| cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css | 104.17.24.14 | 200 OK | 10 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css IP104.17.24.14:443
Requested byhttps://driveseed.org/file/r817JoRznr CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (59158) Hashb227b1617a1763c8bc056772f05482b4 c508528feb9fd540454f838653cd4863b290df2e af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
GET /ajax/libs/font-awesome/5.15.1/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://driveseed.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 15:43:23 GMT
content-type: text/css; charset=utf-8
content-length: 10491
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5f7b5b5f-e7d0"
last-modified: Mon, 05 Oct 2020 17:43:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 339397
expires: Thu, 24 Apr 2025 15:43:23 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eYmIllByAdgtoU4VAa3y%2FjNPTXk%2B973AmFp%2FVbE1uxW0BaFLIMcQiPLW78yGrz7ubxs22grp7T9OO5tj2GLTy2D8hksyU5h%2Bv4glMDAA1PUjb4t9Oi2%2Fb9cy%2BDVcb7NSYLA6Ljzl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87e99b299c025693-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback | 104.17.2.184 | 302 Found | 0 B |
URL GET HTTP/2challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback IP104.17.2.184:443
Requested byhttps://driveseed.org/file/r817JoRznr CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://driveseed.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Sat, 04 May 2024 15:43:23 GMT
content-length: 0
cache-control: max-age=300, public
access-control-allow-origin: *
location: /turnstile/v0/g/d0ff3ebede6b/api.js
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e99b29b9cab503-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-regular-400.woff2 | 104.17.24.14 | 200 OK | 14 kB |
URL GET HTTP/3cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-regular-400.woff2 IP104.17.24.14:443
Requested byhttps://driveseed.org/file/r817JoRznr CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 13548, version 331.-31392 Hash4a74738e7728e93c4394b8604081da62 fb9648469530a05fa9aac80e47d4d6960472a242 ce20ed8a323117c8a718ff1ddc6dabb997373b575a8e896f2bf02b846c082c9d
GET /ajax/libs/font-awesome/5.15.1/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://driveseed.org
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 15:43:23 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 13548
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5f7b5b5f-34ec"
last-modified: Mon, 05 Oct 2020 17:43:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 334322
expires: Thu, 24 Apr 2025 15:43:23 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AS8oSQLZuaq4j8%2BJFFYqAT7rhL3KpxV7PlmgHym52jNgohalFjbgiKtnd4g%2Fy482un2xk%2FCznIRofS0cnN7bbU%2FCDFsIUBS8PD%2BYHrtxnP4hWbvhLUiDB46nw%2FkCwBqF5Gq6kzoC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87e99b2b3efeb505-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-solid-900.woff2 | 104.17.24.14 | 200 OK | 80 kB |
URL GET HTTP/3cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-solid-900.woff2 IP104.17.24.14:443
Requested byhttps://driveseed.org/file/r817JoRznr CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 80300, version 331.-31392 Hash8e1ed89b6ccb8ce41faf5cb672677105 9b592048b9062b00f0b2dd782d70a95b7dc69b83 6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
GET /ajax/libs/font-awesome/5.15.1/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://driveseed.org
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 15:43:23 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 80300
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5f7b5b5f-139ac"
last-modified: Mon, 05 Oct 2020 17:43:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 241500
expires: Thu, 24 Apr 2025 15:43:23 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p0UlvCSU8yLS7kjPm3HAUde%2FLmmKOiFScS2QHitEmJbR3mSP%2F6bWI8t6sO5gJYphoSk9Bba%2FtHUwYf85cSN%2FvBRi9n54GxcgA%2FE7UAeJs7W9k6yDujb5DPnby7wE3ib1Y9LWoS8O"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87e99b2b3f00b505-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.googletagmanager.com/gtag/js?id=G-X7YH5Q7J95 | 142.250.74.168 | 200 OK | 100 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-X7YH5Q7J95 IP142.250.74.168:443
Requested byhttps://driveseed.org/file/r817JoRznr CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Size100 kB (100158 bytes) Hash346fed83092e6b80fced6ac0c5a2706c d5d42e57998c39a373fe6413ed43bdff200f9b23 30219f687eac71341894c45e86b8aa1e989f78fb625d58cd18025b641fde23d3
GET /gtag/js?id=G-X7YH5Q7J95 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://driveseed.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 May 2024 15:43:23 GMT
expires: Sat, 04 May 2024 15:43:23 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 100158
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| dialoguemarvellouswound.com/4c/be/72/4cbe72587f6e9ca9ffb0658725161a01.js | 172.240.108.76 | 200 OK | 31 kB |
URL GET HTTP/1.1dialoguemarvellouswound.com/4c/be/72/4cbe72587f6e9ca9ffb0658725161a01.js IP172.240.108.76:443
Requested byhttps://driveseed.org/file/r817JoRznr CertificateIssuerLet's Encrypt Subjectdialoguemarvellouswound.com FingerprintDB:84:09:79:90:27:28:06:AF:13:AB:79:8B:F5:21:F7:7C:56:91:83 ValidityTue, 09 Apr 2024 06:27:18 GMT - Mon, 08 Jul 2024 06:27:17 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hashcf95a1213c2b3073c1c9386218d20a9a d285fe5b17cb0b8f1f0fe1ebc3445862d60103ea 612053272b02d7c903597e18fffabf2181d2bd12d4de1bd41a67aaedc5605b68
GET /4c/be/72/4cbe72587f6e9ca9ffb0658725161a01.js HTTP/1.1
Host: dialoguemarvellouswound.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://driveseed.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 15:43:23 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: dd6a8e753ba9c82fde7b856cd4a1c290
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| proftrafficcounter.com/stats | 52.29.105.35 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP52.29.105.35:443
Requested byhttps://driveseed.org/file/r817JoRznr CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash312b10c476de1a8f83e2f24f3406291c 439d20736dee5db9df87dd51b9ff1f81584a8b72 ff3f3b1c3c92273fd7143bfd3b2856044b600dc2fcc222cdf260d5d4e9f22594
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://driveseed.org
DNT: 1
Connection: keep-alive
Referer: https://driveseed.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 15:43:24 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://driveseed.org
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=bbce5349-014d-479f-b973-dfbabd0c4683:1:1; expires=Tue, 02 May 2034 15:43:24 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-brands-400.woff2 | 104.17.24.14 | 200 OK | 78 kB |
URL GET HTTP/3cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-brands-400.woff2 IP104.17.24.14:443
Requested byhttps://driveseed.org/file/r817JoRznr CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 78460, version 331.-31392 Hashf075c50f89795e4cdb4d45b51f1a6800 f726c4275bb494a045fde059175f072de06c01df 71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba
GET /ajax/libs/font-awesome/5.15.1/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://driveseed.org
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 15:43:24 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 78460
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5f7b5b5f-1327c"
last-modified: Mon, 05 Oct 2020 17:43:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 334323
expires: Thu, 24 Apr 2025 15:43:24 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EoyU8cZAzfAxZpSa7OdN2BdjlKEAWWV8yvKnWu%2F45h%2F6O43TgF6C%2FvjKNM0l%2FMLLK%2FfmJJTrZLHwTCOvuKScQPmgy4fgEo89g5TfJ1alKZ0juC09OA16J3FYGKHQ2oWMqI3QG501"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87e99b303ddcb505-OSL
alt-svc: h3=":443"; ma=86400
|
|
| push-sdk.com/f/sdk.js?z=972674 | 23.88.8.125 | 200 OK | 15 kB |
URL GET HTTP/2push-sdk.com/f/sdk.js?z=972674 IP23.88.8.125:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://driveseed.org/file/r817JoRznr CertificateIssuerLet's Encrypt Subjectpush-sdk.com FingerprintDB:4D:3B:77:64:B4:DD:5C:20:07:53:34:81:42:A0:E7:99:CE:E7:EC ValiditySun, 14 Apr 2024 03:34:47 GMT - Sat, 13 Jul 2024 03:34:46 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (53344), with no line terminators Hashf25dc1587ebc5a30e3ba48b7b40f7b42 f5729d7b87661e4a0eb540163437b888739a3887 00cc1d6f8359763349a09d2c5b32b6d1de9b0642a6838c22ee34e9b329447da5
GET /f/sdk.js?z=972674 HTTP/1.1
Host: push-sdk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://driveseed.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Angie
date: Sat, 04 May 2024 15:43:24 GMT
content-type: application/javascript; charset=utf-8
content-length: 14884
content-encoding: gzip
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|
| push-sdk.com/event?z=972674 | 23.88.8.125 | 200 OK | 0 B |
URL POST HTTP/2push-sdk.com/event?z=972674 IP23.88.8.125:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://driveseed.org/file/r817JoRznr CertificateIssuerLet's Encrypt Subjectpush-sdk.com FingerprintDB:4D:3B:77:64:B4:DD:5C:20:07:53:34:81:42:A0:E7:99:CE:E7:EC ValiditySun, 14 Apr 2024 03:34:47 GMT - Sat, 13 Jul 2024 03:34:46 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /event?z=972674 HTTP/1.1
Host: push-sdk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 82
Origin: https://driveseed.org
DNT: 1
Connection: keep-alive
Referer: https://driveseed.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Angie
date: Sat, 04 May 2024 15:43:24 GMT
content-length: 0
access-control-allow-origin: https://driveseed.org
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token
access-control-expose-headers: Authorization
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
pragma: no-cache
expires: Tue, 11 Jan 1994 00:00:00 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
X-Firefox-Spdy: h2
|
|
| rankonefoldonefold.com/pixel/purst?dl=0&th=0&sc=0&rs=1596&rd=1596&fd=965&bv=24.5.6485&tmpl=70 | 172.240.108.76 | 200 OK | 0 B |
URL GET HTTP/1.1rankonefoldonefold.com/pixel/purst?dl=0&th=0&sc=0&rs=1596&rd=1596&fd=965&bv=24.5.6485&tmpl=70 IP172.240.108.76:443
Requested byhttps://driveseed.org/file/r817JoRznr CertificateIssuerLet's Encrypt Subjectrankonefoldonefold.com Fingerprint67:10:15:7B:C3:5D:D8:61:74:11:87:7E:20:DC:94:C4:34:E6:4F:95 ValidityMon, 29 Apr 2024 12:50:12 GMT - Sun, 28 Jul 2024 12:50:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/purst?dl=0&th=0&sc=0&rs=1596&rd=1596&fd=965&bv=24.5.6485&tmpl=70 HTTP/1.1
Host: rankonefoldonefold.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://driveseed.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 15:43:24 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| rankonefoldonefold.com/01/d4/69/01d469142f198ed5932aff8b9bb4d31c.js | 172.240.108.76 | 200 OK | 16 kB |
URL GET HTTP/1.1rankonefoldonefold.com/01/d4/69/01d469142f198ed5932aff8b9bb4d31c.js IP172.240.108.76:443
Requested byhttps://driveseed.org/file/r817JoRznr CertificateIssuerLet's Encrypt Subjectrankonefoldonefold.com Fingerprint67:10:15:7B:C3:5D:D8:61:74:11:87:7E:20:DC:94:C4:34:E6:4F:95 ValidityMon, 29 Apr 2024 12:50:12 GMT - Sun, 28 Jul 2024 12:50:11 GMT
File typeJavaScript source, ASCII text, with very long lines (45366), with no line terminators Hashc314a78944d7e2c286bb63637d6fae1b e3ecf4637b621fb25858eaeee9195005b309080f 4ef5b4983d2513223a67e905d2127090ed42789230230ae5044681725ac8bf14
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /01/d4/69/01d469142f198ed5932aff8b9bb4d31c.js HTTP/1.1
Host: rankonefoldonefold.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://driveseed.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 15:43:24 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_CF-3448=1; expires=Tue, 07 May 2024 18:43:24 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 181b91945b6ac4dd12c0040168f2d002
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| capaciousdrewreligion.com/advertisers.js | 172.240.127.234 | 200 OK | 0 B |
URL GET HTTP/1.1capaciousdrewreligion.com/advertisers.js IP172.240.127.234:443
Requested byhttps://driveseed.org/file/r817JoRznr CertificateIssuerLet's Encrypt Subjectcapaciousdrewreligion.com Fingerprint53:B6:ED:C6:B5:B6:60:3E:6D:02:5A:92:2E:C3:12:74:64:A1:23:DC ValidityWed, 06 Mar 2024 11:57:32 GMT - Tue, 04 Jun 2024 11:57:31 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /advertisers.js HTTP/1.1
Host: capaciousdrewreligion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://driveseed.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 15:43:24 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b96c7ddffc2634f8b2d8d3bce56740b8
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| driveseed.org/content/images/unverified.png | 104.21.70.18 | 200 OK | 5.2 kB |
URL GET HTTP/3driveseed.org/content/images/unverified.png IP104.21.70.18:443
Requested byhttps://driveseed.org/file/r817JoRznr CertificateIssuerGoogle Trust Services LLC Subjectdriveseed.org FingerprintBA:FA:6A:7F:6D:B4:89:DB:FC:E6:A4:15:63:E0:0C:A5:4B:1A:CB:A2 ValidityTue, 09 Apr 2024 18:49:06 GMT - Mon, 08 Jul 2024 18:49:05 GMT
File typePNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced Hash0125f6d789267b830afafd80740766ac 447f55d7084d616934e11b466d594f2be44ce061 8f9ea4854a64df608a33a9289f598a2c321f44aa04a7909739c629842a3e8683
GET /content/images/unverified.png HTTP/1.1
Host: driveseed.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://driveseed.org/file/r817JoRznr
Cookie: PHPSESSID=748595365bd11844bbe6f7055711c5d3; dom3ic8zudi28v8lr6fgphwffqoz0j6c=bbce5349-014d-479f-b973-dfbabd0c4683%3A1%3A1; _ga_X7YH5Q7J95=GS1.1.1714837404.1.0.1714837404.0.0.0; _ga=GA1.1.77330584.1714837404; pp_main_4cbe72587f6e9ca9ffb0658725161a01=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 15:43:24 GMT
content-type: image/png
content-length: 5163
cache-control: public, max-age=604800
expires: Tue, 07 May 2024 16:18:09 GMT
last-modified: Tue, 20 Dec 2022 13:15:07 GMT
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 343515
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gRAsJgcGwFhWT5fyCFmdyJtF4ELJK8P6CUGtGy9NmwyUjhAsgmyjqRrDmHLo4IKgw2CMg%2BtavaqT%2FNtnRjaLsbfVjQla5PqKxPa16XU%2BSMfArRUC0T7RKqounWZSdMhP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e99b34acbc0b41-OSL
|
|
| unseenreport.com/pxf.gif?uuid=bbce5349-014d-479f-b973-dfbabd0c4683&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=4cbe72587f6e9ca9ffb0658725161a01&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=15 | 192.243.59.12 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=bbce5349-014d-479f-b973-dfbabd0c4683&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=4cbe72587f6e9ca9ffb0658725161a01&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=15 IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://driveseed.org/file/r817JoRznr CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=bbce5349-014d-479f-b973-dfbabd0c4683&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=4cbe72587f6e9ca9ffb0658725161a01&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=15 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://driveseed.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 15:43:25 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 862fea5c10e07f2dedf7b3c9cb427e57
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| unseenreport.com/pxf.gif?uuid=bbce5349-014d-479f-b973-dfbabd0c4683&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=01d469142f198ed5932aff8b9bb4d31c&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=15 | 192.243.59.12 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=bbce5349-014d-479f-b973-dfbabd0c4683&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=01d469142f198ed5932aff8b9bb4d31c&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=15 IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://driveseed.org/file/r817JoRznr CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=bbce5349-014d-479f-b973-dfbabd0c4683&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=01d469142f198ed5932aff8b9bb4d31c&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=15 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://driveseed.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 15:43:25 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 94a80927e9e592ec446e75432a50896f
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| threeinvincible.com/sbar.json?key=01d469142f198ed5932aff8b9bb4d31c&psid=CF-3448_1&uuid=bbce5349-014d-479f-b973-dfbabd0c4683%3A1%3A1 | 192.243.61.227 | 200 OK | 7.4 kB |
URL GET HTTP/1.1threeinvincible.com/sbar.json?key=01d469142f198ed5932aff8b9bb4d31c&psid=CF-3448_1&uuid=bbce5349-014d-479f-b973-dfbabd0c4683%3A1%3A1 IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://driveseed.org/file/r817JoRznr CertificateIssuerLet's Encrypt Subjectthreeinvincible.com Fingerprint80:A7:5B:F8:68:36:7B:02:02:07:18:D1:59:E5:E8:BF:94:77:25:84 ValidityTue, 30 Apr 2024 15:27:42 GMT - Mon, 29 Jul 2024 15:27:41 GMT
Hash51e321e59d4fae7143f24bf592d06f5c 0f87764ce5d9e72691084b671fbcb08bed611e30 2ef729f3658f6d06a4d232351d1f58ef9d1be3c8d100dfa1e2171221e1063fa5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /sbar.json?key=01d469142f198ed5932aff8b9bb4d31c&psid=CF-3448_1&uuid=bbce5349-014d-479f-b973-dfbabd0c4683%3A1%3A1 HTTP/1.1
Host: threeinvincible.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://driveseed.org
DNT: 1
Connection: keep-alive
Referer: https://driveseed.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 15:43:30 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://driveseed.org
Access-Control-Allow-Origin: https://driveseed.org
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=18886252; expires=Sun, 05 May 2024 15:43:30 GMT; secure; SameSite=None
uid_id2=bbce5349-014d-479f-b973-dfbabd0c4683:1:1; expires=Sat, 11 May 2024 15:43:30 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 05 May 2024 15:43:30 GMT; secure; SameSite=None
uncs=1; expires=Sun, 05 May 2024 15:43:30 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sun, 05 May 2024 15:43:30 GMT; secure; SameSite=None
uncs29=1; expires=Sun, 05 May 2024 15:43:30 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 566952218b238713433dceace0efc7d6
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| threeinvincible.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQYscRRSu3uxNEJTcQmAOHiK4s93TvT3T5hDcrCuLazYkkXgLVV3Vs%2BVWdzVV3dOzc1oMSI6Dv6D3m90s0SjJVTDIbMDDgpARD3twL%2F4DlZxlxsHRB1Xvvfpewfe%2B9748LC9ICyU93%2FhED6RSdHWt6TaufeZ51xvbMiv7jX4nfBAG1xum934UNt13Gx%2BJeE%2BvtlzPdT3Xa2xKIxLdX52CkPnTyGtGbjNoNb21AH3z%2F9yWDix1wHsX5G1IPll%2B6VyGjMfI0mcbwu4VOn%2Fvw7RUtNAGPX7yabaX6SpDuggT4yDJTubV0PbV5gvo7HhGF7r3byGTE%2BL89AIsO5mTBOsdzXgyBZGB8TdQ9cYQagxJx4j1Q0j%2BigAxx60dZOnjW9pUdP8flE7RCVl%2B%2FSdkNSHLv11Gln63rmS%2FcVerspA6s%2BgnNWR%2FDNkdIy9PUQyWIKtTxMUXkPxnsvp6G1l6tGOVhuTn7zAWizU%2FiFZcL%2BArQTtKVljU9ld4wijjbhyEHX8mkJRjyGQMJYag1kE5PdJBmTgocwcpP2%2FEnue1XR5TtxPFsc%2FbgoXc9Wg78ajnhh2U8bSHIYp8iFgNEZsD5OYAe3IIU%2F4Iu1vDcge2IOjxGpUgqCxBRQkqSVAVBFWvPubKtmz9mCtbMm%2FuW3Pv1yNddA%2FpsS66IiOgZgjD68P8grw1FdBpNBX2xHnD9XgQRl7QSryoI%2Fha5LdoknRYxFjAfS%2BGlU9ubq74QdB54EHapVnfAzkhVwd%2FIZcTshz8CkZPYdUpYumAlldBqxp0t8Yg%2B7bc5anuSWGbudHgukZeLKPYdw7VBbkyG%2BbWzjOI%2BOzG7%2F7MEJsauanxuXxJ0FWPRnd0RY7u6MqS5zt5IVM5oNNB3y1oIS59%2FbHYr7ThWxt2%2BOSDeApMw6f3hC22acZl1rXkm3XJuTCb2sSC%2FLBl7wt2u7S766XJynz79s3NrTQ3wlqpszHodGf%2FMIjlhLx55d5sh699vwNpxjBljbQ8I3OD1GPE%2BQFsvuBvNYFRixqWO6jKemRabPGoJIESi5yyGvY%2FOVvEI0Onv6msD%2B0jdM0SaPEQWVqjZ2r0VA2qhrDlpVGRm7Mbv8xpMLU0YsosHTFl1FczmafXc1h53mj7vkvDaM1rt6los6DVSUKPU9oKwlYYUh%2BFnSThffwNAAD%2F%2FwEAAP%2F%2F1T5%2BmJ0EAAA%3D | 192.243.61.227 | 200 OK | 7 B |
URL GET HTTP/1.1threeinvincible.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQYscRRSu3uxNEJTcQmAOHiK4s93TvT3T5hDcrCuLazYkkXgLVV3Vs%2BVWdzVV3dOzc1oMSI6Dv6D3m90s0SjJVTDIbMDDgpARD3twL%2F4DlZxlxsHRB1Xvvfpewfe%2B9748LC9ICyU93%2FhED6RSdHWt6TaufeZ51xvbMiv7jX4nfBAG1xum934UNt13Gx%2BJeE%2BvtlzPdT3Xa2xKIxLdX52CkPnTyGtGbjNoNb21AH3z%2F9yWDix1wHsX5G1IPll%2B6VyGjMfI0mcbwu4VOn%2Fvw7RUtNAGPX7yabaX6SpDuggT4yDJTubV0PbV5gvo7HhGF7r3byGTE%2BL89AIsO5mTBOsdzXgyBZGB8TdQ9cYQagxJx4j1Q0j%2BigAxx60dZOnjW9pUdP8flE7RCVl%2B%2FSdkNSHLv11Gln63rmS%2FcVerspA6s%2BgnNWR%2FDNkdIy9PUQyWIKtTxMUXkPxnsvp6G1l6tGOVhuTn7zAWizU%2FiFZcL%2BArQTtKVljU9ld4wijjbhyEHX8mkJRjyGQMJYag1kE5PdJBmTgocwcpP2%2FEnue1XR5TtxPFsc%2FbgoXc9Wg78ajnhh2U8bSHIYp8iFgNEZsD5OYAe3IIU%2F4Iu1vDcge2IOjxGpUgqCxBRQkqSVAVBFWvPubKtmz9mCtbMm%2FuW3Pv1yNddA%2FpsS66IiOgZgjD68P8grw1FdBpNBX2xHnD9XgQRl7QSryoI%2Fha5LdoknRYxFjAfS%2BGlU9ubq74QdB54EHapVnfAzkhVwd%2FIZcTshz8CkZPYdUpYumAlldBqxp0t8Yg%2B7bc5anuSWGbudHgukZeLKPYdw7VBbkyG%2BbWzjOI%2BOzG7%2F7MEJsauanxuXxJ0FWPRnd0RY7u6MqS5zt5IVM5oNNB3y1oIS59%2FbHYr7ThWxt2%2BOSDeApMw6f3hC22acZl1rXkm3XJuTCb2sSC%2FLBl7wt2u7S766XJynz79s3NrTQ3wlqpszHodGf%2FMIjlhLx55d5sh699vwNpxjBljbQ8I3OD1GPE%2BQFsvuBvNYFRixqWO6jKemRabPGoJIESi5yyGvY%2FOVvEI0Onv6msD%2B0jdM0SaPEQWVqjZ2r0VA2qhrDlpVGRm7Mbv8xpMLU0YsosHTFl1FczmafXc1h53mj7vkvDaM1rt6los6DVSUKPU9oKwlYYUh%2BFnSThffwNAAD%2F%2FwEAAP%2F%2F1T5%2BmJ0EAAA%3D IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://driveseed.org/file/r817JoRznr CertificateIssuerLet's Encrypt Subjectthreeinvincible.com Fingerprint80:A7:5B:F8:68:36:7B:02:02:07:18:D1:59:E5:E8:BF:94:77:25:84 ValidityTue, 30 Apr 2024 15:27:42 GMT - Mon, 29 Jul 2024 15:27:41 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSQYscRRSu3uxNEJTcQmAOHiK4s93TvT3T5hDcrCuLazYkkXgLVV3Vs%2BVWdzVV3dOzc1oMSI6Dv6D3m90s0SjJVTDIbMDDgpARD3twL%2F4DlZxlxsHRB1Xvvfpewfe%2B9748LC9ICyU93%2FhED6RSdHWt6TaufeZ51xvbMiv7jX4nfBAG1xum934UNt13Gx%2BJeE%2BvtlzPdT3Xa2xKIxLdX52CkPnTyGtGbjNoNb21AH3z%2F9yWDix1wHsX5G1IPll%2B6VyGjMfI0mcbwu4VOn%2Fvw7RUtNAGPX7yabaX6SpDuggT4yDJTubV0PbV5gvo7HhGF7r3byGTE%2BL89AIsO5mTBOsdzXgyBZGB8TdQ9cYQagxJx4j1Q0j%2BigAxx60dZOnjW9pUdP8flE7RCVl%2B%2FSdkNSHLv11Gln63rmS%2FcVerspA6s%2BgnNWR%2FDNkdIy9PUQyWIKtTxMUXkPxnsvp6G1l6tGOVhuTn7zAWizU%2FiFZcL%2BArQTtKVljU9ld4wijjbhyEHX8mkJRjyGQMJYag1kE5PdJBmTgocwcpP2%2FEnue1XR5TtxPFsc%2FbgoXc9Wg78ajnhh2U8bSHIYp8iFgNEZsD5OYAe3IIU%2F4Iu1vDcge2IOjxGpUgqCxBRQkqSVAVBFWvPubKtmz9mCtbMm%2FuW3Pv1yNddA%2FpsS66IiOgZgjD68P8grw1FdBpNBX2xHnD9XgQRl7QSryoI%2Fha5LdoknRYxFjAfS%2BGlU9ubq74QdB54EHapVnfAzkhVwd%2FIZcTshz8CkZPYdUpYumAlldBqxp0t8Yg%2B7bc5anuSWGbudHgukZeLKPYdw7VBbkyG%2BbWzjOI%2BOzG7%2F7MEJsauanxuXxJ0FWPRnd0RY7u6MqS5zt5IVM5oNNB3y1oIS59%2FbHYr7ThWxt2%2BOSDeApMw6f3hC22acZl1rXkm3XJuTCb2sSC%2FLBl7wt2u7S766XJynz79s3NrTQ3wlqpszHodGf%2FMIjlhLx55d5sh699vwNpxjBljbQ8I3OD1GPE%2BQFsvuBvNYFRixqWO6jKemRabPGoJIESi5yyGvY%2FOVvEI0Onv6msD%2B0jdM0SaPEQWVqjZ2r0VA2qhrDlpVGRm7Mbv8xpMLU0YsosHTFl1FczmafXc1h53mj7vkvDaM1rt6los6DVSUKPU9oKwlYYUh%2BFnSThffwNAAD%2F%2FwEAAP%2F%2F1T5%2BmJ0EAAA%3D HTTP/1.1
Host: threeinvincible.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://driveseed.org/
Cookie: u_pl=18886252; uid_id2=bbce5349-014d-479f-b973-dfbabd0c4683:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 15:43:31 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 14fdf1cb09a829c659a10833c2660683
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| threeinvincible.com/pixel/sbls?bv=24.18.6785&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F2f%2F33%2F17%2F2f3317da28d2a6ed09610d2d267aa136%2F1648542458.html&l=2977&fd=97 | 192.243.61.227 | 200 OK | 0 B |
URL GET HTTP/1.1threeinvincible.com/pixel/sbls?bv=24.18.6785&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F2f%2F33%2F17%2F2f3317da28d2a6ed09610d2d267aa136%2F1648542458.html&l=2977&fd=97 IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://driveseed.org/file/r817JoRznr CertificateIssuerLet's Encrypt Subjectthreeinvincible.com Fingerprint80:A7:5B:F8:68:36:7B:02:02:07:18:D1:59:E5:E8:BF:94:77:25:84 ValidityTue, 30 Apr 2024 15:27:42 GMT - Mon, 29 Jul 2024 15:27:41 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.18.6785&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F2f%2F33%2F17%2F2f3317da28d2a6ed09610d2d267aa136%2F1648542458.html&l=2977&fd=97 HTTP/1.1
Host: threeinvincible.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://driveseed.org/
Cookie: u_pl=18886252; uid_id2=bbce5349-014d-479f-b973-dfbabd0c4683:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 15:43:31 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.creative-bars1.com/sb/chat/mob/ssp/1/img/close.png | 188.114.96.1 | 200 OK | 6.0 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/chat/mob/ssp/1/img/close.png IP188.114.96.1:443
Requested byhttps://driveseed.org/file/r817JoRznr CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typePNG image data, 522 x 391, 8-bit/color RGBA, non-interlaced Hashc489ce2c491a22ee37a55e26a92dfd73 2fa588ab09e94dd902e5bd24b48f98ad1949c9d6 1eed147c7d5de6291c25fbc5274830c12d5549262fb144271576d4e15966e5bd
GET /sb/chat/mob/ssp/1/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 15:43:31 GMT
content-type: image/png
content-length: 5982
last-modified: Mon, 21 Feb 2022 08:25:06 GMT
etag: "62134c62-175e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 335107
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mPlhRjN1opqdQguxj5sybbvB%2FoxYI%2Fpjzu9Qahe77V2jRAezWR6y%2ByZF9EXgz7n0jt61YZYH3NUlDZzPJSMZGcOaOMjOb8gI%2B2CejBtpJs1heSseV4MTezfFN%2Fbe%2FmsY1el6Lr21yPa%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e99b5c6c46b512-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.cloudimagesb.com/si/52/3a/8c/523a8ce104cfc3373cd17ab1c0e5131b/1701651901.png | 45.133.44.10 | 200 OK | 14 kB |
URL GET HTTP/2cdn.cloudimagesb.com/si/52/3a/8c/523a8ce104cfc3373cd17ab1c0e5131b/1701651901.png IP45.133.44.10:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://driveseed.org/file/r817JoRznr CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typePNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced Hash962ac416cce3fad636d4904386c8d3d4 811166fceb971353dc6a9ea3a153367f20b47592 ec6c8e1c030499a846897265d0c1f66dedc6ece17c1ea6006b700faf37e73555
GET /si/52/3a/8c/523a8ce104cfc3373cd17ab1c0e5131b/1701651901.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 15:43:31 GMT
content-type: image/png
content-length: 14496
server: nginx/1.21.6
last-modified: Mon, 04 Dec 2023 01:05:10 GMT
etag: "656d25c6-38a0"
expires: Mon, 06 May 2024 15:43:31 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap | 142.250.74.106 | 200 OK | 717 B |
URL GET HTTP/3fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap IP142.250.74.106:443
Requested byhttps://driveseed.org/file/r817JoRznr CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
Hash5e48f11f5e65274412215f94f73f8c49 4dd35e5b5136df76bd7ff9da1f119d0ec0e57ff7 40992eb57d95a0165a6d56399cd9afd60cc2cac6f06579b8d87079ccaab91e29
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 15:43:31 GMT
date: Sat, 04 May 2024 15:43:31 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| threeinvincible.com/pixel/sbls?bv=24.18.6785&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fanimate.css&l=79313&fd=351 | 192.243.61.227 | 200 OK | 0 B |
URL GET HTTP/1.1threeinvincible.com/pixel/sbls?bv=24.18.6785&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fanimate.css&l=79313&fd=351 IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://driveseed.org/file/r817JoRznr CertificateIssuerLet's Encrypt Subjectthreeinvincible.com Fingerprint80:A7:5B:F8:68:36:7B:02:02:07:18:D1:59:E5:E8:BF:94:77:25:84 ValidityTue, 30 Apr 2024 15:27:42 GMT - Mon, 29 Jul 2024 15:27:41 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.18.6785&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fanimate.css&l=79313&fd=351 HTTP/1.1
Host: threeinvincible.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://driveseed.org/
Cookie: u_pl=18886252; uid_id2=bbce5349-014d-479f-b973-dfbabd0c4683:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 15:43:31 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.227:443
Requested byhttps://driveseed.org/file/r817JoRznr CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://driveseed.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 09:28:37 GMT
expires: Sun, 04 May 2025 09:28:37 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 22494
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| threeinvincible.com/pixel/sbls?bv=24.18.6785&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fjs%2Fscript.js&l=382&fd=289 | 192.243.61.227 | 200 OK | 0 B |
URL GET HTTP/1.1threeinvincible.com/pixel/sbls?bv=24.18.6785&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fjs%2Fscript.js&l=382&fd=289 IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://driveseed.org/file/r817JoRznr CertificateIssuerLet's Encrypt Subjectthreeinvincible.com Fingerprint80:A7:5B:F8:68:36:7B:02:02:07:18:D1:59:E5:E8:BF:94:77:25:84 ValidityTue, 30 Apr 2024 15:27:42 GMT - Mon, 29 Jul 2024 15:27:41 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.18.6785&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fjs%2Fscript.js&l=382&fd=289 HTTP/1.1
Host: threeinvincible.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://driveseed.org/
Cookie: u_pl=18886252; uid_id2=bbce5349-014d-479f-b973-dfbabd0c4683:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 15:43:31 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP216.58.207.227:443
Requested byhttps://driveseed.org/file/r817JoRznr CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0 Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://driveseed.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:55:00 GMT
expires: Fri, 02 May 2025 01:55:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 222511
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| accounts.google.com/gsi/status?client_id=608852925065-31qhpcqkrps7i8idi0brjp41jonplkl5.apps.googleusercontent.com&as=a3V%2BrBpTStzrAbMDjnJz6g | 74.125.131.84 | 200 OK | 66 B |
URL GET HTTP/3accounts.google.com/gsi/status?client_id=608852925065-31qhpcqkrps7i8idi0brjp41jonplkl5.apps.googleusercontent.com&as=a3V%2BrBpTStzrAbMDjnJz6g IP74.125.131.84:443
Requested byhttps://driveseed.org/file/r817JoRznr CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
Hashcd67d3657fb1d9a9aa47d7818caadbc9 b260b2971dccd11281a1bd504a92c36bade340a9 573c699a4996d6c49aef9ba03c1665a6e3700c61bf651d20a46d54a2e8a8ca82
GET /gsi/status?client_id=608852925065-31qhpcqkrps7i8idi0brjp41jonplkl5.apps.googleusercontent.com&as=a3V%2BrBpTStzrAbMDjnJz6g HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://driveseed.org
DNT: 1
Connection: keep-alive
Referer: https://driveseed.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=utf-8
x-content-type-options: nosniff
access-control-allow-origin: https://driveseed.org
access-control-allow-credentials: true
access-control-allow-methods: GET
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 04 May 2024 15:43:25 GMT
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
content-security-policy: script-src 'nonce-T_vLQC9FaM3wxHxKbY-uMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| cdn.creative-bars1.com/sb/chat/mob/ssp/1/css/animate.css | 188.114.96.1 | 200 OK | 4.9 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/chat/mob/ssp/1/css/animate.css IP188.114.96.1:443
Requested byhttps://driveseed.org/file/r817JoRznr CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
Hashfc638645a938f69e69360c75335ffd1a 143132fb8361c3ad0acf88cb70bf0b07c0ecc2d4 7ef76aab275d0221c68602d18f81b4285b280756f0f71d535ed8b5b889bc2f90
GET /sb/chat/mob/ssp/1/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://driveseed.org
DNT: 1
Connection: keep-alive
Referer: https://driveseed.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 15:43:31 GMT
content-type: text/css
last-modified: Mon, 21 Feb 2022 08:25:04 GMT
etag: W/"62134c60-135d1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1PzmsoUGsoJaIDDtMds5vz4ikaEH3FLBhHc0ievyacHZr%2FpQr4OwhS5kcJxJrMfwjpcvr6b9je5vdmyHrDeIZN7YEUW47i%2FeIm6e0X6tOkFAsAB1eERa1ZAE%2Bza2%2FIgD0MLBpfs%2BRX3k"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e99b5beb8fb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/chat/mob/ssp/1/css/style.css | 188.114.96.1 | 200 OK | 6.2 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/chat/mob/ssp/1/css/style.css IP188.114.96.1:443
Requested byhttps://driveseed.org/file/r817JoRznr CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
Hash630f303dfe147dec2c4a226287393b69 3e9f8270b84e09595181bd55de6785a89f53ba10 967d085a33a12064d83cb38f582c3e418e021a2d523dd9597bb75dc00589fec7
GET /sb/chat/mob/ssp/1/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://driveseed.org
DNT: 1
Connection: keep-alive
Referer: https://driveseed.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 15:43:31 GMT
content-type: text/css
last-modified: Mon, 21 Feb 2022 08:25:04 GMT
etag: W/"62134c60-1209"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jdOC%2B%2FCrrotZXhB2WdJl3DnYUJbN%2FWRxfK7xwr0P6oAmMifN0xX%2BhWM840UGCLC13HZCeDW%2BmaGPPmvjkfG%2BKYUzTvQ8mACWF71Dw7REBiM9dUK%2FkDi6NLYJMlGBRhtNY%2FfbU6wpSFAP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e99b5beb88b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| threeinvincible.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSu3uxNEJTcQmAOHiK4s90zPb%2FMIZjElcU1G5JIvIX61bPlVnc1Vd3Ts3NaDEiOg39B7ze7WaJRkqtgkNmAhwUhIx724F78D1Rylh4HRx9UvffqewXf%2B9778iA%2FJw3k9OzmJ2aktKbrrbpfu%2FJZEFytbakkH9aG3faDdni1Zgfv99p1%2F93aR5LvmvWGH%2Fh%2B4Ae1DWVlZIbrFQiVPu0F9Z5fDxv1oBViaP%2Bfu9yDox7E4Jy8DSVmqy%2B9i1B8iiR%2BdlO63cyk730Y55pmxmIgjj9NdhNTJIiXYWQ9RMnxohrGvdp4AZMczenCDP4tZGpGvJ9egCXHC5Jgg8M5T6YhEzDxBorBFFJPoegU3DyEEq8IwAVubSOJH98ytqB7%2F6C0Qmdk9fWfUMWMrP52EUn83XWthrW7RueZMonDMCqhhlOo%2FhRpfoJstAJVnIBnX0CJn8n66y0k8eG20wZKnL3DGJetZthb84NQrIWdXrTGep3mmogYZcLnYbvbnAuk1BQqmkLLMajzkFdHecgjD3nqIRZnNR4EQccXnPrdHudN0ZGsLfyAdqKABn67i5xXPYyRpWNwPQa3%2B0jtPnbVGDb%2FEW6nhBMeXEYwECUKSVA4goISFIqgyAiKQXkktGu48rHQLmfBwjcWvllOTNY%2FoEcm68uEgNoxrCgP0nPyViWgV6tr7Mqzmh%2BIsN0LwkYU9LpStHrNBo2iLusxFopmwOHUkxsba80w7D4IoNzKvO%2BRmpHLo7%2BQqhlZDX8Foydw%2BgRceaD5ZdCiBN0pMUq%2BzXdEbAZKunpqDYQpkWaryPa8A31OLs2Hubn9DJKfXvu9OTdwWyK1JT5XLwn6%2BtHkjinI4R1TOPJ8O81UrEa0GvTdjGbywtcfy73CWLF5042ffMAroAqf3pMu26KJUEnfkW%2BuKyGk3TCWS%2FLDprsv2e3c7VzPbZKnW7dvbGzGqZXOKZNMQaud%2FcOCqxl589K9%2BQ5f%2BX4byk5h8xJxfkoWBmWm4Ok%2BXLrk7wyB1csalnoo8nJiG2z5qBWBlsucshLuPzlbxhNLq99UlQfuEfp2BTR7iCQuMbAlBroE1WO4%2FMIkS%2B3ptV8WNJhemTBtVw6ZtvqruczV9RxOndWavugwGckOk2ErjCQXrNViPo84a4pulyNzs6h9H38DAAD%2F%2FwEAAP%2F%2FVeqrcJ0EAAA%3D | 172.240.108.68 | 200 OK | 0 B |
URL GET HTTP/1.1threeinvincible.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSu3uxNEJTcQmAOHiK4s90zPb%2FMIZjElcU1G5JIvIX61bPlVnc1Vd3Ts3NaDEiOg39B7ze7WaJRkqtgkNmAhwUhIx724F78D1Rylh4HRx9UvffqewXf%2B9778iA%2FJw3k9OzmJ2aktKbrrbpfu%2FJZEFytbakkH9aG3faDdni1Zgfv99p1%2F93aR5LvmvWGH%2Fh%2B4Ae1DWVlZIbrFQiVPu0F9Z5fDxv1oBViaP%2Bfu9yDox7E4Jy8DSVmqy%2B9i1B8iiR%2BdlO63cyk730Y55pmxmIgjj9NdhNTJIiXYWQ9RMnxohrGvdp4AZMczenCDP4tZGpGvJ9egCXHC5Jgg8M5T6YhEzDxBorBFFJPoegU3DyEEq8IwAVubSOJH98ytqB7%2F6C0Qmdk9fWfUMWMrP52EUn83XWthrW7RueZMonDMCqhhlOo%2FhRpfoJstAJVnIBnX0CJn8n66y0k8eG20wZKnL3DGJetZthb84NQrIWdXrTGep3mmogYZcLnYbvbnAuk1BQqmkLLMajzkFdHecgjD3nqIRZnNR4EQccXnPrdHudN0ZGsLfyAdqKABn67i5xXPYyRpWNwPQa3%2B0jtPnbVGDb%2FEW6nhBMeXEYwECUKSVA4goISFIqgyAiKQXkktGu48rHQLmfBwjcWvllOTNY%2FoEcm68uEgNoxrCgP0nPyViWgV6tr7Mqzmh%2BIsN0LwkYU9LpStHrNBo2iLusxFopmwOHUkxsba80w7D4IoNzKvO%2BRmpHLo7%2BQqhlZDX8Foydw%2BgRceaD5ZdCiBN0pMUq%2BzXdEbAZKunpqDYQpkWaryPa8A31OLs2Hubn9DJKfXvu9OTdwWyK1JT5XLwn6%2BtHkjinI4R1TOPJ8O81UrEa0GvTdjGbywtcfy73CWLF5042ffMAroAqf3pMu26KJUEnfkW%2BuKyGk3TCWS%2FLDprsv2e3c7VzPbZKnW7dvbGzGqZXOKZNMQaud%2FcOCqxl589K9%2BQ5f%2BX4byk5h8xJxfkoWBmWm4Ok%2BXLrk7wyB1csalnoo8nJiG2z5qBWBlsucshLuPzlbxhNLq99UlQfuEfp2BTR7iCQuMbAlBroE1WO4%2FMIkS%2B3ptV8WNJhemTBtVw6ZtvqruczV9RxOndWavugwGckOk2ErjCQXrNViPo84a4pulyNzs6h9H38DAAD%2F%2FwEAAP%2F%2FVeqrcJ0EAAA%3D IP172.240.108.68:443
Requested byhttps://driveseed.org/file/r817JoRznr CertificateIssuerLet's Encrypt Subjectthreeinvincible.com Fingerprint80:A7:5B:F8:68:36:7B:02:02:07:18:D1:59:E5:E8:BF:94:77:25:84 ValidityTue, 30 Apr 2024 15:27:42 GMT - Mon, 29 Jul 2024 15:27:41 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSu3uxNEJTcQmAOHiK4s90zPb%2FMIZjElcU1G5JIvIX61bPlVnc1Vd3Ts3NaDEiOg39B7ze7WaJRkqtgkNmAhwUhIx724F78D1Rylh4HRx9UvffqewXf%2B9778iA%2FJw3k9OzmJ2aktKbrrbpfu%2FJZEFytbakkH9aG3faDdni1Zgfv99p1%2F93aR5LvmvWGH%2Fh%2B4Ae1DWVlZIbrFQiVPu0F9Z5fDxv1oBViaP%2Bfu9yDox7E4Jy8DSVmqy%2B9i1B8iiR%2BdlO63cyk730Y55pmxmIgjj9NdhNTJIiXYWQ9RMnxohrGvdp4AZMczenCDP4tZGpGvJ9egCXHC5Jgg8M5T6YhEzDxBorBFFJPoegU3DyEEq8IwAVubSOJH98ytqB7%2F6C0Qmdk9fWfUMWMrP52EUn83XWthrW7RueZMonDMCqhhlOo%2FhRpfoJstAJVnIBnX0CJn8n66y0k8eG20wZKnL3DGJetZthb84NQrIWdXrTGep3mmogYZcLnYbvbnAuk1BQqmkLLMajzkFdHecgjD3nqIRZnNR4EQccXnPrdHudN0ZGsLfyAdqKABn67i5xXPYyRpWNwPQa3%2B0jtPnbVGDb%2FEW6nhBMeXEYwECUKSVA4goISFIqgyAiKQXkktGu48rHQLmfBwjcWvllOTNY%2FoEcm68uEgNoxrCgP0nPyViWgV6tr7Mqzmh%2BIsN0LwkYU9LpStHrNBo2iLusxFopmwOHUkxsba80w7D4IoNzKvO%2BRmpHLo7%2BQqhlZDX8Foydw%2BgRceaD5ZdCiBN0pMUq%2BzXdEbAZKunpqDYQpkWaryPa8A31OLs2Hubn9DJKfXvu9OTdwWyK1JT5XLwn6%2BtHkjinI4R1TOPJ8O81UrEa0GvTdjGbywtcfy73CWLF5042ffMAroAqf3pMu26KJUEnfkW%2BuKyGk3TCWS%2FLDprsv2e3c7VzPbZKnW7dvbGzGqZXOKZNMQaud%2FcOCqxl589K9%2BQ5f%2BX4byk5h8xJxfkoWBmWm4Ok%2BXLrk7wyB1csalnoo8nJiG2z5qBWBlsucshLuPzlbxhNLq99UlQfuEfp2BTR7iCQuMbAlBroE1WO4%2FMIkS%2B3ptV8WNJhemTBtVw6ZtvqruczV9RxOndWavugwGckOk2ErjCQXrNViPo84a4pulyNzs6h9H38DAAD%2F%2FwEAAP%2F%2FVeqrcJ0EAAA%3D HTTP/1.1
Host: threeinvincible.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://driveseed.org/
Cookie: u_pl=18886252; uid_id2=bbce5349-014d-479f-b973-dfbabd0c4683:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 15:43:32 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6053455ad26d203f68972f5c2cca6248
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| downstairsnegotiatebarren.com/sfp.js | 104.21.35.227 | 200 OK | 86 kB |
URL GET HTTP/2downstairsnegotiatebarren.com/sfp.js IP104.21.35.227:443
Requested byhttps://driveseed.org/file/r817JoRznr CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint5D:DB:CB:C6:CE:2A:8B:34:7D:BC:43:74:33:1D:5F:77:48:F7:BC:1B ValidityThu, 02 May 2024 21:26:34 GMT - Wed, 31 Jul 2024 21:26:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://driveseed.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 15:43:24 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 4ee96e1261c2bb028de33728a3a19fd7
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 04 May 2024 15:43:23 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hFt7xoY0%2Fp9%2F8GFL3oFyZhlFwlmsDN2nEjJceV5xWib2IQNHKO690EewmTUzu14VnaobqXxK5z%2BkJuT%2Bm82uN%2BK52N44n2UNosdMuYEdA1POLhYgxQeWOuLjF%2FrkjzzcNOCof9DeNzi9Tlw8lnk%2B%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e99b2f6fe156c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/chat/mob/ssp/1/js/script.js | 188.114.96.1 | 200 OK | 382 B |
URL GET HTTP/2cdn.creative-bars1.com/sb/chat/mob/ssp/1/js/script.js IP188.114.96.1:443
Requested byhttps://driveseed.org/file/r817JoRznr CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeASCII text, with very long lines (411), with no line terminators Hash9ffae600059bf4e6adb35ebb274ae385 6130e466c04551baa2a5d650e6bd5a87daba73a7 a7d15e051fb3d3c31494683306bb7752478354894825b110d26d333cbeaaeb39
GET /sb/chat/mob/ssp/1/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://driveseed.org
DNT: 1
Connection: keep-alive
Referer: https://driveseed.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 15:43:31 GMT
content-type: application/javascript
last-modified: Mon, 21 Feb 2022 08:25:08 GMT
etag: W/"62134c64-17e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=71P5xrTbA8fokM8v9PkJOLmsqNyEISzMZvXiLjW2dHuD4OxQCZ5l%2FtjVfdIE2OTT6L04YfeOB4NWOjXKT4VYsuIgz3WeMC45WfUst1KFHT7QCKClcMJeoybBWeryHZUl4DOKEN4xiyax"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e99b5d1d37b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/chat/mob/ssp/1/js/jquery.min.js | 188.114.96.1 | 200 OK | 90 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/chat/mob/ssp/1/js/jquery.min.js IP188.114.96.1:443
Requested byhttps://driveseed.org/file/r817JoRznr CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Hash561acb3e541133bbdd2c0c19f8ee35a1 ffd1353cf3f77d25f801c84d8208613eb0d3d548 9fde6da568db31801e29243a903bf24f342256b41e3c01e7d018ff7c566ce7fc
GET /sb/chat/mob/ssp/1/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 15:43:31 GMT
content-type: application/javascript
last-modified: Mon, 21 Feb 2022 08:25:09 GMT
etag: W/"62134c65-15d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 343555
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BxXcvj%2BUlNfQi4mCHcHHHJSZVcUTbqRfMmF%2Fl9rArEI1%2FWq7puu1uRVqcWnm1KI0T6xAVwCFbFB%2BnpUdYcUj0CvxBw4ctGsn4hi8X6umpWd60P9zN5b%2BG0ujDjpEMXtuSnmiRBiMdsF1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e99b5c7c57b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| threeinvincible.com/pixel/sbls?bv=24.18.6785&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fstyle.css&l=4617&fd=188 | 192.243.61.227 | 200 OK | 0 B |
URL GET HTTP/1.1threeinvincible.com/pixel/sbls?bv=24.18.6785&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fstyle.css&l=4617&fd=188 IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://driveseed.org/file/r817JoRznr CertificateIssuerLet's Encrypt Subjectthreeinvincible.com Fingerprint80:A7:5B:F8:68:36:7B:02:02:07:18:D1:59:E5:E8:BF:94:77:25:84 ValidityTue, 30 Apr 2024 15:27:42 GMT - Mon, 29 Jul 2024 15:27:41 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.18.6785&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fstyle.css&l=4617&fd=188 HTTP/1.1
Host: threeinvincible.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://driveseed.org/
Cookie: u_pl=18886252; uid_id2=bbce5349-014d-479f-b973-dfbabd0c4683:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 15:43:31 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| driveseed.org/content/data/MDB5-STANDARD-UI-KIT-Free-3.9.0/js/mdb.min.js | 104.21.70.18 | 200 OK | 1.2 MB |
URL GET HTTP/3driveseed.org/content/data/MDB5-STANDARD-UI-KIT-Free-3.9.0/js/mdb.min.js IP104.21.70.18:443
Requested byhttps://driveseed.org/file/r817JoRznr CertificateIssuerGoogle Trust Services LLC Subjectdriveseed.org FingerprintBA:FA:6A:7F:6D:B4:89:DB:FC:E6:A4:15:63:E0:0C:A5:4B:1A:CB:A2 ValidityTue, 09 Apr 2024 18:49:06 GMT - Mon, 08 Jul 2024 18:49:05 GMT
Size1.2 MB (1179897 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /content/data/MDB5-STANDARD-UI-KIT-Free-3.9.0/js/mdb.min.js HTTP/1.1
Host: driveseed.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://driveseed.org/file/r817JoRznr
Cookie: PHPSESSID=748595365bd11844bbe6f7055711c5d3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 15:43:23 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Tue, 07 May 2024 18:38:17 GMT
last-modified: Tue, 20 Dec 2022 13:15:07 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 335106
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TZPkVWL7nlHqm628o4PmE15og55G6tmxHQiehEx1cl2fTIskB%2BiHkPqnOqSWRZE%2BXCHMXfU8TVEkRy3UrnWipQQt8MJZqA63Imu09H%2BPh01BPRPfBciS4V%2F3slNFaBy5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e99b294ffd0b41-OSL
content-encoding: br
|
|
| accounts.google.com/gsi/style | 74.125.131.84 | 200 OK | 530 B |
URL GET HTTP/3accounts.google.com/gsi/style IP74.125.131.84:443
Requested byhttps://driveseed.org/file/r817JoRznr CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File typeASCII text, with very long lines (530), with no line terminators Hash6ce3c682ce6b9e0b88670395a63345c8 8cbfc0856a52320e3567792dfe2487748ac07458 524f1ea2ac242c6fae3c1cc52c7ae7d05a8a7db466fe3c7b46e8efcfc2d95e53
GET /gsi/style HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://driveseed.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/css; charset=utf-8
expires: Sat, 04 May 2024 15:43:25 GMT
date: Sat, 04 May 2024 15:43:25 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'nonce-EohVJENW61_rYYsZ8vVOxw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| driveseed.org/content/data/MDB5-STANDARD-UI-KIT-Free-3.9.0/css/mdb.dark.min.css | 104.21.70.18 | 200 OK | 456 kB |
URL GET HTTP/3driveseed.org/content/data/MDB5-STANDARD-UI-KIT-Free-3.9.0/css/mdb.dark.min.css IP104.21.70.18:443
Requested byhttps://driveseed.org/file/r817JoRznr CertificateIssuerGoogle Trust Services LLC Subjectdriveseed.org FingerprintBA:FA:6A:7F:6D:B4:89:DB:FC:E6:A4:15:63:E0:0C:A5:4B:1A:CB:A2 ValidityTue, 09 Apr 2024 18:49:06 GMT - Mon, 08 Jul 2024 18:49:05 GMT
Size456 kB (456152 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /content/data/MDB5-STANDARD-UI-KIT-Free-3.9.0/css/mdb.dark.min.css HTTP/1.1
Host: driveseed.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://driveseed.org/file/r817JoRznr
Cookie: PHPSESSID=748595365bd11844bbe6f7055711c5d3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 15:43:23 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Tue, 07 May 2024 16:17:52 GMT
last-modified: Tue, 20 Dec 2022 13:15:07 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 343530
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eQCJNX4Xj4%2B3zd2Tb%2F1dS5B52x1V6vGUla0lvO1t3XhuVtxV186HQpX4xnVEaz%2BjgVL%2BuFun1DCRo2ei5uDH2GGSJBI4ScTq%2BpKIlN1AAgpaWqFpKXqLJK3zg5BfoupL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e99b293fdc0b41-OSL
content-encoding: br
|
|
| challenges.cloudflare.com/turnstile/v0/g/d0ff3ebede6b/api.js | 104.17.2.184 | 200 OK | 43 kB |
URL GET HTTP/3challenges.cloudflare.com/turnstile/v0/g/d0ff3ebede6b/api.js IP104.17.2.184:443
Requested byhttps://driveseed.org/file/r817JoRznr CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (42565) Hash65b0a652c40c95d12c4ddb3b4567c1ea c654efa19d01d6553ed4e0f500d350011e023ad1 c6b5cd0b65ebbb519dd845ba2979b40e58b056ca2c90f67a8bfea871d39615a7
GET /turnstile/v0/g/d0ff3ebede6b/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://driveseed.org/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 15:43:23 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e99b2af8951bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| driveseed.org/file/r817JoRznr | 104.21.70.18 | 200 OK | 17 kB |
URL User Request GET HTTP/2driveseed.org/file/r817JoRznr IP104.21.70.18:443
CertificateIssuerGoogle Trust Services LLC Subjectdriveseed.org FingerprintBA:FA:6A:7F:6D:B4:89:DB:FC:E6:A4:15:63:E0:0C:A5:4B:1A:CB:A2 ValidityTue, 09 Apr 2024 18:49:06 GMT - Mon, 08 Jul 2024 18:49:05 GMT
File typeHTML document, ASCII text, with CRLF, LF line terminators Hasha13df00f76b162ef26c0f31588162a80 8f56bc3987d26e13b3fe5a1830e4f88e55e42f25 a05d339e6972962e2b7ed6dda42ab817a5e5689b6735ee9378cc3f3628c3a6c5
GET /file/r817JoRznr HTTP/1.1
Host: driveseed.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 15:43:22 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=748595365bd11844bbe6f7055711c5d3; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fK4eIiXCmo90tTZqHApF2yqsLnhTDguBaz745JL883H9cZR1Vb9AiDHP9VQLB8ZLJdA1l8OiqPry7Iq3xbuNc%2FGR%2Fwe59ZpIoGAXh4fBPK4VdAMnAJb8imyXA3vJ5I06"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e99b253ff9712e-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| cdn.barscreative1.com/sb/au/2f/33/17/2f3317da28d2a6ed09610d2d267aa136/1648542458.html | 45.133.44.3 | 200 OK | 3.0 kB |
URL GET HTTP/2cdn.barscreative1.com/sb/au/2f/33/17/2f3317da28d2a6ed09610d2d267aa136/1648542458.html IP45.133.44.3:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://driveseed.org/file/r817JoRznr CertificateIssuerLet's Encrypt Subjectcdn.barscreative1.com FingerprintF6:54:F4:B9:EB:AD:1E:FA:8F:76:B9:75:20:9B:41:57:32:37:94:E3 ValiditySun, 10 Mar 2024 03:01:32 GMT - Sat, 08 Jun 2024 03:01:31 GMT
File typeHTML document, ASCII text, with very long lines (3229), with no line terminators Hash0b579b1f5697d55d3bc0856975d08243 e68a8e8bc08f86086744aba736df40ca7bea6d01 8ac4909eb5c0efc3278c66a43990535925fb271226f96261415df027fe40cb0c
GET /sb/au/2f/33/17/2f3317da28d2a6ed09610d2d267aa136/1648542458.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://driveseed.org
DNT: 1
Connection: keep-alive
Referer: https://driveseed.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 15:43:31 GMT
content-type: text/html; charset=utf-8
server: nginx/1.21.6
last-modified: Tue, 29 Mar 2022 08:27:42 GMT
etag: W/"6242c2fe-ba1"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Sat, 04 May 2024 16:43:31 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
|
|
| threeinvincible.com/pixel/sbs?c=1 | 172.240.108.68 | 200 OK | 0 B |
URL GET HTTP/1.1threeinvincible.com/pixel/sbs?c=1 IP172.240.108.68:443
Requested byhttps://driveseed.org/file/r817JoRznr CertificateIssuerLet's Encrypt Subjectthreeinvincible.com Fingerprint80:A7:5B:F8:68:36:7B:02:02:07:18:D1:59:E5:E8:BF:94:77:25:84 ValidityTue, 30 Apr 2024 15:27:42 GMT - Mon, 29 Jul 2024 15:27:41 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbs?c=1 HTTP/1.1
Host: threeinvincible.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://driveseed.org/
Cookie: u_pl=18886252; uid_id2=bbce5349-014d-479f-b973-dfbabd0c4683:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 15:43:31 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| accounts.google.com/gsi/client | 74.125.131.84 | 200 OK | 221 kB |
URL GET HTTP/2accounts.google.com/gsi/client IP74.125.131.84:443
Requested byhttps://driveseed.org/file/r817JoRznr CertificateIssuerGoogle Trust Services LLC Subjectaccounts.google.com Fingerprint9A:72:A8:C3:56:5C:93:B4:72:C7:5B:1B:60:BB:0F:3E:1E:C4:1B:67 ValidityTue, 16 Apr 2024 04:20:36 GMT - Tue, 09 Jul 2024 04:20:35 GMT
File typeJavaScript source, ASCII text, with very long lines (3111) Size221 kB (220988 bytes) Hash9e824aefbb6435d61e675accdab1ffe7 106799355ee44ce47c153a298f54f5338ddd0df8 303bd7ad954181179d059f0713ecf11a9bd5edfd6122dc787b6e40abcb69970d
GET /gsi/client HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://driveseed.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
expires: Sat, 04 May 2024 15:43:24 GMT
date: Sat, 04 May 2024 15:43:24 GMT
cache-control: private, max-age=1800
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'nonce-Lzss0dbeULJc9Iv-maaSnQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,500,700%26display=swap | 142.250.74.106 | 200 OK | 8.7 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Roboto:300,400,500,700%26display=swap IP142.250.74.106:443
Requested byhttps://driveseed.org/file/r817JoRznr CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (8956), with no line terminators Hash91804c0df51e58b0bf469561e1ac2732 cc5a9023e310b49ef8f8ae32bb89ea774fe116ec 8a8aed46bfb9cdec8e34e76343b7e66796cf09926aef42efdfe5fa8a1fdda8aa
GET /css?family=Roboto:300,400,500,700%26display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://driveseed.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 15:43:23 GMT
date: Sat, 04 May 2024 15:43:23 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| downstairsnegotiatebarren.com/sfp.js | 104.21.35.227 | 200 OK | 86 kB |
URL GET HTTP/3downstairsnegotiatebarren.com/sfp.js IP104.21.35.227:443
Requested byhttps://driveseed.org/file/r817JoRznr CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint5D:DB:CB:C6:CE:2A:8B:34:7D:BC:43:74:33:1D:5F:77:48:F7:BC:1B ValidityThu, 02 May 2024 21:26:34 GMT - Wed, 31 Jul 2024 21:26:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://driveseed.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 15:43:24 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: ef493b264f61b068d5ac2a57bf63acf2
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 04 May 2024 15:43:24 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FXqLOSWuJaoaI4yGZqO7aCJFn8Zv2H6ZaiEO9pfdoFb%2BKqVD0JZ3Ev8mLnep7gYPlqF6Zb8rI6Nny4gOhGgKhc%2FDKfZmkWSt3dNRZB%2Bb3w2PNMZuGcBfwEicDdrk0gDX3N42pwDzx9NWA%2FqsbjKnAA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e99b33cb930b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|