Report - wbze.de/hv3?fbclid=IwAR2BgE-EgzzciUf3D8wC6t32PUIa1MUJ98VVxBpOc1CbSiH7nLJn4P3

Report Overview

Submitted URL
wbze.de/hv3?fbclid=IwAR2BgE-EgzzciUf3D8wC6t32PUIa1MUJ98VVxBpOc1CbSiH7nLJn4P3_gT8
IP
109.71.253.25
ASN
#44486 SYNLINQ
Submitted
2022-09-19 06:39:16
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
18

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
addresseepaper.com	18169	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	344 B	964 B	104.21.234.254
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.25
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	54.189.157.130
cdn.fluidplayer.com	33284	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	363 B	45 kB	205.185.216.42
simplewebanalysis.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	814 B	684 B	35.158.153.212
image.tmdb.org	17757	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	409 B	37 kB	54.230.111.103
rsms.me	102779	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	356 B	2.1 kB	172.67.223.193
s10.histats.com	15211	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	345 B	4.7 kB	46.105.201.240
adsflix.xyz	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	459 B	1.9 kB	172.67.199.178
wbze.de	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	896 B	1.1 kB	109.71.253.25
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.6 kB	11 kB	23.36.76.226
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ministryensuetribute.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	95 kB	192.243.61.227
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	652 B	1.5 kB	23.36.77.32
governessmagnituderecoil.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	438 B	467 B	192.243.59.13
refutationtiptoe.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	430 B	467 B	173.233.137.52
perryvolleyball.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	429 B	467 B	192.243.61.227
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.115
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	658 B	1.7 kB	93.184.220.29
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	676 B	14 kB	143.204.42.156
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.7 kB	69 kB	34.120.237.76
banquetunarmedgrater.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	981 B	173.233.137.36
s4.histats.com	12782	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	624 B	182 B	158.69.251.190
unseenreport.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	677 B	423 B	192.243.61.225

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-09-19	medium	ministryensuetribute.com	Sinkholed
2022-09-19	medium	ministryensuetribute.com	Sinkholed
2022-09-19	medium	ministryensuetribute.com	Sinkholed
2022-09-19	medium	refutationtiptoe.com	Sinkholed
2022-09-19	medium	perryvolleyball.com	Sinkholed
2022-09-19	medium	banquetunarmedgrater.com	Sinkholed
2022-09-19	medium	banquetunarmedgrater.com	Sinkholed
2022-09-19	medium	banquetunarmedgrater.com	Sinkholed
2022-09-18	medium	unseenreport.com	Sinkholed

JavaScript (15)

	URL	Size	First Seen	Last Seen
	ministryensuetribute.com/45/ee/94/45ee9430de5ecdb0ce1a5cfa75776176.js	59 kB	2023-03-07	2023-03-07
Pretty URL ministryensuetribute.com/45/ee/94/45ee9430de5ecdb0ce1a5cfa75776176.js IP 192.243.61.227 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:39:55 Last Seen2023-03-07 18:39:55 Times Seen1 Hash 94777e0fc260f36ed37b6483edd7ea65 27c3c60c772f95c7b4bb39aa26894678b74e6f2f 07abba5b0853707b00d8b2b625d125b8e14cc4541fd0acb14a1f145a252ba58a Loading...

	adsflix.xyz/id/tv/90957/mona-home-delivery	424 B	2023-03-07	2023-03-07
Pretty URL adsflix.xyz/id/tv/90957/mona-home-delivery IP 172.67.199.178 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:39:55 Last Seen2023-03-07 18:39:55 Times Seen1 Hash 7334e6ed6fdfe425efbc0323317868b3 40fe1a4651498dcd0fff0b36bbd081acd1617017 a41ad79e94182de0422c306ebb79d21d59c969aff7757661c4d98aba905b9090 Loading...

	ministryensuetribute.com/45/ee/94/45ee9430de5ecdb0ce1a5cfa75776176.js	59 kB	2023-03-07	2023-03-07
Pretty URL ministryensuetribute.com/45/ee/94/45ee9430de5ecdb0ce1a5cfa75776176.js IP 192.243.61.227 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:39:55 Last Seen2023-03-07 18:39:55 Times Seen1 Hash 9fd49239ec7ff5acae738a0e4b75b931 19ba88f3ed28e3c5e82aeecd53ef759dbce1ab07 8a9160c35f835c47c0477be256cb4f0952e8f56a451afc8f594374220cc253a0 Loading...

	adsflix.xyz/id/tv/90957/mona-home-delivery	23 B	2023-03-07	2023-03-07
Pretty URL adsflix.xyz/id/tv/90957/mona-home-delivery IP 172.67.199.178 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:39:55 Last Seen2023-03-07 18:39:55 Times Seen1 Hash 2db958f03c5ead4468ce5c67b07cbdbf 4c7078bcfb857f83b9f0cdbee58d529428fa2102 5c22914e8cf93f3f5f2c963a9670ce1899e192f0e35bcb99c5a847b550532eee Loading...

	banquetunarmedgrater.com/advertisers.js	0 B	2023-03-07	2024-04-19
Pretty URL banquetunarmedgrater.com/advertisers.js IP 173.233.137.36 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-19 16:16:05 Times Seen36963188 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	s4.histats.com/stats/0.php?4665787&@f16&@g1&@h1&@i1&@j1663569529705&@k0&@l1&@mTonton%20Mona%20Home%20Delivery%20Acara%20TV%20Gratis%20HD&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-151929748&@b3:1663569530&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fadsflix.xyz%2Fid%2Ftv%2F90957%2Fmona-home-delivery&@w	50 B	2023-03-07	2023-04-13
Pretty URL s4.histats.com/stats/0.php?4665787&@f16&@g1&@h1&@i1&@j1663569529705&@k0&@l1&@mTonton%20Mona%20Home%20Delivery%20Acara%20TV%20Gratis%20HD&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-151929748&@b3:1663569530&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fadsflix.xyz%2Fid%2Ftv%2F90957%2Fmona-home-delivery&@w IP 158.69.251.190 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:27:57 Last Seen2023-04-13 07:01:44 Times Seen4 Hash 260634a86e768c30e16d901b4682dcc1 e4262e5639daf297c616140ba22129e06e3b6555 7c0b191364c9914732e2238d2c7a6f548f8cf681c24ccaacb21fc87227132aaa Loading...

	adsflix.xyz/assets/js/jquery.min.js	90 kB	2023-03-07	2024-04-18
Pretty URL adsflix.xyz/assets/js/jquery.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:20 Last Seen2024-04-18 01:41:32 Times Seen4204 Hash 7c14a783dfeb3d238ccd3edd840d82ee ad886e472b3557f3dc7dfa2bc43468ab8d1cef5b 80f04717f32ea0320c5e8618fbacedd1fee3a8775ad8292140a6113551d4b5b0 Loading...

	adsflix.xyz/assets/js/owl.carousel.min.js	44 kB	2023-03-07	2024-04-19
Pretty URL adsflix.xyz/assets/js/owl.carousel.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:37 Last Seen2024-04-19 15:49:50 Times Seen19835 Hash f416f9031fef25ae25ba9756e3eb6978 e2a600e433df72b4cfde93d7880e3114917a3cbe a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d Loading...

	adsflix.xyz/assets/js/app.js	80 kB	2023-03-07	2023-03-07
Pretty URL adsflix.xyz/assets/js/app.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:39:55 Last Seen2023-03-07 18:39:55 Times Seen1 Hash bdd2aeacf3e928b9389a6c3d127c90b4 c1bd2b8a88399aeae78925f6e8e2f15b44e99ee9 b914e055c9f161b3005039b0d3b2022d19cf2bba1aa3dc29a07fa030f26f9f92 Loading...

	adsflix.xyz/id/tv/90957/mona-home-delivery	2.0 kB	2023-03-07	2023-03-12
Pretty URL adsflix.xyz/id/tv/90957/mona-home-delivery IP 172.67.199.178 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:39:55 Last Seen2023-03-12 19:30:45 Times Seen1 Hash 31d15aa4754a6eb85ad1e78c6bc57bb6 f9dfdccb29b9ae280870fb8da7872cfa97caa1fc 81989a9ed89ca29bbf30d73e1fb9bd11e03f38106dcfa0c1518c8f55bcdd5c3f Loading...

	adsflix.xyz/id/tv/90957/mona-home-delivery	778 B	2023-03-07	2023-03-07
Pretty URL adsflix.xyz/id/tv/90957/mona-home-delivery IP 172.67.199.178 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:39:55 Last Seen2023-03-07 18:39:55 Times Seen1 Hash 191a80913f98c76bf9ac985ca141bba9 6b5e2863f938b0292b4d4b14a385f0664873f149 c404d9ee55015a43756482c84997c1fa611feda7d55979f7f9116117ba3d7c4b Loading...

	adsflix.xyz/id/tv/90957/mona-home-delivery	1.6 kB	2023-03-07	2023-03-12
Pretty URL adsflix.xyz/id/tv/90957/mona-home-delivery IP 172.67.199.178 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:39:55 Last Seen2023-03-12 19:30:45 Times Seen1 Hash 0660c9eaa68309b13b9ca810e6094bb5 752c5ee84921eb6035f21deef9eac7e2c9ce3d8e ce8ab736fc36be9c8b47bc626bc5899a6a6ccfff32db7db7e48f8e4a872f0132 Loading...

	cdn.fluidplayer.com/3.0.0/fluidplayer.min.js	199 kB	2023-03-07	2024-02-24
Pretty URL cdn.fluidplayer.com/3.0.0/fluidplayer.min.js IP 205.185.216.42 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:26:55 Last Seen2024-02-24 17:17:24 Times Seen75 Hash 8f7ce87edc4e1fcd02c8d7d748e507b6 0e1f17814f9ffffc3874cfac0e8bd86e5ed2544c f26a41226bf665ec24fc01948fd86b4bbbafebca794ec317a59111b468e01c36 Loading...

	s10.histats.com/js15_as.js	11 kB	2023-03-07	2024-03-25
Pretty URL s10.histats.com/js15_as.js IP 46.105.201.240 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-03-25 09:24:29 Times Seen1978 Hash e959fbdd13def4b9a9d0a5fc9a7de4d4 1e39712307e3673b40c0bdb8c7d3e86a3e8b60a0 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede Loading...

	ministryensuetribute.com/45/ee/94/45ee9430de5ecdb0ce1a5cfa75776176.js	59 kB	2023-03-07	2023-03-07
Pretty URL ministryensuetribute.com/45/ee/94/45ee9430de5ecdb0ce1a5cfa75776176.js IP 192.243.61.227 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:39:55 Last Seen2023-03-07 18:39:55 Times Seen1 Hash 408403cdfaaa0f0d244b1cee97560ac6 0cdd01c22b9dae05b327e9f70c7ae33e4567f175 a508a1389d71f32e372db119f5cbf5dddfc3830251c280532bb1686612fa7927 Loading...

HTTP Transactions (50)

URL IP Response Size

wbze.de/hv3?fbclid=IwAR2BgE-EgzzciUf3D8wC6t32PUIa1MUJ98VVxBpOc1CbSiH7nLJn4P3_gT8

109.71.253.25

301 Moved Permanently

369 B

URL HTTP/1.1
wbze.de/hv3?fbclid=IwAR2BgE-EgzzciUf3D8wC6t32PUIa1MUJ98VVxBpOc1CbSiH7nLJn4P3_gT8
IP
109.71.253.25:0
ASN
#44486 SYNLINQ

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
369 B (369 bytes)
Hash
f622bed037465ed3674d78f37ff10650
4dbe47a25ab95176b0625a3e26d30173b3258449
98df7d9486323668ba4f32ea9fa91a12eab3851bbb57e87c8ea00c882c72e8c1

HTTP Headers

GET /hv3?fbclid=IwAR2BgE-EgzzciUf3D8wC6t32PUIa1MUJ98VVxBpOc1CbSiH7nLJn4P3_gT8 HTTP/1.1
Host: wbze.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Mon, 19 Sep 2022 06:39:04 GMT
Server: Apache/2.4.38 (Debian)
Location: https://wbze.de/hv3?fbclid=IwAR2BgE-EgzzciUf3D8wC6t32PUIa1MUJ98VVxBpOc1CbSiH7nLJn4P3_gT8
Content-Length: 369
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

firefox.settings.services.mozilla.com/v1/

143.204.55.115

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 19 Sep 2022 06:12:39 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: YpNvZZxGOwO_msLnAbi0tkmSFOkVgj98KnVtsg7oMRQ_0nideImDuQ==
Age: 1585

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
861cfa99de956423d917ed0ddbea4b9c
ad65dbc394b48b04a45c205f56af296c8d008db4
5c706b2718b1698995f4feb91223779aef4bf6dc967c31f9ef9a93873197d5f9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C706B2718B1698995F4FEB91223779AEF4BF6DC967C31F9EF9A93873197D5F9"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16148
Expires: Mon, 19 Sep 2022 11:08:12 GMT
Date: Mon, 19 Sep 2022 06:39:04 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.25

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.25:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 19 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: kKtVKcE0uQaWw_SP76dZxvQKmvggR5TD_ZAjE496hg_bMe-7oJCbjQ==
age: 7431
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
647534e935006517ebce9aa13214356b
f23af299d6b59383bc28441fdf1bcad5d216baa1
c2eee0aa572657b6275d960362e0df6bc8243e2aba80e919aedb135420186707

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2EEE0AA572657B6275D960362E0DF6BC8243E2ABA80E919AEDB135420186707"
Last-Modified: Sun, 18 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16314
Expires: Mon, 19 Sep 2022 11:10:59 GMT
Date: Mon, 19 Sep 2022 06:39:05 GMT
Connection: keep-alive

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 06:39:04 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

wbze.de/hv3?fbclid=IwAR2BgE-EgzzciUf3D8wC6t32PUIa1MUJ98VVxBpOc1CbSiH7nLJn4P3_gT8

109.71.253.25

302 Found

144 B

URL HTTP/1.1
wbze.de/hv3?fbclid=IwAR2BgE-EgzzciUf3D8wC6t32PUIa1MUJ98VVxBpOc1CbSiH7nLJn4P3_gT8
IP
109.71.253.25:0
ASN
#44486 SYNLINQ

File type
HTML document, ASCII text, with no line terminators
Size
144 B (144 bytes)
Hash
16b1c51009fc7b71ee490fa720abd88c
c1ba3e7fadd2be6c19623039609fd62ee6d068f2
e5b70b9a02df60d32ce4c9abad0b390a1b86e0a5e607eb98a0ef133252eba10c

HTTP Headers

GET /hv3?fbclid=IwAR2BgE-EgzzciUf3D8wC6t32PUIa1MUJ98VVxBpOc1CbSiH7nLJn4P3_gT8 HTTP/1.1
Host: wbze.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 302 Found
Date: Mon, 19 Sep 2022 06:39:05 GMT
Server: Apache/2.4.38 (Debian)
X-Powered-By: Express
Location: https://adsflix.xyz/id/tv/90957/mona-home-delivery
Vary: Accept
Content-Type: text/html; charset=utf-8
Content-Length: 144
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.115

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 19 Sep 2022 06:03:22 GMT
Cache-Control: max-age=3600
Expires: Mon, 19 Sep 2022 06:17:23 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: AvsiN6hP-2DlzMvRPfmMdoolR-217vUDvEjl4JXJatkVexK28O-40g==
Age: 2143

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
5fd1174f35b25298fc44a6de1af3f3d6
d45a47995ec34c7df480b3efafb13f55d9df7eb8
f60573eff255ef3d7603ca813f410c30588931b4018ffa0e07fa0bb2653c47af

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 650
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 06:39:05 GMT
Last-Modified: Mon, 19 Sep 2022 06:28:15 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

54.189.157.130

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.189.157.130:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: gm0FV5PlZvtkw9H6nrkFfw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: rcYsWoFzsIheo5KCV3SsB3XtZpU=

image.tmdb.org/t/p/w780/qNbLUYu3zPIFsLd9pUXCnJcfC44.jpg

54.230.111.103

200 OK

36 kB

URL HTTP/2
image.tmdb.org/t/p/w780/qNbLUYu3zPIFsLd9pUXCnJcfC44.jpg
IP
54.230.111.103:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 780x439, components 3\012- data
Size
36 kB (36093 bytes)
Hash
3386debee2e1d4cd107a121df8604a94
c9a733ba4eb178c11dfb8b035673de330edbdc17
f8d563eaf505ccedb8edc4861b6cb45bc939bfe37cf89081c07df2f90ed48bdd

HTTP Headers

GET /t/p/w780/qNbLUYu3zPIFsLd9pUXCnJcfC44.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsflix.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 36093
date: Thu, 08 Sep 2022 03:33:52 GMT
server: openresty
last-modified: Sun, 10 Jul 2022 12:12:35 GMT
cache-control: max-age=31449600
etag: "f3799e7571c2efbd469f5b26bd1b27f6"
expires: Thu, 07 Sep 2023 03:33:52 GMT
x-rack-cache: fresh
x-content-digest: c9a733ba4eb178c11dfb8b035673de330edbdc17
accept-ranges: bytes
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: JPUxfrYoiHKrTvwAPIIcup4kjohdduqNYk3qwVGhFfUFZrJEuuB2jQ==
age: 961514
X-Firefox-Spdy: h2

cdn.fluidplayer.com/3.0.0/fluidplayer.min.js

205.185.216.42

200 OK

44 kB

URL HTTP/1.1
cdn.fluidplayer.com/3.0.0/fluidplayer.min.js
IP
205.185.216.42:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (62950)
Size
44 kB (44191 bytes)
Hash
94c58ef4f72b2e1b451edf60d104f0bd
f8c8310f212c36d982d0c0ae0b353f47cea2e9b7
f4ca1e18ce47e6bfa9d91331c3df02a07c7cab1169eee5d6826fc9dcebfde43c

HTTP Headers

GET /3.0.0/fluidplayer.min.js HTTP/1.1
Host: cdn.fluidplayer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsflix.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Mon, 19 Sep 2022 06:39:06 GMT
Connection: Keep-Alive
ETag: "1589966034"
Cache-Control: max-age=48470
Content-Encoding: gzip
Content-Length: 44191
Content-Type: application/javascript
Last-Modified: Wed, 20 May 2020 09:13:54 GMT
Accept-Ranges: bytes
X-HW: 1663569546.dop024.sk1.t,1663569546.cds256.sk1.shn,1663569546.dop024.sk1.t,1663569546.cds022.sk1.c

ocsp.sca1b.amazontrust.com/

143.204.42.156

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.156:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
daec3ecb9766906099342e549b5f6194
5ccc4982754c0ee4f187d86fdfba98f8c1962f62
417bf68c200135d05328b68affe56a807b8aad3836283861992c92b13c3757f9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 06:39:06 GMT
Last-Modified: Mon, 19 Sep 2022 05:26:16 GMT
Server: ECS (nyb/1D20)
X-Cache: Miss from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: zsfh3kWbyPG8YYbnBlz2iVi3PfpzogdrbPebUy5yZ0BmQSVaUxVeog==
Age: 4371

r3.o.lencr.org/

23.36.76.226

200 OK

1.5 kB

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.5 kB (1507 bytes)
Hash
d44a08b53be998529c50b63d82312354
8e6669b3734faf77da43f8b356df7826dcc02a30
0e6ec17492fe3af8f8ac2afe7eb098afdd15ee2b6750d28f8d9bf791d0d16e37

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4082
Expires: Mon, 19 Sep 2022 07:47:09 GMT
Date: Mon, 19 Sep 2022 06:39:07 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

700 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
700 B (700 bytes)
Hash
35f7f0a2bc238c0d4344eb0572c16a9e
54b4c625d263d13bbe89c27fcf07456c1c6fbe63
61f5c444a0d4d04780c86ce82a6acea28d67828f018135c389fdcf99311d8a95

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 831
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 06:39:07 GMT
Last-Modified: Mon, 19 Sep 2022 06:25:16 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 278

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c4bd4cc-8de2-4b7d-a032-51bb3bb2b62b.jpeg

34.120.237.76

200 OK

5.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c4bd4cc-8de2-4b7d-a032-51bb3bb2b62b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.4 kB (5382 bytes)
Hash
675954666fb740ffa9ac63de5b6ec7a2
372d71d42ba1e17f23f581bd5bba446b642ff194
220d4ec963e30345d7a9ed4a8bc8e0d7583ea030ed56a55b8279c30e0be9b6d4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c4bd4cc-8de2-4b7d-a032-51bb3bb2b62b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5382
x-amzn-requestid: d6368fc6-4cdf-4220-bf14-47fddd766c53
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrN-nERgIAMF8rQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6327905d-59affa373e8b5be3522bacf3;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:40:45 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 2AbUBl3vtA-6U2GBeHGsqMDlP6fEYPLYjmxVLDZ3OvWNsN7j68kU_w==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:52:21 GMT
age: 31606
etag: "372d71d42ba1e17f23f581bd5bba446b642ff194"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10894 bytes)
Hash
d3e70b2859ca89b353682d03f6b46b93
ebd83f29edd95217dfa4f4c7a94eddf34dd58b14
43ad8f8b0a664bbec39e0410c1201498a2d2e36e5bd7d5ece8d65b15230ec50b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10894
x-amzn-requestid: f7aad96e-af80-4db7-8bc1-d1e09a9b37e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeJQGHhOIAMFYuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322559a-538534e91448af217c59ab3d;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 22:28:42 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: P7aZQzmAvqn2rcHJUQjHo0Dcg8dsrqseey5mNOabfq1b857M4SUMDQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 01:08:23 GMT
age: 19844
etag: "ebd83f29edd95217dfa4f4c7a94eddf34dd58b14"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F438ffa79-f423-4d90-8f37-4026c4546d1b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (13049 bytes)
Hash
04257e82bf07e6a862ce2d4bbdfc068f
7a462e8d05cd56531957436470a1814d982e282b
bbc0f0dd6244934098a0e8bfa34b8e07e8a424e309030c2f07d9e441b6f481ee

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F438ffa79-f423-4d90-8f37-4026c4546d1b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13049
x-amzn-requestid: 710bed7d-62c4-4b48-b16c-c94f1a15c1ad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YpLIkHlZoAMF2Ag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6326bf03-375d74b4344cb7db4036e2b2;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 06:47:31 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: AD7jWfvJngdXmqOJlo6HiLCUEZG_mgVFVaos0hwSPYpLVsGFBik37Q==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 11:10:34 GMT
age: 70113
etag: "7a462e8d05cd56531957436470a1814d982e282b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc97d270b-72af-4a6b-ae64-123f7b52851e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8735 bytes)
Hash
3d9fd171b51b27aa84e06e7d5a40116e
a81660dcace8f232018ce9a6d027b271d1f8a863
2c80ffd2c0c451c61623a677d1b17e8e58a40a0a7bdb5ef1cac2610bb0a7e0a8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc97d270b-72af-4a6b-ae64-123f7b52851e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8735
x-amzn-requestid: 8af37b3f-bacb-4f13-a539-0a8a1e2c7fe8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrN_VHdooAMF8cQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63279061-083f90a5264568d85ce86e5a;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:40:49 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: tPeWvkV7t7BSrnTA0G2Sf_KmuH5M4azBRhaeNuuaeiOW7zB4RhM_mw==
via: 1.1 42ef990e439ae115ff739f04e3945234.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:51:50 GMT
age: 31637
etag: "a81660dcace8f232018ce9a6d027b271d1f8a863"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad78a6f9-e73d-465c-b7fd-7c8b261e5825.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.9 kB (4878 bytes)
Hash
672ffe8377dcaf5bad2d7e4534441984
e1b634652b4112c30f80745059523cbfce09365a
a4b6bcfb246be2d02b5d04b49f9d8c13fef8661abc7d9f146d5cc9c766fc96f1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad78a6f9-e73d-465c-b7fd-7c8b261e5825.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4878
x-amzn-requestid: 2d39705a-e054-428a-a3c8-fc0b12e70724
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeH-EGvAoAMFZSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322538d-6ca748d854879c6b0d6194cd;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 22:19:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Qh4tZrSUApljhjyz5vgrbKiBdVSHyy8xjR4zBj4w_m283Fk2DtW57A==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 08:42:57 GMT
age: 78970
etag: "e1b634652b4112c30f80745059523cbfce09365a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24f3f8eb-09f7-4c60-864d-3ff96da7c86a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
data
Size
7.4 kB (7354 bytes)
Hash
1c0d4f41634fad80b9281957b5f65db5
cd14ae8436589e87a0e6e75889cbeb0714c1bc06
fe3723d8ed1ab78d6ceb07bb519d003c2113428e4b8d69282826cfa514308c1e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24f3f8eb-09f7-4c60-864d-3ff96da7c86a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6428
x-amzn-requestid: 7dd3072b-403a-4bb4-b8c4-58a6d7c254f7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YRmgCGJVIAMFk5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d5133-0756be8c75da02a857e36a2f;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 03:08:35 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: UPvPiYucU7q4x4t0X4tGF7XPXUy0D4F0gcXtWVx-MS-MOunPEWcVUA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:53:43 GMT
age: 31524
etag: "480182fd29c7edd369339847b85e4e2580cef0f6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

rsms.me/inter/inter.css

172.67.223.193

200 OK

1.1 kB

URL HTTP/2
rsms.me/inter/inter.css
IP
172.67.223.193:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
1.1 kB (1068 bytes)
Hash
35734291ddd4edbb1f889f131551a65a
ed2f7e3d8e8e1c1794723cb063b8ed03aa989b0f
c8af2bc3a0eac71c879adcbbbb6716a8291803b357e4dc2b3fa055698f015c13

HTTP Headers

GET /inter/inter.css HTTP/1.1
Host: rsms.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsflix.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 19 Sep 2022 06:39:07 GMT
content-type: text/css; charset=utf-8
x-origin-cache: HIT
last-modified: Sun, 18 Sep 2022 23:00:38 GMT
access-control-allow-origin: *
etag: W/"6327a316-1490"
expires: Sun, 18 Sep 2022 23:12:04 GMT
cache-control: max-age=14400
x-proxy-cache: HIT
x-github-request-id: ACEC:414F:F41A75:14B69B6:6327A39D
via: 1.1 varnish
age: 422
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1663542662.054704,VS0,VE2
vary: Accept-Encoding
x-fastly-request-id: b298cfd06988535de954ab307f8c8cc4c3681bb8
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DNvcd4G4wob3gsFTlMiM96JO2mxY4uf1azCzR0pK4uXiO8U0qriw10YRUulxlnggT%2BxEXA1b46%2BNpZauxCLdrYn7RWRZ8zbvq0DNyTiULZMAfInXiN9jLg5n"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74d052854ad6b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3dd797c27509a18a980bc0af2a3282af
3e79d5e3f12ce4b755f8393b568cc4a3ab8f79cc
eb398ac9df7399da75073c2035424cb628b746e948bf4de3aaa422abb47dfc85

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB398AC9DF7399DA75073C2035424CB628B746E948BF4DE3AAA422ABB47DFC85"
Last-Modified: Sun, 18 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19254
Expires: Mon, 19 Sep 2022 12:00:01 GMT
Date: Mon, 19 Sep 2022 06:39:07 GMT
Connection: keep-alive

ministryensuetribute.com/45/ee/94/45ee9430de5ecdb0ce1a5cfa75776176.js

192.243.61.227

200 OK

20 kB

URL HTTP/1.1
ministryensuetribute.com/45/ee/94/45ee9430de5ecdb0ce1a5cfa75776176.js
IP
192.243.61.227:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with very long lines (59414), with no line terminators
Size
20 kB (20323 bytes)
Hash
d6aa60efdff8aadad5ff9bec4d0b0091
059b32042a7182d48de0e343ce916bcf5d2fafba
288341385e6d9403e76d81f860a7bb2bb90994e95fd74b2c98ad0af766dd4eca

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /45/ee/94/45ee9430de5ecdb0ce1a5cfa75776176.js HTTP/1.1
Host: ministryensuetribute.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsflix.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 19 Sep 2022 06:39:07 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4a33ba3534bea237c6bbab2acf934c6c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

e1.o.lencr.org/

23.36.77.32

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
6c07385c50686aadb74ceb7b61dc0584
a3c65ae2e25cc51da72a503fccad276a0cfc1810
d647fdbbd4238a04d493edeca66a2b70568b003b578b7ef7f005d3b4200a6242

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "D647FDBBD4238A04D493EDECA66A2B70568B003B578B7EF7F005D3B4200A6242"
Last-Modified: Sun, 18 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21235
Expires: Mon, 19 Sep 2022 12:33:02 GMT
Date: Mon, 19 Sep 2022 06:39:07 GMT
Connection: keep-alive

ocsp.sca1b.amazontrust.com/

143.204.42.156

200 OK

12 kB

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.156:0
ASN
#16509 AMAZON-02

File type
data
Size
12 kB (12459 bytes)
Hash
af49fa797438bbbbc1afc36571c5680e
d4d287b7ff6717443acbf681dc553168857fa7bb
81309ed95f4bab525ea7580f1f0773f4e198efe33640024be367b9e0c56c8953

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 06:39:07 GMT
Last-Modified: Mon, 19 Sep 2022 04:58:24 GMT
Server: ECS (nyb/1D34)
X-Cache: Miss from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: RZJnFofEMWD0Zu4nylvWtzJWHyWfSSATlNBcAks1E6RtAOBHl5vCXA==
Age: 6044

ministryensuetribute.com/45/ee/94/45ee9430de5ecdb0ce1a5cfa75776176.js

192.243.61.227

200 OK

52 kB

URL HTTP/1.1
ministryensuetribute.com/45/ee/94/45ee9430de5ecdb0ce1a5cfa75776176.js
IP
192.243.61.227:0
ASN
#39572 DataWeb Global Group B.V.

File type
data
Size
52 kB (52271 bytes)
Hash
209f1fcbe6e87f1af69a8f503f7a65fb
a2ff2902cd268bb59ffb0434218a4e251e4c06d6
ef3e50413da803945ce4df68574090c9d7b13af2a337e43f9f7a8ce25f8c56b6

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /45/ee/94/45ee9430de5ecdb0ce1a5cfa75776176.js HTTP/1.1
Host: ministryensuetribute.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsflix.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 19 Sep 2022 06:39:07 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 50fb96322baaf13ed48d03dcb1ab9687
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

simplewebanalysis.com/stats

35.158.153.212

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
35.158.153.212:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
58afa0b53e3de20e7f4fb7bb3bec7533
26160bf9487ff65be2e6809e37822ad702183d95
70737461f62efffb1999ff19593978cfb392552ab0f24ecbd766ff4a14a27357

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://adsflix.xyz
Connection: keep-alive
Referer: https://adsflix.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 19 Sep 2022 06:39:07 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://adsflix.xyz
access-control-allow-credentials: true
set-cookie: uid_id2=b49b707e-1037-45d3-9be9-1ba94c041b77:1:1; expires=Thu, 16 Sep 2032 06:39:07 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6f62bad4f212b35d602ac03a202d0099
155d47397ee45dec8fa3da8e162947b9e6189ddb
6805e5e1d40cb8aeb488f0b3384959644b1d1a36652a66b0134e5f219a7cc2cc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6805E5E1D40CB8AEB488F0B3384959644B1D1A36652A66B0134E5F219A7CC2CC"
Last-Modified: Mon, 19 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9120
Expires: Mon, 19 Sep 2022 09:11:07 GMT
Date: Mon, 19 Sep 2022 06:39:07 GMT
Connection: keep-alive

simplewebanalysis.com/stats

35.158.153.212

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
35.158.153.212:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
58afa0b53e3de20e7f4fb7bb3bec7533
26160bf9487ff65be2e6809e37822ad702183d95
70737461f62efffb1999ff19593978cfb392552ab0f24ecbd766ff4a14a27357

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://adsflix.xyz
Connection: keep-alive
Referer: https://adsflix.xyz/
Cookie: uid_id2=b49b707e-1037-45d3-9be9-1ba94c041b77:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 06:39:07 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://adsflix.xyz
access-control-allow-credentials: true
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
6c07385c50686aadb74ceb7b61dc0584
a3c65ae2e25cc51da72a503fccad276a0cfc1810
d647fdbbd4238a04d493edeca66a2b70568b003b578b7ef7f005d3b4200a6242

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "D647FDBBD4238A04D493EDECA66A2B70568B003B578B7EF7F005D3B4200A6242"
Last-Modified: Sun, 18 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21235
Expires: Mon, 19 Sep 2022 12:33:02 GMT
Date: Mon, 19 Sep 2022 06:39:07 GMT
Connection: keep-alive

governessmagnituderecoil.com/pixel/purst?dl=0&th=0&sc=0&rs=2905&rd=2905&fd=878&bv=22.8.v.1&tmpl=70

192.243.59.13

200 OK

0 B

URL HTTP/1.1
governessmagnituderecoil.com/pixel/purst?dl=0&th=0&sc=0&rs=2905&rd=2905&fd=878&bv=22.8.v.1&tmpl=70
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=2905&rd=2905&fd=878&bv=22.8.v.1&tmpl=70 HTTP/1.1
Host: governessmagnituderecoil.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsflix.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 19 Sep 2022 06:39:07 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

ministryensuetribute.com/45/ee/94/45ee9430de5ecdb0ce1a5cfa75776176.js

192.243.61.227

200 OK

20 kB

URL HTTP/1.1
ministryensuetribute.com/45/ee/94/45ee9430de5ecdb0ce1a5cfa75776176.js
IP
192.243.61.227:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with very long lines (59390), with no line terminators
Size
20 kB (20318 bytes)
Hash
e497d763ad8c28e089dbadbdc7d1dd1d
889376319499d23bf96bd3583c70dca3633fe3da
6f7d0b87c5210ac4589fd4ed5aac3b6a69491fcf607c196d8581bb0667c18717

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /45/ee/94/45ee9430de5ecdb0ce1a5cfa75776176.js HTTP/1.1
Host: ministryensuetribute.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsflix.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 19 Sep 2022 06:39:07 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 279dbf49b523ef2e8cd405840fc84844
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
800468db07080b445e518dbd1440d97f
9a3a4e077111aab062843d7a8a1870e8ba8d5432
bcfc17d6ff1c8669a3bf17f1c1fce48da19e7b06a497a8d05f7431926fd1cff8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BCFC17D6FF1C8669A3BF17F1C1FCE48DA19E7B06A497A8D05F7431926FD1CFF8"
Last-Modified: Sat, 17 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14883
Expires: Mon, 19 Sep 2022 10:47:11 GMT
Date: Mon, 19 Sep 2022 06:39:08 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
35ba9e83960ea3b9595f95c4ef5af817
c3fb9c01ff6cc4a40debf45837ab9a7cbe396415
85859320096816356bcf190bc6fc9e6279440eb4cb399ac399da76d390240260

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "85859320096816356BCF190BC6FC9E6279440EB4CB399AC399DA76D390240260"
Last-Modified: Sat, 17 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10598
Expires: Mon, 19 Sep 2022 09:35:46 GMT
Date: Mon, 19 Sep 2022 06:39:08 GMT
Connection: keep-alive

refutationtiptoe.com/pixel/purst?dl=0&th=0&sc=0&rs=2905&rd=2905&fd=878&bv=22.8.v.1&tmpl=70

173.233.137.52

200 OK

0 B

URL HTTP/1.1
refutationtiptoe.com/pixel/purst?dl=0&th=0&sc=0&rs=2905&rd=2905&fd=878&bv=22.8.v.1&tmpl=70
IP
173.233.137.52:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=2905&rd=2905&fd=878&bv=22.8.v.1&tmpl=70 HTTP/1.1
Host: refutationtiptoe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsflix.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 19 Sep 2022 06:39:08 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

perryvolleyball.com/pixel/purst?dl=0&th=0&sc=0&rs=2905&rd=2905&fd=878&bv=22.8.v.1&tmpl=70

192.243.61.227

200 OK

0 B

URL HTTP/1.1
perryvolleyball.com/pixel/purst?dl=0&th=0&sc=0&rs=2905&rd=2905&fd=878&bv=22.8.v.1&tmpl=70
IP
192.243.61.227:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=2905&rd=2905&fd=878&bv=22.8.v.1&tmpl=70 HTTP/1.1
Host: perryvolleyball.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsflix.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 19 Sep 2022 06:39:08 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
35807817a6d98225bf3a1e6cb31a99cb
c7bec743e5a30c9c51974b4fc547eb5edc81b0e2
9bd30f184f40a16170e43afdc8d54ecc33ed2de20518a5543b1a9c37bbf97b28

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD30F184F40A16170E43AFDC8D54ECC33ED2DE20518A5543B1A9C37BBF97B28"
Last-Modified: Sun, 18 Sep 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2906
Expires: Mon, 19 Sep 2022 07:27:34 GMT
Date: Mon, 19 Sep 2022 06:39:08 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
35807817a6d98225bf3a1e6cb31a99cb
c7bec743e5a30c9c51974b4fc547eb5edc81b0e2
9bd30f184f40a16170e43afdc8d54ecc33ed2de20518a5543b1a9c37bbf97b28

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD30F184F40A16170E43AFDC8D54ECC33ED2DE20518A5543B1A9C37BBF97B28"
Last-Modified: Sun, 18 Sep 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2906
Expires: Mon, 19 Sep 2022 07:27:34 GMT
Date: Mon, 19 Sep 2022 06:39:08 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
18bc6d8114f7e8379159a54601b308b4
b52366f769a90a056925001e69f0f55257241b42
26dcb05c9fdb4839ffb0730d37af77b55207a6a27b444cd2912ad07f4c52544a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26DCB05C9FDB4839FFB0730D37AF77B55207A6A27B444CD2912AD07F4C52544A"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13455
Expires: Mon, 19 Sep 2022 10:23:23 GMT
Date: Mon, 19 Sep 2022 06:39:08 GMT
Connection: keep-alive

banquetunarmedgrater.com/advertisers.js

173.233.137.36

200 OK

0 B

URL HTTP/1.1
banquetunarmedgrater.com/advertisers.js
IP
173.233.137.36:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsflix.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 19 Sep 2022 06:39:08 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1ac2c17f89029c34263f86c28092c2c2
Strict-Transport-Security: max-age=0; includeSubdomains

s10.histats.com/js15_as.js

46.105.201.240

200 OK

4.4 kB

URL HTTP/2
s10.histats.com/js15_as.js
IP
46.105.201.240:0
ASN
#16276 OVH SAS

File type
HTML document, ASCII text, with very long lines (11440), with no line terminators
Size
4.4 kB (4364 bytes)
Hash
ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1

HTTP Headers

GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsflix.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 19 Sep 2022 06:38:45 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 499254066
content-type: text/javascript
content-encoding: br
x-cdn-pop: rbx1
x-cdn-pop-ip: 51.254.41.128/25
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2

banquetunarmedgrater.com/advertisers.js

173.233.137.36

200 OK

0 B

URL HTTP/1.1
banquetunarmedgrater.com/advertisers.js
IP
173.233.137.36:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsflix.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 19 Sep 2022 06:39:08 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 46526c8e8e71264bae99127880374cba
Strict-Transport-Security: max-age=0; includeSubdomains

banquetunarmedgrater.com/advertisers.js

173.233.137.36

200 OK

0 B

URL HTTP/1.1
banquetunarmedgrater.com/advertisers.js
IP
173.233.137.36:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsflix.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 19 Sep 2022 06:39:08 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b1bdabadc419050902120268654a879b
Strict-Transport-Security: max-age=0; includeSubdomains

s4.histats.com/stats/0.php?4665787&@f16&@g1&@h1&@i1&@j1663569529705&@k0&@l1&@mTonton%20Mona%20Home%20Delivery%20Acara%20TV%20Gratis%20HD&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-151929748&@b3:1663569530&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fadsflix.xyz%2Fid%2Ftv%2F90957%2Fmona-home-delivery&@w

158.69.251.190

200 OK

50 B

URL HTTP/1.1
s4.histats.com/stats/0.php?4665787&@f16&@g1&@h1&@i1&@j1663569529705&@k0&@l1&@mTonton%20Mona%20Home%20Delivery%20Acara%20TV%20Gratis%20HD&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-151929748&@b3:1663569530&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fadsflix.xyz%2Fid%2Ftv%2F90957%2Fmona-home-delivery&@w
IP
158.69.251.190:0
ASN
#16276 OVH SAS

File type
ASCII text, with no line terminators
Size
50 B (50 bytes)
Hash
260634a86e768c30e16d901b4682dcc1
e4262e5639daf297c616140ba22129e06e3b6555
7c0b191364c9914732e2238d2c7a6f548f8cf681c24ccaacb21fc87227132aaa

HTTP Headers

GET /stats/0.php?4665787&@f16&@g1&@h1&@i1&@j1663569529705&@k0&@l1&@mTonton%20Mona%20Home%20Delivery%20Acara%20TV%20Gratis%20HD&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-151929748&@b3:1663569530&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fadsflix.xyz%2Fid%2Ftv%2F90957%2Fmona-home-delivery&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsflix.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Mon, 19 Sep 2022 06:39:09 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 50
Connection: close

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a4071dd6fc65797cae7ab7404de4d25a
194d9d01ee408dbe1289b5d644e257e5f7480aae
eebb25d0f994ca71687c840dcc31dd88d5dba35cdedaf567ee8a370786100f8f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EEBB25D0F994CA71687C840DCC31DD88D5DBA35CDEDAF567EE8A370786100F8F"
Last-Modified: Sun, 18 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7673
Expires: Mon, 19 Sep 2022 08:47:02 GMT
Date: Mon, 19 Sep 2022 06:39:09 GMT
Connection: keep-alive

unseenreport.com/pxf.gif?uuid=b49b707e-1037-45d3-9be9-1ba94c041b77&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=45ee9430de5ecdb0ce1a5cfa75776176&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=6

192.243.61.225

200 OK

1 B

URL HTTP/1.1
unseenreport.com/pxf.gif?uuid=b49b707e-1037-45d3-9be9-1ba94c041b77&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=45ee9430de5ecdb0ce1a5cfa75776176&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=6
IP
192.243.61.225:0
ASN
#39572 DataWeb Global Group B.V.

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=b49b707e-1037-45d3-9be9-1ba94c041b77&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=45ee9430de5ecdb0ce1a5cfa75776176&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=6 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsflix.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 19 Sep 2022 06:39:09 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2988e9081ec09741b30f7c72d830b043
Strict-Transport-Security: max-age=0; includeSubdomains

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F928a31e7-ade8-4c58-8c67-53db1e3d019e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11712 bytes)
Hash
65ee14de38a7fcd768ede2f1915c74e4
85119aaf7195d59efc55e36d026bd026060195aa
62569b46e8af692f1d95d707ffdca24075ff6c68e68e13159ab7798b30a7755b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F928a31e7-ade8-4c58-8c67-53db1e3d019e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 11712
x-amzn-requestid: d4547112-6faa-472e-ade1-bbbda9c3bea4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrOSTFiXIAMFiLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632790db-151bae0c351a94a40c48bfbc;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:42:51 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: uRrPwbwQ6oBOYhMmxs6YquvIEBKaAC51d98J_5MWYkh-Q8Qg1LVdiw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:52:21 GMT
age: 31612
etag: "85119aaf7195d59efc55e36d026bd026060195aa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

addresseepaper.com/sfp.js

104.21.234.254

200 OK

0 B

URL HTTP/2
addresseepaper.com/sfp.js
IP
104.21.234.254:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsflix.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 19 Sep 2022 06:39:07 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 6f64159efd735ea31cdbae3dc9b84a9b
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Mon, 19 Sep 2022 06:39:07 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bqXtF%2BQAVnxuZ2cw8r7B0moaQSaSxuHyBFttAU%2FDYFdh4NI%2BjCf9NEQLFVNIhV8iAnfnkOuToOfSv1w3IUI9JeTaWAulk908sn6xS%2Fi%2FVZwMv7BiP0e3fGGfq%2Bc5mFDExfkB1Q8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d052886d28887f-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

adsflix.xyz/id/tv/90957/mona-home-delivery

172.67.199.178

200 OK

0 B

URL HTTP/2
adsflix.xyz/id/tv/90957/mona-home-delivery
IP
172.67.199.178:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /id/tv/90957/mona-home-delivery HTTP/1.1
Host: adsflix.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Mon, 19 Sep 2022 06:39:06 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
set-cookie: locale=eyJpdiI6ImVwR2FZeWZkZ015WVFWd1VrZVlJZUE9PSIsInZhbHVlIjoiWDNGRFZZSTJqQ2lQMXVkYVVPK3VXbDg4Ty9iUlFPNG5NcllXVUVHYmJOY3dCU3BuTUJQLzRKWXc1K04yK214VSIsIm1hYyI6IjBkZWQxM2MxNjk4NDFjYTRiNjU1M2E0OTRmNDA1Y2U0Y2RjYWUxNzY5OWNiZjRjYWNmMWM3NGNlMjZhZmJkOGYiLCJ0YWciOiIifQ%3D%3D; expires=Sat, 18-Sep-2027 06:39:06 GMT; Max-Age=157680000; path=/; httponly; samesite=lax
XSRF-TOKEN=eyJpdiI6ImdYNm5OTlBlanBpei9xNWc1K1FjSVE9PSIsInZhbHVlIjoiK3oxRjZEeG1sTmVva1EwSUdZbUg0NnQxUzdkR2dYNGxaL1lvZVNrWHBSalBDRU9Dbm1ZNjBxUm43WldrYktRYWdpRnRIV0xKTnJKYzhNNmFLSnc3dys3THY2SjNDbzVnMG8rcUpsUVZ4S3dRVE5JVmVNK3dHMlptSVkxeFBEWTIiLCJtYWMiOiJhNmRkZDA3NzdlZjNmNTU5ZDYyMGY3Zjc5MjQxNmQ4M2FhNWZjOTVlYjJjNjJhMjUwZjQ1ZWU1ODk5MjUzYjA2IiwidGFnIjoiIn0%3D; expires=Mon, 19-Sep-2022 08:39:06 GMT; Max-Age=7200; path=/; samesite=lax
movos_session=eyJpdiI6InZGRW5yN0gvNk5JdUFMQ2I5aThwSXc9PSIsInZhbHVlIjoiR2VTait4Q081cWs3V21qNzYwajkraERUSm8wT040cTBtbVd2VUxlcFd6Z1Y5MEVZSWlUdjVOOG96TlBiRHdpeGQyR0Q2bnY1SmNTSFMzOHBncktPamRRVVVuK3hDYVhvRlhXV2tiY3RUb0d1NzZseDZ1eHhwU1dVL3UzSm5wK0EiLCJtYWMiOiJlMTU0NzBkZGExNTlhN2QwYjY5YmE0MjFiNTY1ZmMwMjMyN2IyYmRjMzcxMDk2OTgxOTU1ZmFkNzQ0NTFkOTJmIiwidGFnIjoiIn0%3D; expires=Mon, 19-Sep-2022 08:39:06 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NZJx4h9B2joMpExNAMjjq%2BI7KUAVKDqb1ca%2FnuFhfhxUyZoZRCDfIIHC%2Fn43J5E5a33beonjsrinY5qNr2rMiz%2FuL%2FmuA70ykqMESNW2mtcz9WqAEbJ5ewkfKRzO2A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74d052795dab0b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations