_c=&n_s=&pv_uid=559d495c-2f37-43c1-a13c-5d1119a2541b&nav_rc=0&nav_nt=NAVIGATE&p_nn=easy-lay&p_pt=&p_tt=desktop&p_l=en&p_z=NONAUTHORIZED&p_u_m_id=&p_u_s=GUEST&p_u_v_id=devg2i5ev9p3&fpid_sa=1671396179546&fpid=&feid_sa=1&sid_sa=1&feid=f5ea22b6faed8d298b8a172f047d6f57&sid=1e4343cce7a96152f053dfc9b89e52a5&u_adb=0&vn=S-2.8.3&s_rst=1&st_d=%7B%7D&e_d=%7B%22affid%22%3A%2215001%22%2C%22source%22%3A%22248242%22%2C%22page_id%22%3A%224dbdb8c8c0099d9f43abbed23360786c%22%2C%22tour%22%3A%22t%2F16%22%7D&t_op=0.643&cb=gl.cb.pv IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 17:18:33 Last Seen2023-03-09 17:18:33 Times Seen1 Hash cae9832d0963048f93c0257f56063675 e2617005d1c8509fef073285dab9aa3fcc4ec9f1 ed61305a1fec29d5cdbf0786db87890ca4e112e53bb1d71aa98514f28ab2e1b1 Loading...

	my.rtmark.net/p.js?f=sync&lr=1&partner=bea467c9e34e8272bd1bf9a4a452ac3653f0e23d224530e911cd838f39a107cc	697 B	2023-03-08	2024-02-25
Pretty URL my.rtmark.net/p.js?f=sync&lr=1&partner=bea467c9e34e8272bd1bf9a4a452ac3653f0e23d224530e911cd838f39a107cc IP 139.45.195.8 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:15 Last Seen2024-02-25 15:06:23 Times Seen1042 Hash 1ba2794f0f7dd2b29159959320fd42bd 8e73fa295266b44f59b5bc53cafb7febe3c85e39 3ae0c3406428498610c125ba13450e55a412406359bd6b2cf21bdf5f5be4486c Loading...

	easy-lay.com/tt/16?affiliate_id=15001&sub1=devg2i5ev9p3&sub2=422482&sub8=&sub7=42&source=248242&c1=arb\|1062\|	100 B	2023-03-07	2024-02-02
Pretty URL easy-lay.com/tt/16?affiliate_id=15001&sub1=devg2i5ev9p3&sub2=422482&sub8=&sub7=42&source=248242&c1=arb\|1062\| IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:26 Last Seen2024-02-02 00:56:36 Times Seen139 Hash 6657d5cb319244c6cf4c7378f47596e1 cb008f36db33ff73fa420f12425c18e65a3053ff 1bbc661e1e53aa8c4b872fba1e02a35e276b0a21bfe29d3c93a57257d6546aa6 Loading...

	easy-lay.com/tt/16?affiliate_id=15001&sub1=devg2i5ev9p3&sub2=422482&sub8=&sub7=42&source=248242&c1=arb\|1062\|	505 B	2023-03-09	2023-03-09
Pretty URL easy-lay.com/tt/16?affiliate_id=15001&sub1=devg2i5ev9p3&sub2=422482&sub8=&sub7=42&source=248242&c1=arb\|1062\| IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 17:18:33 Last Seen2023-03-09 17:18:33 Times Seen1 Hash 6e13c100f673e5fbe1a9b48271ddc4d5 acb7b5b84f5d85b317c82fb36696bc1a30c8ab32 6be2095bc7ac9aed023e79389ea5dffb4f4218c38d4e87e814d6e505785313fb Loading...

	easy-lay.com/js/script.js?82	12 kB	2023-03-08	2023-03-26
Pretty URL easy-lay.com/js/script.js?82 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:24:10 Last Seen2023-03-26 00:16:44 Times Seen8 Hash 6855532b091e028a339171c55834e4a3 8c2f4a43bd7fc25d532392105b8e830769b43a20 ea4e519e27a134a65801c8498d0f57c16f8bde82799f951fe59748f8f2eabfe2 Loading...

	easy-lay.com/tt/16?affiliate_id=15001&sub1=devg2i5ev9p3&sub2=422482&sub8=&sub7=42&source=248242&c1=arb\|1062\|	381 B	2023-03-07	2024-02-08
Pretty URL easy-lay.com/tt/16?affiliate_id=15001&sub1=devg2i5ev9p3&sub2=422482&sub8=&sub7=42&source=248242&c1=arb\|1062\| IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:26 Last Seen2024-02-08 04:04:46 Times Seen482 Hash 2d63d2fc063a3b79517968ef422bfae2 3f5020fc07330429b607f808fc5373f5bede54a0 5c0085f5aec987d46f3ebd4a6ed616c806878b0a82cf6f8c926cb41925d637d1 Loading...

	www.clarity.ms/tag/bvsqia2v2y?ref=gtm	911 B	2023-03-09	2023-03-13
Pretty URL www.clarity.ms/tag/bvsqia2v2y?ref=gtm IP 13.107.213.53 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 17:18:33 Last Seen2023-03-13 06:00:23 Times Seen1 Hash 4dee1ffe97f3e9962834ceb027884335 85babf7e0c5a6134b1c3ad3e13a7abaa5298d552 f187022e4f03f81a2eccb07f9d3d3fb5555749f690af8967a562f121dd1d4071 Loading...

	icalendar.datingtopgirls.com/icalendar.js	5.9 kB	2023-03-07	2023-03-17
Pretty URL icalendar.datingtopgirls.com/icalendar.js IP 31.220.24.141 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:26 Last Seen2023-03-17 12:47:52 Times Seen1 Hash 1542e1c96753770e587968d803376c9a c49a24c38a498620e420951e65ddf65f46dda447 2887db4531172d1c88a4d6b55bda50c5f0dacb95918e2666129cda5d8ec98a8b Loading...

	easy-lay.com/fav/el/js/jquery-3.3.1.min.js	87 kB	2023-03-07	2024-04-18
Pretty URL easy-lay.com/fav/el/js/jquery-3.3.1.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:26 Last Seen2024-04-18 11:28:16 Times Seen12137 Hash af4078402c5e090d3f81d1abd71e2250 9592732de681f4365e9b7016dc5cf76e2a55ee9b 8603b20b548270423fb03c2138c16f5f863ead4c48eb0999167df869e2eef8a6 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-T76Q9QX	158 kB	2023-03-09	2023-03-09
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-T76Q9QX IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 17:18:33 Last Seen2023-03-09 17:18:33 Times Seen1 Hash e9579d464cc9a8fde4e7e842ad6e2288 ccc5c8583d7c3c35c1eeab37e3ddbdfe0320c5d1 b5926a56466809a6825b00aa81faf06df953f80473e883a3b0e7dddf55c20c8e Loading...

	easy-lay.com/fav/el/js/tt/16/main.js?82	3.3 kB	2023-03-07	2024-01-04
Pretty URL easy-lay.com/fav/el/js/tt/16/main.js?82 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09:04 Last Seen2024-01-04 08:28:56 Times Seen5 Hash 88f6ebd6a3de47886322fa61eb32a749 2d41ccd7057205d24b28f0348660c9718ac13d6b 1a18b81167096c6ff64c58378311936c3c883a21833827296f3bfe4f405b9d11 Loading...

	easy-lay.com/fav/el/js/script.js?82	182 B	2023-03-07	2023-03-17
Pretty URL easy-lay.com/fav/el/js/script.js?82 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:20:39 Last Seen2023-03-17 12:47:52 Times Seen1 Hash 67d8b2043b84a7fbda205f5e6e69cc57 57fc3af147cad3c441628c56c200e338f79ea7c2 6a397734fd24fd54fab407d0244016fe3dfcd2edee93ba425f778b4181b251a0 Loading...

	easy-lay.com/tt/16?affiliate_id=15001&sub1=devg2i5ev9p3&sub2=422482&sub8=&sub7=42&source=248242&c1=arb\|1062\|	219 B	2023-03-09	2023-03-09
Pretty URL easy-lay.com/tt/16?affiliate_id=15001&sub1=devg2i5ev9p3&sub2=422482&sub8=&sub7=42&source=248242&c1=arb\|1062\| IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 17:18:33 Last Seen2023-03-09 17:18:33 Times Seen1 Hash 6e9f921fe1acb1dde1083fd549e68ed2 a30d857e6480c815da30c03b1a35d1a49ce2402d 6817bebd5b979f0252849084d5b3bb512bb2a1fd6bf89be5a036bb3ad4cfbc49 Loading...

	easy-lay.com/tt/16?affiliate_id=15001&sub1=devg2i5ev9p3&sub2=422482&sub8=&sub7=42&source=248242&c1=arb\|1062\|	1.0 kB	2023-03-09	2023-03-09
Pretty URL easy-lay.com/tt/16?affiliate_id=15001&sub1=devg2i5ev9p3&sub2=422482&sub8=&sub7=42&source=248242&c1=arb\|1062\| IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 17:18:33 Last Seen2023-03-09 17:18:33 Times Seen1 Hash e7f89f3d8e11e699f71fe808a138b27e 1f2207835ef9a41ac7a3060b30443774715020b9 648bad035e348d2cc97aa8e20be7b193c555026bd5cb094efbebc7cda2083276 Loading...

	easy-lay.com/js/main.js?82	24 kB	2023-03-07	2023-03-17
Pretty URL easy-lay.com/js/main.js?82 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:41 Last Seen2023-03-17 12:47:52 Times Seen1 Hash 2cc8c012627c00ba257b84425b55e9e4 1fc7ad744f1eb3f195140dace57eecc62d2fd80f 4eed62e402335ca04f23bef09046e4c62acc16d67482e6089d114354b77dbbdf Loading...

	http:blank	708 B	2023-03-09	2023-03-09
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 17:18:33 Last Seen2023-03-09 17:18:33 Times Seen1 Hash 6218f8116fb6a83382d6f3aae22f253f 730591d6469f93240b2055374e75b04e7b3e2c36 dd9c21a85f5ea99cfe2ac7f672a1e30f7c09255c2e00b24d2723e468b3c3d7c6 Loading...

	easy-lay.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1671393600	38 kB	2023-03-09	2023-03-09
Pretty URL easy-lay.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1671393600 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 17:18:33 Last Seen2023-03-09 17:18:33 Times Seen1 Hash 459918117eef417b39f28ffc289c1fef 4bc6fb4ae5a4d93ebc90a1617d4963640835e045 a4cb64f93fd0cca14667dcf6cf0f9427b31b18f64ff277dd64efac57070d1889 Loading...

HTTP Transactions (53)

URL IP Response Size

easy-lay.com/tt/16?affiliate_id=15001&sub1=devg2i5ev9p3&sub2=422482&sub8=&sub7=42&source=248242&c1=arb|1062|

188.114.97.1

301 Moved Permanently

549 B

URL HTTP/1.1
easy-lay.com/tt/16?affiliate_id=15001&sub1=devg2i5ev9p3&sub2=422482&sub8=&sub7=42&source=248242&c1=arb|1062|
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (386), with CRLF, LF line terminators
Size
549 B (549 bytes)
Hash
1f524432973116c94c23bd19cea92f1d
79f0bb8ceaf482caec8a5bce498fa033451c07a7
8715b5526e9a4bf9f560c8926369601bd880d9549f4e49b199e3f2b8c5b4219c

HTTP Headers

GET /tt/16?affiliate_id=15001&sub1=devg2i5ev9p3&sub2=422482&sub8=&sub7=42&source=248242&c1=arb|1062| HTTP/1.1
Host: easy-lay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Sun, 18 Dec 2022 20:42:58 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://easy-lay.com/tt/16?affiliate_id=15001&sub1=devg2i5ev9p3&sub2=422482&sub8=&sub7=42&source=248242&c1=arb|1062|
CF-Cache-Status: DYNAMIC
Server-Timing: cf-q-config;dur=5.9999947552569e-06
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X4BnLz1pvtysioRVHQgeUo2UTJrutBMbj6ZU43pcXTSbnVg6oYuB8xuBDb%2BIBDdOAHyhf%2BmU8%2B5x2YhywD2H%2FcR0ZKafZmTSZ2LKfwTtRzFprnq5EjHMxOcEnZYtENA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77baba65bd15b527-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
460af93786e1eaa666f135e6c3fdc634
bc8aeba36225c79718f5de73d79928fe817c5490
471f4e7ae29bcf6ba1f749c0f5d4ab446cebfac5aa80c3e19c6edf21be456eb5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "471F4E7AE29BCF6BA1F749C0F5D4AB446CEBFAC5AA80C3E19C6EDF21BE456EB5"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14876
Expires: Mon, 19 Dec 2022 00:50:54 GMT
Date: Sun, 18 Dec 2022 20:42:58 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4cbb89840b57466fcbc0b31305c9dc47
c2c08a7a243a3f7972e8068c448488cac6d2519f
5f871ffd142470f132fed1c93f5f1a7fe6a5ecc3b4311d3d47555fce1d9a35f1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5F871FFD142470F132FED1C93F5F1A7FE6A5ECC3B4311D3D47555FCE1D9A35F1"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12179
Expires: Mon, 19 Dec 2022 00:05:57 GMT
Date: Sun, 18 Dec 2022 20:42:58 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 18 Dec 2022 19:45:29 GMT
content-type: application/json
age: 3450
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bcade8542361774f13ecd22557ff8fb8
5e67a3753b0856c765f3b17f1742d3ed684ffb6d
647f8d9d3d1170e60a60e15fdfd9b59445feb56a6ce9d9bb2fa4720f0bfc3a14

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "647F8D9D3D1170E60A60E15FDFD9B59445FEB56A6CE9D9BB2FA4720F0BFC3A14"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19382
Expires: Mon, 19 Dec 2022 02:06:01 GMT
Date: Sun, 18 Dec 2022 20:42:59 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 4M7ADk3UjgMli+HrY0zoYw+ZRMl9/jsXXeIS34kLvIkhDiHqyvHcdaqOzY7WUbFaBt8lwWYFWv8=
x-amz-request-id: FRSR39BW2BZ00XB9
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 18 Dec 2022 20:28:40 GMT
age: 859
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 18 Dec 2022 20:42:59 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
d76d2476fe2565b2ff7c15b6bfed145a
f17e4ecd1038032345b490509931e0eefc6b7c1e
0d7ee2c708edb31817f60694a55e612f65803d8cb224e7f34c2d96d4cc39af18

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=150824
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 20:42:59 GMT
Etag: "639f257b-116"
Expires: Tue, 20 Dec 2022 14:36:43 GMT
Last-Modified: Sun, 18 Dec 2022 14:36:43 GMT
Server: nginx
Content-Length: 278

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
d76d2476fe2565b2ff7c15b6bfed145a
f17e4ecd1038032345b490509931e0eefc6b7c1e
0d7ee2c708edb31817f60694a55e612f65803d8cb224e7f34c2d96d4cc39af18

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=150824
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 20:42:59 GMT
Etag: "639f257b-116"
Expires: Tue, 20 Dec 2022 14:36:43 GMT
Last-Modified: Sun, 18 Dec 2022 14:36:43 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 278

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
906643ec3e5c2787bfbba6213dccffe0
533e18abc897c05d2bd32dea73d6a0a0464026c0
d820f24f617689c2d61f0bdf4a30f6fe54aca3d6c661a4d1a91577735fc1ca3e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1561
Cache-Control: max-age=123944
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 20:42:59 GMT
Etag: "639eb662-117"
Expires: Tue, 20 Dec 2022 07:08:43 GMT
Last-Modified: Sun, 18 Dec 2022 06:42:42 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 279

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
930f0320ed7bc9738f6d3d00639c7537
f9a1d6bea1bd4816546a03821888cd3dff122c73
1f59797edf40eaef89b0c2671766ecdcaf9e48ec2883f285b34d330f01823d19

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 20:42:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ce451de91b264de941654df7d24cdb01
4f0e2943b953aad66ef2785b74855e75cf0e82f3
7c44b258427d5dca78078cc3c770bac4a29b78c9764f33cc917b1aeadf9ad0f4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7C44B258427D5DCA78078CC3C770BAC4A29B78C9764F33CC917B1AEADF9AD0F4"
Last-Modified: Sat, 17 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18863
Expires: Mon, 19 Dec 2022 01:57:22 GMT
Date: Sun, 18 Dec 2022 20:42:59 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
930f0320ed7bc9738f6d3d00639c7537
f9a1d6bea1bd4816546a03821888cd3dff122c73
1f59797edf40eaef89b0c2671766ecdcaf9e48ec2883f285b34d330f01823d19

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 20:42:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

icalendar.datingtopgirls.com/icalendar.js

31.220.24.141

200 OK

1.8 kB

URL HTTP/1.1
icalendar.datingtopgirls.com/icalendar.js
IP
31.220.24.141:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text
Size
1.8 kB (1796 bytes)
Hash
d39f355915d9633385c213781d160c84
f22997c5f291268e4f7996b2664ad19c241fd31f
533ecbbbb80cdf2f49dc8333f2801b3ab1a508bacc1abedcde6872c622c0d92e

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /icalendar.js HTTP/1.1
Host: icalendar.datingtopgirls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://easy-lay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Sun, 18 Dec 2022 20:42:59 GMT
Content-Type: application/javascript
Last-Modified: Fri, 15 Apr 2022 08:51:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6259322b-173d"
Content-Encoding: gzip

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
0bc27cdcd6c42d7f8eece6c074bc452f
ff1234b58f7381f51f9082c1ef4894b1ac5700ff
672fc3b7ba7ee7a8b376c73a86a5bab00b1a1aead54c3ca64c0bff83d831348e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3601
Cache-Control: max-age=134633
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 20:42:59 GMT
Etag: "639ed82b-1d7"
Expires: Tue, 20 Dec 2022 10:06:52 GMT
Last-Modified: Sun, 18 Dec 2022 09:06:51 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Backoff, Content-Length, Pragma, Alert, Expires, Last-Modified, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 18 Dec 2022 20:08:00 GMT
age: 2099
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d62c4eea8ea4b9e5545fc952781c3b1d
47ca338b2d6be9d8a22c052d0838bce364463dce
75f6054477e9c699a1ee189cc77b20c5696ec306db93af0396a98b3b5b49bbc4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 20:42:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtm.js?id=GTM-T76Q9QX

142.250.74.168

200 OK

57 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-T76Q9QX
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2985)
Size
57 kB (57328 bytes)
Hash
06e38864cfa4a6b1a57658d008aede35
da9bff1eabc7ab53c5cfa174021b099bdabd12ae
87733fac020373b132c486df330e3a115baa1d9d61b4d931c8b242eefac257dd

HTTP Headers

GET /gtm.js?id=GTM-T76Q9QX HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://easy-lay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 18 Dec 2022 20:43:00 GMT
expires: Sun, 18 Dec 2022 20:43:00 GMT
cache-control: private, max-age=900
last-modified: Sun, 18 Dec 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 57328
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

push.services.mozilla.com/

52.39.94.191

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.39.94.191:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: c2OdzU66j3YboMEAtMtG1g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: BahYu+rTQS8CTq84kNJnlTpGcws=

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

4.1 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
4.1 kB (4073 bytes)
Hash
72474b0d464d95226592b283de024d3f
2ff1045439aa4dcd0aeb43fd0b329615542a1ebf
ba188440660db43e8020e1c53a7fd865da3f4e23757ccbb441b3bb57458ee828

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 20:43:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993

104.16.56.101

200 OK

6.2 kB

URL HTTP/2
static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
IP
104.16.56.101:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (17031), with no line terminators
Size
6.2 kB (6158 bytes)
Hash
dfd1fdd9197381188d9240427038f970
85135c355457345ea5c9d08ef12a7f872cdb363b
c6307b7ecc7e28db203c3ba4660652eaa799fc238bd8b810374c9f4cd162e549

HTTP Headers

GET /beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://easy-lay.com
Connection: keep-alive
Referer: https://easy-lay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 18 Dec 2022 20:42:59 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2022.10.1
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 77baba6a4dddb4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.googleoptimize.com/optimize.js?id=OPT-NN2R6FM

142.250.74.78

200 OK

46 kB

URL HTTP/2
www.googleoptimize.com/optimize.js?id=OPT-NN2R6FM
IP
142.250.74.78:0
ASN
#15169 GOOGLE

File type
MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size
46 kB (45593 bytes)
Hash
7c9a0cb656f81449f10478894bce531c
83bf74e9f324ef5d388d7ee2a511605087d408fb
1c2e9956177141c4ec5139d76d6781c63e558d54f925e2051ee6fb5eeef96f1a

HTTP Headers

GET /optimize.js?id=OPT-NN2R6FM HTTP/1.1
Host: www.googleoptimize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://easy-lay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 18 Dec 2022 20:43:00 GMT
expires: Sun, 18 Dec 2022 20:43:00 GMT
cache-control: private, max-age=900
last-modified: Sun, 18 Dec 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42934
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a208c9f2ba01a6b7934298eac8d0cf71
5d6c4d4e87e270c3b3d2d9830c6f3b7da6659fd0
bcace9bd7f04ac446f144f1a3182f239c8b52a946972a932901d007923d70ff7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BCACE9BD7F04AC446F144F1A3182F239C8B52A946972A932901D007923D70FF7"
Last-Modified: Sat, 17 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6422
Expires: Sun, 18 Dec 2022 22:30:02 GMT
Date: Sun, 18 Dec 2022 20:43:00 GMT
Connection: keep-alive

my.rtmark.net/p.js?f=sync&lr=1&partner=bea467c9e34e8272bd1bf9a4a452ac3653f0e23d224530e911cd838f39a107cc

139.45.195.8

200 OK

697 B

URL HTTP/2
my.rtmark.net/p.js?f=sync&lr=1&partner=bea467c9e34e8272bd1bf9a4a452ac3653f0e23d224530e911cd838f39a107cc
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
ASCII text
Size
697 B (697 bytes)
Hash
1ba2794f0f7dd2b29159959320fd42bd
8e73fa295266b44f59b5bc53cafb7febe3c85e39
3ae0c3406428498610c125ba13450e55a412406359bd6b2cf21bdf5f5be4486c

HTTP Headers

GET /p.js?f=sync&lr=1&partner=bea467c9e34e8272bd1bf9a4a452ac3653f0e23d224530e911cd838f39a107cc HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://easy-lay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 18 Dec 2022 20:43:00 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
191914ebec30716cefcf170857dacd31
9907d16f3060326bbcbf8f030e2400d81613c294
0c5bc6a46cb95b1c1313cc94c160f99ff1ffa07c94e603ad8d00f41151c908f5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0C5BC6A46CB95B1C1313CC94C160F99FF1FFA07C94E603AD8D00F41151C908F5"
Last-Modified: Sat, 17 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5972
Expires: Sun, 18 Dec 2022 22:22:32 GMT
Date: Sun, 18 Dec 2022 20:43:00 GMT
Connection: keep-alive

analitits.com/t/errors/v1?msg=ReferenceError%3A%20AppNotify%20is%20not%20defined&file=https%3A%2F%2Feasy-lay.com%2Fjs%2Fmain.js%3F82&line=232&col=11&stack=processPushState%40https%3A%2F%2Feasy-lay.com%2Fjs%2Fmain.js%3F82%3A232%3A11%0Ainit_p_func%40https%3A%2F%2Feasy-lay.com%2Fjs%2Fmain.js%3F82%3A863%3A9%0Ainit%40https%3A%2F%2Ficalendar.datingtopgirls.com%2Ficalendar.js%3A146%3A7%0A%40https%3A%2F%2Feasy-lay.com%2Fjs%2Fmain.js%3F82%3A868%3A21%0Al%40https%3A%2F%2Feasy-lay.com%2Ffav%2Fel%2Fjs%2Fjquery-3.3.1.min.js%3A1%3A29375%0ADeferred%2Fthen%2Fa%2F%3C%2Fc%3C%40https%3A%2F%2Feasy-lay.com%2Ffav%2Fel%2Fjs%2Fjquery-3.3.1.min.js%3A1%3A29677%0A

31.220.24.19

200 OK

0 B

URL HTTP/1.1
analitits.com/t/errors/v1?msg=ReferenceError%3A%20AppNotify%20is%20not%20defined&file=https%3A%2F%2Feasy-lay.com%2Fjs%2Fmain.js%3F82&line=232&col=11&stack=processPushState%40https%3A%2F%2Feasy-lay.com%2Fjs%2Fmain.js%3F82%3A232%3A11%0Ainit_p_func%40https%3A%2F%2Feasy-lay.com%2Fjs%2Fmain.js%3F82%3A863%3A9%0Ainit%40https%3A%2F%2Ficalendar.datingtopgirls.com%2Ficalendar.js%3A146%3A7%0A%40https%3A%2F%2Feasy-lay.com%2Fjs%2Fmain.js%3F82%3A868%3A21%0Al%40https%3A%2F%2Feasy-lay.com%2Ffav%2Fel%2Fjs%2Fjquery-3.3.1.min.js%3A1%3A29375%0ADeferred%2Fthen%2Fa%2F%3C%2Fc%3C%40https%3A%2F%2Feasy-lay.com%2Ffav%2Fel%2Fjs%2Fjquery-3.3.1.min.js%3A1%3A29677%0A
IP
31.220.24.19:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /t/errors/v1?msg=ReferenceError%3A%20AppNotify%20is%20not%20defined&file=https%3A%2F%2Feasy-lay.com%2Fjs%2Fmain.js%3F82&line=232&col=11&stack=processPushState%40https%3A%2F%2Feasy-lay.com%2Fjs%2Fmain.js%3F82%3A232%3A11%0Ainit_p_func%40https%3A%2F%2Feasy-lay.com%2Fjs%2Fmain.js%3F82%3A863%3A9%0Ainit%40https%3A%2F%2Ficalendar.datingtopgirls.com%2Ficalendar.js%3A146%3A7%0A%40https%3A%2F%2Feasy-lay.com%2Fjs%2Fmain.js%3F82%3A868%3A21%0Al%40https%3A%2F%2Feasy-lay.com%2Ffav%2Fel%2Fjs%2Fjquery-3.3.1.min.js%3A1%3A29375%0ADeferred%2Fthen%2Fa%2F%3C%2Fc%3C%40https%3A%2F%2Feasy-lay.com%2Ffav%2Fel%2Fjs%2Fjquery-3.3.1.min.js%3A1%3A29677%0A HTTP/1.1
Host: analitits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1
Origin: https://easy-lay.com
Connection: keep-alive
Referer: https://easy-lay.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Sun, 18 Dec 2022 20:43:00 GMT
Content-Type: application/octet-stream
Content-Length: 0
Connection: keep-alive

c.clarity.ms/c.gif

20.234.93.27

302 Found

0 B

URL HTTP/2
c.clarity.ms/c.gif
IP
20.234.93.27:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://easy-lay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=7CE08141EC2742F19388CE4133BFF078&RedC=c.clarity.ms&MXFR=264013A9E78A6B6F0D1701D7E38A65FE
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=264013A9E78A6B6F0D1701D7E38A65FE; domain=.clarity.ms; expires=Fri, 12-Jan-2024 20:43:01 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Sun, 18 Dec 2022 20:43:00 GMT
content-length: 0
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
7b18428df832332e2f89ca51203de4ba
8272451b056b54992cfa05e70c53adde8b744299
c9bdf42b2f8b0cf614cd4821bce48a719d284c836eb98959dce1802dea20e617

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 20:43:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Q7W6GLM2DR&cid=245236472.1671396181&gtm=2oebu0&aip=1&z=1118309515

142.250.74.163

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Q7W6GLM2DR&cid=245236472.1671396181&gtm=2oebu0&aip=1&z=1118309515
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Q7W6GLM2DR&cid=245236472.1671396181&gtm=2oebu0&aip=1&z=1118309515 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://easy-lay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 18 Dec 2022 20:43:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

c.bing.com/c.gif?CtsSyncId=7CE08141EC2742F19388CE4133BFF078&RedC=c.clarity.ms&MXFR=264013A9E78A6B6F0D1701D7E38A65FE

13.107.21.200

302 Found

0 B

URL HTTP/2
c.bing.com/c.gif?CtsSyncId=7CE08141EC2742F19388CE4133BFF078&RedC=c.clarity.ms&MXFR=264013A9E78A6B6F0D1701D7E38A65FE
IP
13.107.21.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c.gif?CtsSyncId=7CE08141EC2742F19388CE4133BFF078&RedC=c.clarity.ms&MXFR=264013A9E78A6B6F0D1701D7E38A65FE HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://easy-lay.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=7CE08141EC2742F19388CE4133BFF078&MUID=1A6AFD80C5EC6E743A55EFFEC4196F0E
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=1A6AFD80C5EC6E743A55EFFEC4196F0E; domain=c.bing.com; expires=Fri, 12-Jan-2024 20:43:01 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C6901B03EB894605BAE923F0C17B14E3 Ref B: OSL30EDGE0120 Ref C: 2022-12-18T20:43:01Z
date: Sun, 18 Dec 2022 20:43:01 GMT
content-length: 0
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

108.157.217.47

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
108.157.217.47:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
5fac0a94aa2159df528698c8bb50b180
d36e564d16990b83750857b3390514347590a42c
5a02914b9bec4891c413ab7cc325ca1b13cb38d30f3054e53fe3624e7bc4e3f0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=114679
Date: Sun, 18 Dec 2022 20:43:01 GMT
Etag: "639e7fb4-1d7"
Expires: Tue, 20 Dec 2022 04:34:20 GMT
Last-Modified: Sun, 18 Dec 2022 02:49:24 GMT
Server: ECS (bsa/EB22)
X-Cache: Miss from cloudfront
Via: 1.1 5e29eae3156522edc7886df59287259c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN56-P1
X-Amz-Cf-Id: q3OnRZgFfKB8NLW0I4STJ2iifFoNvEsB0DwAgyER2AhM4hm2f1uc3w==
Age: 6296

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
7b18428df832332e2f89ca51203de4ba
8272451b056b54992cfa05e70c53adde8b744299
c9bdf42b2f8b0cf614cd4821bce48a719d284c836eb98959dce1802dea20e617

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 20:43:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

c.clarity.ms/c.gif?CtsSyncId=7CE08141EC2742F19388CE4133BFF078&MUID=1A6AFD80C5EC6E743A55EFFEC4196F0E

20.234.93.27

200 OK

42 B

URL HTTP/2
c.clarity.ms/c.gif?CtsSyncId=7CE08141EC2742F19388CE4133BFF078&MUID=1A6AFD80C5EC6E743A55EFFEC4196F0E
IP
20.234.93.27:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

HTTP Headers

GET /c.gif?CtsSyncId=7CE08141EC2742F19388CE4133BFF078&MUID=1A6AFD80C5EC6E743A55EFFEC4196F0E HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://easy-lay.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Mon, 12 Dec 2022 18:28:34 GMT
accept-ranges: bytes
etag: "ea79178b57ed91:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Sun, 18-Dec-2022 20:53:01 GMT; path=/; SameSite=None; Secure;
date: Sun, 18 Dec 2022 20:43:00 GMT
content-length: 42
X-Firefox-Spdy: h2

my.rtmark.net/img.gif?f=sync&partner=bea467c9e34e8272bd1bf9a4a452ac3653f0e23d224530e911cd838f39a107cc&ttl=&rurl=https%3A%2F%2Feasy-lay.com%2Ftt%2F16

139.45.195.8

200 OK

43 B

URL HTTP/2
my.rtmark.net/img.gif?f=sync&partner=bea467c9e34e8272bd1bf9a4a452ac3653f0e23d224530e911cd838f39a107cc&ttl=&rurl=https%3A%2F%2Feasy-lay.com%2Ftt%2F16
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /img.gif?f=sync&partner=bea467c9e34e8272bd1bf9a4a452ac3653f0e23d224530e911cd838f39a107cc&ttl=&rurl=https%3A%2F%2Feasy-lay.com%2Ftt%2F16 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://easy-lay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 18 Dec 2022 20:43:01 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=9ac636835d4b4ed28a5b371959d60eca; expires=Mon, 18 Dec 2023 20:43:01 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

botd.fpapi.io/api/v1/detect?version=0.1.23

34.193.232.22

401 Unauthorized

69 B

URL HTTP/2
botd.fpapi.io/api/v1/detect?version=0.1.23
IP
34.193.232.22:0
ASN
#14618 AMAZON-AES

File type
data
Size
69 B (69 bytes)
Hash
32ba2944a9fb9f71e7edc24a56593f3d
52b5da6230916b04a19d6f712ef247513831038c
e2d1e1dce80588c0d6bd72d2ab94eb6ed4ea63771f52fc16d4ef2b96fef2dac9

HTTP Headers

POST /api/v1/detect?version=0.1.23 HTTP/1.1
Host: botd.fpapi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://easy-lay.com/
Content-Type: text/plain
Origin: https://easy-lay.com
Content-Length: 21926
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 401 Unauthorized
date: Sun, 18 Dec 2022 20:43:01 GMT
content-type: application/octet-stream
content-length: 69
server: nginx
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Origin, Content-Length, Accept-Encoding, Authorization, Auth-Subscriptions, Botd-Password
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://easy-lay.com
X-Firefox-Spdy: h2

b.clarity.ms/collect

20.75.32.255

204 No Content

0 B

URL HTTP/2
b.clarity.ms/collect
IP
20.75.32.255:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 676
Origin: https://easy-lay.com
Connection: keep-alive
Referer: https://easy-lay.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://easy-lay.com
access-control-allow-credentials: true
date: Sun, 18 Dec 2022 20:43:00 GMT
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
74619c8a7d32d46fc91cc86f793f107c
3f2b1390ef4f7cd385f513d57297fa482f7dd43c
6aa1fbfb532fc85b041684e259bbeecf53c7e7f711c8d414fc0775c4c1404457

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6AA1FBFB532FC85B041684E259BBEECF53C7E7F711C8D414FC0775C4C1404457"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4483
Expires: Sun, 18 Dec 2022 21:57:44 GMT
Date: Sun, 18 Dec 2022 20:43:01 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
74619c8a7d32d46fc91cc86f793f107c
3f2b1390ef4f7cd385f513d57297fa482f7dd43c
6aa1fbfb532fc85b041684e259bbeecf53c7e7f711c8d414fc0775c4c1404457

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6AA1FBFB532FC85B041684E259BBEECF53C7E7F711C8D414FC0775C4C1404457"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4483
Expires: Sun, 18 Dec 2022 21:57:44 GMT
Date: Sun, 18 Dec 2022 20:43:01 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
74619c8a7d32d46fc91cc86f793f107c
3f2b1390ef4f7cd385f513d57297fa482f7dd43c
6aa1fbfb532fc85b041684e259bbeecf53c7e7f711c8d414fc0775c4c1404457

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6AA1FBFB532FC85B041684E259BBEECF53C7E7F711C8D414FC0775C4C1404457"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4483
Expires: Sun, 18 Dec 2022 21:57:44 GMT
Date: Sun, 18 Dec 2022 20:43:01 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2ded193-0301-4ad3-a888-72c52212ad95.jpeg

34.120.237.76

200 OK

5.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2ded193-0301-4ad3-a888-72c52212ad95.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.2 kB (5185 bytes)
Hash
bfd0e913579b4ff2f511223d70cb01fb
497e0ffef816e100e6ddc221ec17d5f389c1142a
bee68ae1a938a5111a32dab4ec4f6964994e6c39143eac9ab94d6c5e29999372

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2ded193-0301-4ad3-a888-72c52212ad95.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5185
x-amzn-requestid: 3087af97-3f2d-4848-b297-eba8d84f10c5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dT10YHv8oAMF2sg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e3682-7527022d4bd9c15518fe75cc;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 21:37:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: KyEMrUTeuVTPJ3EIkrH1DLYqa4bHK7fe6dApTAFP4XY0G4airnflGA==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Dec 2022 21:37:06 GMT
age: 83155
etag: "497e0ffef816e100e6ddc221ec17d5f389c1142a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a667002-4518-4b30-baaa-3a4eab2bdc1d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
data
Size
8.8 kB (8756 bytes)
Hash
9509b8db858f4d20d0f648fe6988b598
7e5c63492bdce52cde4c70ba32a57cdb6da59bc7
796914632e03ac1eb5ec1e593e0bc29e01e9a5f024ac5be3a799d1eec729f74c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a667002-4518-4b30-baaa-3a4eab2bdc1d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8696
x-amzn-requestid: c897aeed-a082-46a1-965f-39e8c763cb05
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dT10ZH3jIAMF0gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e3682-548ac80840737a20743980f5;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 21:37:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Mh8c1Kzg1BLFGUDidUjQRpBZkvFjIvi8ubu1VVHCcZSbc50XfV2Wwg==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Dec 2022 17:10:53 GMT
age: 12728
etag: "ce644cd4349d88aa7c24b2503b0b18b444061639"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e098e9f-4d93-4282-beb5-b37a17658134.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10670 bytes)
Hash
12c4c2232b6d09e9085f0214b3260c1e
a24f8e949a2f2a973fe2dd5af994cd970d37f13a
000475ed7d0aab9a7dab3e25f0a29f82552739fea99f98cbf5131282d0db7d63

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e098e9f-4d93-4282-beb5-b37a17658134.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10670
x-amzn-requestid: d72e1904-caf4-4c72-a811-d1bde023f4b2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dT11JGCsIAMFRDg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e3687-7789040d71253d00378f9162;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 21:37:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 8qqSQbj22k16ApKTT8y5BQItInb8EjZuACdWcsW_FnMysvnDADbLxQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Dec 2022 21:37:11 GMT
age: 83150
etag: "a24f8e949a2f2a973fe2dd5af994cd970d37f13a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb6b04bcc-ed1e-40f8-81f9-587f3470d5fe.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.9 kB (9925 bytes)
Hash
578392bee48563d778885698790a124b
597892da925c3a363878e81ff02032a316303512
d30fe2470e1f63c5249fd42d7cd804bbf326cf9a703c61e31b5322ebdb26fca6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb6b04bcc-ed1e-40f8-81f9-587f3470d5fe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9925
x-amzn-requestid: 15eb2112-b947-458a-8544-51bac721773d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dT2k9HNjIAMFTTw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e37b9-7c5b94866d266af252f133b3;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 21:42:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vffD2KxBpOeR3uM-GHLzYmIlBCBR4K6R1ScupFeM7PQEsZSqHi_eZQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Dec 2022 21:54:10 GMT
age: 82131
etag: "597892da925c3a363878e81ff02032a316303512"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

41 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a0c4858-28d1-47b1-bfba-b4500f28eeae.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
data
Size
41 kB (41122 bytes)
Hash
d23f8b0080cd1bb50f9c9bfe065170e0
612c381871621a0934458d5f3a97626eaa100b2c
9c4afd8dcae19a8c8226de3bf41ff56694478df5d5edcdff4eaaa7aa245d68c6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a0c4858-28d1-47b1-bfba-b4500f28eeae.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9741
x-amzn-requestid: 5d9871d6-1512-4ffa-8b85-3c4c7595b723
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dEj3XGsxoAMFxIQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639819c8-7a65df352cc4e71e5aa518f8;Sampled=0
x-amzn-remapped-date: Tue, 13 Dec 2022 06:20:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _2xwG3Jz7sG9b8-JqXhu2knuIO_AyHIjOQ2luKB9Tk9NZnFNv8b8iQ==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Dec 2022 21:42:37 GMT
age: 82824
etag: "954bdd8d6b2f3d0ec086631ecf1bbd76c6507fe2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c81bdf4-0a78-472d-ba75-80092016f334.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12125 bytes)
Hash
ed374d0c34e8b2e15f08a6479a4f45e7
5db9e59699048998f0685e940640eae19ef11c8e
9933854830be796a87cfe44b6b8336294e2d3dbbe3205f267720aca6968c3a21

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c81bdf4-0a78-472d-ba75-80092016f334.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12125
x-amzn-requestid: e44faa15-1dfd-4bc0-bdfb-307c3de2755d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dT2QPFZAIAMFf5g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e3734-33d636210a1e24742ee71187;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 21:40:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: DmeWRYIlUMCR8Nds0-n0a9ju0ySR7ZuTAS82Lu8sZxPXQpBJkqzvww==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Dec 2022 21:52:21 GMT
age: 82240
etag: "5db9e59699048998f0685e940640eae19ef11c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-Q7W6GLM2DR&gtm=2oebu0&_p=1444243024&_gaz=1&cid=245236472.1671396181&ul=en-us&sr=1280x1024&_s=1&sid=1671396180&sct=1&seg=0&dl=https%3A%2F%2Feasy-lay.com%2Ftt%2F16&dt=EasyLay.com%20-%20search%20all%20best%20free%20online%20dating%20sites&en=page_view&_fv=1&_nsi=1&_ss=1&up.visitor_id=devg2i5ev9p3&up.member_id=&up.tour=16&up.user_status=GUEST&up.networkname=easy-lay

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-Q7W6GLM2DR&gtm=2oebu0&_p=1444243024&_gaz=1&cid=245236472.1671396181&ul=en-us&sr=1280x1024&_s=1&sid=1671396180&sct=1&seg=0&dl=https%3A%2F%2Feasy-lay.com%2Ftt%2F16&dt=EasyLay.com%20-%20search%20all%20best%20free%20online%20dating%20sites&en=page_view&_fv=1&_nsi=1&_ss=1&up.visitor_id=devg2i5ev9p3&up.member_id=&up.tour=16&up.user_status=GUEST&up.networkname=easy-lay
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-Q7W6GLM2DR&gtm=2oebu0&_p=1444243024&_gaz=1&cid=245236472.1671396181&ul=en-us&sr=1280x1024&_s=1&sid=1671396180&sct=1&seg=0&dl=https%3A%2F%2Feasy-lay.com%2Ftt%2F16&dt=EasyLay.com%20-%20search%20all%20best%20free%20online%20dating%20sites&en=page_view&_fv=1&_nsi=1&_ss=1&up.visitor_id=devg2i5ev9p3&up.member_id=&up.tour=16&up.user_status=GUEST&up.networkname=easy-lay HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://easy-lay.com
Connection: keep-alive
Referer: https://easy-lay.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://easy-lay.com
date: Sun, 18 Dec 2022 20:43:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c76e2d1033fe19d491bcdb4e24faaeeb
9b3da75ba4ebf950d17ee9178c64c46afc363047
20590ac857bae294c81ad22c37bb5ec0aca36ad35ae4aa4ece7a5e5ea47ded63

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 20:43:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/g/collect?v=2&tid=G-Q7W6GLM2DR&cid=245236472.1671396181&gtm=2oebu0&aip=1

209.85.233.154

204 No Content

0 B

URL HTTP/2
stats.g.doubleclick.net/g/collect?v=2&tid=G-Q7W6GLM2DR&cid=245236472.1671396181&gtm=2oebu0&aip=1
IP
209.85.233.154:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-Q7W6GLM2DR&cid=245236472.1671396181&gtm=2oebu0&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://easy-lay.com
Connection: keep-alive
Referer: https://easy-lay.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://easy-lay.com
date: Sun, 18 Dec 2022 20:43:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c76e2d1033fe19d491bcdb4e24faaeeb
9b3da75ba4ebf950d17ee9178c64c46afc363047
20590ac857bae294c81ad22c37bb5ec0aca36ad35ae4aa4ece7a5e5ea47ded63

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 20:43:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/icon?family=Material+Icons

142.250.74.74

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/icon?family=Material+Icons
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://easy-lay.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 18 Dec 2022 20:42:59 GMT
date: Sun, 18 Dec 2022 20:42:59 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.clarity.ms/tag/bvsqia2v2y?ref=gtm

13.107.213.53

200 OK

0 B

URL HTTP/2
www.clarity.ms/tag/bvsqia2v2y?ref=gtm
IP
13.107.213.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /tag/bvsqia2v2y?ref=gtm HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://easy-lay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=9af728f922514d179de15eb9d4e6778f.20221218.20231218; expires=Mon, 18 Dec 2023 20:43:00 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
x-cache: CONFIG_NOCACHE
x-azure-ref: 0VHufYwAAAAA26HFV4K8zRYz2GMm0HKpzU1ZHMjBFREdFMDYxMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Sun, 18 Dec 2022 20:43:00 GMT
X-Firefox-Spdy: h2

www.clarity.ms/eus2/s/0.7.1/clarity.js

13.107.213.53

200 OK

0 B

URL HTTP/2
www.clarity.ms/eus2/s/0.7.1/clarity.js
IP
13.107.213.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /eus2/s/0.7.1/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://easy-lay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=86400
content-type: application/javascript;charset=utf-8
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d91019fc767c9e"
server: Microsoft-IIS/10.0
x-cache: TCP_HIT
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-azure-ref-originshield: 0Pg6fYwAAAAC/rBkMe+SyTKhy6qZ9aXScQU1TMDRFREdFMTkxNwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-azure-ref: 0VHufYwAAAABC3LMjEQbBSZzEmLLIPH6JU1ZHMjBFREdFMDYxMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Sun, 18 Dec 2022 20:43:00 GMT
X-Firefox-Spdy: h2

easy-lay.com/tt/16?affiliate_id=15001&sub1=devg2i5ev9p3&sub2=422482&sub8=&sub7=42&source=248242&c1=arb|1062|

188.114.97.1

200 OK

0 B

URL HTTP/2
easy-lay.com/tt/16?affiliate_id=15001&sub1=devg2i5ev9p3&sub2=422482&sub8=&sub7=42&source=248242&c1=arb|1062|
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /tt/16?affiliate_id=15001&sub1=devg2i5ev9p3&sub2=422482&sub8=&sub7=42&source=248242&c1=arb|1062| HTTP/1.1
Host: easy-lay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Sun, 18 Dec 2022 20:42:59 GMT
content-type: text/html; charset=UTF-8
set-cookie: hashid=66691c805a2f94c38cf241df298b1785; expires=Mon, 18-Dec-2023 20:42:59 GMT; Max-Age=31536000; path=/
country=Norway; expires=Mon, 18-Dec-2023 20:42:59 GMT; Max-Age=31536000; path=/
region=Oslo+County; expires=Mon, 18-Dec-2023 20:42:59 GMT; Max-Age=31536000; path=/
country_code=no; expires=Mon, 18-Dec-2023 20:42:59 GMT; Max-Age=31536000; path=/
city=Oslo; expires=Mon, 18-Dec-2023 20:42:59 GMT; Max-Age=31536000; path=/
latitude=59.955; expires=Mon, 18-Dec-2023 20:42:59 GMT; Max-Age=31536000; path=/
longitude=10.859; expires=Mon, 18-Dec-2023 20:42:59 GMT; Max-Age=31536000; path=/
tour=16; expires=Wed, 17-Dec-2025 20:42:59 GMT; Max-Age=94608000; path=/
hashid=9da08f5f95a2913966e0d9d5970b9050; expires=Mon, 18-Dec-2023 20:42:59 GMT; Max-Age=31536000; path=/
sub1=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
sub1=devg2i5ev9p3; expires=Mon, 18-Dec-2023 20:42:59 GMT; Max-Age=31536000; path=/
sub2=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
sub2=422482; expires=Mon, 18-Dec-2023 20:42:59 GMT; Max-Age=31536000; path=/
sub3=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
sub4=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
sub5=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
sub6=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
sub7=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
sub7=42; expires=Mon, 18-Dec-2023 20:42:59 GMT; Max-Age=31536000; path=/
sub8=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
source=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
source=248242; expires=Mon, 18-Dec-2023 20:42:59 GMT; Max-Age=31536000; path=/
affiliate_id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
affiliate_id=15001; expires=Mon, 18-Dec-2023 20:42:59 GMT; Max-Age=31536000; path=/
cid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
mst=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
ot=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
st=1671396179; expires=Mon, 19-Dec-2022 20:42:59 GMT; Max-Age=86400; path=/
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u4ALqWoI24DRrNKOO8NsA%2FSBTa0rJGlMqKbQoncT9qdOXsquv4ZflD5fHx5BwKp3Jm8VZKjxC4o9tCPetl%2FUd4UfAoIW7COUftLUE8TCv3%2Fnm35mq4I5tv6bave1vNs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77baba685aea0b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (23)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations