Report - hgamegallery.com/PID/V-1741/

Report Overview

Submitted URL
hgamegallery.com/PID/V-1741/
IP
162.144.3.79
ASN
#46606 UNIFIEDLAYER-AS-1
Submitted
2022-11-21 04:29:14
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
40

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	51 kB	34.120.237.76
connect.facebook.net	139	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	804 B	92 kB	157.240.200.14
q.cachegorilla.com	313173	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.5 kB	39 kB	104.21.51.225
misctraff.com	210888	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	976 B	66 kB	172.67.129.169
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	44.242.3.166
mc.yandex.ru	2672	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	761 B	74 kB	87.250.250.119
thumb.tapecontent.net	98256	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	418 B	146 kB	104.21.235.147
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	409 B	1.2 kB	142.250.74.10
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.9 kB	66 kB	216.58.207.195
concernederase.com	158499	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.1 kB	42 kB	173.233.139.164
fanasti.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	4.0 kB	172.67.197.219
vjs.zencdn.net	4968	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	609 B	89 kB	151.101.86.217
pl17445481.profitablecpmgate.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	10 kB	173.233.137.36
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	149 kB	104.17.25.14
go.eabids.com	58057	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.9 kB	2.8 kB	217.22.19.194
cdn.barscreative1.com	25648	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	445 B	386 B	45.133.44.4
pl17445379.profitablecpmgate.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	331 B	14 kB	192.243.59.13
grewquartersupporting.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.6 kB	6.1 kB	192.243.59.13
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	3.0 kB	143.204.42.88
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	42 kB	23.36.77.32
cdn.pncloudfl.com	13313	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	118 kB	104.22.59.221
bmc-cdn.nyc3.digitaloceanspaces.com	115970	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	509 B	23 kB	162.243.189.2
908356674.tapecontent.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	792 B	548 B	54.36.108.66
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
hgamegallery.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	7.2 kB	151 kB	162.144.3.79
s.w.org	748	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	3.6 kB	192.0.77.48
limurol.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	1.8 kB	62.122.171.6
q.xmlrtb.com	57283	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	478 B	10 kB	172.67.142.212
pixel.wp.com	2545	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	424 B	245 B	192.0.76.3
www.topdisplayformat.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	642 B	21 kB	192.243.59.20
friendshipmale.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	279 B	28 kB	172.64.162.31
cdn.cloudimagesb.com	23099	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	402 kB	45.133.44.10
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	8.9 kB	36 kB	93.184.220.29
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	31 kB	142.250.74.35
simplewebanalysis.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	1.9 kB	18.185.190.54
www.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	439 B	164 kB	142.250.74.163
yearbookhobblespinal.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.6 kB	4.4 kB	173.233.137.36
1.gravatar.com	7167	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	349 B	2.1 kB	192.0.73.2
www.mpshark.com	312770	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	461 B	25 kB	104.21.76.196
use.fontawesome.com	942	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	393 B	853 B	172.64.132.15
vk.com	2243	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	360 B	3.4 kB	93.186.225.194
unpkg.com	11693	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	900 B	10 kB	104.16.126.175
streamtape.com	32595	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	481 B	650 B	104.21.47.209
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
revoketypes.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.2 kB	7.2 kB	173.233.137.44
q.popbutler.com	316838	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	481 B	531 B	172.67.155.254
digiadsply.com	136310	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	390 B	232 kB	104.18.5.101
cdnjs.buymeacoffee.com	85897	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	382 B	802 B	172.67.70.99
relativelyweptcurls.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	2.0 kB	173.233.137.36
xml.popmonetizer.com	360960	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	479 B	259 B	174.137.133.18
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.4 kB	15 kB	23.36.77.32
www.imglnkd.com	91726	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	409 B	65 kB	205.185.216.10
engine.spotscenered.info	66833	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	531 B	33 kB	104.18.97.60
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	1.2 kB	142.250.74.164
stats.wp.com	2711	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	359 B	356 B	192.0.76.3
morbidlocally.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	434 B	19 kB	192.243.61.225
spikereekvelocity.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	531 B	32 kB	192.243.59.12
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	382 B	44 kB	142.250.74.168
quantcast.mgr.consensu.org	2151	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	402 B	466 B	143.204.55.62
pl17445325.profitablecpmgate.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	10 kB	192.243.59.12
bg4nxu2u5t.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	29 kB	62.122.171.6
pl17445483.profitablecpmgate.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	10 kB	173.233.137.44
monkeysloveyou.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	71 kB	62.122.171.6
c0.wp.com	6988	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.1 kB	33 kB	192.0.77.37
ocsp2.globalsign.com	1544	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	367 B	1.9 kB	104.18.21.226

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-11-21	medium	profitablecpmgate.com	Sinkholed
2022-11-21	medium	profitablecpmgate.com	Sinkholed
2022-11-20	medium	topdisplayformat.com	Sinkholed
2022-11-21	medium	profitablecpmgate.com	Sinkholed
2022-11-21	medium	profitablecpmgate.com	Sinkholed
2022-11-21	medium	friendshipmale.com	Sinkholed
2022-11-20	medium	topdisplayformat.com	Sinkholed
2022-11-21	medium	grewquartersupporting.com	Sinkholed
2022-11-20	medium	yearbookhobblespinal.com	Sinkholed
2022-11-20	medium	relativelyweptcurls.com	Sinkholed
2022-11-20	medium	morbidlocally.com	Sinkholed
2022-11-21	medium	grewquartersupporting.com	Sinkholed
2022-11-20	medium	bg4nxu2u5t.com	Sinkholed
2022-11-20	medium	yearbookhobblespinal.com	Sinkholed
2022-11-21	medium	revoketypes.com	Sinkholed
2022-11-20	medium	bg4nxu2u5t.com	Sinkholed
2022-11-21	medium	revoketypes.com	Sinkholed
2022-11-21	medium	revoketypes.com	Sinkholed
2022-11-20	medium	spikereekvelocity.com	Sinkholed
2022-11-20	medium	bg4nxu2u5t.com	Sinkholed

JavaScript (143)

	URL	Size	First Seen	Last Seen
	vk.com/js/api/share.js?95	9.8 kB	2023-03-07	2023-03-17
Pretty URL vk.com/js/api/share.js?95 IP 93.186.225.194 ASN #47541 VKontakte Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:47 Last Seen2023-03-17 12:35:58 Times Seen1 Hash f9a98c7cac4837b8527f2936e1a9c5c2 062e637ae8b76ff7ab1799cb14a4ee58abd665e4 1077ed95e39d1bf7ecae2d562e08e3af93f21b375a5488d10ef671c1f2ed23c6 Loading...

	hgamegallery.com/PID/V-1741/	340 B	2023-03-07	2024-04-22
Pretty URL hgamegallery.com/PID/V-1741/ IP 162.144.3.79 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:28:41 Last Seen2024-04-22 00:10:07 Times Seen39 Hash 69046b3889f8416d216a6ce84ff5a1e4 6935e9bbd56d075a67c180d9568499f5364e9c7f b7a129e53211b51c3142b7544987532a7f24cd439da97f39f6585c9a1cb5f23a Loading...

	streamtape.com/js/player.ec3b7e.js	148 kB	2023-03-07	2024-04-19
Pretty URL streamtape.com/js/player.ec3b7e.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:29 Last Seen2024-04-19 11:41:18 Times Seen161 Hash 1781a0087c11152a2361ca6c84b13fab 87360f858b201c3e28f4af24b2fc7c2d8a8d0232 00c57c8b0121e3c2154bc0c181a5c01ad10550648cc4835a62dc887d5427c656 Loading...

	connect.facebook.net/fr_FR/sdk.js#xfbml=1&version=v2.12	3.1 kB	2023-03-11	2023-03-11
Pretty URL connect.facebook.net/fr_FR/sdk.js#xfbml=1&version=v2.12 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:06:50 Last Seen2023-03-11 15:06:50 Times Seen1 Hash 4cc9727c3e33a1c4780808cdd0ea6065 fa6b864e0f34fe6c8ae257efcc95d42c56242b33 d191e472b74428791a2b431ae1dca1ada2700a7f5a544c9ea0ecffa0b5c8ace7 Loading...

	ytube2dl.com/static/js/dropzone.min.js	48 kB	2023-03-07	2024-03-04
Pretty URL ytube2dl.com/static/js/dropzone.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:00:09 Last Seen2024-03-04 08:28:56 Times Seen614 Hash c56e787e0f4f6d6e9ca86e894704225d f078c18dc9e998fb3dd4972399a445398af20d68 386ff5d37c1787a5c8355d3a2533eca7336028d6bf8e73f52e33cfe58dd74036 Loading...

	ytube2dl.com/databe	29 B	2023-03-08	2023-03-26
Pretty URL ytube2dl.com/databe IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:35:30 Last Seen2023-03-26 04:12:37 Times Seen3 Hash 6727808d25cc293bc03b68f3c9cad54d b1dd84b16bd8bfb6f6b6e50c20f09fe27860b7bc 52788f5f585c390695f15a0f40e52e2ca54c1441cd5579be26cf16a8f2fb0fe7 Loading...

	www.mpshark.com/firstpage	40 kB	2023-03-08	2023-03-11
Pretty URL www.mpshark.com/firstpage IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:35:30 Last Seen2023-03-11 15:06:50 Times Seen1 Hash f9ddefab6100117cb3e6d8a8db81747a 870c36ed9ef50ceb6ebd6777ad6423b5b71a2958 778d11d0184b85e8102f40cd70ea57cc0135872cdae372548b507974440a5e1b Loading...

	unpkg.com/@silvermine/videojs-quality-selector@1.2.4/dist/js/silvermine-videojs-quality-selector.min.js?ver=1.2.4	23 kB	2023-03-07	2024-04-22
Pretty URL unpkg.com/@silvermine/videojs-quality-selector@1.2.4/dist/js/silvermine-videojs-quality-selector.min.js?ver=1.2.4 IP 104.16.126.175 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:47 Last Seen2024-04-22 01:12:43 Times Seen800 Hash f923d2667324506e72f42ca781ccb6f9 ab63ce25316c340764513b00d48855dc85265cfd 65516c677f31b3dc7a46b25580752d407e4cf3b9c9f7edaa21b78c3dc5740266 Loading...

	bg4nxu2u5t.com/aas/r45d/vki/1876944/105dadc5.js	69 kB	2023-03-11	2023-03-11
Pretty URL bg4nxu2u5t.com/aas/r45d/vki/1876944/105dadc5.js IP 62.122.171.6 ASN #50245 Serverel Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:06:50 Last Seen2023-03-11 20:31:43 Times Seen1 Hash 0ed41941725cddb12ab0797e0edac32b 751241d1c0b48ee4cd428ca384b0ace21d6ff2e6 fd9a23249edb7461df119b5e2fe51fc4c4eb03020377921bdef66eb1f736b428 Loading...

	limurol.com/ssp/req/1876944/?pb=7a334378f2ec0c2a900993b4981417a41669012143&psp=9MsMPS0zcvw786S7aZiQJuEowVviHbF5zuhYG9__9LiMx911FyUsy_6bkUeLHdSl78Q9sD7UNYv7vfphHyqeTXxNfXRLrAqhFX9nl3FxI2q6bMnmvTxYw8Kw-LF0hPruiNUCSH-ojL3m2ib0exQfhM2fCbF0cOyieoHhjuwMy3CXGJJfYwjE9ib_Imx64wgQM1OhXZwZY5wEZJHjx17fLKl3cgABxoV3PWbEHNPX-egPZJA04EIXSv2DoDK2UqWURQftdZyZ1Jg6r9S4Jn5w7Ced9BImOIi6xSysvmAKbWhjgZEye4w7ZZ2L1OZfbzPiG8ObDVpFw2dG5AFlzm0X1APTWbgWrhS3F9xELU0kG36H2SOJbbY3oB49RYh6-8xMRlCrkP0EHBeGt_aXgfdSay8xArU2DLbo4yG3VJiK2sNEz4keoLJZVgxwZnHnpO_Lg3T928p1TGgMDzUIBgeuUZuivtFnWfOO&cb=_clhp55r3gherwvhny027op&nojs=0&ix=0&abvar=0&t=0&x=891&y=501&wcks=0&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24	7 B	2023-03-07	2024-04-17
Pretty URL limurol.com/ssp/req/1876944/?pb=7a334378f2ec0c2a900993b4981417a41669012143&psp=9MsMPS0zcvw786S7aZiQJuEowVviHbF5zuhYG9__9LiMx911FyUsy_6bkUeLHdSl78Q9sD7UNYv7vfphHyqeTXxNfXRLrAqhFX9nl3FxI2q6bMnmvTxYw8Kw-LF0hPruiNUCSH-ojL3m2ib0exQfhM2fCbF0cOyieoHhjuwMy3CXGJJfYwjE9ib_Imx64wgQM1OhXZwZY5wEZJHjx17fLKl3cgABxoV3PWbEHNPX-egPZJA04EIXSv2DoDK2UqWURQftdZyZ1Jg6r9S4Jn5w7Ced9BImOIi6xSysvmAKbWhjgZEye4w7ZZ2L1OZfbzPiG8ObDVpFw2dG5AFlzm0X1APTWbgWrhS3F9xELU0kG36H2SOJbbY3oB49RYh6-8xMRlCrkP0EHBeGt_aXgfdSay8xArU2DLbo4yG3VJiK2sNEz4keoLJZVgxwZnHnpO_Lg3T928p1TGgMDzUIBgeuUZuivtFnWfOO&cb=_clhp55r3gherwvhny027op&nojs=0&ix=0&abvar=0&t=0&x=891&y=501&wcks=0&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 IP 62.122.171.6 ASN #50245 Serverel Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:23 Last Seen2024-04-17 16:44:22 Times Seen16320 Hash a97eb6fbe6f13b601d5d48c0eba8baae 736efb938caf3d0edec406932ada889f1a4f2268 a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821 Loading...

	ytube2dl.com/static/js/jquery.nice-select.min.js	5.3 kB	2023-03-08	2023-11-19
Pretty URL ytube2dl.com/static/js/jquery.nice-select.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:35:30 Last Seen2023-11-19 14:52:41 Times Seen20 Hash 9e4338b7d3299f283ce45dad21f4d209 5b583e820b39676ccb51ff9d911a7881fca5b676 98c790ddb1f2f5b03f594f16c507038d3a569f514bdb5a4a65e5f2a2ab031d16 Loading...

	pl17445481.profitablecpmgate.com/bace4014c7f34a29f5bb45d0c209255e/invoke.js	25 kB	2023-03-11	2023-03-11
Pretty URL pl17445481.profitablecpmgate.com/bace4014c7f34a29f5bb45d0c209255e/invoke.js IP 173.233.137.36 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:06:50 Last Seen2023-03-11 15:06:50 Times Seen1 Hash d581b87f76db96b73c0c2b08356b44ef ac30b917fd00cc9920f63a29566ea141e6f73409 8bafbc71525e45897d92820d25b6173758b8d769f1813e27d404012323f6cd74 Loading...

	www.google.com/recaptcha/api.js?render=6LfDWNsUAAAAAGaxIiiQpfv-5_b8zWR4mgv7RKvs	884 B	2023-03-08	2023-03-11
Pretty URL www.google.com/recaptcha/api.js?render=6LfDWNsUAAAAAGaxIiiQpfv-5_b8zWR4mgv7RKvs IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:24:35 Last Seen2023-03-11 22:51:10 Times Seen1 Hash 67c0744ca03de8bb39099c5384508e16 57c92f803693176a89a6e4bd855b2b37648510f0 fef9f882af5fc545a73776547937b58d7226ddf95291d7c11184cce967c3689e Loading...

	hgamegallery.com/wp-content/themes/ultimatube/assets/js/skip-link-focus-fix.js?ver=1.0.0	683 B	2023-03-07	2024-04-22
Pretty URL hgamegallery.com/wp-content/themes/ultimatube/assets/js/skip-link-focus-fix.js?ver=1.0.0 IP 162.144.3.79 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:28 Last Seen2024-04-22 00:10:09 Times Seen3283 Hash 75abd4cd8807b312f9f7faeb77ee774b e7b7a7ed06d0123ab8667a1d1eeb23de9f2bece7 ca424c0181141900220a19f998ffa7660380bc99ab99557ad458a083251f7034 Loading...

	ytube2dl.com/	95 B	2023-03-08	2023-11-19
Pretty URL ytube2dl.com/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:35:30 Last Seen2023-11-19 14:52:41 Times Seen8 Hash cfdf11693dd16ab8cee2f49085c5ea20 ece799e561177f35bba74d4d3164805cc9dfa8ad 396aca82bb916340e3a6f0c5a76080dbc12f7eded69c41d89d2fee7abc4a72c6 Loading...

	hgamegallery.com/PID/V-1741/	192 B	2023-03-11	2023-03-11
Pretty URL hgamegallery.com/PID/V-1741/ IP 162.144.3.79 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:06:50 Last Seen2023-03-11 15:06:50 Times Seen1 Hash 4e1c1aa7ae8e3e7e70b6ee4010af4799 6e180d1a9e647e52c4580a0bcb96a55c90663840 e8a201eb8c7e60353bdd44a976326b5205239bf1232e7f0c0954174449e74c33 Loading...

	vjs.zencdn.net/7.8.4/video.min.js?ver=7.8.4	498 kB	2023-03-07	2024-04-22
Pretty URL vjs.zencdn.net/7.8.4/video.min.js?ver=7.8.4 IP 151.101.86.217 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:25:57 Last Seen2024-04-22 01:12:42 Times Seen821 Hash 102cc1896541330762962b95fcb31f95 58af851e231b29a31690a7b74ebfa89a62977a0d be788c49f862ad8e0f7947411cb71db6aac0046b3cee79c3144179a57baf07bb Loading...

	pl17445325.profitablecpmgate.com/a4053ddd11c2864345cfbcfc68e33003/invoke.js	25 kB	2023-03-11	2023-03-11
Pretty URL pl17445325.profitablecpmgate.com/a4053ddd11c2864345cfbcfc68e33003/invoke.js IP 192.243.59.12 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:06:50 Last Seen2023-03-11 15:06:50 Times Seen1 Hash 0cac0f0213cf68e3ed00f9a5bcbbc8cf 5cc76cb6f1ee22880afb246d3587e1eb90379ccc a81e581f3c862c8e1a862a0945ac0a2f487e9ee7ffe37220a679581bd3d9d5c3 Loading...

	streamtape.com/e/eLJpmLa02kiYqzW/	370 B	2023-03-07	2024-04-19
Pretty URL streamtape.com/e/eLJpmLa02kiYqzW/ IP 104.21.47.209 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:29 Last Seen2024-04-19 11:41:18 Times Seen87 Hash 0b3f8544e15a29c2a15dc1af98210a68 ac09e6ba1b671420fc8dcf45dad1d49353f7d5e4 8b6b4924d58cb7afa649222900dcb4b470e9a45c4ce55265d3fa980cb5c8e34c Loading...

	www.adforcast.com/ByPP5y8	4.7 kB	2023-03-11	2023-03-11
Pretty URL www.adforcast.com/ByPP5y8 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:46:00 Last Seen2023-03-11 15:21:20 Times Seen1 Hash bfcd33664d02de7bafa3e6154ebde278 db7fd4f3bd624247e116763ea351fc6f987dd90b ac68315a13c82afeeeede888dffa5fc18be459402b835b791cca32471f19fc7f Loading...

	cdnjs.cloudflare.com/ajax/libs/mdbootstrap/4.15.0/js/mdb.min.js	288 kB	2023-03-08	2023-11-19
Pretty URL cdnjs.cloudflare.com/ajax/libs/mdbootstrap/4.15.0/js/mdb.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:35:30 Last Seen2023-11-19 14:52:41 Times Seen23 Hash 0ab0617cd812730a7a2bb808712f3780 d623d292744ebbd42747ae54b670b3dbd30c3124 4148c2b8202df43aced20987f9541e8dfb9a68daf62cd39b4e899a5946f404c7 Loading...

	c0.wp.com/p/jetpack/11.5.1/_inc/build/photon/photon.min.js	685 B	2023-03-07	2024-04-15
Pretty URL c0.wp.com/p/jetpack/11.5.1/_inc/build/photon/photon.min.js IP 192.0.77.37 ASN #2635 AUTOMATTIC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:05 Last Seen2024-04-15 22:34:30 Times Seen3122 Hash 24626ac4453bf45fe07e6c5d4e859fbd 9adbe5e7a5e1b5fb19aee82a9d765631b62ecb2f 5cfd3418ebf7c95f8f7a9024ebfa383ff5a267a8568c9a2708c26733824bdf07 Loading...

	hgamegallery.com/PID/V-1741/	460 B	2023-03-11	2023-03-11
Pretty URL hgamegallery.com/PID/V-1741/ IP 162.144.3.79 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:06:50 Last Seen2023-03-11 15:06:50 Times Seen1 Hash 332aac8611bd421c83a4034b33ab50e6 75d32b431110984945e9e3b39800c0a773a22d24 3b7700055acba8be97656f7eea7b20f9d82541e2d1d14bd001606eaf2c2d46d3 Loading...

	www.mpshark.com/	7.3 kB	2023-03-08	2023-03-11
Pretty URL www.mpshark.com/ IP 104.21.76.196 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:35:30 Last Seen2023-03-11 15:06:50 Times Seen1 Hash 2c4eb4385cce3d8c22847841b6b6057a 2975f5f0944fd51ea6b84f7461fa35df33e1088e a1b8db50b910fc2a8329ad10469c8ee40f680233b2c3701b0626adbc4f0c6193 Loading...

	misctraff.com/gw?source=Unknown&url=https%3A%2F%2Ffanasti.com%2Frc%2F3d8a3d97e5%3Faffclick%3Dbmconv_20221121052906_5c8ab1f9_5314_46ff_86ea_35e56081f4ca%26pubid%3D135921_Unknown&vId=bmconv_20221121052906_5c8ab1f9_5314_46ff_86ea_35e56081f4ca&hash=26997115f3e3b5c262a2&ete=true	613 B	2023-03-07	2023-04-01
Pretty URL misctraff.com/gw?source=Unknown&url=https%3A%2F%2Ffanasti.com%2Frc%2F3d8a3d97e5%3Faffclick%3Dbmconv_20221121052906_5c8ab1f9_5314_46ff_86ea_35e56081f4ca%26pubid%3D135921_Unknown&vId=bmconv_20221121052906_5c8ab1f9_5314_46ff_86ea_35e56081f4ca&hash=26997115f3e3b5c262a2&ete=true IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:51:16 Last Seen2023-04-01 10:52:49 Times Seen6 Hash 4c2b45dd53048181315d13b481703379 717b62750e976e0ef74d828a4bb2e05721a9c560 2b43920ed2a85698654fe35ab182c8fac38a5af66af95de7d065196470938c14 Loading...

	ytube2dl.com/	7.3 kB	2023-03-08	2023-03-11
Pretty URL ytube2dl.com/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:35:30 Last Seen2023-03-11 15:06:50 Times Seen1 Hash ecfb7cd274ec6cdccb1c708227c1b05a ca2771a8bce09be4405e0d448e5f40ec72cd9df5 ab4d95d002733921ba8ec334a3fe62e368852ebd95428666a967402f9aa8d378 Loading...

	c0.wp.com/p/jetpack/11.5.1/_inc/build/related-posts/related-posts.min.js	5.6 kB	2023-03-07	2024-02-16
Pretty URL c0.wp.com/p/jetpack/11.5.1/_inc/build/related-posts/related-posts.min.js IP 192.0.77.37 ASN #2635 AUTOMATTIC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:25:46 Last Seen2024-02-16 22:34:44 Times Seen429 Hash 94e056ec06898453584e6c4f5528916f f74b7976778cfbd925bfa4231024b6ad6985a01d fe66ac5df69c78be7dfcf75943079129dbf24a254e89febc5a7e916d40de43bc Loading...

	pl17445379.profitablecpmgate.com/85/dd/e4/85dde4232c6b160541619f82fd5c2b8a.js	37 kB	2023-03-11	2023-03-11
Pretty URL pl17445379.profitablecpmgate.com/85/dd/e4/85dde4232c6b160541619f82fd5c2b8a.js IP 192.243.59.13 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:06:50 Last Seen2023-03-11 15:06:50 Times Seen1 Hash e17c194a0222f50d31c636f4820fdbdf 3715361ce2d54ba33644a3a6fe796e636d7b5279 f0e958770d65f57ac9ba6f8acc2514ab4d27ef1ba1f6932217367bfda7b9acaa Loading...

	streamtape.com/js/jquery.min.js	88 kB	2023-03-07	2024-04-23
Pretty URL streamtape.com/js/jquery.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:34 Last Seen2024-04-23 14:07:35 Times Seen95304 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

	unknown	0 B	2023-03-07	2024-04-23
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-23 14:52:25 Times Seen37020906 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	ytube2dl.com/	155 B	2023-03-08	2023-11-19
Pretty URL ytube2dl.com/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:35:30 Last Seen2023-11-19 14:52:41 Times Seen8 Hash 2ae2af5c36efb984b5eedc963919ec8a 345ba83f322e9eb0dfe48b2cbb8499e2988582b7 dbd3d276d148b4e392cb9e4554cc939726c90a37baae11041ca9ccaa14dc41be Loading...

	streamtape.com/ad.js	20 B	2023-03-07	2024-04-19
Pretty URL streamtape.com/ad.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:29 Last Seen2024-04-19 11:41:18 Times Seen280 Hash 69a305bcdc8e061bbd43294a477a3678 506582a1d912d546f5942d95ffae95ec7f4c37ce 8964d85afd6d5d84b97872464646809c952ab900cdf5c5d7c3b7b4bdb74202fa Loading...

	adforcast.com/w3ar3xadw1n	5.3 kB	2023-03-11	2023-03-11
Pretty URL adforcast.com/w3ar3xadw1n IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:46:01 Last Seen2023-03-11 15:21:20 Times Seen1 Hash 174d4d93d7be3a685ea8daf290a96e85 bec9ffe23e3e40b0fab413cf2932930133cc9e1f aefb5d232307a779b926167da6eb355c1e5a34cde4303e80b9e39683ca932a6a Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LfDWNsUAAAAAGaxIiiQpfv-5_b8zWR4mgv7RKvs&co=aHR0cHM6Ly9zdHJlYW10YXBlLmNvbTo0NDM.&hl=en&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=slq08vpd1wy	35 kB	2023-03-11	2023-03-11
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LfDWNsUAAAAAGaxIiiQpfv-5_b8zWR4mgv7RKvs&co=aHR0cHM6Ly9zdHJlYW10YXBlLmNvbTo0NDM.&hl=en&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=slq08vpd1wy IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:06:50 Last Seen2023-03-11 15:06:50 Times Seen1 Hash dd6ac9e313580796c6f1eed0a6a7ecd4 3d26a5b7e54b64c77a026daaa6a873f37f3c40c1 7832a99339a9738ea24cfb850381c6189538e4d81d148c6f3a15fd56b3e648d9 Loading...

	hgamegallery.com/PID/V-1741/	81 B	2023-03-07	2024-04-21
Pretty URL hgamegallery.com/PID/V-1741/ IP 162.144.3.79 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:25:46 Last Seen2024-04-21 15:18:29 Times Seen768 Hash f4c9e0464458ad987d1f86f77235c6ca f2b8bf25879f8a5c82fafaa7e34db8104a9881d3 80c073f3b250d5e17cb70cdb31a3be4ec7f1ab22d05d8f89d2baf1e264ccde30 Loading...

	hgamegallery.com/wp-content/plugins/buymeacoffee/public/js/buy-me-a-coffee-public.js?ver=3.1	863 B	2023-03-07	2024-04-20
Pretty URL hgamegallery.com/wp-content/plugins/buymeacoffee/public/js/buy-me-a-coffee-public.js?ver=3.1 IP 162.144.3.79 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:00 Last Seen2024-04-20 21:36:07 Times Seen47 Hash cdd4adfdc5e861189a809e38988b6f4d a8d994eeeae5893867650f17caaebab1d7c16794 e6182046cadfc5c169c0c4edc97c99d7be56515c05ddd1a070c462501115edde Loading...

	hgamegallery.com/PID/V-1741/	342 B	2023-03-11	2023-03-11
Pretty URL hgamegallery.com/PID/V-1741/ IP 162.144.3.79 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:06:50 Last Seen2023-03-11 15:06:50 Times Seen1 Hash 82b9adc9662b554977b70ed1d6fd25d6 e19df3c9b4dca1b1241f7f754853a0a0058ad730 58911ce82b5d1491b2e643faf188f936dd0ffec5746f03e88788212900cd7741 Loading...

	hgamegallery.com/wp-content/plugins/age-gate/dist/autotab.js?ver=3.0.9	399 B	2023-03-11	2023-03-11
Pretty URL hgamegallery.com/wp-content/plugins/age-gate/dist/autotab.js?ver=3.0.9 IP 162.144.3.79 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:06:50 Last Seen2023-03-11 15:06:50 Times Seen1 Hash 73e645c2e67f5c04219213a63ed45587 04c063331a4d0767e23a1e11cc2684a8eee62635 255096b15b7f190f931b8c938fd9205620bc3c1f9393e970c28daf6b62a52ec9 Loading...

	cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.4.1/js/bootstrap.min.js	60 kB	2023-03-07	2024-04-23
Pretty URL cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.4.1/js/bootstrap.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:23 Last Seen2024-04-23 07:40:54 Times Seen7923 Hash 61f338f870fcd0ff46362ef109d28533 b3c116c65e6f053aaab45e5619a78ec00271a50f 5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548 Loading...

	www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js	409 kB	2023-03-08	2023-03-17
Pretty URL www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js IP 142.250.74.163 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:03 Last Seen2023-03-17 23:14:58 Times Seen1 Hash b2507198388fcc94ca9e94ed4c5561c5 8853fc86f1c616bd20a73e3e24442036fd90fd2f 02c7565a86d6d3a80295b85161d78fc88d8c79a0e314c0c7777570237a365ed0 Loading...

	ytube2dl.com/	106 B	2023-03-08	2023-11-19
Pretty URL ytube2dl.com/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:35:30 Last Seen2023-11-19 14:52:41 Times Seen8 Hash 054798f0c4956fa550ea018a499f44ec 47b44c9b4c31dff76f6d97b2db3d87e9ad078cba 74c9867f82bd2e6b1bcb148e64559d4471da1882af5dfc055575f45eff4518f8 Loading...

	ytube2dl.com/parties	27 B	2023-03-08	2023-03-26
Pretty URL ytube2dl.com/parties IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:35:30 Last Seen2023-03-26 04:12:38 Times Seen3 Hash cf16d21fdb6fc7a14b8d8a5fb52ea610 b406e7a34f6f814a3829fbceeb4dc6dd2664a675 ba31403f28b85e0a93d51fa1bb7996bbef549edd97d9e2adf440a26f56019574 Loading...

	c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery-migrate.min.js	11 kB	2023-03-07	2024-04-23
Pretty URL c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery-migrate.min.js IP 192.0.77.37 ASN #2635 AUTOMATTIC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-23 14:29:05 Times Seen68564 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	hgamegallery.com/wp-content/themes/ultimatube/assets/js/main.js?ver=1.2.3	42 kB	2023-03-07	2024-04-22
Pretty URL hgamegallery.com/wp-content/themes/ultimatube/assets/js/main.js?ver=1.2.3 IP 162.144.3.79 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:28:41 Last Seen2024-04-22 00:10:09 Times Seen138 Hash 5a3a246cb0659d489495c0cdd45f90c5 40350f15de7c2d03af8494b39e1fa45745027548 bdf141b1605d14023875df246708f8eb552e3b00319ef648a78d834384afe6a8 Loading...

	streamtape.com/e/eLJpmLa02kiYqzW/	176 B	2023-03-07	2024-04-19
Pretty URL streamtape.com/e/eLJpmLa02kiYqzW/ IP 104.21.47.209 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:29 Last Seen2024-04-19 11:41:18 Times Seen90 Hash 41cc58e5da3a06326891b8646afc7548 a4a725eadb523ca5dee8b3a9a411357a8ed33976 ecbb8b7b69fb79c8909082c10e5d79f11b280d9a089cfde1b89f08f8364d25af Loading...

	streamtape.com/e/eLJpmLa02kiYqzW/	572 B	2023-03-11	2023-03-11
Pretty URL streamtape.com/e/eLJpmLa02kiYqzW/ IP 104.21.47.209 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:06:50 Last Seen2023-03-11 15:06:50 Times Seen1 Hash 3c72888fad6b2cdd30d0211eceb53e37 c29557de13c46231987568b101005332db81ab7f 67970816990d9939b05d5a83b82f222dbd0e7283615bbd0e15bec130e815e0fc Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LfDWNsUAAAAAGaxIiiQpfv-5_b8zWR4mgv7RKvs&co=aHR0cHM6Ly9zdHJlYW10YXBlLmNvbTo0NDM.&hl=en&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=slq08vpd1wy	69 B	2023-03-07	2024-04-23
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LfDWNsUAAAAAGaxIiiQpfv-5_b8zWR4mgv7RKvs&co=aHR0cHM6Ly9zdHJlYW10YXBlLmNvbTo0NDM.&hl=en&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=slq08vpd1wy IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-04-23 14:29:04 Times Seen99254 Hash 45ecf7458f42da80ac248ad42d610372 a5b3edf8328769bc754e6e616a957ceed4fdadd7 75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf Loading...

	misctraff.com/l/26997115f3e3b5c262a2?source=Unknown&url=https%3A%2F%2Ffanasti.com%2Frc%2F3d8a3d97e5%3Faffclick%3Dbmconv_20221121052906_5c8ab1f9_5314_46ff_86ea_35e56081f4ca%26pubid%3D135921_Unknown&vId=bmconv_20221121052906_5c8ab1f9_5314_46ff_86ea_35e56081f4ca&hash=26997115f3e3b5c262a2&ete=true	40 B	2023-03-07	2023-11-10
Pretty URL misctraff.com/l/26997115f3e3b5c262a2?source=Unknown&url=https%3A%2F%2Ffanasti.com%2Frc%2F3d8a3d97e5%3Faffclick%3Dbmconv_20221121052906_5c8ab1f9_5314_46ff_86ea_35e56081f4ca%26pubid%3D135921_Unknown&vId=bmconv_20221121052906_5c8ab1f9_5314_46ff_86ea_35e56081f4ca&hash=26997115f3e3b5c262a2&ete=true IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:51:16 Last Seen2023-11-10 11:33:12 Times Seen9 Hash c6d1dd7ac3f2244d71bfaecf7b2ed5bf 36d8407e29188e2e1176c14159745475d54e3bb0 6e6ce1d374867d08dccece318a99f64d9744ffe0dc9549836192a45c1b2f203d Loading...

	streamtape.com/e/eLJpmLa02kiYqzW/	84 kB	2023-03-11	2023-03-11
Pretty URL streamtape.com/e/eLJpmLa02kiYqzW/ IP 104.21.47.209 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:06:51 Last Seen2023-03-11 15:06:51 Times Seen1 Hash ee105a781a9c16dbf95d6cf39360aba0 789cef0a6f11da93be928add478d1c53ff0d7251 8a6f95480638735b8fb6b48cb955408d6faf91c6881e5c3ca7e27031fdaf90e5 Loading...

	connect.facebook.net/fr_FR/sdk.js?hash=be4d7b9aeee2afcdfac20d17b3da4ae4	313 kB	2023-03-11	2023-03-11
Pretty URL connect.facebook.net/fr_FR/sdk.js?hash=be4d7b9aeee2afcdfac20d17b3da4ae4 IP 157.240.200.14 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:06:51 Last Seen2023-03-11 15:06:51 Times Seen1 Hash ee79d7b66c07584bdc7d4129269b3e6a 79ff8399376987345e6d7fb2488a962a4b800289 cf352f72a0ae2ced51d1225287572d76bfdbbd22aff7559354cae8e0cd37c665 Loading...

	ytube2dl.com/	246 B	2023-03-08	2023-11-19
Pretty URL ytube2dl.com/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:35:30 Last Seen2023-11-19 14:52:41 Times Seen8 Hash d8a9a74c335bffdd625dca2dc6828dff 9d7a738d45ef3bab1a4b7d30d1e940d84e76c4e2 6edc8decdcdf47c43cd0d52dec5bdcd75328216f3d5e005168cbaa94edbbd575 Loading...

	misctraff.com/l/26997115f3e3b5c262a2?source=Unknown&url=https%3A%2F%2Ffanasti.com%2Frc%2F3d8a3d97e5%3Faffclick%3Dbmconv_20221121052906_5c8ab1f9_5314_46ff_86ea_35e56081f4ca%26pubid%3D135921_Unknown&vId=bmconv_20221121052906_5c8ab1f9_5314_46ff_86ea_35e56081f4ca&hash=26997115f3e3b5c262a2&ete=true	159 B	2023-03-07	2023-04-01
Pretty URL misctraff.com/l/26997115f3e3b5c262a2?source=Unknown&url=https%3A%2F%2Ffanasti.com%2Frc%2F3d8a3d97e5%3Faffclick%3Dbmconv_20221121052906_5c8ab1f9_5314_46ff_86ea_35e56081f4ca%26pubid%3D135921_Unknown&vId=bmconv_20221121052906_5c8ab1f9_5314_46ff_86ea_35e56081f4ca&hash=26997115f3e3b5c262a2&ete=true IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:51:16 Last Seen2023-04-01 10:52:49 Times Seen6 Hash 48a83ec90ead9e71bd4f736446b3799f bc01f9a8ecece2e213fb3b342a73326f00fd7222 8f0223a2f90bed29d68bc83b2984d1de709a8f44bc1b144a7d88afef403c2ff9 Loading...

	streamtape.com/e/eLJpmLa02kiYqzW/	186 B	2023-03-07	2023-04-05
Pretty URL streamtape.com/e/eLJpmLa02kiYqzW/ IP 104.21.47.209 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:45:53 Last Seen2023-04-05 02:11:35 Times Seen5 Hash c818869ced2b462d2528bbcf0978ec69 678036773bf2a2d37df91d7b8a496f5fcfe902fe e19d645752c6f171824ca2cb4cdad2a8b4ffe55786398f41b941539a24d02183 Loading...

	hgamegallery.com/PID/V-1741/	259 B	2023-03-11	2023-03-11
Pretty URL hgamegallery.com/PID/V-1741/ IP 162.144.3.79 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:06:51 Last Seen2023-03-11 15:06:51 Times Seen1 Hash 1acf60a811b5e34861b71a071b7e60d5 534bdd2d36f74418f4f45d5dfe7366fc83e9a911 8da552f6be4032e032cf014ce8b9a363ce96f41d7016c7d0a49c93d187af4809 Loading...

	hgamegallery.com/PID/V-1741/	196 B	2023-03-11	2023-03-11
Pretty URL hgamegallery.com/PID/V-1741/ IP 162.144.3.79 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:06:51 Last Seen2023-03-11 15:06:51 Times Seen1 Hash 1c82b6deedb1b7964e6830361f7e2181 4648f95d41398dc0c9a68cba1f94c880558601ae 33c3bbd19f5aa207e1981716c06573989de97d688510f4f78dbf88391075d443 Loading...

	pl17445483.profitablecpmgate.com/bd38453025de0eb11821070501c78831/invoke.js	25 kB	2023-03-11	2023-03-11
Pretty URL pl17445483.profitablecpmgate.com/bd38453025de0eb11821070501c78831/invoke.js IP 173.233.137.44 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:06:51 Last Seen2023-03-11 15:06:51 Times Seen1 Hash 7716c8d285d2068f0c851454b17d0903 8abb8c611f6292daea9134c28088e0bffc55d845 fdbada451a67ac7261cb724670ca489adc7351c2586f8afaba1d3e871a7a81a5 Loading...

	www.topdisplayformat.com/46de34ba3992a32486c1b089a1e267de/invoke.js	27 kB	2023-03-11	2023-03-11
Pretty URL www.topdisplayformat.com/46de34ba3992a32486c1b089a1e267de/invoke.js IP 192.243.59.20 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:05:05 Last Seen2023-03-11 16:35:47 Times Seen1 Hash d441fb49f3f4cb3d752d0b1ecab5f958 c4d7de7a4b472a4a2fe97afe238f73010d8cf735 5abe037465bb6e16c3e6ce869ab9d9d8fa1da8779f6fd10eb3de5bfe45f646a0 Loading...

	hgamegallery.com/wp-content/plugins/age-gate/dist/all.js?ver=3.0.9	76 kB	2023-03-07	2023-03-26
Pretty URL hgamegallery.com/wp-content/plugins/age-gate/dist/all.js?ver=3.0.9 IP 162.144.3.79 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:41:01 Last Seen2023-03-26 03:30:11 Times Seen2 Hash 92e0ce6ee472973c5f5c93b8f359afe4 82485a4ecb17fe4ac1d1d6c08b58e3b4a76689cc 92ca9fa7a7cc931c17d2f0a9845a09f88f842f663e4a33fc20a92c736103e731 Loading...

	www.topdisplayformat.com/46de34ba3992a32486c1b089a1e267de/invoke.js	27 kB	2023-03-11	2023-03-11
Pretty URL www.topdisplayformat.com/46de34ba3992a32486c1b089a1e267de/invoke.js IP 192.243.59.20 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:05:05 Last Seen2023-03-11 23:36:10 Times Seen1 Hash 2d4d3d102231c4a3677dc855c322bc45 0e55bb276fd4b5f4a359574735621b698200dcc9 8eb7a0574f918d946026a497ae2f9affdf844b924bd736025338b793bf1dc4b0 Loading...

	streamtape.com/e/eLJpmLa02kiYqzW/	54 B	2023-03-07	2024-04-19
Pretty URL streamtape.com/e/eLJpmLa02kiYqzW/ IP 104.21.47.209 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:29 Last Seen2024-04-19 11:41:18 Times Seen87 Hash 2823d7b7a22610d80a99e65878e70ae8 545e80f2fabeb1eb49cebb7088635dcc4a867d44 36c7a0369978008d36a90e0e62177759df257606497bcef68e3a0f5b30c65c97 Loading...

	bg4nxu2u5t.com/get/1876944?zoneid=1876944&jp=_cl0hhnonftfus7bkn50e46&nojs=0&ix=0&abvar=0&t=0&x=891&y=501&wcks=0&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=1516754791611063	3.1 kB	2023-03-11	2023-03-11
Pretty URL bg4nxu2u5t.com/get/1876944?zoneid=1876944&jp=_cl0hhnonftfus7bkn50e46&nojs=0&ix=0&abvar=0&t=0&x=891&y=501&wcks=0&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=1516754791611063 IP 62.122.171.6 ASN #50245 Serverel Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:06:51 Last Seen2023-03-11 15:06:51 Times Seen1 Hash 4f6bf54da19dd12bf691dbd398f4f7a7 2e0c8b87a3efbcc9000ceca9b6aabb277ebaffde 68ab52cd1e4cff5b80579bd55e0b7f4c610a931d2f6515c75b09b4b629b2dfa3 Loading...

	ytube2dl.com/firstpage	40 kB	2023-03-08	2023-05-04
Pretty URL ytube2dl.com/firstpage IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:35:30 Last Seen2023-05-04 23:17:30 Times Seen5 Hash f0983f50d62932ab267991f63a4e0c44 0f058430f46a9674490ec980bcde9e3ad930981d bbd2d6287ae69eae41a1645c29ce6d0f5e434d860c167afacb0ecee288f8b0f7 Loading...

	streamtape.com/e/eLJpmLa02kiYqzW/	3.4 kB	2023-03-07	2023-03-17
Pretty URL streamtape.com/e/eLJpmLa02kiYqzW/ IP 104.21.47.209 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:29 Last Seen2023-03-17 10:21:46 Times Seen1 Hash 76e1c83d5267fb054bf84b2c4e69eb36 06384efffecebaafb3189e3acb997f91d329274b 020eebd1837859c38c579b36c900c5f7166ca6080d29f2cccf1cc37d6325c204 Loading...

	cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.4/umd/popper.min.js	20 kB	2023-03-07	2024-04-09
Pretty URL cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.4/umd/popper.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:09 Last Seen2024-04-09 10:44:24 Times Seen401 Hash 84910d80281fc6b554f4ae2d14612494 af6f046adaab7e1501adee034fb7c366b8c059fc 106b3d4f5c4c1ddbccd6078cf233e9a28f04675575551b26709cfc381c8434b0 Loading...

	misctraff.com/l/26997115f3e3b5c262a2	36 kB	2023-03-07	2023-04-01
Pretty URL misctraff.com/l/26997115f3e3b5c262a2 IP 172.67.129.169 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:32:12 Last Seen2023-04-01 10:52:49 Times Seen6 Hash bae9d72de4ce69ca853503d298faebca fb1d3086f1451d468387c2eee8ef7c4a8ed4125a eca5eb0eb5dbb762654434f9c247d7917fa045b6fe6f827074b6bb2b48f8d061 Loading...

	hgamegallery.com/PID/V-1741/	342 B	2023-03-11	2023-03-11
Pretty URL hgamegallery.com/PID/V-1741/ IP 162.144.3.79 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:06:51 Last Seen2023-03-11 15:06:51 Times Seen1 Hash 0c763579e2a099800e1a3e1f7cf4cb10 9444f9f343338e792f5e2e41bbcf91c8b536e7c6 d8165a24fb76e9fb2959372104d6a18281b48dc6b935a124ab9e0755afca178a Loading...

	hgamegallery.com/wp-content/plugins/age-gate/dist/age-gate.js?ver=3.0.9	81 kB	2023-03-11	2023-03-11
Pretty URL hgamegallery.com/wp-content/plugins/age-gate/dist/age-gate.js?ver=3.0.9 IP 162.144.3.79 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:06:51 Last Seen2023-03-11 15:06:51 Times Seen1 Hash 58265dac22308ef444b6363b2f790d64 48dbd75ab9b72d8a741dea90aa7dfc18430a0a1d b38e17a8691293d83f8f0d99af9a6a50ba24e167d3c5e6b5815f445fdbdf0b37 Loading...

	www.topdisplayformat.com/3e2dd0cec782679e02313b91991c909e/invoke.js	27 kB	2023-03-11	2023-03-11
Pretty URL www.topdisplayformat.com/3e2dd0cec782679e02313b91991c909e/invoke.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:05:05 Last Seen2023-03-11 15:13:28 Times Seen1 Hash 40c8e17f3a3d2caaff27b306456b7f35 6ab6a35048aaba9657f2a2a77febcf474e2beccc 95cb9e580dbbe7278333fb1bbb3fe1a9d2bb52048033ad595a87ae0797ef3ee9 Loading...

	hgamegallery.com/PID/V-1741/	234 B	2023-03-11	2023-03-11
Pretty URL hgamegallery.com/PID/V-1741/ IP 162.144.3.79 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:06:51 Last Seen2023-03-11 15:06:51 Times Seen1 Hash a448f202a298530ecec051a6962d7757 f3f2bdd0bf7a2cdf2c8772d1cd14856d958dff66 45ece3793e26f7a3886782b6dec652a87ff17e3254776390582abe2302157e52 Loading...

	streamtape.com/e/eLJpmLa02kiYqzW/	280 B	2023-03-11	2023-03-11
Pretty URL streamtape.com/e/eLJpmLa02kiYqzW/ IP 104.21.47.209 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:06:51 Last Seen2023-03-11 15:06:51 Times Seen1 Hash 95da613d3e18746c03f8f6c5b9967574 ed3d96bac695226209a90d9db20408af78c56875 181e7b9d62fe358cefd6a547d3c7b3cd917bb7f5ac47b204dbd36b61b68d6e9f Loading...

	ytube2dl.com/	4.8 kB	2023-03-07	2023-12-23
Pretty URL ytube2dl.com/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:08:48 Last Seen2023-12-23 22:19:30 Times Seen37 Hash 844de11da673c3fca7adb8459ad7e116 acdb707223d118addf5a1782cc3086ad7e0f0120 da9b8b4d421275c7df1c8cbc309eece3bacff5046f86fd802f05d505e0472723 Loading...

	c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery.min.js	90 kB	2023-03-08	2024-04-23
Pretty URL c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery.min.js IP 192.0.77.37 ASN #2635 AUTOMATTIC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-04-23 12:49:20 Times Seen31791 Hash 17738318d61d394f1de8890d589afaec f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3 cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981 Loading...

	streamtape.com/e/eLJpmLa02kiYqzW/	207 B	2023-03-07	2024-04-19
Pretty URL streamtape.com/e/eLJpmLa02kiYqzW/ IP 104.21.47.209 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:29 Last Seen2024-04-19 11:41:18 Times Seen88 Hash 326bf869435fdfd3d3e2b6ae92504faa d8f389560a57eebe30e47336c04d60bb0f78642c 02dfbc5561a44e0bd21e3eaa85c620c2d76658781f136705c7c2e91a715e87f9 Loading...

	streamtape.com/e/eLJpmLa02kiYqzW/	3.0 kB	2023-03-11	2023-03-11
Pretty URL streamtape.com/e/eLJpmLa02kiYqzW/ IP 104.21.47.209 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:46:00 Last Seen2023-03-11 15:21:20 Times Seen1 Hash d0138a61dd4e38bacb4b956c35c5bc5a 5720a1c205df8991a27378ced9aacca232992f39 8b802e4387bd1b56664a91ccd50bee8d1cb5eb993d73702b004d203cf9c1e6ab Loading...

	hgamegallery.com/PID/V-1741/	162 B	2023-03-07	2024-02-25
Pretty URL hgamegallery.com/PID/V-1741/ IP 162.144.3.79 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:31:38 Last Seen2024-02-25 23:53:57 Times Seen52 Hash 25856f3da48fffe957284f3b52b78f2e 19a1ee9231168a4219b9695755b4c0be860d2185 ef1281ab853e8c2115a1fa8391c61d19e843628259059642793bd81773e26596 Loading...

	c0.wp.com/c/6.1.1/wp-includes/js/comment-reply.min.js	3.0 kB	2023-03-07	2024-04-23
Pretty URL c0.wp.com/c/6.1.1/wp-includes/js/comment-reply.min.js IP 192.0.77.37 ASN #2635 AUTOMATTIC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-23 14:29:05 Times Seen29224 Hash 492f2c1a7ea7eb83fe42e0ff7cb51aa2 db36a77f6aaa2063bfbec02c2c0e967438c5a245 e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789 Loading...

	ytube2dl.com/static/js/wow.min.js	4.8 kB	2023-03-07	2024-04-23
Pretty URL ytube2dl.com/static/js/wow.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:25:59 Last Seen2024-04-23 04:27:33 Times Seen1586 Hash 1d974e35932504e7bc160cef807ea041 289bb4e924c418a7c229ae90c4ed6ec9f07866e8 bf5756b42791ad1d693196b5b2e57e93a387d45dee7ba02322a001c451b8df05 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-20
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-20 17:36:09 Times Seen1522 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	monkeysloveyou.com/i/npage/1938828/code.js	213 kB	2023-03-11	2023-03-11
Pretty URL monkeysloveyou.com/i/npage/1938828/code.js IP 62.122.171.6 ASN #50245 Serverel Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:06:51 Last Seen2023-03-11 15:06:51 Times Seen1 Hash e986be4d9dce0dfdea9179f8da6bbdbf 4fb27b8adc1ff3b15ccf2290e60b813247f838aa f6e0e580c33606aa5e1e163baa7d05977c6641c2b006ee5eb034e6afc710e03c Loading...

	monkeysloveyou.com/get/1938828?zoneid=1938828&jp=_clprjquqou9uhnjdj170zd&nojs=0&ix=0&abvar=0&t=0&x=891&y=501&wcks=0&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=5738879442201701	9.3 kB	2023-03-11	2023-03-11
Pretty URL monkeysloveyou.com/get/1938828?zoneid=1938828&jp=_clprjquqou9uhnjdj170zd&nojs=0&ix=0&abvar=0&t=0&x=891&y=501&wcks=0&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=5738879442201701 IP 62.122.171.6 ASN #50245 Serverel Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:06:51 Last Seen2023-03-11 15:06:51 Times Seen1 Hash bef046cca5c8f9b7e5ce905392d489ad cbad8fe01f98a43326cadd6645f8d019b1ba40ab 828dd8e1b6f6b5733ebbd10198270ba32a81f032212488281e31713711be12f8 Loading...

	adforcast.com/w3ar3xadw1n	208 B	2023-03-11	2023-03-11
Pretty URL adforcast.com/w3ar3xadw1n IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:46:00 Last Seen2023-03-11 15:21:20 Times Seen1 Hash fd1566326190c0df335064a92a5f3799 8d10a2738eeed735feabd0254240f5b3b069c084 08cf1a57f25ee2edfd351951ad04f55ae0119b407cf9e06c46ca0c23811259e6 Loading...

	www.mpshark.com/	77 B	2023-03-08	2023-11-19
Pretty URL www.mpshark.com/ IP 104.21.76.196 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:35:30 Last Seen2023-11-19 14:52:41 Times Seen5 Hash 028ac24ee6a6fa5d0db0066a97fb82ef b2fcf76d76ee5a74d076d30e14f20b0ea8f84603 fa24fa780f5c46c38a5269fc57aaf18746868ee20b5ad56afef20e65233e8c54 Loading...

	hgamegallery.com/PID/V-1741/	1.4 kB	2023-03-11	2023-03-11
Pretty URL hgamegallery.com/PID/V-1741/ IP 162.144.3.79 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:06:51 Last Seen2023-03-11 15:06:51 Times Seen1 Hash b5890eb7e4b835ef4dd45b0a1ed22aa9 d4a9c10209948702e79dabab345c3b636e213ff2 18a14d797c262c8d825966d13b5e9ac18f4dff8c8b6f4873332af00de15b8fad Loading...

	stats.wp.com/e-202247.js	9.0 kB	2023-03-07	2024-01-05
Pretty URL stats.wp.com/e-202247.js IP 192.0.76.3 ASN #2635 AUTOMATTIC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:19 Last Seen2024-01-05 09:08:33 Times Seen3233 Hash 9152c169155daa333287728cb8e4ae93 1e45a9ea1464acf983f022567cb9f669f4c77f65 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302 Loading...

	hgamegallery.com/PID/V-1741/	2.1 kB	2023-03-11	2023-03-11
Pretty URL hgamegallery.com/PID/V-1741/ IP 162.144.3.79 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:06:51 Last Seen2023-03-11 15:06:51 Times Seen1 Hash b753298d3aa5e447b835fab567bd7cb6 656bc5d345667cb15c71b84747fb7ea3f4dcfce4 7c28771a9f54e0f08ae639116bb5de455f0fd3a1b4639ac602255ca831c70b71 Loading...

	hgamegallery.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1	19 kB	2023-03-07	2024-04-23
Pretty URL hgamegallery.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 IP 162.144.3.79 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-23 14:29:05 Times Seen38024 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	www.googletagmanager.com/gtag/js?id=UA-166309154-1	112 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtag/js?id=UA-166309154-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:06:51 Last Seen2023-03-11 15:06:51 Times Seen1 Hash d873ab4e7c63d52b74057a8a11c75005 e691f4932969b7c0e17a91f0d57af419bbc96ed7 2bd31873bff73dea8d49d6693bd137635a94dcae8d1f2e0455b52690f846373a Loading...

	ytube2dl.com/	481 B	2023-03-08	2023-11-19
Pretty URL ytube2dl.com/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:35:30 Last Seen2023-11-19 14:52:41 Times Seen8 Hash fe3dfccb4455e5df10ae99beec93285b ad87945a683d660506e697a47c2f521b7b20f5f2 00d205e4a02bb28a78d1f98d9f0c514626019ce70406085591bf782303130bfc Loading...

		Size	First Seen	Last Seen
	#1 Eval - cf9cdead93f342096e12fb07dbf0f25a	17 B	2023-03-07	2023-11-19
Pretty Observations First Seen2023-03-07 01:32:12 Last Seen2023-11-19 14:52:41 Times Seen406 Hash cf9cdead93f342096e12fb07dbf0f25a 9aae4c180de3d75c4b16763fea8dbaf062a9bf00 4e497366a4892d5ce875783f193da0137ebdd0809471b7631b2f712d6d44f16b Loading...

	#2 Eval - 720ea2c69788d95e12b9c3b0bd538193	16 B	2023-03-07	2023-11-19
Pretty Observations First Seen2023-03-07 01:32:12 Last Seen2023-11-19 14:52:41 Times Seen407 Hash 720ea2c69788d95e12b9c3b0bd538193 948abeacef6f8ee9f6be695c91a2f241486b159c 41d81863b376579e97e0f208f9909f29e8cea98f7e1a73c6d7312910fb551211 Loading...

	#3 Eval - 5fb534891569d6413d689c1b4594d8dc	3.1 kB	2023-03-07	2023-11-19
Pretty Observations First Seen2023-03-07 01:32:12 Last Seen2023-11-19 14:52:41 Times Seen162 Hash 5fb534891569d6413d689c1b4594d8dc 2b8592f3cec6530c5ed7b2ef418cd73e7cd293ba 385970f3623318c3bd082439513869627469eaaa858b885a67ec1bbaa988d74d Loading...

	#4 Eval - 63d943c1c3aebc696a21a8fd7a2d5b44	76 B	2023-03-07	2023-11-19
Pretty Observations First Seen2023-03-07 01:32:12 Last Seen2023-11-19 14:52:41 Times Seen406 Hash 63d943c1c3aebc696a21a8fd7a2d5b44 885dbb8e851952d0e567d2208670df567b2cd9ef 14cb904bdbbc5327a1550650ad0eeffe68de8e895cc7e63b6356a74e538e47f3 Loading...

	#5 Eval - f9b016ddf28ced27645fb46b350c8201	21 B	2023-03-07	2023-11-19
Pretty Observations First Seen2023-03-07 01:32:12 Last Seen2023-11-19 14:52:41 Times Seen406 Hash f9b016ddf28ced27645fb46b350c8201 0bbeeafe56373d82d07ed1ef5486f9a4981ce33f 617f4e071f976d4ae9458cf8ab193bf49417269d8284920ec60978cbca63e713 Loading...

	#6 Eval - 4c8dca5a179c77207820c3f0b4d87561	1.8 kB	2023-03-07	2023-11-19
Pretty Observations First Seen2023-03-07 01:32:12 Last Seen2023-11-19 14:52:41 Times Seen162 Hash 4c8dca5a179c77207820c3f0b4d87561 7d8b7a59fd58a0dbd6b2d98f10717591c248abce 2d5dac43cfde111edda5f946f94cf0d6867e9a8cad4452d43c5b24dbb2d5c104 Loading...

	#7 Eval - c17b56846490df41520a80b9987a2251	1.3 kB	2023-03-07	2023-11-19
Pretty Observations First Seen2023-03-07 01:32:12 Last Seen2023-11-19 14:52:41 Times Seen162 Hash c17b56846490df41520a80b9987a2251 75bca933200c106b6a01f9034a0d7e335cbb6585 074aee63ecc5a52f2c0457953b9be56fbbcc3d50810ae18d89f52df9e70cbaff Loading...

	#8 Eval - 75d557989a7d84881ee6bbe75a674962	22 B	2023-03-07	2024-04-23
Pretty Observations First Seen2023-03-07 01:03:05 Last Seen2024-04-23 12:49:19 Times Seen9051 Hash 75d557989a7d84881ee6bbe75a674962 b4a08279a6c2f3a2cd5a7861e81943a755b9d452 e924fcaf65b8ea057cb30e32bbdf04fdafe2bde622539d6d1abc466b050917d5 Loading...

	#9 Eval - 11ee52d7d946086f4a0102e13615d2b9	16 kB	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 12:43:11 Last Seen2023-03-11 22:18:11 Times Seen1 Hash 11ee52d7d946086f4a0102e13615d2b9 3526c99c18e8ec476d3ed7e5d5c63cbc2724a2e2 1f18d938a27693ef85cb1dc556affd9efeab304812ad54bc5fcede37c4cd13ab Loading...

	#10 Eval - f9ad330dc963044bc565a663e9dcebad	21 kB	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 15:06:51 Last Seen2023-03-11 15:06:51 Times Seen1 Hash f9ad330dc963044bc565a663e9dcebad d6af58a164baacb3545c5b5aa45ff0662f98861b aecb7e7f41e106c1c617edd2c15468de3cd4e558c352fe4668c26746c19903d6 Loading...

	#11 Eval - 05b8c74cbd96fbf2de4c1a352702fbf4	6 B	2023-03-07	2024-04-23
Pretty Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-23 14:34:12 Times Seen54497 Hash 05b8c74cbd96fbf2de4c1a352702fbf4 320ad267d8d969f285eda5c184f5455bd29c8c95 44ff7b02c80d38b26dd6aa31d9470aed81b32e10331a3c994fb1a9945fd847ba Loading...

	#12 Eval - a33f9cb37f91269a9ba5dc827fd93e92	24 B	2023-03-07	2023-11-19
Pretty Observations First Seen2023-03-07 01:32:12 Last Seen2023-11-19 14:52:41 Times Seen406 Hash a33f9cb37f91269a9ba5dc827fd93e92 d3b2ae0aa2d40bc825f48d998592e0cf28111b95 9e181f34333f16f006fb93f681f35568351e8a816193ce3de96c6138aa577c25 Loading...

	#13 Eval - fd7f3932bcd7bad28a8be4f8b4232678	461 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 15:06:51 Last Seen2023-03-11 15:06:51 Times Seen1 Hash fd7f3932bcd7bad28a8be4f8b4232678 83f70ad727c9fa0dea63c0594c882f95c8ce1f07 47248abf9f61643bc0b67a3b275e98c27e3d041e21f891281e746db49fe0c173 Loading...

	#14 Eval - bdbd9c49004d433b414edf02e880d0e2	54 B	2023-03-07	2023-11-19
Pretty Observations First Seen2023-03-07 01:32:12 Last Seen2023-11-19 14:52:41 Times Seen406 Hash bdbd9c49004d433b414edf02e880d0e2 c170810cb79016c74f7e783128167201438f1e37 348582d0671fd396a0e0893c01f4641478cf0ffb00224707b334e32da0336b82 Loading...

	#15 Eval - 6a9ddfbfe8ff1188bef9ef5e09955706	41 B	2023-03-07	2023-11-19
Pretty Observations First Seen2023-03-07 01:32:12 Last Seen2023-11-19 14:52:41 Times Seen406 Hash 6a9ddfbfe8ff1188bef9ef5e09955706 6481f4c5b667a5f4102b0b7909fd1c6fb53c5bb4 c918021525d5a508a6ee88ae5b2919c810cd36835373ea16ca9f09b9eb289e61 Loading...

	#16 Eval - 14d5ed5041bb7fc6577c66372f2aa799	24 B	2023-03-07	2024-04-23
Pretty Observations First Seen2023-03-07 01:03:04 Last Seen2024-04-23 12:49:19 Times Seen9607 Hash 14d5ed5041bb7fc6577c66372f2aa799 c38816db0aebc6ba8ba2bc6076384279b8331515 893fe12669f916947d99616b788aa245f8b45c5b8b34544df4114a6a789217ab Loading...

	#17 Eval - 43969c1751dca880abf8119487e82ec3	18 B	2023-03-07	2023-11-19
Pretty Observations First Seen2023-03-07 01:32:12 Last Seen2023-11-19 14:52:41 Times Seen406 Hash 43969c1751dca880abf8119487e82ec3 3df4b4966aa38ec32d1edb4967055a5d0310f8fc 0d2f3394781da0c545d8f949a21bfbd964bbd4f07abac88cdb582a1a3a3bd140 Loading...

	#18 Eval - be9ac7e669a2dad91228483f1dbf4f0c	40 B	2023-03-07	2023-11-19
Pretty Observations First Seen2023-03-07 01:32:12 Last Seen2023-11-19 14:52:41 Times Seen406 Hash be9ac7e669a2dad91228483f1dbf4f0c ac7936e641085e0899459a091e5d742b663aab50 c0da1926a7d52f271508d4547b78c55bbef88cd5a68256a8b8691ff5a1211421 Loading...

	#19 Eval - 0f6e1489950b92c64609d011c6a90a4d	64 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 12:43:11 Last Seen2023-03-11 22:18:11 Times Seen1 Hash 0f6e1489950b92c64609d011c6a90a4d 514d763f8272474c99cec15a4ba348f2c82e6842 8b1281464531a60e0f3bdcc8629e9ba0ad55025989f2e5d4060e1abcd147514d Loading...

	#20 Eval - 83f5303675a866b79c01e7b98b545be9	22 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 12:43:11 Last Seen2023-03-11 22:18:11 Times Seen1 Hash 83f5303675a866b79c01e7b98b545be9 24861a7dc2814f19e25fec809f9a4cc9603aea82 234530f36f0f2f3ae80b035a8b59a0e1c200086f7b874ee23458c7bb36a42aab Loading...

	#21 Eval - b0acce158f38828b26bd4ecdd6cdfc91	630 B	2023-03-07	2023-11-19
Pretty Observations First Seen2023-03-07 01:32:12 Last Seen2023-11-19 14:52:41 Times Seen162 Hash b0acce158f38828b26bd4ecdd6cdfc91 e34c08b94568d0db79f9cd46dad5d2372dd1fa5d 0691180dfac608e37240d76f4d59d8d8b7ba9c44f7eeb1a4c9012096924859d3 Loading...

	#22 Eval - c9f7198c57735fa7a7a8ac2cc18dd542	9 B	2023-03-07	2024-04-23
Pretty Observations First Seen2023-03-07 01:02:46 Last Seen2024-04-23 12:49:19 Times Seen24889 Hash c9f7198c57735fa7a7a8ac2cc18dd542 d78ec33d89c7283a59982f10f71e7e305fa1ce93 ebf49dcd836f810084c14e0f2dab4dc1768bbdc5980481bf201fcf76771dff7a Loading...

	#23 Eval - eb69d1a27b72c3bec9532026c3bf88e5	52 B	2023-03-07	2023-11-19
Pretty Observations First Seen2023-03-07 01:32:12 Last Seen2023-11-19 14:52:41 Times Seen406 Hash eb69d1a27b72c3bec9532026c3bf88e5 8043ab5b87e9adb4316eb4ce996db3dcf4354fdb b259c748fbda3ff0fb3da7cc981f211f5bc1900479085eb42b364e7e279196db Loading...

	#24 Eval - e9980b7c356217c47dd4d8d7b82ad06b	49 B	2023-03-07	2023-11-19
Pretty Observations First Seen2023-03-07 01:32:12 Last Seen2023-11-19 14:52:41 Times Seen406 Hash e9980b7c356217c47dd4d8d7b82ad06b d4d65eb911677c2993304398ac678464c29425a0 12d2b5201aa32533f9a8142347fd314085d590c0e325c4fd829d969f641c7597 Loading...

	#25 Eval - 276043837e86ab6e15dd6813dc504fa1	26 B	2023-03-07	2023-11-19
Pretty Observations First Seen2023-03-07 01:32:12 Last Seen2023-11-19 14:52:41 Times Seen406 Hash 276043837e86ab6e15dd6813dc504fa1 ddadf24faf6b8f6234f2878fc27709995e302c39 05e674baeafb9b1b474f62bf6437edac3d766d9a4f970a9b8c426dd5944b1b78 Loading...

	#26 Eval - 7263dd2f047f8b494a8086d163be753a	20 B	2023-03-07	2023-11-19
Pretty Observations First Seen2023-03-07 01:32:12 Last Seen2023-11-19 14:52:41 Times Seen406 Hash 7263dd2f047f8b494a8086d163be753a ef858c8b012746f4e9330eaafb1a304c4ad91cf5 fe783a681fdabdcde7ecbdaeb564698108cb572b848309094f69ccfa33c755dc Loading...

	#27 Eval - cd030a4b3969e32dacd186e3c0912811	38 B	2023-03-07	2023-11-19
Pretty Observations First Seen2023-03-07 01:32:12 Last Seen2023-11-19 14:52:41 Times Seen406 Hash cd030a4b3969e32dacd186e3c0912811 1f8fb0ce63af8c056b182f9ba0795e64429d990b 3fa07f862121f35b008c155351b6665a7fdb947a74fc6aca770122abf30700e4 Loading...

	#28 Eval - 975b8c363a87e4ef9f390b77ca94f121	26 B	2023-03-07	2023-11-19
Pretty Observations First Seen2023-03-07 01:32:12 Last Seen2023-11-19 14:52:41 Times Seen406 Hash 975b8c363a87e4ef9f390b77ca94f121 3dccf60ab1bc21dccf98bcf89aeb26208a744111 40176e2bc67dbefc1e99be7ebf106c9cff44d45fb5d0181163ae073c69761e45 Loading...

	#29 Eval - abd10008cf7bfff0f99f98ae26fe96bf	23 B	2023-03-07	2023-11-19
Pretty Observations First Seen2023-03-07 01:32:12 Last Seen2023-11-19 14:52:41 Times Seen406 Hash abd10008cf7bfff0f99f98ae26fe96bf 6267c80703db1545ef3153facebf8a16d8432e82 774279bde1e7d1190e16dc05e65262e65007181a10ba40f2c7b61a5d449d930e Loading...

	#30 Eval - 6e8f1bdc7cf4cf152e9c37e5d2ff4f6e	15 kB	2023-03-07	2023-11-19
Pretty Observations First Seen2023-03-07 01:32:12 Last Seen2023-11-19 14:52:41 Times Seen162 Hash 6e8f1bdc7cf4cf152e9c37e5d2ff4f6e 131c388eedf3f5b6bfd1f5e6c39e1f5990f14c55 43aaae6e00287913b88e92416d2d175c9ee2aaae8f1f115231c42be1a0d62e4f Loading...

	#31 Eval - db2387b454fa37117acebfd67dd00f58	18 B	2023-03-07	2024-04-23
Pretty Observations First Seen2023-03-07 01:03:05 Last Seen2024-04-23 12:49:19 Times Seen9908 Hash db2387b454fa37117acebfd67dd00f58 77737fb669256fdd8c0854d1bf4768bb1720ef3a 318e5db431b7c9515f38ae97da21d7c4e75ec281aea96271c0d0f4e22b35df92 Loading...

	#32 Eval - efc8033fd3386d2dd5ab870d20475f67	29 B	2023-03-07	2023-11-19
Pretty Observations First Seen2023-03-07 01:32:12 Last Seen2023-11-19 14:52:41 Times Seen406 Hash efc8033fd3386d2dd5ab870d20475f67 6cbe37002f89c5492bc7a6928d6d3ea15392c0bc 9e3d1a931a20eb74656e83030fd1c7d1bb1275e9e0d1add27e892cf03fd6bb36 Loading...

	#33 Eval - 2437f34dc794c2126dcbf41744b93b8c	42 B	2023-03-07	2023-11-19
Pretty Observations First Seen2023-03-07 01:32:12 Last Seen2023-11-19 14:52:41 Times Seen406 Hash 2437f34dc794c2126dcbf41744b93b8c a67dcb74626eb4b4fe7fc88c6dfad99aa7051832 8021241bc73e6ad2ba02b800b416826bb30799b35ee8dadf3f2202ee662f891e Loading...

	#34 Eval - fdc3bdefb79cec8eb8211d2499e04704	8 B	2023-03-07	2024-04-22
Pretty Observations First Seen2023-03-07 01:32:12 Last Seen2024-04-22 00:22:16 Times Seen1394 Hash fdc3bdefb79cec8eb8211d2499e04704 4f8278c89ad16da05fec4fdfc61fe44798b92720 43cc23fa52b87b4cc1d02b5b114154151d6adddb17c9fddc06b027fa99e24008 Loading...

	#35 Eval - 2c56c360580420d293172f42d85dfbed	3 B	2023-03-07	2023-11-19
Pretty Observations First Seen2023-03-07 01:32:12 Last Seen2023-11-19 14:52:41 Times Seen406 Hash 2c56c360580420d293172f42d85dfbed 194e13da720a1f025685e5d677eba8a1aff3860a b581e46042cbfbb0af4542a858079a84fd3ae98e5563f615710191d5b3597680 Loading...

	#36 Eval - e6b391a8d2c4d45902a23a8b6585703d	3 B	2023-03-07	2023-11-19
Pretty Observations First Seen2023-03-07 01:32:12 Last Seen2023-11-19 14:52:41 Times Seen406 Hash e6b391a8d2c4d45902a23a8b6585703d 0e2d9b0777a485c1276de0803c12a7d76fbc5c39 e7a241debad56609ee660a5d2ef258a1aceb7357ff210ac66d7280b3add02a9a Loading...

	#37 Eval - e2ecf2c0048567cd02d6ed97824597ee	15 B	2023-03-07	2023-11-19
Pretty Observations First Seen2023-03-07 01:32:12 Last Seen2023-11-19 14:52:41 Times Seen407 Hash e2ecf2c0048567cd02d6ed97824597ee 9db637ab084a17ac81478a045a51d8242d7e6da5 aaebde6c0138d8b568f293a11ba445d4c9dc4fb34e022a2074ad1c3112077765 Loading...

	#38 Eval - abd10cc67723bbf05a0f38eb5ba9058e	38 B	2023-03-07	2023-11-19
Pretty Observations First Seen2023-03-07 01:32:12 Last Seen2023-11-19 14:52:41 Times Seen406 Hash abd10cc67723bbf05a0f38eb5ba9058e 297983f5805ae4a50ed94114df66165bc5c4a75b c900a412ca2d12202f50bec97c2dc0566743d5b7b020d8c84f5f12d24411cfd9 Loading...

	#39 Eval - eab3301c164f2e6984d71e6ca62f59e6	11 B	2023-03-07	2023-11-19
Pretty Observations First Seen2023-03-07 01:32:12 Last Seen2023-11-19 14:52:41 Times Seen406 Hash eab3301c164f2e6984d71e6ca62f59e6 8d2633e8db0b0db919d7623353132b8a9a3fc523 27433b327855c10be2aaf833f5d519d87462f5951d1224a8681b9ded1df2dda7 Loading...

	#40 Eval - 515d9d3a40c12e616a5ee2e443306b2b	13 B	2023-03-07	2023-12-29
Pretty Observations First Seen2023-03-07 01:32:12 Last Seen2023-12-29 23:05:23 Times Seen411 Hash 515d9d3a40c12e616a5ee2e443306b2b 23a99b82bdb21bccdadb6d44bc05536a9bc5b778 fdc6239283e9394f98bc62316f403605aaa0604c839721aebeed1ef1116b02d0 Loading...

	#41 Eval - 497031794414a552435f90151ac3b54b	6 B	2023-03-07	2024-04-22
Pretty Observations First Seen2023-03-07 01:32:12 Last Seen2024-04-22 17:35:35 Times Seen1535 Hash 497031794414a552435f90151ac3b54b 2883f191bc5ebfdc16c0813eff659b35363ea69b 62a6da8735c18e2d66fe5de3dc5440252a1da49e3cbaa7c1d2d5068ad73ffba0 Loading...

	#42 Eval - bdd15425ab0584b3d2fe1d5be3f2cf51	59 B	2023-03-07	2023-11-19
Pretty Observations First Seen2023-03-07 01:32:12 Last Seen2023-11-19 14:52:41 Times Seen406 Hash bdd15425ab0584b3d2fe1d5be3f2cf51 fabc10c0dabb6396f15c74bfe2add519e2038e9b 4dbb92eef409c5f6426c45bf565656b0aae763e6ab69368dd19531e45705a0de Loading...

	#43 Eval - d131919a6f38e1c01c64d72e1b7f84a0	25 B	2023-03-07	2024-04-23
Pretty Observations First Seen2023-03-07 01:03:05 Last Seen2024-04-23 12:49:19 Times Seen9609 Hash d131919a6f38e1c01c64d72e1b7f84a0 d64e30aba61c17c8d9f1a0ce1e7011f1d15c8ab0 63d0de96ffe6e24d709e64517f883a6e6a72e3629aea379ee43b727541794c64 Loading...

	#44 Eval - 4e98637a5f26c0d8d15a727104299d4c	22 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 12:43:11 Last Seen2023-03-11 22:18:11 Times Seen1 Hash 4e98637a5f26c0d8d15a727104299d4c 6fd955e2ba3a611fdfdc7ab084afd177393410d6 680612d30feddb2524495b40f65aca8b05e8c47a5013afb8d5b7ce0f4f2eed58 Loading...

	#45 Eval - d6f10c9b96ce8ed6149055b4c20ecca8	17 B	2023-03-07	2023-11-19
Pretty Observations First Seen2023-03-07 01:32:12 Last Seen2023-11-19 14:52:41 Times Seen406 Hash d6f10c9b96ce8ed6149055b4c20ecca8 b11b5724b6f0343682d7cef359dcd026df80289a 8b77c9a9de902d58a53938c86d1d570871b8ca4c3acbad1e382f411ee6142932 Loading...

	#46 Eval - f1373b88a8e42e70fd21ef8693083788	100 B	2023-03-07	2024-01-21
Pretty Observations First Seen2023-03-07 14:51:16 Last Seen2024-01-21 09:36:55 Times Seen176 Hash f1373b88a8e42e70fd21ef8693083788 5cde31f50640bb224d8101b4164f9fb801f6a57f 06ece9358b63a292af4dc21453776609d975e7efee612a2f6d35b939a4f6e526 Loading...

	#47 Eval - 127ac839a41bdd9ab92ad47b7411cdaf	29 B	2023-03-08	2024-01-15
Pretty Observations First Seen2023-03-08 14:23:53 Last Seen2024-01-15 00:09:04 Times Seen889 Hash 127ac839a41bdd9ab92ad47b7411cdaf c2f81b12778c909f055c3967caa638b643c4916a b2ebc210c5c379879d07a4a9e046a4ea803d56dcc91d533db817ec272cbcfaf4 Loading...

		Size	First Seen	Last Seen
	#1 Write - fe83d0ab6cee8384bcfe24de9181fb2c	258 B	2023-03-07	2023-03-17
Pretty Observations First Seen2023-03-07 01:24:29 Last Seen2023-03-17 10:21:47 Times Seen1 Hash fe83d0ab6cee8384bcfe24de9181fb2c 632261f1dc83d1a52a5a772177f54d51337ba0c4 2f349d478a95779ef7eea4eb179cd0a2a4ccb7373cd0cf191f5634f95d611862 Loading...

	#2 Write - 6486de3711c263d551e6ac30e90b6ea4	240 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 14:46:03 Last Seen2023-03-11 15:21:20 Times Seen1 Hash 6486de3711c263d551e6ac30e90b6ea4 d1be1b768da017f55a6cc76ba0e909bcea5280fc 7920e01b8d3045030e2a192b39b7f6559d2872d87443f04d100f353233dc6a6b Loading...

	#3 Write - 9fc8131a8b6abcbbb1a56ee2ae766eef	470 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 14:46:03 Last Seen2023-03-11 15:21:20 Times Seen1 Hash 9fc8131a8b6abcbbb1a56ee2ae766eef 31541d349ac3f35cc9e85c44f007e45e1e6b7add 6c88ad31017e681da7c7b5bee42fd63dd2839e2358b95e89a0756be1e0d002ed Loading...

	#4 Write - 44086c53a0dd4314dcadb58c76e2b23c	687 B	2023-03-08	2023-05-19
Pretty Observations First Seen2023-03-08 00:35:30 Last Seen2023-05-19 08:55:10 Times Seen5 Hash 44086c53a0dd4314dcadb58c76e2b23c ba4f9addea4d13c93da6b5429e4381043a65f52b e3494ca1c165bd916b186e8304c1e7881533b63157d3bb48923b522b94ccfae6 Loading...

	#5 Write - b52acd6aec5ac3cac25b2386d737b21d	689 B	2023-03-08	2023-03-11
Pretty Observations First Seen2023-03-08 00:35:30 Last Seen2023-03-11 15:06:51 Times Seen1 Hash b52acd6aec5ac3cac25b2386d737b21d 523043297fbdf6c5bf793610d730f7aeb3da4738 635536827cc616f6f030cb7db116e9db78d8ce6285be960db65bbfacf21ca168 Loading...

	#6 Write - 26c2e669c2a1b9b6e6d170161e1dc220	121 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 15:06:51 Last Seen2023-03-11 15:06:51 Times Seen1 Hash 26c2e669c2a1b9b6e6d170161e1dc220 1239e643d6d0402fcb6732fc01d61ba13ff5c21a c4480bb4ad8b9f48b089ca4fd5aeb0b9761f9a652e5580c9be162602de677cab Loading...

	#7 Write - 13a1a267c8785e61b9dbd60dc6ab36a4	121 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 15:06:51 Last Seen2023-03-11 15:06:51 Times Seen1 Hash 13a1a267c8785e61b9dbd60dc6ab36a4 97864edefb5b4625a9ae6394e74a7e076e0996a4 fc10cd6498547f53288532c344a3051eb576ef61b5a75a11af518e0dded36cdc Loading...

	#8 Write - e1f1c9f54666acb1650465e150d3df1b	44 B	2023-03-07	2024-04-19
Pretty Observations First Seen2023-03-07 01:24:29 Last Seen2024-04-19 11:41:18 Times Seen88 Hash e1f1c9f54666acb1650465e150d3df1b 6b7251286fa476ae4e0985f8067cc76006a7cf89 490fbee07295a40ddaf64abd25076eb54cd926777e2b307c8a7c537d62f95ec9 Loading...

HTTP Transactions (195)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6ed951622549ed76959631f8a1bf497b
682b2dd2a72190510e3fa7bdb0c0c6f25a322dfb
86f5e5ae2da408a899d16c83b7ca441033ac0c30062cd29f2db1b1b5be666746

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "86F5E5AE2DA408A899D16C83B7CA441033AC0C30062CD29F2DB1B1B5BE666746"
Last-Modified: Sat, 19 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10798
Expires: Mon, 21 Nov 2022 07:28:59 GMT
Date: Mon, 21 Nov 2022 04:29:01 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
2061bb5a62c7dbe5a39e49a98bf7d214
812ff4923fc0fa69fa7db7c362d5af728e297099
6f0c1ecd37ba47802a386c487e3c2eb1794a06e8b9f56e016326686e3d80ef92

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6405
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:01 GMT
Last-Modified: Mon, 21 Nov 2022 02:42:16 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1cee7787feebac18f9eca273e56e3741
3a7dac544172921e24c2a1701beef5079b21d01b
79ff4a450c749d64e116c00ca3b00d40e968906c5c3881d6eeb2dc6374a4c858

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "79FF4A450C749D64E116C00CA3B00D40E968906C5C3881D6EEB2DC6374A4C858"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11286
Expires: Mon, 21 Nov 2022 07:37:07 GMT
Date: Mon, 21 Nov 2022 04:29:01 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 21 Nov 2022 03:45:22 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2619
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: /PARQdXH2QIf6SaznU00qNd653Uh+rP3OtgpxJ7f6Sam2iBDMMOUdKY6RRzT/va8D9bkiY9uQL4=
x-amz-request-id: MVR0QSK54FVCCZ1Z
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 21 Nov 2022 03:38:59 GMT
age: 3002
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 04:29:01 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

hgamegallery.com/PID/V-1741/

162.144.3.79

200 OK

19 kB

URL HTTP/1.1
hgamegallery.com/PID/V-1741/
IP
162.144.3.79:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381), with CRLF, LF line terminators
Size
19 kB (19258 bytes)
Hash
784a154212b03e758852184201aaad35
509c1b7e63f5f690da07fc0825137217bfba8d03
e204efb0eb3d0d660e7c1ee897e4bc486ecad900ca68ec80d7f416fff7bf1853

HTTP Headers

GET /PID/V-1741/ HTTP/1.1
Host: hgamegallery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 04:28:59 GMT
Server: nginx/1.21.6
Content-Type: text/html; charset=UTF-8
Link: <https://hgamegallery.com/wp-json/>; rel="https://api.w.org/", <https://hgamegallery.com/wp-json/wp/v2/posts/1741>; rel="alternate"; type="application/json", <https://hgamegallery.com/?p=1741>; rel=shortlink
Cache-Control: max-age=28800
Expires: Mon, 21 Nov 2022 12:29:01 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 3
X-nginx-cache: WordPress
X-Server-Cache: true
X-Proxy-Cache: MISS
Transfer-Encoding: chunked

c0.wp.com/c/6.1.1/wp-includes/css/classic-themes.min.css

192.0.77.37

200 OK

217 B

URL HTTP/2
c0.wp.com/c/6.1.1/wp-includes/css/classic-themes.min.css
IP
192.0.77.37:0
ASN
#2635 AUTOMATTIC

File type
ASCII text
Size
217 B (217 bytes)
Hash
95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

HTTP Headers

GET /c/6.1.1/wp-includes/css/classic-themes.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 04:29:01 GMT
content-type: text/css
content-length: 217
last-modified: Tue, 25 Oct 2022 13:45:16 GMT
expires: Tue, 21 Nov 2023 04:29:01 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

vjs.zencdn.net/7.8.4/video-js.css?ver=7.8.4

151.101.86.217

200 OK

11 kB

URL HTTP/1.1
vjs.zencdn.net/7.8.4/video-js.css?ver=7.8.4
IP
151.101.86.217:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (5844)
Size
11 kB (10738 bytes)
Hash
9f703c1d1b064f5e72d8dba3484e868f
008cc8c438c57c51cc20bb4cb3e6452a287aaa8f
a1a9f6ebf0e40976737eeb1b6c544d462e5e444fcc8f59ab044833e2737c05e0

HTTP Headers

GET /7.8.4/video-js.css?ver=7.8.4 HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hgamegallery.com/

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 10738
Last-Modified: Wed, 08 Jul 2020 20:29:36 GMT
ETag: "397a94bb87dfd0a64ba4d3d502912e4a"
Cache-Control: public, max-age=31536000
Content-Type: text/css; charset=utf-8
Content-Encoding: gzip
Date: Mon, 21 Nov 2022 04:29:01 GMT
X-Served-By: cache-bma1652-BMA
X-Cache: HIT
X-Cache-Hits: 20962
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *

hgamegallery.com/wp-content/plugins/age-gate/dist/main.css?ver=3.0.9

162.144.3.79

200 OK

3.6 kB

URL HTTP/1.1
hgamegallery.com/wp-content/plugins/age-gate/dist/main.css?ver=3.0.9
IP
162.144.3.79:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (9988)
Size
3.6 kB (3599 bytes)
Hash
5ce4793c0da0a96e568e207632033ec3
735fd494a63284a5f2c273cd642f73ca8ada572f
824bed53272e6cf4e1f4fcb779d551f18db6711585c221e0679da61debb57805

HTTP Headers

GET /wp-content/plugins/age-gate/dist/main.css?ver=3.0.9 HTTP/1.1
Host: hgamegallery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hgamegallery.com/PID/V-1741/

HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 04:29:01 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Fri, 30 Sep 2022 08:08:00 GMT
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Mon, 28 Nov 2022 04:29:01 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 3
X-nginx-cache: WordPress
Content-Length: 3599
Content-Type: text/css

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
01be7790e5e647835cc2209d4eba5641
04555b27c98a8ad47adc9de1f09986def3636e29
bdd8ec99c27ea683eebf31877e35773a3f625aa1e4e38a3e758985c3f9a20346

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4960
Cache-Control: max-age=128919
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:02 GMT
Etag: "637a3fc5-117"
Expires: Tue, 22 Nov 2022 16:17:41 GMT
Last-Modified: Sun, 20 Nov 2022 14:55:01 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 279

ocsp2.globalsign.com/gsorganizationvalsha2g2

104.18.21.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1459 bytes)
Hash
147d4ad2dfe6cf5444f7f465be42a5ea
9944e92a12b337e6c15895a6267351f74914ff35
b7d5df956e60318e5d47da6b30dbd0c71058c4306368ccaeda99630c59d23459

HTTP Headers

POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 04:29:02 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Fri, 25 Nov 2022 00:26:16 GMT
ETag: "9944e92a12b337e6c15895a6267351f74914ff35"
Last-Modified: Mon, 21 Nov 2022 00:26:17 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3151
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76d6ae981deeb509-OSL

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8796b1bba5e0df458c07179adea64173
b3c3f64718de099805a200e156774ea356a08132
ae32033094ed99df37e4537b91ec3d52a8fd2f0d2f538e3c81901e1f9c29a0a2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

vk.com/js/api/share.js?95

93.186.225.194

200 OK

3.0 kB

URL HTTP/2
vk.com/js/api/share.js?95
IP
93.186.225.194:0
ASN
#47541 VKontakte Ltd

File type
HTML document text\012- HTML document, ASCII text, with very long lines (1077)
Size
3.0 kB (2974 bytes)
Hash
5152f3cb6fe0b11496ea2a8de5bcb963
71572fb3ea4b65b6d9a4d0989b62133b1b39133d
01e8e588dda5b6bfb716d56b7f051f325382b3e0998853757c8e41f66ec30f25

HTTP Headers

GET /js/api/share.js?95 HTTP/1.1
Host: vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: kittenx
date: Mon, 21 Nov 2022 04:29:02 GMT
content-type: application/x-javascript
content-length: 2974
last-modified: Thu, 07 Apr 2022 12:12:57 GMT
etag: "624ed549-b9e"
content-encoding: br
expires: Fri, 25 Nov 2022 04:29:02 GMT
cache-control: max-age=345600
x-frontend: front605110
access-control-expose-headers: X-Frontend
X-Firefox-Spdy: h2

unpkg.com/@silvermine/videojs-quality-selector@1.2.4/dist/js/silvermine-videojs-quality-selector.min.js

104.16.126.175

200 OK

8.8 kB

URL HTTP/2
unpkg.com/@silvermine/videojs-quality-selector@1.2.4/dist/js/silvermine-videojs-quality-selector.min.js
IP
104.16.126.175:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (23113)
Size
8.8 kB (8820 bytes)
Hash
bd13c4ab53ac93422b063ee936d6cc99
c444df8e2af0bcd4eaa546749eb2dfaa29990461
33a64c015c5c04d2dac8235144bf0712d3e5d473cad291ade3f546a721aaf96e

HTTP Headers

GET /@silvermine/videojs-quality-selector@1.2.4/dist/js/silvermine-videojs-quality-selector.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://hgamegallery.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 21 Nov 2022 04:29:02 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"5acc-q2POJTFsNAdkUTsA1IhV3IUmXP0"
via: 1.1 fly.io
fly-request-id: 01F3YGTF8JRQD6FT3WSZ9G9XWN
cf-cache-status: HIT
age: 18315710
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76d6ae983a75b52d-OSL
content-encoding: br
X-Firefox-Spdy: h2

hgamegallery.com/wp-content/plugins/buymeacoffee/public/css/buy-me-a-coffee-public.css?ver=3.1

162.144.3.79

200 OK

107 B

URL HTTP/1.1
hgamegallery.com/wp-content/plugins/buymeacoffee/public/css/buy-me-a-coffee-public.css?ver=3.1
IP
162.144.3.79:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
107 B (107 bytes)
Hash
11471a68e5c2509bd296d4b5eed57e5d
62179d32ba188385ba899e671ec386d4c44bc43c
770930873c62aece3cd46a3f1f1886a597951a50c2b586c4ef112f8ea01d7abe

HTTP Headers

GET /wp-content/plugins/buymeacoffee/public/css/buy-me-a-coffee-public.css?ver=3.1 HTTP/1.1
Host: hgamegallery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hgamegallery.com/PID/V-1741/

HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 04:29:02 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Fri, 11 Nov 2022 20:08:01 GMT
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Mon, 28 Nov 2022 04:29:02 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 3
X-nginx-cache: WordPress
Content-Length: 107
Content-Type: text/css

hgamegallery.com/wp-content/themes/ultimatube/assets/stylesheets/font-awesome/css/font-awesome.min.css?ver=4.7.0

162.144.3.79

200 OK

7.1 kB

URL HTTP/1.1
hgamegallery.com/wp-content/themes/ultimatube/assets/stylesheets/font-awesome/css/font-awesome.min.css?ver=4.7.0
IP
162.144.3.79:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (30837)
Size
7.1 kB (7114 bytes)
Hash
82a55032c4b614390aea6ef6870d3e90
bb21577feea531540a8d4f27ac3730ffac111e1b
4f068500ef9ef0dbffa5b76ac10f1970a7a9de8ff033f84228971a140eb20069

HTTP Headers

GET /wp-content/themes/ultimatube/assets/stylesheets/font-awesome/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: hgamegallery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hgamegallery.com/PID/V-1741/

HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 04:29:02 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Fri, 01 Jul 2022 14:10:01 GMT
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Mon, 28 Nov 2022 04:29:02 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 3
X-nginx-cache: WordPress
Content-Length: 7114
Content-Type: text/css

hgamegallery.com/wp-content/plugins/buymeacoffee/public/js/buy-me-a-coffee-public.js?ver=3.1

162.144.3.79

200 OK

481 B

URL HTTP/1.1
hgamegallery.com/wp-content/plugins/buymeacoffee/public/js/buy-me-a-coffee-public.js?ver=3.1
IP
162.144.3.79:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
481 B (481 bytes)
Hash
57a0823c80afd7828ab66c6aa9b8e205
4e8135a544f65f19e5fedcd8a907e7951c1e450d
082381398fb54d430ed2b0ed980c0c665d280936c3a4b206fbeb9062b8c86b99

HTTP Headers

GET /wp-content/plugins/buymeacoffee/public/js/buy-me-a-coffee-public.js?ver=3.1 HTTP/1.1
Host: hgamegallery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hgamegallery.com/PID/V-1741/

HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 04:29:02 GMT
Server: Apache
Last-Modified: Fri, 11 Nov 2022 20:08:01 GMT
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Mon, 28 Nov 2022 04:29:02 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 3
X-nginx-cache: WordPress
Content-Length: 481
Content-Type: application/javascript

pl17445481.profitablecpmgate.com/bace4014c7f34a29f5bb45d0c209255e/invoke.js

173.233.137.36

200 OK

9.3 kB

URL HTTP/1.1
pl17445481.profitablecpmgate.com/bace4014c7f34a29f5bb45d0c209255e/invoke.js
IP
173.233.137.36:0
ASN
#7979 SERVERS-COM

File type
Unicode text, UTF-8 text, with very long lines (25072), with no line terminators
Size
9.3 kB (9274 bytes)
Hash
04b13b790f449819f1dd30d8f982ea68
70c20ad3d663bdc33da66d7e7cf27bdf7246047f
1fd2e332170419624684323bcf925c5daa0834e2d69c2d3c56b0b06c7cb15fc3

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /bace4014c7f34a29f5bb45d0c209255e/invoke.js HTTP/1.1
Host: pl17445481.profitablecpmgate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hgamegallery.com/

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 21 Nov 2022 04:29:02 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c7c07499409978afd3146d2965d195a3
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

pl17445483.profitablecpmgate.com/bd38453025de0eb11821070501c78831/invoke.js

173.233.137.44

200 OK

9.3 kB

URL HTTP/1.1
pl17445483.profitablecpmgate.com/bd38453025de0eb11821070501c78831/invoke.js
IP
173.233.137.44:0
ASN
#7979 SERVERS-COM

File type
Unicode text, UTF-8 text, with very long lines (25076), with no line terminators
Size
9.3 kB (9272 bytes)
Hash
cc4ea8873dc5441404c81aaa430b907e
6cb9f71264092ffe51fd0506947746d22fdaf889
4b013fa761499a281af11d10d9283e7875bcc1ff8c818f7cc116b3134741384a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /bd38453025de0eb11821070501c78831/invoke.js HTTP/1.1
Host: pl17445483.profitablecpmgate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hgamegallery.com/

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 21 Nov 2022 04:29:02 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b1aea4732eb23f6aa01cf1c92453d612
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

hgamegallery.com/wp-content/plugins/age-gate/dist/autotab.js?ver=3.0.9

162.144.3.79

200 OK

250 B

URL HTTP/1.1
hgamegallery.com/wp-content/plugins/age-gate/dist/autotab.js?ver=3.0.9
IP
162.144.3.79:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (399), with no line terminators
Size
250 B (250 bytes)
Hash
5c58f99e87b926331b7c51f6bfd1b405
69e199de18aabe5b75b1cf0f77ca6cb38dd85805
89b4f5053a201609ee06ebce7a85de2e7b0e5283cbd450a83e5e6927cbdd028f

HTTP Headers

GET /wp-content/plugins/age-gate/dist/autotab.js?ver=3.0.9 HTTP/1.1
Host: hgamegallery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hgamegallery.com/PID/V-1741/

HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 04:29:02 GMT
Server: Apache
Last-Modified: Fri, 30 Sep 2022 08:08:00 GMT
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Mon, 28 Nov 2022 04:29:02 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 3
X-nginx-cache: WordPress
Content-Length: 250
Content-Type: application/javascript

hgamegallery.com/wp-content/plugins/creative-mail-by-constant-contact/assets/js/block/submit.js?ver=1668197282

162.144.3.79

409 Conflict

83 B

URL HTTP/1.1
hgamegallery.com/wp-content/plugins/creative-mail-by-constant-contact/assets/js/block/submit.js?ver=1668197282
IP
162.144.3.79:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document, ASCII text, with no line terminators
Size
83 B (83 bytes)
Hash
26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e

HTTP Headers

GET /wp-content/plugins/creative-mail-by-constant-contact/assets/js/block/submit.js?ver=1668197282 HTTP/1.1
Host: hgamegallery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hgamegallery.com/PID/V-1741/

HTTP/1.1 409 Conflict
Date: Mon, 21 Nov 2022 04:29:02 GMT
Server: Apache
Content-Length: 83
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

hgamegallery.com/wp-content/themes/ultimatube/assets/js/main.js?ver=1.2.3

162.144.3.79

200 OK

13 kB

URL HTTP/1.1
hgamegallery.com/wp-content/themes/ultimatube/assets/js/main.js?ver=1.2.3
IP
162.144.3.79:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
13 kB (13441 bytes)
Hash
da357b3b2734fad083c705b7f3097994
b8076d9110726bcc6053eb080bd811d34f0f50a2
9c26c1c6626f43f683f9c591b6f498d2ab0a5b16b26c8e928f2c17a3864e2a3e

HTTP Headers

GET /wp-content/themes/ultimatube/assets/js/main.js?ver=1.2.3 HTTP/1.1
Host: hgamegallery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hgamegallery.com/PID/V-1741/

HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 04:29:02 GMT
Server: Apache
Last-Modified: Fri, 01 Jul 2022 14:10:01 GMT
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Mon, 28 Nov 2022 04:29:02 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 3
X-nginx-cache: WordPress
Content-Length: 13441
Content-Type: application/javascript

www.topdisplayformat.com/46de34ba3992a32486c1b089a1e267de/invoke.js

192.243.59.20

200 OK

9.8 kB

URL HTTP/1.1
www.topdisplayformat.com/46de34ba3992a32486c1b089a1e267de/invoke.js
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
exported SGML document, ASCII text, with very long lines (26955), with no line terminators
Size
9.8 kB (9783 bytes)
Hash
9a88271f94449f2c7ca3fce86de2c4b5
4418e30de95c1324757a2166db9d4ba11ab1b5bd
20461f734514780a182b7b19ceced9efc95d84ddf853e39e19a89391703d2b0e

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /46de34ba3992a32486c1b089a1e267de/invoke.js HTTP/1.1
Host: www.topdisplayformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hgamegallery.com/

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 21 Nov 2022 04:29:02 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6d63bdc8dec95ddc6ecb8707f4124d18
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

hgamegallery.com/wp-content/themes/ultimatube/style.css?ver=1.2.3.1658762436

162.144.3.79

200 OK

25 kB

URL HTTP/1.1
hgamegallery.com/wp-content/themes/ultimatube/style.css?ver=1.2.3.1658762436
IP
162.144.3.79:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
assembler source, ASCII text
Size
25 kB (25352 bytes)
Hash
7901c814fef27f6d334f1dfc34e7be0d
f60c65e6f342d1453e7df1eeb130952fdbc3eaf7
daa396c102a20ab52e2e742b5084a6088d831e4d29095a09fa7f35d36d61f02e

HTTP Headers

GET /wp-content/themes/ultimatube/style.css?ver=1.2.3.1658762436 HTTP/1.1
Host: hgamegallery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hgamegallery.com/PID/V-1741/

HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 04:29:02 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Fri, 01 Jul 2022 14:10:01 GMT
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Mon, 28 Nov 2022 04:29:02 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 3
X-nginx-cache: WordPress
Transfer-Encoding: chunked
Content-Type: text/css

pl17445325.profitablecpmgate.com/a4053ddd11c2864345cfbcfc68e33003/invoke.js

192.243.59.12

200 OK

9.3 kB

URL HTTP/1.1
pl17445325.profitablecpmgate.com/a4053ddd11c2864345cfbcfc68e33003/invoke.js
IP
192.243.59.12:0
ASN
#39572 DataWeb Global Group B.V.

File type
Unicode text, UTF-8 text, with very long lines (25076), with no line terminators
Size
9.3 kB (9272 bytes)
Hash
6aa9177608fc7d2855e6053368894be6
937f42baa4e53f7b7243c5cc8de2e96f18501499
cd879673bb8720caf0584ae8476f0f1f6e8294d2fe168e07b87363fba0ab16f4

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /a4053ddd11c2864345cfbcfc68e33003/invoke.js HTTP/1.1
Host: pl17445325.profitablecpmgate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hgamegallery.com/

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 21 Nov 2022 04:29:02 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f7b43a9ddb59736f8a88407f135ebe31
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

hgamegallery.com/wp-content/themes/ultimatube/assets/js/skip-link-focus-fix.js?ver=1.0.0

162.144.3.79

200 OK

416 B

URL HTTP/1.1
hgamegallery.com/wp-content/themes/ultimatube/assets/js/skip-link-focus-fix.js?ver=1.0.0
IP
162.144.3.79:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
416 B (416 bytes)
Hash
e6f53264ebf762f651ef3c426aba7d7a
c94c31f4cdc7976febd8b722771d433fcd460d87
e5dab0bbdb24e72cded213dba7acb5e41a11e2a317279a046e402d1146512404

HTTP Headers

GET /wp-content/themes/ultimatube/assets/js/skip-link-focus-fix.js?ver=1.0.0 HTTP/1.1
Host: hgamegallery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hgamegallery.com/PID/V-1741/

HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 04:29:02 GMT
Server: Apache
Last-Modified: Fri, 01 Jul 2022 14:10:01 GMT
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Mon, 28 Nov 2022 04:29:02 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 3
X-nginx-cache: WordPress
Content-Length: 416
Content-Type: application/javascript

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 21 Nov 2022 04:25:04 GMT
cache-control: public,max-age=3600
age: 238
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

hgamegallery.com/wp-content/plugins/age-gate/dist/all.js?ver=3.0.9

162.144.3.79

200 OK

30 kB

URL HTTP/1.1
hgamegallery.com/wp-content/plugins/age-gate/dist/all.js?ver=3.0.9
IP
162.144.3.79:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Unicode text, UTF-8 text, with very long lines (65443)
Size
30 kB (30453 bytes)
Hash
6cb68cf2c39b371a247e257db394f032
54543ade09fc45bd97ba2db0adfc09d811d81b41
1c254ae3164e57727b40e3ebf6df54053185e6efc81101dddd6fcd52face24c9

HTTP Headers

GET /wp-content/plugins/age-gate/dist/all.js?ver=3.0.9 HTTP/1.1
Host: hgamegallery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hgamegallery.com/PID/V-1741/

HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 04:29:02 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Fri, 30 Sep 2022 08:08:00 GMT
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Mon, 28 Nov 2022 04:29:02 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 3
X-nginx-cache: WordPress
Transfer-Encoding: chunked
Content-Type: application/javascript

pl17445379.profitablecpmgate.com/85/dd/e4/85dde4232c6b160541619f82fd5c2b8a.js

192.243.59.13

200 OK

13 kB

URL HTTP/1.1
pl17445379.profitablecpmgate.com/85/dd/e4/85dde4232c6b160541619f82fd5c2b8a.js
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with very long lines (37116), with no line terminators
Size
13 kB (13406 bytes)
Hash
cf7519ebb9cf2693992c971bc7f07d7d
b1b445730012bdd552f84af78034eb23b29a4b49
d515024d3969e55b6bbc81315dea62e9fa2f8e39e992c1e33bc92a5b7b6d4cdd

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /85/dd/e4/85dde4232c6b160541619f82fd5c2b8a.js HTTP/1.1
Host: pl17445379.profitablecpmgate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hgamegallery.com/

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 21 Nov 2022 04:29:02 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e165d0c05456c93dde07d88e4d55f7b7
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

www.imglnkd.com/3788/001313A_GHRD_18_ALL_EN_125_L.jpg

205.185.216.10

200 OK

65 kB

URL HTTP/1.1
www.imglnkd.com/3788/001313A_GHRD_18_ALL_EN_125_L.jpg
IP
205.185.216.10:0
ASN
#20446 STACKPATH-CDN

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Macintosh), datetime=2016:09:06 15:58:31], baseline, precision 8, 728x90, components 3\012- data
Size
65 kB (64740 bytes)
Hash
ad7263be6c414fa19d8126a810358776
c74952ba1c6112f363cd7bf2c0065e2cf8b09f9d
21c4abd3fb31f343b7ecca4ad2fd6334dadb985b0225a15165b22026d43fbf6b

HTTP Headers

GET /3788/001313A_GHRD_18_ALL_EN_125_L.jpg HTTP/1.1
Host: www.imglnkd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 04:29:02 GMT
Connection: Keep-Alive
ETag: "1490629420"
Cache-Control: max-age=62758
Content-Length: 64740
Content-Type: image/jpeg
Last-Modified: Mon, 27 Mar 2017 15:43:40 GMT
Accept-Ranges: bytes
X-HW: 1669004942.dop066.sk1.t,1669004942.cds016.sk1.shn,1669004942.dop066.sk1.t,1669004942.cds208.sk1.c

c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/wp-mediaelement.min.css

192.0.77.37

200 OK

1.5 kB

URL HTTP/2
c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/wp-mediaelement.min.css
IP
192.0.77.37:0
ASN
#2635 AUTOMATTIC

File type
ASCII text, with very long lines (4186), with no line terminators
Size
1.5 kB (1454 bytes)
Hash
eff37d787f1276786cb7e82a47098844
5b3a4e3a32d748c3e000014d022e3249660882a5
d71c5862df4a90b92bbd88f1870ca49b5e0c0161d605fe6f71f26c55583564ea

HTTP Headers

GET /c/6.1.1/wp-includes/js/mediaelement/wp-mediaelement.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 04:29:01 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
content-encoding: br
expires: Tue, 21 Nov 2023 04:29:01 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
913a828f0f87e891c1e29334eddee0a7
eeb36887905d7e031b5b8a5f9bca30f25d61eddf
c033a53f811feb2884ea72d7d0a4ebfedd8530dbfd3fe71e1f86439d3f17a65f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=124343
Date: Mon, 21 Nov 2022 04:29:02 GMT
Etag: "637a2c18-1d7"
Expires: Tue, 22 Nov 2022 15:01:25 GMT
Last-Modified: Sun, 20 Nov 2022 13:31:04 GMT
Server: ECS (nyb/1D2D)
X-Cache: Miss from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: oyE6I5kNpEUgmZHtO4Mf6AjDwjrZcFz8m0FI7JYXlgcCH7gKrrxfzg==
Age: 5421

c0.wp.com/p/jetpack/11.5.1/_inc/build/photon/photon.min.js

192.0.77.37

200 OK

356 B

URL HTTP/2
c0.wp.com/p/jetpack/11.5.1/_inc/build/photon/photon.min.js
IP
192.0.77.37:0
ASN
#2635 AUTOMATTIC

File type
ASCII text, with very long lines (685), with no line terminators
Size
356 B (356 bytes)
Hash
6c3ea4072da72cca4ac3039ef074fac9
04bf4a2e38c347253a10360aa5bcf566a8780a2f
ae438d85dd7b20820031ebaef13120843fcb0bd0287748426b205372b9c0390a

HTTP Headers

GET /p/jetpack/11.5.1/_inc/build/photon/photon.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 04:29:01 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 07 Dec 2021 16:56:47 GMT
content-encoding: br
expires: Tue, 21 Nov 2023 04:29:01 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2

simplewebanalysis.com/stats

18.185.190.54

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
18.185.190.54:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
141d260d82f4c27c28bde3b30e110d7e
0f7fa7dc973b09bee1a639e26c79717a0d460e07
55027d3f09117176c72eeeda757bc7e0267076931ecfadbb591d3c2acd7ef440

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://hgamegallery.com
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 21 Nov 2022 04:29:02 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://hgamegallery.com
access-control-allow-credentials: true
set-cookie: uid_id2=1eb55ff4-f0d0-48b0-accc-9779f8d2636c:1:1; expires=Thu, 18 Nov 2032 04:29:02 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
27138f8625c320bd1434ccd92263b641
6a8f18728c9f324c1c631ffc85901d84ec4d0e0c
02338368cfa2325e8463bd169cb0ad4df2967ca4260b75bc665cd0836e90e9f4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4476
Cache-Control: max-age=107547
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:02 GMT
Etag: "6379ee2d-1d7"
Expires: Tue, 22 Nov 2022 10:21:29 GMT
Last-Modified: Sun, 20 Nov 2022 09:06:53 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

simplewebanalysis.com/stats

18.185.190.54

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
18.185.190.54:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
9c07070fccb89a24618057f9d0431bf8
38e4fd4dd6b5434c3f3cf5385a15e33a7c1cc190
e154598f42a00274485176189725b7ffbd71ab6f8312582cd6e5cbb9274c455e

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://hgamegallery.com
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 21 Nov 2022 04:29:02 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://hgamegallery.com
access-control-allow-credentials: true
set-cookie: uid_id2=f1f40382-2bad-4405-a6ce-7b5b8892ff62:2:1; expires=Thu, 18 Nov 2032 04:29:02 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

friendshipmale.com/sfp.js

172.64.162.31

200 OK

28 kB

URL HTTP/1.1
friendshipmale.com/sfp.js
IP
172.64.162.31:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
28 kB (27574 bytes)
Hash
b1fa950e77a7db5425f9a5257af02e9c
2d5580451f34ad96218f8b97edf9708f9ee1be87
d999c4320df27dc4a1d3de5aec22bb3ef201560b47a7eff3f28f4133c1997a14

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hgamegallery.com/

HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 04:29:02 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: max-age=14400
X-Request-ID: c8cd0cc0e9f9b1b2434c6e8f08489a62
Strict-Transport-Security: max-age=0; includeSubdomains
CF-Cache-Status: EXPIRED
Last-Modified: Mon, 21 Nov 2022 04:29:02 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L8uw7v2GWHiuLhS4pp69e5o7ZywJ%2FSWTrdy1HtUqeyeer6Whf6UktNWzAruFhOQVZsekDz7SLemsfmbkLcIeCDIkAfn%2BPJSVmJo99mlDLyVjFq1ow15MpkO2bPKWq5I%2FDHC2Q3A%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76d6ae9ada328926-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
913a828f0f87e891c1e29334eddee0a7
eeb36887905d7e031b5b8a5f9bca30f25d61eddf
c033a53f811feb2884ea72d7d0a4ebfedd8530dbfd3fe71e1f86439d3f17a65f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=124097
Date: Mon, 21 Nov 2022 04:29:02 GMT
Etag: "637a2c18-1d7"
Expires: Tue, 22 Nov 2022 14:57:19 GMT
Last-Modified: Sun, 20 Nov 2022 13:31:04 GMT
Server: ECS (nyb/1D35)
X-Cache: Miss from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: CmFYFiWqIxl98eNogO2gExt88MAwav6Fs1nBNlifgsolrubDnulZxg==
Age: 5175

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
913a828f0f87e891c1e29334eddee0a7
eeb36887905d7e031b5b8a5f9bca30f25d61eddf
c033a53f811feb2884ea72d7d0a4ebfedd8530dbfd3fe71e1f86439d3f17a65f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=122051
Date: Mon, 21 Nov 2022 04:29:02 GMT
Etag: "637a2c18-1d7"
Expires: Tue, 22 Nov 2022 14:23:13 GMT
Last-Modified: Sun, 20 Nov 2022 13:31:04 GMT
Server: ECS (bsa/EB19)
X-Cache: Miss from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: eCkrIwr72tZuozwnObmhiOcYb2IpoZHS9Go8soVHSVr3vCz2EW4FFw==
Age: 3129

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d9afe0ae0199aff69fefbe5a55490d31
126f648ad266469bf531b5c08f7f71a973d0eeb0
105d272d89fa39de018c77cb85f97c12af739243c6bf8172e2914217bd2efec5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d561fb4c2606ae6f3e27b550aac78eb1
08fab66de067ec1b26229eb8ca8025228b1e77df
696702c1838990050310f6b21658aa22f4e5d69921a3043ad0f07923db441688

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

hgamegallery.com/wp-content/plugins/age-gate/dist/age-gate.js?ver=3.0.9

162.144.3.79

200 OK

35 kB

URL HTTP/1.1
hgamegallery.com/wp-content/plugins/age-gate/dist/age-gate.js?ver=3.0.9
IP
162.144.3.79:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (65470)
Size
35 kB (34698 bytes)
Hash
cb13983703693fe2a83d5f134c60457a
0fb56e9f55c09c0d9ff6cf77deff78cbc3128cf2
b8e4db290b4635a3c2ee2c9feef91812ca9bd9caefab4e1b4ff9782a5f73a3bc

HTTP Headers

GET /wp-content/plugins/age-gate/dist/age-gate.js?ver=3.0.9 HTTP/1.1
Host: hgamegallery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hgamegallery.com/PID/V-1741/

HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 04:29:02 GMT
Server: Apache
Last-Modified: Fri, 30 Sep 2022 08:08:00 GMT
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Mon, 28 Nov 2022 04:29:02 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 3
X-nginx-cache: WordPress
Transfer-Encoding: chunked
Content-Type: application/javascript

c0.wp.com/c/6.1.1/wp-includes/js/comment-reply.min.js

192.0.77.37

200 OK

11 kB

URL HTTP/2
c0.wp.com/c/6.1.1/wp-includes/js/comment-reply.min.js
IP
192.0.77.37:0
ASN
#2635 AUTOMATTIC

File type
ASCII text, with very long lines (2946)
Size
11 kB (11014 bytes)
Hash
50589bfddb8303913d3cd8860e413f8c
e66b76b31d2c685c90f23feb0a57bbde107e5571
731daf5681144f2e1b09a6656c6a932d72e7d30ae2ebaf21005e9779979a9390

HTTP Headers

GET /c/6.1.1/wp-includes/js/comment-reply.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 04:29:01 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
content-encoding: br
expires: Tue, 21 Nov 2023 04:29:01 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2

hgamegallery.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1

162.144.3.79

200 OK

5.3 kB

URL HTTP/1.1
hgamegallery.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP
162.144.3.79:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (15660)
Size
5.3 kB (5321 bytes)
Hash
710f8b142ea44c0682dc2c30f318f065
49144e9b3a76d3d383b1d4359cf7a25e947f4233
708bb5819879a2a2c7670abc20a58cca68a415ffd621011cbc4c3c9d82dddc50

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: hgamegallery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hgamegallery.com/PID/V-1741/

HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 04:29:02 GMT
Server: Apache
Last-Modified: Tue, 12 Apr 2022 16:26:24 GMT
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Mon, 28 Nov 2022 04:29:02 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 3
X-nginx-cache: WordPress
Content-Length: 5321
Content-Type: application/javascript

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://hgamegallery.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 18:53:49 GMT
expires: Thu, 16 Nov 2023 18:53:49 GMT
cache-control: public, max-age=31536000
age: 380113
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://hgamegallery.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 19:34:08 GMT
expires: Thu, 16 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 377694
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

simplewebanalysis.com/stats

18.185.190.54

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
18.185.190.54:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
63e9c091fdb6e39c6a4d1012711501d6
fb2cb3fdc161d8618f404e0a125cb9b24f836fca
5536cdaa6ce02596f106215c570598fe85d1ba68e920c7287478da2d9a7adda3

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://hgamegallery.com
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 21 Nov 2022 04:29:02 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://hgamegallery.com
access-control-allow-credentials: true
set-cookie: uid_id2=dbc946e1-3f00-4171-a1d8-f4ccd2ab487e:3:1; expires=Thu, 18 Nov 2032 04:29:02 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

simplewebanalysis.com/stats

18.185.190.54

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
18.185.190.54:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
2e0a305f5ceb02323fd43fa65a38ea4c
027d9192181a3c3f1dd003fcfab78a113aec6eec
372ed25db26060d5f724cefd8b30d68fbf91329374446817e7d5fa763a1fc4ef

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://hgamegallery.com
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 21 Nov 2022 04:29:02 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://hgamegallery.com
access-control-allow-credentials: true
set-cookie: uid_id2=01d74c2a-54ee-45f8-a503-fb9b87ec4c55:1:1; expires=Thu, 18 Nov 2032 04:29:02 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d9afe0ae0199aff69fefbe5a55490d31
126f648ad266469bf531b5c08f7f71a973d0eeb0
105d272d89fa39de018c77cb85f97c12af739243c6bf8172e2914217bd2efec5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

simplewebanalysis.com/stats

18.185.190.54

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
18.185.190.54:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
2e0a305f5ceb02323fd43fa65a38ea4c
027d9192181a3c3f1dd003fcfab78a113aec6eec
372ed25db26060d5f724cefd8b30d68fbf91329374446817e7d5fa763a1fc4ef

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://hgamegallery.com
Connection: keep-alive
Referer: http://hgamegallery.com/
Cookie: uid_id2=01d74c2a-54ee-45f8-a503-fb9b87ec4c55:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 21 Nov 2022 04:29:02 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://hgamegallery.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
7d3c2b4e376d61870d633061e922efc5
027c2c7b6c5237629b9dad9f0b171c3bf4682c4a
9aff4416a6e117ca8af8c684bbe664c35841ad1707e17eedb95e491bc7301490

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1555
Cache-Control: max-age=171608
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:02 GMT
Etag: "637af3d3-117"
Expires: Wed, 23 Nov 2022 04:09:10 GMT
Last-Modified: Mon, 21 Nov 2022 03:43:15 GMT
Server: ECS (amb/6B75)
X-Cache: HIT
Content-Length: 279

www.topdisplayformat.com/46de34ba3992a32486c1b089a1e267de/invoke.js

192.243.59.20

200 OK

9.8 kB

URL HTTP/1.1
www.topdisplayformat.com/46de34ba3992a32486c1b089a1e267de/invoke.js
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
exported SGML document, ASCII text, with very long lines (26957), with no line terminators
Size
9.8 kB (9785 bytes)
Hash
0db772eac3d593b76f0b7b577f1446b1
dd9c4c575a1ebbd9d44c83ad68e4909f3ebf19fe
ed2b43d32274d9f017cc65249e1ae6eec2ebc69b38b53c2daba065dc9090ff9c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /46de34ba3992a32486c1b089a1e267de/invoke.js HTTP/1.1
Host: www.topdisplayformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hgamegallery.com/

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 21 Nov 2022 04:29:02 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d11b2b49b3121d49ea0680629615aad3
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

push.services.mozilla.com/

44.242.3.166

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.242.3.166:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: pFekJ6H7f2wyJs9X0mixmA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: lauo6kp40nH5PcyGGak6IMceuVo=

vjs.zencdn.net/7.8.4/video.min.js?ver=7.8.4

151.101.86.217

200 OK

77 kB

URL HTTP/1.1
vjs.zencdn.net/7.8.4/video.min.js?ver=7.8.4
IP
151.101.86.217:0
ASN
#54113 FASTLY

File type
data
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

HTTP Headers

GET /7.8.4/video.min.js?ver=7.8.4 HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hgamegallery.com/

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 139307
Last-Modified: Wed, 08 Jul 2020 20:29:39 GMT
ETag: "102cc1896541330762962b95fcb31f95"
Cache-Control: public, max-age=31536000
Content-Type: application/javascript; charset=utf-8
Content-Encoding: gzip
Date: Mon, 21 Nov 2022 04:29:02 GMT
X-Served-By: cache-bma1652-BMA
X-Cache: HIT
X-Cache-Hits: 36
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
7d3c2b4e376d61870d633061e922efc5
027c2c7b6c5237629b9dad9f0b171c3bf4682c4a
9aff4416a6e117ca8af8c684bbe664c35841ad1707e17eedb95e491bc7301490

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1555
Cache-Control: max-age=171608
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:02 GMT
Etag: "637af3d3-117"
Expires: Wed, 23 Nov 2022 04:09:10 GMT
Last-Modified: Mon, 21 Nov 2022 03:43:15 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 279

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

6.3 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
6.3 kB (6317 bytes)
Hash
9e5b051f49cdaf6a17609d7214695d32
c1d7e4bbbe3c78ebea70336b80192c3c57f4717f
8be01fcb91dd3c6fef2713459cdeb4344c7c4550a4135b68e6907ed75751db8e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/recaptcha/api.js?render=6LfDWNsUAAAAAGaxIiiQpfv-5_b8zWR4mgv7RKvs

142.250.74.164

200 OK

584 B

URL HTTP/2
www.google.com/recaptcha/api.js?render=6LfDWNsUAAAAAGaxIiiQpfv-5_b8zWR4mgv7RKvs
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (884), with no line terminators
Size
584 B (584 bytes)
Hash
9972e93a2483e5c448bd9f8cde5ccade
4d9544441bf5d0922ebbceaddbf2a1824135e190
2db6671a4f9b05b25ce10acd3bc9c409436a9dc7abab72dfb8a83778a485087f

HTTP Headers

GET /recaptcha/api.js?render=6LfDWNsUAAAAAGaxIiiQpfv-5_b8zWR4mgv7RKvs HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamtape.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
expires: Mon, 21 Nov 2022 04:29:03 GMT
date: Mon, 21 Nov 2022 04:29:03 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 584
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

hgamegallery.com/wp-content/plugins/creative-mail-by-constant-contact/assets/js/block/submit.js?ver=1668197282

162.144.3.79

409 Conflict

83 B

URL HTTP/1.1
hgamegallery.com/wp-content/plugins/creative-mail-by-constant-contact/assets/js/block/submit.js?ver=1668197282
IP
162.144.3.79:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document, ASCII text, with no line terminators
Size
83 B (83 bytes)
Hash
26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e

HTTP Headers

GET /wp-content/plugins/creative-mail-by-constant-contact/assets/js/block/submit.js?ver=1668197282 HTTP/1.1
Host: hgamegallery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hgamegallery.com/PID/V-1741/
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=01d74c2a-54ee-45f8-a503-fb9b87ec4c55%3A1%3A1

HTTP/1.1 409 Conflict
Date: Mon, 21 Nov 2022 04:29:03 GMT
Server: Apache
Content-Length: 83
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cdcd936a1ca3729e5415928204c25f17
2a0d0e6f94f8145a32f98b725bba52a9a6616f2b
e92ab786e674810e9a0faf3a8c98a99eddb356fa27861f965fd688e54b5bf8c7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
a7205a2b341262d488e6cf658cdeccec
b21c47c6d9298404f27a990e2607c5c389e1e997
cfdd47d3eb5ab2d6a4834b1130164262843de6e6c879f050e3681fe8f247519f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=103453
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:03 GMT
Etag: "6379efac-117"
Expires: Tue, 22 Nov 2022 09:13:16 GMT
Last-Modified: Sun, 20 Nov 2022 09:13:16 GMT
Server: nginx
Content-Length: 279

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
34985760f5d78060e03c7553a007afc4
47b2ae17f38f7af08c4a156a76f948a43e6f35ee
202d5f8c20719cc3c80334bd41b98c64782036bb3499d37915b5e6f8592a7ad8

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "202D5F8C20719CC3C80334BD41B98C64782036BB3499D37915B5E6F8592A7AD8"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19546
Expires: Mon, 21 Nov 2022 09:54:49 GMT
Date: Mon, 21 Nov 2022 04:29:03 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
46e26782d3c03a35b91d0430cb065413
ca780dd423a8bb4bbe5fad00cd2b21b19099c044
2f7678678532a5fca292e6b9b033fb66307459f4da05a5fe4b5ce7df0d12da29

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2F7678678532A5FCA292E6B9B033FB66307459F4DA05A5FE4B5CE7DF0D12DA29"
Last-Modified: Fri, 18 Nov 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16363
Expires: Mon, 21 Nov 2022 09:01:46 GMT
Date: Mon, 21 Nov 2022 04:29:03 GMT
Connection: keep-alive

thumb.tapecontent.net/thumb/eLJpmLa02kiYqzW/W1W8almzMAHbdB1.jpg

104.21.235.147

200 OK

145 kB

URL HTTP/2
thumb.tapecontent.net/thumb/eLJpmLa02kiYqzW/W1W8almzMAHbdB1.jpg
IP
104.21.235.147:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 1280x720, components 3\012- data
Size
145 kB (144777 bytes)
Hash
623ab15e01db0d990737dedf93f1537d
b8a51fca6b136645be76ce2fd306f0d95bef7006
085aad3ff71f3bf2d6176819ba92e9aaa27939c288a4382f85418d051d5cb600

HTTP Headers

GET /thumb/eLJpmLa02kiYqzW/W1W8almzMAHbdB1.jpg HTTP/1.1
Host: thumb.tapecontent.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamtape.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 21 Nov 2022 04:29:03 GMT
content-type: image/jpeg
content-length: 144777
last-modified: Wed, 31 Aug 2022 02:39:31 GMT
etag: 811e4488475b
access-control-allow-origin: *
allow: OPTIONS, GET, HEAD, POST
access-control-allow-headers: Upgrade-Insecure-Requests,Range,Content-Type,If-Modified-Since
access-control-expose-headers: ETag,Expires,Location,Content-Length,Accept-Ranges,Content-Encoding,Content-Range
content-disposition: inline; filename="W1W8almzMAHbdB1.jpg"
cache-control: public, max-age=259200
expires: Wed, 23 Nov 2022 19:08:24 GMT
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QQVkmB2ImFtE2q8fGPi30lIozYB%2B4gc3sCmaRrh69KXBK48jinwOrIoHwqkm6kcg%2BdEb%2FANRsCe88JFVeEs32iXUe6iGbqMIJYosB2YMBjIzxitUtKixYUxb5UBxDPmqV5n5zIbHdjs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76d6ae9f4abde624-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e115dde2d6275a272d7acf52ef69ef0e
22f34279f7477442534ff3c41187d8c086a906bd
c372db26485826107bbc1ea883c4235dfbaf64bc4dafc488060ca8dd74f7a4cd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C372DB26485826107BBC1EA883C4235DFBAF64BC4DAFC488060CA8DD74F7A4CD"
Last-Modified: Sat, 19 Nov 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2735
Expires: Mon, 21 Nov 2022 05:14:38 GMT
Date: Mon, 21 Nov 2022 04:29:03 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e6741610afac085b55e36e0958f9f491
8e267c40d8226aabdf384d5e56e375823969b619
0f60c46b390186a021eef0ff264430580886449250638db4b596bfa57ffe85ac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0F60C46B390186A021EEF0FF264430580886449250638DB4B596BFA57FFE85AC"
Last-Modified: Sat, 19 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11284
Expires: Mon, 21 Nov 2022 07:37:07 GMT
Date: Mon, 21 Nov 2022 04:29:03 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
885ae044f36bbad8594173a79e30837e
2d6c5153e4a56714fd15a6063e1ec361401abece
f94e45d8442d9c2715a12e3f1d37b4ac3b0c040eba2db1be67a325793f4d9104

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F94E45D8442D9C2715A12E3F1D37B4AC3B0C040EBA2DB1BE67A325793F4D9104"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5336
Expires: Mon, 21 Nov 2022 05:57:59 GMT
Date: Mon, 21 Nov 2022 04:29:03 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
34985760f5d78060e03c7553a007afc4
47b2ae17f38f7af08c4a156a76f948a43e6f35ee
202d5f8c20719cc3c80334bd41b98c64782036bb3499d37915b5e6f8592a7ad8

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "202D5F8C20719CC3C80334BD41B98C64782036BB3499D37915B5E6F8592A7AD8"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19546
Expires: Mon, 21 Nov 2022 09:54:49 GMT
Date: Mon, 21 Nov 2022 04:29:03 GMT
Connection: keep-alive

pixel.wp.com/g.gif?v=ext&blog=208484685&post=1741&tz=8&srv=hgamegallery.com&j=1%3A11.5.1&host=hgamegallery.com&ref=&fcp=1311&rand=0.6296287029967894

192.0.76.3

200 OK

50 B

URL HTTP/1.1
pixel.wp.com/g.gif?v=ext&blog=208484685&post=1741&tz=8&srv=hgamegallery.com&j=1%3A11.5.1&host=hgamegallery.com&ref=&fcp=1311&rand=0.6296287029967894
IP
192.0.76.3:0
ASN
#2635 AUTOMATTIC

File type
GIF image data, version 89a, 6 x 5\012- data
Size
50 B (50 bytes)
Hash
e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

HTTP Headers

GET /g.gif?v=ext&blog=208484685&post=1741&tz=8&srv=hgamegallery.com&j=1%3A11.5.1&host=hgamegallery.com&ref=&fcp=1311&rand=0.6296287029967894 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hgamegallery.com/

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 21 Nov 2022 04:29:03 GMT
Content-Type: image/gif
Content-Length: 50
Connection: keep-alive
Cache-Control: no-cache
Access-Control-Allow-Origin: *

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
a7205a2b341262d488e6cf658cdeccec
b21c47c6d9298404f27a990e2607c5c389e1e997
cfdd47d3eb5ab2d6a4834b1130164262843de6e6c879f050e3681fe8f247519f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=103453
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:03 GMT
Etag: "6379efac-117"
Expires: Tue, 22 Nov 2022 09:13:16 GMT
Last-Modified: Sun, 20 Nov 2022 09:13:16 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 279

www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js

142.250.74.163

200 OK

163 kB

URL HTTP/2
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (730)
Size
163 kB (162976 bytes)
Hash
79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6

HTTP Headers

GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://streamtape.com
Connection: keep-alive
Referer: https://streamtape.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 20 Nov 2022 11:26:10 GMT
expires: Mon, 20 Nov 2023 11:26:10 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 61373
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
19e00c4af824f5136ae6ba07a09da002
a609b6292cb58d2ebf876d463787c67cd2eafeb7
06a3263784cc0b826f415719172a61f29577765e1418e24b8de439766debd7ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "06A3263784CC0B826F415719172A61F29577765E1418E24B8DE439766DEBD7BA"
Last-Modified: Sun, 20 Nov 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17716
Expires: Mon, 21 Nov 2022 09:24:19 GMT
Date: Mon, 21 Nov 2022 04:29:03 GMT
Connection: keep-alive

unpkg.com/@silvermine/videojs-quality-selector@1.2.4/dist/js/silvermine-videojs-quality-selector.min.js?ver=1.2.4

104.16.126.175

302 Found

116 B

URL HTTP/2
unpkg.com/@silvermine/videojs-quality-selector@1.2.4/dist/js/silvermine-videojs-quality-selector.min.js?ver=1.2.4
IP
104.16.126.175:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
116 B (116 bytes)
Hash
a3e76fbecf35f0eaab82e1aa69d50316
88c472a442e7d97f7bd0bb6ecbe335f48bb90e46
0b0a9dedccddcc9297dd1a8afe58db1f787ceac8518f37dc21659bb1f468139b

HTTP Headers

GET /@silvermine/videojs-quality-selector@1.2.4/dist/js/silvermine-videojs-quality-selector.min.js?ver=1.2.4 HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Mon, 21 Nov 2022 04:29:02 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /@silvermine/videojs-quality-selector@1.2.4/dist/js/silvermine-videojs-quality-selector.min.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GJC6AAKQWREGQEMYPC8GMD23-ams
cf-cache-status: HIT
age: 865
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76d6ae97fa66b52d-OSL
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5e50f0f15cdae3d8e360d9da5394f105
7302a08d1c265f63352909a373f06f13d4be48c8
afccc8d123c9798025b4e2a3f76b7074844267071aba5b3bed189708aaf3ad58

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AFCCC8D123C9798025B4E2A3F76B7074844267071ABA5B3BED189708AAF3AD58"
Last-Modified: Sun, 20 Nov 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9721
Expires: Mon, 21 Nov 2022 07:11:04 GMT
Date: Mon, 21 Nov 2022 04:29:03 GMT
Connection: keep-alive

mc.yandex.ru/metrika/tag.js

87.250.250.119

200 OK

73 kB

URL HTTP/2
mc.yandex.ru/metrika/tag.js
IP
87.250.250.119:0
ASN
#13238 YANDEX LLC

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (587)
Size
73 kB (73267 bytes)
Hash
1d79426653c3b55939eaec59a2ce8ef5
c6db0314df7a4e5c08047f6306e0b79a1ad3bab2
2729cfe8b2f5142cf99734cbb4e1a3c6cd35868d279cd796db49ef62742ef993

HTTP Headers

GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamtape.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-length: 73267
date: Mon, 21 Nov 2022 04:29:03 GMT
access-control-allow-origin: *
etag: "63776891-11e33"
expires: Mon, 21 Nov 2022 05:29:03 GMT
last-modified: Fri, 18 Nov 2022 14:12:17 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

192.243.59.13

307 Temporary Redirect

0 B

URL HTTP/1.1
grewquartersupporting.com/watch.756290898585.js?key=3e2dd0cec782679e02313b91991c909e&kw=%5B%220566%22%2C%22-%22%2C%22%E3%80%90r18-mmd%E3%80%91genshin%22%2C%22impact%22%2C%22%E5%8E%9F%E7%A5%9E%22%2C%22nahida%22%2C%22%E8%8D%89%E7%A5%9E%22%2C%22-%22%2C%22hgamegallery%22%2C%22com%22%5D&refer=http%3A%2F%2Fhgamegallery.com%2FPID%2FV-1741%2F&tz=0&dev=e&res=12.1053&uuid=01d74c2a-54ee-45f8-a503-fb9b87ec4c55%3A1%3A1
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /watch.756290898585.js?key=3e2dd0cec782679e02313b91991c909e&kw=%5B%220566%22%2C%22-%22%2C%22%E3%80%90r18-mmd%E3%80%91genshin%22%2C%22impact%22%2C%22%E5%8E%9F%E7%A5%9E%22%2C%22nahida%22%2C%22%E8%8D%89%E7%A5%9E%22%2C%22-%22%2C%22hgamegallery%22%2C%22com%22%5D&refer=http%3A%2F%2Fhgamegallery.com%2FPID%2FV-1741%2F&tz=0&dev=e&res=12.1053&uuid=01d74c2a-54ee-45f8-a503-fb9b87ec4c55%3A1%3A1 HTTP/1.1
Host: grewquartersupporting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://hgamegallery.com
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.6
Date: Mon, 21 Nov 2022 04:29:03 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://hgamegallery.com
Access-Control-Allow-Origin: http://hgamegallery.com
Access-Control-Allow-Credentials: true
Location: https://grewquartersupporting.com/watch.756290898585.js?key=3e2dd0cec782679e02313b91991c909e&kw=%5B%220566%22%2C%22-%22%2C%22%E3%80%90r18-mmd%E3%80%91genshin%22%2C%22impact%22%2C%22%E5%8E%9F%E7%A5%9E%22%2C%22nahida%22%2C%22%E8%8D%89%E7%A5%9E%22%2C%22-%22%2C%22hgamegallery%22%2C%22com%22%5D&refer=http%3A%2F%2Fhgamegallery.com%2FPID%2FV-1741%2F&tz=0&dev=e&res=12.1053&uuid=01d74c2a-54ee-45f8-a503-fb9b87ec4c55%3A1%3A1&shu=09dbda2b1888e11ec3acd7deef9c83c630d02230661e3fc575541dc01229729aa56b7d26963d1fff73e96e9408f2e9e41bb659ceec76fec6f306c74dc2fc357d1b4978572cc81420bc3fcf9f74bb52e831f739e4&pst=1669005003&rmtc=t
Set-Cookie: u_pl=17344896; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzM0NDg5NiwiayI6IjNlMmRkMGNlYzc4MjY3OWUwMjMxM2I5MTk5MWM5MDllIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODg2MTU3LCJwaWQiOjQ4NDIyNCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjozMiwicHQiOjQsInBrIjoiemtiajFqY3QiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cDovL2hnYW1lZ2FsbGVyeS5jb20vUElEL1YtMTc0MS8ifX0.w2p0C8cpBpA6HxtxDwA68eXtjCR_YaWvaNqeMLj45sA; expires=Mon, 21 Nov 2022 04:30:03 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 25a818e9985e598dc71bc6b7687dc60d
Strict-Transport-Security: max-age=0; includeSubdomains

monkeysloveyou.com/get/1938828?zoneid=1938828&jp=_clprjquqou9uhnjdj170zd&nojs=0&ix=0&abvar=0&t=0&x=891&y=501&wcks=0&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=5738879442201701

62.122.171.6

200 OK

6.7 kB

URL HTTP/2
monkeysloveyou.com/get/1938828?zoneid=1938828&jp=_clprjquqou9uhnjdj170zd&nojs=0&ix=0&abvar=0&t=0&x=891&y=501&wcks=0&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=5738879442201701
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type
data
Size
6.7 kB (6675 bytes)
Hash
ccb2babf5b954cc90d9795f335c3210a
5806c4a89f3b2d447df4e4eedd67850448d62be4
43d6085ccc800267cad765c05a877ef84c131ae7656f5c8ff990135fd3933b90

HTTP Headers

GET /get/1938828?zoneid=1938828&jp=_clprjquqou9uhnjdj170zd&nojs=0&ix=0&abvar=0&t=0&x=891&y=501&wcks=0&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=5738879442201701 HTTP/1.1
Host: monkeysloveyou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamtape.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 04:29:03 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=221120232911346b8d710d43e991155a76ae; Path=/; Expires=Tue, 21 Nov 2023 04:29:03 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

c0.wp.com/p/jetpack/11.5.1/css/jetpack.css

192.0.77.37

200 OK

16 kB

URL HTTP/2
c0.wp.com/p/jetpack/11.5.1/css/jetpack.css
IP
192.0.77.37:0
ASN
#2635 AUTOMATTIC

File type
Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Size
16 kB (15863 bytes)
Hash
040d0a0b041a5b5b119249dd40945fed
1e856e08ea8fd0df9a33f3234e88db19d45ccba9
db7b456f1f5a4a13cfff42cca2289ff0a3e2b71c75c5ff4668bdd2a6077aa172

HTTP Headers

GET /p/jetpack/11.5.1/css/jetpack.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 04:29:01 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 25 Oct 2022 13:51:34 GMT
content-encoding: br
expires: Tue, 21 Nov 2023 04:29:01 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
a4e1d9ca2b68db3f0e10ab4799788da6
73a95ba2679c9be6c644c36021ddd4bc73d041c3
6c5aafd609d922aced7669e32f0d4b118d2e496706fceab96a883f5eda15ebdf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5671
Cache-Control: max-age=158394
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:03 GMT
Etag: "637ab022-118"
Expires: Wed, 23 Nov 2022 00:28:57 GMT
Last-Modified: Sun, 20 Nov 2022 22:54:26 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 280

173.233.137.36

307 Temporary Redirect

0 B

URL HTTP/1.1
yearbookhobblespinal.com/watch.143974537431.js?key=46de34ba3992a32486c1b089a1e267de&kw=%5B%220566%22%2C%22-%22%2C%22%E3%80%90r18-mmd%E3%80%91genshin%22%2C%22impact%22%2C%22%E5%8E%9F%E7%A5%9E%22%2C%22nahida%22%2C%22%E8%8D%89%E7%A5%9E%22%2C%22-%22%2C%22hgamegallery%22%2C%22com%22%5D&refer=http%3A%2F%2Fhgamegallery.com%2FPID%2FV-1741%2F&tz=0&dev=e&res=12.1053&uuid=01d74c2a-54ee-45f8-a503-fb9b87ec4c55%3A1%3A1
IP
173.233.137.36:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /watch.143974537431.js?key=46de34ba3992a32486c1b089a1e267de&kw=%5B%220566%22%2C%22-%22%2C%22%E3%80%90r18-mmd%E3%80%91genshin%22%2C%22impact%22%2C%22%E5%8E%9F%E7%A5%9E%22%2C%22nahida%22%2C%22%E8%8D%89%E7%A5%9E%22%2C%22-%22%2C%22hgamegallery%22%2C%22com%22%5D&refer=http%3A%2F%2Fhgamegallery.com%2FPID%2FV-1741%2F&tz=0&dev=e&res=12.1053&uuid=01d74c2a-54ee-45f8-a503-fb9b87ec4c55%3A1%3A1 HTTP/1.1
Host: yearbookhobblespinal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://hgamegallery.com
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Mon, 21 Nov 2022 04:29:03 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://hgamegallery.com
Access-Control-Allow-Origin: http://hgamegallery.com
Access-Control-Allow-Credentials: true
Location: https://yearbookhobblespinal.com/watch.143974537431.js?key=46de34ba3992a32486c1b089a1e267de&kw=%5B%220566%22%2C%22-%22%2C%22%E3%80%90r18-mmd%E3%80%91genshin%22%2C%22impact%22%2C%22%E5%8E%9F%E7%A5%9E%22%2C%22nahida%22%2C%22%E8%8D%89%E7%A5%9E%22%2C%22-%22%2C%22hgamegallery%22%2C%22com%22%5D&refer=http%3A%2F%2Fhgamegallery.com%2FPID%2FV-1741%2F&tz=0&dev=e&res=12.1053&uuid=01d74c2a-54ee-45f8-a503-fb9b87ec4c55%3A1%3A1&shu=ff6c41bf229fd4c403d96a829540e5fd0a88444acd5a92a7b5154babee445e2f7bd817f2a782357270403e3f8b27edda9cd9b8cacaa310e079cc1d28e6bbf2924114ad1ee5b1f1d3b2bcb5d308b5840384c2865907bfd2066e766be8ede976&pst=1669005003&rmtc=t
Set-Cookie: u_pl=17344874; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzM0NDg3NCwiayI6IjQ2ZGUzNGJhMzk5MmEzMjQ4NmMxYjA4OWExZTI2N2RlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODg2MTU3LCJwaWQiOjQ4NDIyNCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjoyNywicHQiOjQsInBrIjoiamV0YTU2NTk3IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly9oZ2FtZWdhbGxlcnkuY29tL1BJRC9WLTE3NDEvIn19.7a8kjETbp3-F_04n6jTVFkHAsUTzSiCtoCttqL2KDrY; expires=Mon, 21 Nov 2022 04:30:03 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7b1301a5eebffa80904c0cf90e7bb8e2
Strict-Transport-Security: max-age=0; includeSubdomains

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
a4e1d9ca2b68db3f0e10ab4799788da6
73a95ba2679c9be6c644c36021ddd4bc73d041c3
6c5aafd609d922aced7669e32f0d4b118d2e496706fceab96a883f5eda15ebdf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5671
Cache-Control: max-age=158394
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:03 GMT
Etag: "637ab022-118"
Expires: Wed, 23 Nov 2022 00:28:57 GMT
Last-Modified: Sun, 20 Nov 2022 22:54:26 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 280

cdn.pncloudfl.com/pn/4af/ed1/215/4afed1215aeed96c9610daad7049eebebe9842fb.png

104.22.59.221

200 OK

38 kB

URL HTTP/2
cdn.pncloudfl.com/pn/4af/ed1/215/4afed1215aeed96c9610daad7049eebebe9842fb.png
IP
104.22.59.221:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
38 kB (38000 bytes)
Hash
2e9960266c19877a91bf385de87eeda2
0d30eff039716b21f202e0bf2be6b76e718593c5
d6ee65dd959bfe76abac552ca181e156184ef415f2489dce6d2076d039bf11f3

HTTP Headers

GET /pn/4af/ed1/215/4afed1215aeed96c9610daad7049eebebe9842fb.png HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamtape.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 21 Nov 2022 04:29:03 GMT
content-type: image/webp
content-length: 38000
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=61565
content-disposition: inline; filename="4afed1215aeed96c9610daad7049eebebe9842fb.webp"
etag: a1f1496bb7662ed1e374dba8af3ca723
expires: Tue, 22 Nov 2022 17:30:59 GMT
last-modified: Mon, 23 Mar 2020 14:58:42 GMT
vary: Accept
x-openstack-request-id: txd1405c57899541f0b0b39-0061b0cee0
x-proxy-cache: HIT
x-timestamp: 1584975521.32419
x-trans-id: txd1405c57899541f0b0b39-0061b0cee0
cf-cache-status: HIT
age: 39484
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 76d6aea20b22b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.pncloudfl.com/pn/7e4/14a/f69/7e414af69a8398dbd277d2a568900209aadf8344.png

104.22.59.221

200 OK

26 kB

URL HTTP/2
cdn.pncloudfl.com/pn/7e4/14a/f69/7e414af69a8398dbd277d2a568900209aadf8344.png
IP
104.22.59.221:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
26 kB (25916 bytes)
Hash
b6d761b7b5c023024688500314127cd4
f551b98cae17ec049b718c69cb2331d90a6f6744
83007760fba67e5f90582e905166ea09d3898fcadee33c1cbd648aa8570c9fd6

HTTP Headers

GET /pn/7e4/14a/f69/7e414af69a8398dbd277d2a568900209aadf8344.png HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamtape.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 21 Nov 2022 04:29:03 GMT
content-type: image/webp
content-length: 25916
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=43190
content-disposition: inline; filename="7e414af69a8398dbd277d2a568900209aadf8344.webp"
etag: f61b34793263f04710039a549ae72cbc
expires: Mon, 21 Nov 2022 19:02:17 GMT
last-modified: Mon, 23 Mar 2020 14:47:21 GMT
vary: Accept
x-openstack-request-id: tx4718e70e0011494f8a57f-0061b0ba7a
x-proxy-cache: HIT
x-timestamp: 1584974840.94302
x-trans-id: tx4718e70e0011494f8a57f-0061b0ba7a
cf-cache-status: HIT
age: 120406
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 76d6aea21b23b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.pncloudfl.com/pn/56b/a42/3bc/56ba423bcacf05767ef7de043ed317f576e84ee2.png

104.22.59.221

200 OK

43 kB

URL HTTP/2
cdn.pncloudfl.com/pn/56b/a42/3bc/56ba423bcacf05767ef7de043ed317f576e84ee2.png
IP
104.22.59.221:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
43 kB (42896 bytes)
Hash
3e1c3d6737455035df23e1dd8c628159
ff5c77c8792281620a4793b43f38f1fdcc6f1c0a
eacb5c75d830f937a643288a9bb5ef5076c072ab6a2c5c4b3a9280ac8b0e0689

HTTP Headers

GET /pn/56b/a42/3bc/56ba423bcacf05767ef7de043ed317f576e84ee2.png HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamtape.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 21 Nov 2022 04:29:03 GMT
content-type: image/webp
content-length: 42896
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=55940
content-disposition: inline; filename="56ba423bcacf05767ef7de043ed317f576e84ee2.webp"
etag: b1f706760c0795f113260650d8b23f19
expires: Tue, 22 Nov 2022 18:18:47 GMT
last-modified: Wed, 13 Oct 2021 17:28:50 GMT
vary: Accept
x-openstack-request-id: tx9efe245160574944a0d40-0061b07698
x-proxy-cache: HIT
x-timestamp: 1634146129.98710
x-trans-id: tx9efe245160574944a0d40-0061b07698
cf-cache-status: HIT
age: 36616
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 76d6aea21b25b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
f1608290f2255634612a9a27a2cd643b
b9bc815e09590dbaa4a5891d714577918becc60d
739bb8946d6540368e37d6a21763b3829095fe5c489997eae48fa32a5c39c1bd

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2255
Cache-Control: max-age=141320
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:03 GMT
Etag: "637a7ac8-1d7"
Expires: Tue, 22 Nov 2022 19:44:23 GMT
Last-Modified: Sun, 20 Nov 2022 19:06:48 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

cdn.pncloudfl.com/pn/8f0/45b/18b/8f045b18b55fe7fdc72b2691500def4d530750c0.png

104.22.59.221

200 OK

6.7 kB

URL HTTP/2
cdn.pncloudfl.com/pn/8f0/45b/18b/8f045b18b55fe7fdc72b2691500def4d530750c0.png
IP
104.22.59.221:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
6.7 kB (6656 bytes)
Hash
44224161f8962dfd9e99c65d15b86eea
92f0c3793f8ffd9a62befd195cf65bdda8fa668e
4bd5f390d44341a25237611bc0334b56fb5c98953c326b58a1b01206db401f8d

HTTP Headers

GET /pn/8f0/45b/18b/8f045b18b55fe7fdc72b2691500def4d530750c0.png HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamtape.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 21 Nov 2022 04:29:03 GMT
content-type: image/webp
content-length: 6656
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=15458
content-disposition: inline; filename="8f045b18b55fe7fdc72b2691500def4d530750c0.webp"
etag: 755c4a2f0f57828e7c65bce93b3563dd
expires: Tue, 22 Nov 2022 17:13:41 GMT
last-modified: Wed, 06 Jul 2022 13:51:54 GMT
vary: Accept
x-openstack-request-id: tx4cbc7429e3f94537807f4-0062c5937b
x-proxy-cache: HIT
x-timestamp: 1657115513.82081
x-trans-id: tx4cbc7429e3f94537807f4-0062c5937b
cf-cache-status: HIT
age: 40522
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 76d6aea22b29b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

concernederase.com/ntv.json?key=bd38453025de0eb11821070501c78831&vstc=4

173.233.139.164

200 OK

18 kB

URL HTTP/1.1
concernederase.com/ntv.json?key=bd38453025de0eb11821070501c78831&vstc=4
IP
173.233.139.164:0
ASN
#7979 SERVERS-COM

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (17883), with no line terminators
Size
18 kB (17920 bytes)
Hash
8f4a03635aea08bc958eba5249f3b0de
29919f1e7d4be4d866e9042391dd97965e8c626e
93b30fe9262109043fd3ff4931da4971a47d70efe5f28a861ae413fd10b76976

HTTP Headers

GET /ntv.json?key=bd38453025de0eb11821070501c78831&vstc=4 HTTP/1.1
Host: concernederase.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://hgamegallery.com
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 21 Nov 2022 04:29:03 GMT
Content-Type: application/json
Content-Length: 17920
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://hgamegallery.com
Access-Control-Allow-Origin: http://hgamegallery.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17344984; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
uncs=1; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
pdhtkv49=true; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
uncs49=1; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
nlecbd38453025de0eb11821070501c78831=[3790237,3790236,3790235,3637745]; expires=Mon, 21 Nov 2022 04:29:08 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7c309ff3463a590af86d91c2b810eea8
Strict-Transport-Security: max-age=0; includeSubdomains

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
a4e1d9ca2b68db3f0e10ab4799788da6
73a95ba2679c9be6c644c36021ddd4bc73d041c3
6c5aafd609d922aced7669e32f0d4b118d2e496706fceab96a883f5eda15ebdf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5671
Cache-Control: max-age=158394
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:03 GMT
Etag: "637ab022-118"
Expires: Wed, 23 Nov 2022 00:28:57 GMT
Last-Modified: Sun, 20 Nov 2022 22:54:26 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 280

concernederase.com/ntv.json?key=a4053ddd11c2864345cfbcfc68e33003&vstc=4

173.233.139.164

200 OK

18 kB

URL HTTP/1.1
concernederase.com/ntv.json?key=a4053ddd11c2864345cfbcfc68e33003&vstc=4
IP
173.233.139.164:0
ASN
#7979 SERVERS-COM

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (17885), with no line terminators
Size
18 kB (17922 bytes)
Hash
b53330d092ba76d14b6c6c0203c8ca90
929799d835a03b59b621f8d28c00ab0c88014c42
fb05e775b4623e51b176e70cd28bf18597af479e0e227abea66c92b78a6f6d25

HTTP Headers

GET /ntv.json?key=a4053ddd11c2864345cfbcfc68e33003&vstc=4 HTTP/1.1
Host: concernederase.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://hgamegallery.com
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 21 Nov 2022 04:29:03 GMT
Content-Type: application/json
Content-Length: 17922
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://hgamegallery.com
Access-Control-Allow-Origin: http://hgamegallery.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17344826; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
uncs=1; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
pdhtkv49=true; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
uncs49=1; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
nleca4053ddd11c2864345cfbcfc68e33003=[3790236,3790237,3790235,3637745]; expires=Mon, 21 Nov 2022 04:29:08 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ae70ecae1e0926314c65f107cfd2be4f
Strict-Transport-Security: max-age=0; includeSubdomains

hgamegallery.com/PID/V-1741/?relatedposts=1

162.144.3.79

200 OK

551 B

URL HTTP/1.1
hgamegallery.com/PID/V-1741/?relatedposts=1
IP
162.144.3.79:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JSON data\012- , ASCII text, with very long lines (1381), with no line terminators
Size
551 B (551 bytes)
Hash
b8bda41e6aee152fec9b3d4afc208585
9e6fbcb6a055bab4f95aa8d2df5b6378aa57d555
9e26114d0f2848c1dff9cdf439f267cb74515bd658b2dcaa74d4b6ddbf2d3ff4

HTTP Headers

GET /PID/V-1741/?relatedposts=1 HTTP/1.1
Host: hgamegallery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
x-requested-with: XMLHttpRequest
Connection: keep-alive
Referer: http://hgamegallery.com/PID/V-1741/
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=01d74c2a-54ee-45f8-a503-fb9b87ec4c55%3A1%3A1; sb_main_85dde4232c6b160541619f82fd5c2b8a=1; sb_count_85dde4232c6b160541619f82fd5c2b8a=1; visited=1

HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 04:29:01 GMT
Server: nginx/1.21.6
Content-Type: application/json; charset=utf-8
Content-Length: 551
X-Content-Type-Options: nosniff
Cache-Control: max-age=604800
Expires: Mon, 28 Nov 2022 04:29:03 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 3
X-nginx-cache: WordPress
X-Server-Cache: false

relativelyweptcurls.com/watch.597856604557.js?key=46de34ba3992a32486c1b089a1e267de&kw=%5B%5D&refer=http%3A%2F%2Fhgamegallery.com%2FPID%2FV-1741%2F&tz=0&dev=e&res=12.1053&uuid=dbc946e1-3f00-4171-a1d8-f4ccd2ab487e%3A3%3A1&shu=4e1a917003d52471cd39bebd30dd5fba9ed1b5337daa6b094626359e5305c6434f92e0c3f8c2ca38abdf8ced3c760c7b33eb6cd505fd9664099e831f0eb7e4c2978dda559d5f0480f963128a5ffd64091eb81221a7554aec4f26d3016225b4&pst=1669005003&rmtc=t

173.233.137.36

200 OK

637 B

URL HTTP/1.1
relativelyweptcurls.com/watch.597856604557.js?key=46de34ba3992a32486c1b089a1e267de&kw=%5B%5D&refer=http%3A%2F%2Fhgamegallery.com%2FPID%2FV-1741%2F&tz=0&dev=e&res=12.1053&uuid=dbc946e1-3f00-4171-a1d8-f4ccd2ab487e%3A3%3A1&shu=4e1a917003d52471cd39bebd30dd5fba9ed1b5337daa6b094626359e5305c6434f92e0c3f8c2ca38abdf8ced3c760c7b33eb6cd505fd9664099e831f0eb7e4c2978dda559d5f0480f963128a5ffd64091eb81221a7554aec4f26d3016225b4&pst=1669005003&rmtc=t
IP
173.233.137.36:0
ASN
#7979 SERVERS-COM

File type
HTML document text\012- HTML document, ASCII text, with very long lines (593)
Size
637 B (637 bytes)
Hash
5eec97d123ad739b9b39b2f78d32926b
3b884f5a3e64c8f7a5fc71a8c5cc0a1a5f725cce
d4479a55187e880aa428f5f8c3398d22bd300d65f283e1740e0b56440b7dee66

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /watch.597856604557.js?key=46de34ba3992a32486c1b089a1e267de&kw=%5B%5D&refer=http%3A%2F%2Fhgamegallery.com%2FPID%2FV-1741%2F&tz=0&dev=e&res=12.1053&uuid=dbc946e1-3f00-4171-a1d8-f4ccd2ab487e%3A3%3A1&shu=4e1a917003d52471cd39bebd30dd5fba9ed1b5337daa6b094626359e5305c6434f92e0c3f8c2ca38abdf8ced3c760c7b33eb6cd505fd9664099e831f0eb7e4c2978dda559d5f0480f963128a5ffd64091eb81221a7554aec4f26d3016225b4&pst=1669005003&rmtc=t HTTP/1.1
Host: relativelyweptcurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://hgamegallery.com
Referer: http://hgamegallery.com/
Connection: keep-alive
Cookie: u_pl=17344874; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzM0NDg3NCwiayI6IjQ2ZGUzNGJhMzk5MmEzMjQ4NmMxYjA4OWExZTI2N2RlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODg2MTU3LCJwaWQiOjQ4NDIyNCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjoyNywicHQiOjQsInBrIjoiamV0YTU2NTk3IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly9oZ2FtZWdhbGxlcnkuY29tL1BJRC9WLTE3NDEvIn19.7a8kjETbp3-F_04n6jTVFkHAsUTzSiCtoCttqL2KDrY
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 21 Nov 2022 04:29:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://hgamegallery.com
Access-Control-Allow-Origin: http://hgamegallery.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=dbc946e1-3f00-4171-a1d8-f4ccd2ab487e:3:1; expires=Mon, 28 Nov 2022 04:29:03 GMT; secure; SameSite=None
iprc9f9c19787232cbb4006865b71c6e06a4=2116935; expires=Tue, 22 Nov 2022 06:29:03 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
uncs=1; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
pdhtkv27=true; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
uncs27=1; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 93e4866f855296e1ae0a3f1c54cdcbe6
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

morbidlocally.com/ntv.json?key=bace4014c7f34a29f5bb45d0c209255e&vstc=4

192.243.61.225

200 OK

18 kB

URL HTTP/1.1
morbidlocally.com/ntv.json?key=bace4014c7f34a29f5bb45d0c209255e&vstc=4
IP
192.243.61.225:0
ASN
#39572 DataWeb Global Group B.V.

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (17943), with no line terminators
Size
18 kB (17980 bytes)
Hash
9f6a1f49257b1732295cf0b5945a1c17
d1fbe9e9e1049ab5d6cf10b438df3c9470205239
219791d185b101f50eb0c0168b4369a03870f58b830c24927efae1a0e34ece69

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ntv.json?key=bace4014c7f34a29f5bb45d0c209255e&vstc=4 HTTP/1.1
Host: morbidlocally.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://hgamegallery.com
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 21 Nov 2022 04:29:03 GMT
Content-Type: application/json
Content-Length: 17980
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://hgamegallery.com
Access-Control-Allow-Origin: http://hgamegallery.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17344982; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
uncs=1; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
pdhtkv49=true; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
uncs49=1; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
nlecbace4014c7f34a29f5bb45d0c209255e=[3790235,3790236,3790237,3637745]; expires=Mon, 21 Nov 2022 04:29:08 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 872e5f23dcee1b79e2229f8928fb44aa
Strict-Transport-Security: max-age=0; includeSubdomains

grewquartersupporting.com/watch.756290898585.js?key=3e2dd0cec782679e02313b91991c909e&kw=%5B%220566%22%2C%22-%22%2C%22%E3%80%90r18-mmd%E3%80%91genshin%22%2C%22impact%22%2C%22%E5%8E%9F%E7%A5%9E%22%2C%22nahida%22%2C%22%E8%8D%89%E7%A5%9E%22%2C%22-%22%2C%22hgamegallery%22%2C%22com%22%5D&refer=http%3A%2F%2Fhgamegallery.com%2FPID%2FV-1741%2F&tz=0&dev=e&res=12.1053&uuid=01d74c2a-54ee-45f8-a503-fb9b87ec4c55%3A1%3A1&shu=09dbda2b1888e11ec3acd7deef9c83c630d02230661e3fc575541dc01229729aa56b7d26963d1fff73e96e9408f2e9e41bb659ceec76fec6f306c74dc2fc357d1b4978572cc81420bc3fcf9f74bb52e831f739e4&pst=1669005003&rmtc=t

192.243.59.13

200 OK

2.4 kB

URL HTTP/1.1
grewquartersupporting.com/watch.756290898585.js?key=3e2dd0cec782679e02313b91991c909e&kw=%5B%220566%22%2C%22-%22%2C%22%E3%80%90r18-mmd%E3%80%91genshin%22%2C%22impact%22%2C%22%E5%8E%9F%E7%A5%9E%22%2C%22nahida%22%2C%22%E8%8D%89%E7%A5%9E%22%2C%22-%22%2C%22hgamegallery%22%2C%22com%22%5D&refer=http%3A%2F%2Fhgamegallery.com%2FPID%2FV-1741%2F&tz=0&dev=e&res=12.1053&uuid=01d74c2a-54ee-45f8-a503-fb9b87ec4c55%3A1%3A1&shu=09dbda2b1888e11ec3acd7deef9c83c630d02230661e3fc575541dc01229729aa56b7d26963d1fff73e96e9408f2e9e41bb659ceec76fec6f306c74dc2fc357d1b4978572cc81420bc3fcf9f74bb52e831f739e4&pst=1669005003&rmtc=t
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document text\012- HTML document, ASCII text, with very long lines (3105)
Size
2.4 kB (2418 bytes)
Hash
da81a34e605b6acfeaf5b0d7ef484b3b
e8d931461ef47de4407c1e0d6aa6cee59f601cbf
41e5660ad42e1780fcfda1759ca75e74b34148f066826d017e2fd0bef35bd204

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /watch.756290898585.js?key=3e2dd0cec782679e02313b91991c909e&kw=%5B%220566%22%2C%22-%22%2C%22%E3%80%90r18-mmd%E3%80%91genshin%22%2C%22impact%22%2C%22%E5%8E%9F%E7%A5%9E%22%2C%22nahida%22%2C%22%E8%8D%89%E7%A5%9E%22%2C%22-%22%2C%22hgamegallery%22%2C%22com%22%5D&refer=http%3A%2F%2Fhgamegallery.com%2FPID%2FV-1741%2F&tz=0&dev=e&res=12.1053&uuid=01d74c2a-54ee-45f8-a503-fb9b87ec4c55%3A1%3A1&shu=09dbda2b1888e11ec3acd7deef9c83c630d02230661e3fc575541dc01229729aa56b7d26963d1fff73e96e9408f2e9e41bb659ceec76fec6f306c74dc2fc357d1b4978572cc81420bc3fcf9f74bb52e831f739e4&pst=1669005003&rmtc=t HTTP/1.1
Host: grewquartersupporting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://hgamegallery.com
Referer: http://hgamegallery.com/
Connection: keep-alive
Cookie: u_pl=17344896; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzM0NDg5NiwiayI6IjNlMmRkMGNlYzc4MjY3OWUwMjMxM2I5MTk5MWM5MDllIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODg2MTU3LCJwaWQiOjQ4NDIyNCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjozMiwicHQiOjQsInBrIjoiemtiajFqY3QiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cDovL2hnYW1lZ2FsbGVyeS5jb20vUElEL1YtMTc0MS8ifX0.w2p0C8cpBpA6HxtxDwA68eXtjCR_YaWvaNqeMLj45sA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 21 Nov 2022 04:29:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://hgamegallery.com
Access-Control-Allow-Origin: http://hgamegallery.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=01d74c2a-54ee-45f8-a503-fb9b87ec4c55:1:1; expires=Mon, 28 Nov 2022 04:29:03 GMT; secure; SameSite=None
iprc6599ea326070ff9a6e0b47f13d52a0e6=3569682; expires=Mon, 21 Nov 2022 08:29:03 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
uncs=1; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
pdhtkv32=true; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
uncs32=1; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 81ee2afc98bab12171a55caa55535597
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

bmc-cdn.nyc3.digitaloceanspaces.com/Fonts/65d75eb0-2601-4da5-a9a4-9ee67a470a59.woff

162.243.189.2

200 OK

22 kB

URL HTTP/2
bmc-cdn.nyc3.digitaloceanspaces.com/Fonts/65d75eb0-2601-4da5-a9a4-9ee67a470a59.woff
IP
162.243.189.2:0
ASN
#14061 DIGITALOCEAN-ASN

File type
Web Open Font Format, TrueType, length 22051, version 1.0\012- data
Size
22 kB (22051 bytes)
Hash
edc05a13a301b3a6e023292eb0762d1c
df8a2b7200cb4b9eb5f73c7fd2ff67d92ff5d833
ab4883df74435cbd0eb4d9ddfa492e7cc2a4be7ceff47fcefe82199aed9c4ed0

HTTP Headers

GET /Fonts/65d75eb0-2601-4da5-a9a4-9ee67a470a59.woff HTTP/1.1
Host: bmc-cdn.nyc3.digitaloceanspaces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://hgamegallery.com
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-request-id: tx000000000000008e3c23a-00637afe64-21d287ee-nyc3a
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 0
date: Mon, 21 Nov 2022 04:28:21 GMT
content-length: 22051
last-modified: Wed, 02 May 2018 07:26:09 GMT
x-rgw-object-type: Normal
etag: "edc05a13a301b3a6e023292eb0762d1c"
cache-control: max-age=60000
content-type: application/font-woff
age: 41
accept-ranges: bytes
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
strict-transport-security: max-age=15552000; includeSubDomains; preload
X-Firefox-Spdy: h2

bg4nxu2u5t.com/solid.gif?z=1876944&abvar=0

62.122.171.6

200 OK

43 B

URL HTTP/2
bg4nxu2u5t.com/solid.gif?z=1876944&abvar=0
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /solid.gif?z=1876944&abvar=0 HTTP/1.1
Host: bg4nxu2u5t.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://streamtape.com
Connection: keep-alive
Referer: https://streamtape.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 04:29:03 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

yearbookhobblespinal.com/watch.143974537431.js?key=46de34ba3992a32486c1b089a1e267de&kw=%5B%220566%22%2C%22-%22%2C%22%E3%80%90r18-mmd%E3%80%91genshin%22%2C%22impact%22%2C%22%E5%8E%9F%E7%A5%9E%22%2C%22nahida%22%2C%22%E8%8D%89%E7%A5%9E%22%2C%22-%22%2C%22hgamegallery%22%2C%22com%22%5D&refer=http%3A%2F%2Fhgamegallery.com%2FPID%2FV-1741%2F&tz=0&dev=e&res=12.1053&uuid=01d74c2a-54ee-45f8-a503-fb9b87ec4c55%3A1%3A1&shu=ff6c41bf229fd4c403d96a829540e5fd0a88444acd5a92a7b5154babee445e2f7bd817f2a782357270403e3f8b27edda9cd9b8cacaa310e079cc1d28e6bbf2924114ad1ee5b1f1d3b2bcb5d308b5840384c2865907bfd2066e766be8ede976&pst=1669005003&rmtc=t

173.233.137.36

200 OK

637 B

URL HTTP/1.1
yearbookhobblespinal.com/watch.143974537431.js?key=46de34ba3992a32486c1b089a1e267de&kw=%5B%220566%22%2C%22-%22%2C%22%E3%80%90r18-mmd%E3%80%91genshin%22%2C%22impact%22%2C%22%E5%8E%9F%E7%A5%9E%22%2C%22nahida%22%2C%22%E8%8D%89%E7%A5%9E%22%2C%22-%22%2C%22hgamegallery%22%2C%22com%22%5D&refer=http%3A%2F%2Fhgamegallery.com%2FPID%2FV-1741%2F&tz=0&dev=e&res=12.1053&uuid=01d74c2a-54ee-45f8-a503-fb9b87ec4c55%3A1%3A1&shu=ff6c41bf229fd4c403d96a829540e5fd0a88444acd5a92a7b5154babee445e2f7bd817f2a782357270403e3f8b27edda9cd9b8cacaa310e079cc1d28e6bbf2924114ad1ee5b1f1d3b2bcb5d308b5840384c2865907bfd2066e766be8ede976&pst=1669005003&rmtc=t
IP
173.233.137.36:0
ASN
#7979 SERVERS-COM

File type
HTML document text\012- HTML document, ASCII text, with very long lines (593)
Size
637 B (637 bytes)
Hash
5eec97d123ad739b9b39b2f78d32926b
3b884f5a3e64c8f7a5fc71a8c5cc0a1a5f725cce
d4479a55187e880aa428f5f8c3398d22bd300d65f283e1740e0b56440b7dee66

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /watch.143974537431.js?key=46de34ba3992a32486c1b089a1e267de&kw=%5B%220566%22%2C%22-%22%2C%22%E3%80%90r18-mmd%E3%80%91genshin%22%2C%22impact%22%2C%22%E5%8E%9F%E7%A5%9E%22%2C%22nahida%22%2C%22%E8%8D%89%E7%A5%9E%22%2C%22-%22%2C%22hgamegallery%22%2C%22com%22%5D&refer=http%3A%2F%2Fhgamegallery.com%2FPID%2FV-1741%2F&tz=0&dev=e&res=12.1053&uuid=01d74c2a-54ee-45f8-a503-fb9b87ec4c55%3A1%3A1&shu=ff6c41bf229fd4c403d96a829540e5fd0a88444acd5a92a7b5154babee445e2f7bd817f2a782357270403e3f8b27edda9cd9b8cacaa310e079cc1d28e6bbf2924114ad1ee5b1f1d3b2bcb5d308b5840384c2865907bfd2066e766be8ede976&pst=1669005003&rmtc=t HTTP/1.1
Host: yearbookhobblespinal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://hgamegallery.com
Referer: http://hgamegallery.com/
Connection: keep-alive
Cookie: u_pl=17344874; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzM0NDg3NCwiayI6IjQ2ZGUzNGJhMzk5MmEzMjQ4NmMxYjA4OWExZTI2N2RlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODg2MTU3LCJwaWQiOjQ4NDIyNCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjoyNywicHQiOjQsInBrIjoiamV0YTU2NTk3IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly9oZ2FtZWdhbGxlcnkuY29tL1BJRC9WLTE3NDEvIn19.7a8kjETbp3-F_04n6jTVFkHAsUTzSiCtoCttqL2KDrY
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 21 Nov 2022 04:29:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://hgamegallery.com
Access-Control-Allow-Origin: http://hgamegallery.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=01d74c2a-54ee-45f8-a503-fb9b87ec4c55:1:1; expires=Mon, 28 Nov 2022 04:29:03 GMT; secure; SameSite=None
iprc9f9c19787232cbb4006865b71c6e06a4=2116935; expires=Tue, 22 Nov 2022 06:29:03 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
uncs=1; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
pdhtkv27=true; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
uncs27=1; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a5a92e16476373ce66247d651df9a58c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

revoketypes.com/sbar.json?key=85dde4232c6b160541619f82fd5c2b8a&uuid=f1f40382-2bad-4405-a6ce-7b5b8892ff62%3A2%3A1

173.233.137.44

200 OK

4.2 kB

URL HTTP/1.1
revoketypes.com/sbar.json?key=85dde4232c6b160541619f82fd5c2b8a&uuid=f1f40382-2bad-4405-a6ce-7b5b8892ff62%3A2%3A1
IP
173.233.137.44:0
ASN
#7979 SERVERS-COM

File type
JSON data\012- , ASCII text, with very long lines (5882), with no line terminators
Size
4.2 kB (4204 bytes)
Hash
1ca4a8f4675f9415c26be8293df890f1
142a701bf55110b2d0910b5377364985a9309b30
366c0473b5917baa27e7b6aa45bddc28e343937b91a0b605fd54e190149bc5e9

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /sbar.json?key=85dde4232c6b160541619f82fd5c2b8a&uuid=f1f40382-2bad-4405-a6ce-7b5b8892ff62%3A2%3A1 HTTP/1.1
Host: revoketypes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://hgamegallery.com
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 21 Nov 2022 04:29:03 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://hgamegallery.com
Access-Control-Allow-Origin: http://hgamegallery.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17344880; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
uid_id2=f1f40382-2bad-4405-a6ce-7b5b8892ff62:2:1; expires=Mon, 28 Nov 2022 04:29:03 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
uncs=1; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
pdhtkv29=true; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
uncs29=1; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
slec85dde4232c6b160541619f82fd5c2b8a=[3760946]; expires=Mon, 21 Nov 2022 04:29:08 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: aec3f2250243a48a336d58dbfb99401f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

fonts.googleapis.com/css?family=Roboto%3A400%2C700&ver=1.2.3

142.250.74.10

200 OK

503 B

URL HTTP/2
fonts.googleapis.com/css?family=Roboto%3A400%2C700&ver=1.2.3
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
503 B (503 bytes)
Hash
d1c6dd76311f2e7c2b2f47f1a0afd89e
56132a39430ca0138c39cc353cf855f63806de42
dc6a7b93deabdc767e2c50376bf0954b378a757637ebf1a8a38d2e06022afa29

HTTP Headers

GET /css?family=Roboto%3A400%2C700&ver=1.2.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 21 Nov 2022 04:29:02 GMT
date: Mon, 21 Nov 2022 04:29:02 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
dfa0d5b4f90848e05433347edb1d4a9a
1de9fe575c0ea9f14ab4d78796e73f1a8f2b6c81
21c56fbc931c4312d543b5cedcf7fde6e115995768e22ecd5cdfac9622589a91

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3908
Cache-Control: max-age=157046
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:04 GMT
Etag: "637ab1c2-116"
Expires: Wed, 23 Nov 2022 00:06:30 GMT
Last-Modified: Sun, 20 Nov 2022 23:01:22 GMT
Server: ECS (amb/6B82)
X-Cache: HIT
Content-Length: 278

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.195

200 OK

15 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 19 Nov 2022 12:31:58 GMT
expires: Sun, 19 Nov 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 143826
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

1.gravatar.com/avatar/4c68ceb6e7b1466b28f7d5d3d90154b9?s=32&d=wavatar&r=g

192.0.73.2

200 OK

1.7 kB

URL HTTP/1.1
1.gravatar.com/avatar/4c68ceb6e7b1466b28f7d5d3d90154b9?s=32&d=wavatar&r=g
IP
192.0.73.2:0
ASN
#2635 AUTOMATTIC

File type
PNG image data, 32 x 32, 8-bit/color RGB, non-interlaced\012- data
Size
1.7 kB (1684 bytes)
Hash
f526aae2182bef16bc67ae14786e9444
cb72d85c865ce6468149e5975d2c23fbcb6a2e47
ea1c95af834c17d92e685737acf9d0f7241e6846fd16815c77f720876eaa9b15

HTTP Headers

GET /avatar/4c68ceb6e7b1466b28f7d5d3d90154b9?s=32&d=wavatar&r=g HTTP/1.1
Host: 1.gravatar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hgamegallery.com/

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 21 Nov 2022 04:29:04 GMT
Content-Type: image/png
Content-Length: 1684
Connection: keep-alive
Last-Modified: Wed, 11 Jan 1984 08:00:00 GMT
Link: <https://www.gravatar.com/avatar/4c68ceb6e7b1466b28f7d5d3d90154b9?s=32&d=wavatar&r=g>; rel="canonical"
Access-Control-Allow-Origin: *
Expires: Mon, 21 Nov 2022 04:34:04 GMT
Cache-Control: max-age=300
X-nc: HIT arn 1
Accept-Ranges: bytes

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Nov 2022 21:46:16 GMT
expires: Fri, 17 Nov 2023 21:46:16 GMT
cache-control: public, max-age=31536000
age: 283368
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13224
Expires: Mon, 21 Nov 2022 08:09:28 GMT
Date: Mon, 21 Nov 2022 04:29:04 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13224
Expires: Mon, 21 Nov 2022 08:09:28 GMT
Date: Mon, 21 Nov 2022 04:29:04 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13224
Expires: Mon, 21 Nov 2022 08:09:28 GMT
Date: Mon, 21 Nov 2022 04:29:04 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13224
Expires: Mon, 21 Nov 2022 08:09:28 GMT
Date: Mon, 21 Nov 2022 04:29:04 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F308504cf-ed6b-4fb8-bc67-4165549bba4e.jpeg

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F308504cf-ed6b-4fb8-bc67-4165549bba4e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (7996 bytes)
Hash
131cae0245e456c2497833b48cc1be0e
01b7bf2cfcdac73911dbd0a570d262978a43daf1
539cc2fdefb049df026b18d450c56d85b7821b8723ea0070efa460096669576e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F308504cf-ed6b-4fb8-bc67-4165549bba4e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7996
x-amzn-requestid: af3a6545-f0ad-40de-b1f6-56b9607242f4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1BvREKZoAMFzDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63784994-2659c8ec5fc04c510ea0e643;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 03:12:20 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: UU9m-kzHM4oKCHNiK2q4NWftsCueXeiBpJkk0cDv3et4v3MpF6eCtQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 f268a165a18929fd0a24a3189fbd16b2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 20 Nov 2022 13:08:40 GMT
age: 55224
etag: "01b7bf2cfcdac73911dbd0a570d262978a43daf1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F094c0060-bf98-4333-9e68-8d59aeaad47d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.8 kB (8845 bytes)
Hash
8ae8d4ec7c5c9342187a53f31ff047f0
edc867e01f7ab5f74e354cecbef80f33c351ee50
2e8e395279eaf6484a64377950ef8a78ce91c386e5041781e4e1cf90aa1d9a29

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F094c0060-bf98-4333-9e68-8d59aeaad47d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8845
x-amzn-requestid: 00b60fd9-9a63-43f5-b609-bbfffba697ed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b63BeGujIAMFiDQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637a9ed6-097273382ac910de3f5866fc;Sampled=0
x-amzn-remapped-date: Sun, 20 Nov 2022 21:40:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: QexqsQytBUFtg99sZUHFQQu3r4d1HPDM8IseDPtbe4Jupg0u6_yr_g==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 3bb2b699cd244bf37141ea08a6a61732.cloudfront.net (CloudFront), 1.1 google
date: Sun, 20 Nov 2022 21:45:41 GMT
age: 24203
etag: "edc867e01f7ab5f74e354cecbef80f33c351ee50"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F456dceb5-a83f-4f88-a0fd-f91e73828913.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
data
Size
8.5 kB (8539 bytes)
Hash
384c94b8f40a4b798ee0c6ee54e24142
a3724a139f8b49b977ee60a4fd27e33aa045c816
de35a0b5cd8dc9ef37c51a16124d9363ac0152cd672c0cfa7095c0fee5c33827

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F456dceb5-a83f-4f88-a0fd-f91e73828913.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8147
x-amzn-requestid: 29cd738b-e3db-4941-b2f3-e561be4ec4a6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bqqIKE5LIAMFqIQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637423cd-5b33bc833556948658451d80;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 23:42:05 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4lRsQHZydDSiZ_G042RgL2nzOBZl_9cA1nFzacfMGjxUnLkbRYCmaQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Sun, 20 Nov 2022 05:35:20 GMT
age: 82424
etag: "45230c58ca0e76ac900dd554fa2edf562e531657"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc808a76a-e93b-4c6e-9163-b69ab5e7076e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.0 kB (7013 bytes)
Hash
994eefbfbd0e842814d889c8d279d375
34bc1857b5e78b3a059f9a1b3eed33bd8d3fe920
c5c510dcf074dbb2d180f3d3e5013aef84016a095c154ee091b88d68cf528e42

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc808a76a-e93b-4c6e-9163-b69ab5e7076e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7013
x-amzn-requestid: 2ca74e56-be57-4f3d-85d0-f937bc3ace9e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: buJZcHKnIAMF6Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63758909-6d753cac1d6d55255aecb08a;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 01:06:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: u6cuVA2ZBv1RuSv2A2x5jM9mrsKoJ9o4M8tCuhi_yp4rR09AAV0jsA==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 618052a0d9c86c1a3bf663f82d041d1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 20 Nov 2022 21:55:55 GMT
age: 23589
etag: "34bc1857b5e78b3a059f9a1b3eed33bd8d3fe920"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
3772d125a1545839b0b7c9a93772789d
d6e231549bee7d58704829c2ecb35ae1d8bfd342
b87e135b56409c18c7a4ed999730e0e8b651205896e7966502fe7a63a52da881

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4898
Cache-Control: max-age=171666
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:04 GMT
Etag: "637ae700-1d7"
Expires: Wed, 23 Nov 2022 04:10:10 GMT
Last-Modified: Mon, 21 Nov 2022 02:48:32 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

34.120.237.76

200 OK

7.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d0200f7-6c58-4279-9894-e77af33a20b9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.8 kB (7776 bytes)
Hash
90c4a11a433a7e6f63d5a7e4a002670c
3dd59232288f753e2497e7a4aa941170bf749c19
fd8269b78bdcdf90605b584ee03e16b0fbd9c63671e0bc114e231f6aaa50f5b9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d0200f7-6c58-4279-9894-e77af33a20b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7776
x-amzn-requestid: bb008677-aa5c-4097-8c01-fe1ee60f8e55
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bXWfeE9LoAMFRcw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c6ac9-3ecac1081f7f8b2c54bb3d76;Sampled=0
x-amzn-remapped-date: Thu, 10 Nov 2022 03:06:49 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: AClt1dfxNEnWC_rf8wD5FRFperdQApthZGSC-NUQejIYtEKwwE3S7A==
via: 1.1 1352c0a623ff0601dd16439f3f225f70.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sun, 20 Nov 2022 18:14:58 GMT
age: 36846
etag: "3dd59232288f753e2497e7a4aa941170bf749c19"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.3 kB (4309 bytes)
Hash
841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1U8xGxgIAMF-qQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: nirP6BxhN9QUwG2Z_RdA5pCRm36dQKCJMPZMIBRCjt39dQueZh094g==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 5c7981a979abd51ba7e5ca7d464fd048.cloudfront.net (CloudFront), 1.1 google
date: Sun, 20 Nov 2022 09:31:47 GMT
age: 68237
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

connect.facebook.net/fr_FR/sdk.js

157.240.200.14

200 OK

1.7 kB

URL HTTP/2
connect.facebook.net/fr_FR/sdk.js
IP
157.240.200.14:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (1957)
Size
1.7 kB (1682 bytes)
Hash
5bcaf3a3e8ecfc53fe6a4fdfe5253d4b
1d93bb3845a2a54207354d79f8ea669475b7c16d
cf1f6b89cb27bfabc61a6169116bd3d599133c04408322d1710f6f9a513a583e

HTTP Headers

GET /fr_FR/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 4cc9727c3e33a1c4780808cdd0ea6065
etag: "6002cbf0a5fcff21a64b05af7e305c44"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Mon, 21 Nov 2022 04:39:42 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: W8rzo+js/FP+ak/f5SU9Sw==
x-fb-debug: uFTRZySEnYC0MMtoBqP692aM8mnrbYuS7qqcsz1xJENn9cWh89subpnBFPq5L6rjzSvqlQdD7ed4p35Lta8hlA==
content-length: 1682
x-fb-trip-id: 1679558926
date: Mon, 21 Nov 2022 04:29:04 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
3772d125a1545839b0b7c9a93772789d
d6e231549bee7d58704829c2ecb35ae1d8bfd342
b87e135b56409c18c7a4ed999730e0e8b651205896e7966502fe7a63a52da881

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4898
Cache-Control: max-age=171666
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:04 GMT
Etag: "637ae700-1d7"
Expires: Wed, 23 Nov 2022 04:10:10 GMT
Last-Modified: Mon, 21 Nov 2022 02:48:32 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

bg4nxu2u5t.com/aas/r45d/vki/1876944/105dadc5.js

62.122.171.6

200 OK

27 kB

URL HTTP/2
bg4nxu2u5t.com/aas/r45d/vki/1876944/105dadc5.js
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type
data
Size
27 kB (26608 bytes)
Hash
7ac3ab63f3b216a9626b99cabeb54851
f6cb5089f55721225a06ab10cdf73ffc70a0ee00
31cee94ead8bb6926cc62f1fed621c620b7e16a3f5590d3923c92f160364f1a8

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /aas/r45d/vki/1876944/105dadc5.js HTTP/1.1
Host: bg4nxu2u5t.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamtape.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 04:29:03 GMT
content-type: application/javascript
last-modified: Tue, 15 Nov 2022 12:20:41 GMT
vary: Accept-Encoding
etag: W/"63738419-10f52"
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2

hgamegallery.com/favicon.ico

162.144.3.79

200 OK

2.8 kB

URL HTTP/1.1
hgamegallery.com/favicon.ico
IP
162.144.3.79:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
MS Windows icon resource - 2 icons, 16x16 with PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced, 8 bits/pixel, 32x32 with PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced, 8 bits/pixel\012- data
Size
2.8 kB (2780 bytes)
Hash
dabe9ce5581670f84e89a789a78d09b8
1662f23ff5553364505a29cac571102cf370fc85
04ec9ba779be752a6480758574feae350370480887bc7fe52fd968519cf27208

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: hgamegallery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hgamegallery.com/PID/V-1741/
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=01d74c2a-54ee-45f8-a503-fb9b87ec4c55%3A1%3A1; sb_main_85dde4232c6b160541619f82fd5c2b8a=1; sb_count_85dde4232c6b160541619f82fd5c2b8a=1; visited=1

HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 04:29:01 GMT
Server: nginx/1.21.6
Content-Type: image/x-icon
Content-Length: 2780
Last-Modified: Thu, 23 Jun 2022 23:28:53 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Tue, 21 Nov 2023 04:29:04 GMT
X-Endurance-Cache-Level: 3
X-nginx-cache: WordPress
X-Server-Cache: false

hgamegallery.com/wp-admin/admin-ajax.php

162.144.3.79

200 OK

35 B

URL HTTP/2
hgamegallery.com/wp-admin/admin-ajax.php
IP
162.144.3.79:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JSON data\012- , ASCII text, with no line terminators
Size
35 B (35 bytes)
Hash
2117539abba5cd84cd4349ec7b6694c0
65e59fe22e26ef52ac8206090d89bb6430f70576
0ebb03d7b604e1da8275d143f1b40765b1fbe4d6091b8e16da3665be1bfe08cc

HTTP Headers

POST /wp-admin/admin-ajax.php HTTP/1.1
Host: hgamegallery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 47
Origin: http://hgamegallery.com
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: http://hgamegallery.com
access-control-allow-credentials: true
x-robots-tag: noindex
x-content-type-options: nosniff
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 3
x-nginx-cache: WordPress
content-length: 35
content-type: application/json; charset=UTF-8
date: Mon, 21 Nov 2022 04:29:04 GMT
server: Apache
X-Firefox-Spdy: h2

connect.facebook.net/fr_FR/sdk.js?hash=be4d7b9aeee2afcdfac20d17b3da4ae4

157.240.200.14

200 OK

89 kB

URL HTTP/2
connect.facebook.net/fr_FR/sdk.js?hash=be4d7b9aeee2afcdfac20d17b3da4ae4
IP
157.240.200.14:0
ASN
#32934 FACEBOOK

File type
data
Size
89 kB (88715 bytes)
Hash
44cee203da40f847e9747cdad7aa7a62
7c3e34b05c72d3d51306e632a9e03ed0f1d93ea2
9f109fa5178b2008f4de52957caf71f16c67c3b04c7a319c6ca281a42fc73116

HTTP Headers

GET /fr_FR/sdk.js?hash=be4d7b9aeee2afcdfac20d17b3da4ae4 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://hgamegallery.com
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: ee79d7b66c07584bdc7d4129269b3e6a
etag: "481f09418282385982cd353af67fa85c"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Tue, 21 Nov 2023 03:52:37 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: g5XrAkr087nlslABg0J3ZA==
x-fb-debug: ZXdplePPqlt6tkG1SC3enpJ1TVSxIf7gFsoDIy7PmNrctld3hzeRvORnGKsioR2gRVOFiw7oEOIUUQm0pzd2nQ==
priority: u=3,i
content-length: 88420
x-fb-trip-id: 1679558926
date: Mon, 21 Nov 2022 04:29:04 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

mc.yandex.ru/metrika/advert.gif

87.250.250.119

200 OK

43 B

URL HTTP/2
mc.yandex.ru/metrika/advert.gif
IP
87.250.250.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamtape.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Mon, 21 Nov 2022 04:29:04 GMT
access-control-allow-origin: *
etag: "63776891-2b"
expires: Mon, 21 Nov 2022 05:29:04 GMT
accept-ranges: bytes
last-modified: Fri, 18 Nov 2022 14:12:17 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
dfa0d5b4f90848e05433347edb1d4a9a
1de9fe575c0ea9f14ab4d78796e73f1a8f2b6c81
21c56fbc931c4312d543b5cedcf7fde6e115995768e22ecd5cdfac9622589a91

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3908
Cache-Control: max-age=157046
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:04 GMT
Etag: "637ab1c2-116"
Expires: Wed, 23 Nov 2022 00:06:30 GMT
Last-Modified: Sun, 20 Nov 2022 23:01:22 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 278

limurol.com/ssp/req/1876944/?pb=7a334378f2ec0c2a900993b4981417a41669012143&psp=9MsMPS0zcvw786S7aZiQJuEowVviHbF5zuhYG9__9LiMx911FyUsy_6bkUeLHdSl78Q9sD7UNYv7vfphHyqeTXxNfXRLrAqhFX9nl3FxI2q6bMnmvTxYw8Kw-LF0hPruiNUCSH-ojL3m2ib0exQfhM2fCbF0cOyieoHhjuwMy3CXGJJfYwjE9ib_Imx64wgQM1OhXZwZY5wEZJHjx17fLKl3cgABxoV3PWbEHNPX-egPZJA04EIXSv2DoDK2UqWURQftdZyZ1Jg6r9S4Jn5w7Ced9BImOIi6xSysvmAKbWhjgZEye4w7ZZ2L1OZfbzPiG8ObDVpFw2dG5AFlzm0X1APTWbgWrhS3F9xELU0kG36H2SOJbbY3oB49RYh6-8xMRlCrkP0EHBeGt_aXgfdSay8xArU2DLbo4yG3VJiK2sNEz4keoLJZVgxwZnHnpO_Lg3T928p1TGgMDzUIBgeuUZuivtFnWfOO&cb=_clhp55r3gherwvhny027op&nojs=0&ix=0&abvar=0&t=0&x=891&y=501&wcks=0&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24

62.122.171.6

200 OK

7 B

URL HTTP/2
limurol.com/ssp/req/1876944/?pb=7a334378f2ec0c2a900993b4981417a41669012143&psp=9MsMPS0zcvw786S7aZiQJuEowVviHbF5zuhYG9__9LiMx911FyUsy_6bkUeLHdSl78Q9sD7UNYv7vfphHyqeTXxNfXRLrAqhFX9nl3FxI2q6bMnmvTxYw8Kw-LF0hPruiNUCSH-ojL3m2ib0exQfhM2fCbF0cOyieoHhjuwMy3CXGJJfYwjE9ib_Imx64wgQM1OhXZwZY5wEZJHjx17fLKl3cgABxoV3PWbEHNPX-egPZJA04EIXSv2DoDK2UqWURQftdZyZ1Jg6r9S4Jn5w7Ced9BImOIi6xSysvmAKbWhjgZEye4w7ZZ2L1OZfbzPiG8ObDVpFw2dG5AFlzm0X1APTWbgWrhS3F9xELU0kG36H2SOJbbY3oB49RYh6-8xMRlCrkP0EHBeGt_aXgfdSay8xArU2DLbo4yG3VJiK2sNEz4keoLJZVgxwZnHnpO_Lg3T928p1TGgMDzUIBgeuUZuivtFnWfOO&cb=_clhp55r3gherwvhny027op&nojs=0&ix=0&abvar=0&t=0&x=891&y=501&wcks=0&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821

HTTP Headers

GET /ssp/req/1876944/?pb=7a334378f2ec0c2a900993b4981417a41669012143&psp=9MsMPS0zcvw786S7aZiQJuEowVviHbF5zuhYG9__9LiMx911FyUsy_6bkUeLHdSl78Q9sD7UNYv7vfphHyqeTXxNfXRLrAqhFX9nl3FxI2q6bMnmvTxYw8Kw-LF0hPruiNUCSH-ojL3m2ib0exQfhM2fCbF0cOyieoHhjuwMy3CXGJJfYwjE9ib_Imx64wgQM1OhXZwZY5wEZJHjx17fLKl3cgABxoV3PWbEHNPX-egPZJA04EIXSv2DoDK2UqWURQftdZyZ1Jg6r9S4Jn5w7Ced9BImOIi6xSysvmAKbWhjgZEye4w7ZZ2L1OZfbzPiG8ObDVpFw2dG5AFlzm0X1APTWbgWrhS3F9xELU0kG36H2SOJbbY3oB49RYh6-8xMRlCrkP0EHBeGt_aXgfdSay8xArU2DLbo4yG3VJiK2sNEz4keoLJZVgxwZnHnpO_Lg3T928p1TGgMDzUIBgeuUZuivtFnWfOO&cb=_clhp55r3gherwvhny027op&nojs=0&ix=0&abvar=0&t=0&x=891&y=501&wcks=0&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamtape.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 04:29:04 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=221120232966544f2375e243d88469a25ad9; Path=/; Expires=Tue, 21 Nov 2023 04:29:04 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

monkeysloveyou.com/i/npage/1938828/code.js

62.122.171.6

200 OK

61 kB

URL HTTP/2
monkeysloveyou.com/i/npage/1938828/code.js
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type
data
Size
61 kB (61447 bytes)
Hash
5652c9f56da1e43a30b914155f063033
6934c2c9b194c82756a16f8716b91044a82c310f
61d373827930aa8931d48609a11f17b8abe8889b26598625e9a5026a4f9a832a

HTTP Headers

GET /i/npage/1938828/code.js HTTP/1.1
Host: monkeysloveyou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamtape.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 04:29:03 GMT
content-type: application/javascript
last-modified: Tue, 15 Nov 2022 12:20:41 GMT
vary: Accept-Encoding
etag: W/"63738419-3416a"
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2

62.122.171.6

200 OK

7 B

URL HTTP/2
limurol.com/ssp/req/1876944/?pb=7a334378f2ec0c2a900993b4981417a41669012143&psp=9MsMPS0zcvw786S7aZiQJuEowVviHbF5zuhYG9__9LiMx911FyUsy_6bkUeLHdSl78Q9sD7UNYv7vfphHyqeTXxNfXRLrAqhFX9nl3FxI2q6bMnmvTxYw8Kw-LF0hPruiNUCSH-ojL3m2ib0exQfhM2fCbF0cOyieoHhjuwMy3CXGJJfYwjE9ib_Imx64wgQM1OhXZwZY5wEZJHjx17fLKl3cgABxoV3PWbEHNPX-egPZJA04EIXSv2DoDK2UqWURQftdZyZ1Jg6r9S4Jn5w7Ced9BImOIi6xSysvmAKbWhjgZEye4w7ZZ2L1OZfbzPiG8ObDVpFw2dG5AFlzm0X1APTWbgWrhS3F9xELU0kG36H2SOJbbY3oB49RYh6-8xMRlCrkP0EHBeGt_aXgfdSay8xArU2DLbo4yG3VJiK2sNEz4keoLJZVgxwZnHnpO_Lg3T928p1TGgMDzUIBgeuUZuivtFnWfOO&cb=_clhp55r3gherwvhny027op&nojs=0&ix=0&abvar=0&t=0&x=891&y=501&wcks=0&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821

HTTP Headers

GET /ssp/req/1876944/?pb=7a334378f2ec0c2a900993b4981417a41669012143&psp=9MsMPS0zcvw786S7aZiQJuEowVviHbF5zuhYG9__9LiMx911FyUsy_6bkUeLHdSl78Q9sD7UNYv7vfphHyqeTXxNfXRLrAqhFX9nl3FxI2q6bMnmvTxYw8Kw-LF0hPruiNUCSH-ojL3m2ib0exQfhM2fCbF0cOyieoHhjuwMy3CXGJJfYwjE9ib_Imx64wgQM1OhXZwZY5wEZJHjx17fLKl3cgABxoV3PWbEHNPX-egPZJA04EIXSv2DoDK2UqWURQftdZyZ1Jg6r9S4Jn5w7Ced9BImOIi6xSysvmAKbWhjgZEye4w7ZZ2L1OZfbzPiG8ObDVpFw2dG5AFlzm0X1APTWbgWrhS3F9xELU0kG36H2SOJbbY3oB49RYh6-8xMRlCrkP0EHBeGt_aXgfdSay8xArU2DLbo4yG3VJiK2sNEz4keoLJZVgxwZnHnpO_Lg3T928p1TGgMDzUIBgeuUZuivtFnWfOO&cb=_clhp55r3gherwvhny027op&nojs=0&ix=0&abvar=0&t=0&x=891&y=501&wcks=0&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamtape.com/
Cookie: UID=22112023292a2dd881a60e4f36ac61f84c2f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 04:29:04 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/mdbootstrap/4.15.0/css/mdb.min.css

104.17.25.14

200 OK

22 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/mdbootstrap/4.15.0/css/mdb.min.css
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (32440)
Size
22 kB (22440 bytes)
Hash
1ce63a849115c009114d40d33c6c8324
5d87297fd4c557d6f02e7096d027cefadc05e45f
5e4b6c37e6a5aa0ab79643ad30df75898e35fb0be7d5507c991694b0aa582224

HTTP Headers

GET /ajax/libs/mdbootstrap/4.15.0/css/mdb.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytube2dl.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 21 Nov 2022 04:29:04 GMT
content-type: text/css; charset=utf-8
content-length: 22440
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03f1e-43a3c"
last-modified: Mon, 04 May 2020 16:13:18 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 9882654
expires: Sat, 11 Nov 2023 04:29:04 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VYTINk4fIGE8kca6xUqKiXtquf0xFM5puHVTqZ5uWAeFNCNIVhdox6%2Bkl8AENvC56u8Ct8leysMION0VTEfkJvUUsfug9L5jAHpkcGd2vLrDantUU4KB8YAgP3ikL90Av4%2BdWPy%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76d6aea93faf0b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/mdbootstrap/4.15.0/js/mdb.min.js

104.17.25.14

200 OK

78 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/mdbootstrap/4.15.0/js/mdb.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (54740)
Size
78 kB (77846 bytes)
Hash
f39e4857eba59722acb8ee8aaef193bf
c7b375731ca9766c1ed6e1f18d1f8726059b4370
255559d129ed3633be774a0f7356a066948aa305e3df156413c103bcd53c9240

HTTP Headers

GET /ajax/libs/mdbootstrap/4.15.0/js/mdb.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytube2dl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 21 Nov 2022 04:29:04 GMT
content-type: application/javascript; charset=utf-8
content-length: 77846
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03f1e-46675"
last-modified: Mon, 04 May 2020 16:13:18 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 12047095
expires: Sat, 11 Nov 2023 04:29:04 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FZn0V2xhufK%2B%2FTzwqvhZNlqaAHt9PvQdn8GnIlLDxu9ttjl9eub5PzBs0cEJ2YIAQnZM7KUw1Pw%2By0aolv%2FHRmC66h5S2tqu2uWwycQkPwM2u%2FPTQ0WXOHwyBZc0p6KcVNQ%2Blo0r"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76d6aea94fb10b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
662c6190c63609f87a23660fc808a650
a4178dd92d6f8a4f7c4da846a08d4104575f3636
93a8fd2af027f09640a8f5c3e2f10603d8b7aff4c74bc274cdbea7deeb396f3c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.4.1/js/bootstrap.min.js

104.17.25.14

200 OK

14 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.4.1/js/bootstrap.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (59729)
Size
14 kB (13947 bytes)
Hash
807c97d007517c960b2ae0d4eda466a5
ad1f8d047c7c67198dde54ca8b492476b8186aa5
d91d980e6201082fa83e91404d11c4072de2c45f40701e4c9026949b85f50c71

HTTP Headers

GET /ajax/libs/twitter-bootstrap/4.4.1/js/bootstrap.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytube2dl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 21 Nov 2022 04:29:04 GMT
content-type: application/javascript; charset=utf-8
content-length: 13947
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04010-ea6a"
last-modified: Mon, 04 May 2020 16:17:20 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 464127
expires: Sat, 11 Nov 2023 04:29:04 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t76KFKiFVhOJPfyW8iqwqmJqG5saTghFzzr9Z2d0nHadXZ1eCzno1M5mLmcMF7lYFgvmYTI2RVnjj2Gw4EnZFD0OAuErOWYr7YyMEyKLhQx2ewMnHO9U3dZ42ZFDDIJ%2FWQOpEXh6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76d6aea98fc60b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.4/umd/popper.min.js

104.17.25.14

200 OK

6.5 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.4/umd/popper.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (20363)
Size
6.5 kB (6507 bytes)
Hash
22a17487e127905f0bf065dbdd7e7713
48fb0d6befae7d0a3a04b128a01112879f08c539
190fe4ede9affea21a5f4bac7ef581cb5ff1ec25f19620309dd3ed93f40158b3

HTTP Headers

GET /ajax/libs/popper.js/1.14.4/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytube2dl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 21 Nov 2022 04:29:04 GMT
content-type: application/javascript; charset=utf-8
content-length: 6507
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-5038"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 14449168
expires: Sat, 11 Nov 2023 04:29:04 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8sszJTiYql6mNF3tg21AcpH%2F3xWELeT20Z0KEa22gKSU87XwjKzwDbk8h0OanAKBOaT4dLLA9pnZrQllQ4NC384xSAcjbottlY1Tlqdve4vwktYHqi0tuaOMb99ALQalEFER0mbn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76d6aea98fc70b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.4.1/css/bootstrap.min.css

104.17.25.14

200 OK

17 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.4.1/css/bootstrap.min.css
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65324)
Size
17 kB (17437 bytes)
Hash
675ff56eda9ae73f640fa87814e52cde
9bd263c7df549aef43732744ea206c57cc3523b5
ae57d8b9f66ab7515bce739bcf396038f119280c874da00f8b8e19ae57fa6655

HTTP Headers

GET /ajax/libs/twitter-bootstrap/4.4.1/css/bootstrap.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytube2dl.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 21 Nov 2022 04:29:04 GMT
content-type: text/css; charset=utf-8
content-length: 17437
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04010-26f1b"
last-modified: Mon, 04 May 2020 16:17:20 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 17978958
expires: Sat, 11 Nov 2023 04:29:04 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WVWRPZzlW741GVCfI82azF29RwR6%2Fd%2Fccu8Y3WvnsPKuD2iLCFzEVo6DKgNurFCUM8P%2FtgIiopzopSjOArVJOqhR%2FkcO5IjwkSkGZNJ8YKFfNjZNXSSUq1Ng4kY%2BBc%2FagEL0fdo8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76d6aea98fc50b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
29b3c3177d17f1154cb79768eca6e1e7
5a14b8835be80c2f9b21f6d3736abd1aaf6fe74d
df25a156df424c4356b7251e7c8f95f44a0b1b4bf53be4c3e6d50208c1655c98

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3447
Cache-Control: max-age=117329
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:04 GMT
Etag: "637a186a-117"
Expires: Tue, 22 Nov 2022 13:04:33 GMT
Last-Modified: Sun, 20 Nov 2022 12:07:06 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 279

www.googletagmanager.com/gtag/js?id=UA-166309154-1

142.250.74.168

200 OK

44 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-166309154-1
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1921)
Size
44 kB (43600 bytes)
Hash
e91cc2718d7b8016628a644a2089c054
a8e9e4cfa7bbeaa675cb97ae23f28408a83b5404
75e93f5b008965c0889c175d16345459a6f30d040d0314b76e1e3ff432452e2e

HTTP Headers

GET /gtag/js?id=UA-166309154-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytube2dl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 21 Nov 2022 04:29:04 GMT
expires: Mon, 21 Nov 2022 04:29:04 GMT
cache-control: private, max-age=900
last-modified: Mon, 21 Nov 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43600
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
19af00281047f9a9ea49105da051a837
391baf3f4bb29777b6c1f6a2a130184063326715
368922c518775e7a894078d9429dc353c1e89ecec96041eab1d1558b7d7e166e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "368922C518775E7A894078D9429DC353C1E89ECEC96041EAB1D1558B7D7E166E"
Last-Modified: Sun, 20 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17433
Expires: Mon, 21 Nov 2022 09:19:37 GMT
Date: Mon, 21 Nov 2022 04:29:04 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

20 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
20 kB (19782 bytes)
Hash
6fea0d706f3cc72ff6fd81039992c4d6
3ecf6231465083b8c375befd727544355430dbfb
5d34d46fadacb2bfaeb3f1f82ab49ed1ca4d4545d8deb7426785e81a6eda91da

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
29b3c3177d17f1154cb79768eca6e1e7
5a14b8835be80c2f9b21f6d3736abd1aaf6fe74d
df25a156df424c4356b7251e7c8f95f44a0b1b4bf53be4c3e6d50208c1655c98

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3448
Cache-Control: max-age=117329
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:05 GMT
Etag: "637a186a-117"
Expires: Tue, 22 Nov 2022 13:04:34 GMT
Last-Modified: Sun, 20 Nov 2022 12:07:06 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 279

quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/ytube2dl.com/choice.js

143.204.55.62

204 No Content

0 B

URL HTTP/2
quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/ytube2dl.com/choice.js
IP
143.204.55.62:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /choice/6Fv0cGNfc_bw8/ytube2dl.com/choice.js HTTP/1.1
Host: quantcast.mgr.consensu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytube2dl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
cache-control: max-age=900
date: Mon, 21 Nov 2022 04:28:05 GMT
server: AmazonS3
cross-origin-resource-policy: cross-origin
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: oh2ZmriiISo_JMWqoKVjTlOVUjJ_4X6sECBulV_sWMpH8rL0JkP2fg==
age: 59
X-Firefox-Spdy: h2

q.cachegorilla.com/r?fid=dgDsw7VfNXk

104.21.51.225

302 Found

278 B

URL HTTP/2
q.cachegorilla.com/r?fid=dgDsw7VfNXk
IP
104.21.51.225:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
278 B (278 bytes)
Hash
a32874386648085fa9c65243b982b3da
dc0341da7b44dd3d39fe60211a54fc3296b2fa2b
4fd2f1639699b03d30a86947acc0e152b5537c48394acab7b677dc1de57e059a

HTTP Headers

GET /r?fid=dgDsw7VfNXk HTTP/1.1
Host: q.cachegorilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://adforcast.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
date: Mon, 21 Nov 2022 04:29:04 GMT
location: https://www.ytube2dl.com
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lUeQR0rGCV5QMopoF8DpT3ilAqGp2UiK8epcvARb1wW4DH9ma3%2BRE3mz3y5xLtWXxDmC5SQntkYhXHWlWYYPoPH7OZel1rNgshthSpYrBKbxWYUDBQkueKrTCiobK0%2FIMYPshSs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76d6aea7797b1c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

q.cachegorilla.com/r?fid=dgDsw7VfNXk

104.21.51.225

302 Found

280 B

URL HTTP/2
q.cachegorilla.com/r?fid=dgDsw7VfNXk
IP
104.21.51.225:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
280 B (280 bytes)
Hash
1ec9fedbe916229e3e076eff7c8cad24
457c269a934ad9d21b93681ce913096f5823469c
ddf932682a3b31714ffb4595868cd6da0267987774c6e13ba91627ee21620b57

HTTP Headers

GET /r?fid=dgDsw7VfNXk HTTP/1.1
Host: q.cachegorilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://adforcast.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
date: Mon, 21 Nov 2022 04:29:04 GMT
location: http://c.cachegorilla.com/cf?id=11633020869986487817&sid=dgDsw7VfNXk&subid=0000&fid=19265&redir=1
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x0JLpHUQzNe3rfEyf3C3XHuCnYwoo1UDXD4Uh1GnnFrq8poXUC%2BAZ7R6CBZYYAkwXcIP%2B8B7FxY%2BJ3GPRoFd7JpNr08lmZ2xObhNx4xhzvuGPDAExWNMFUbmb5DNx4Mh1tbv2X0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76d6aea7797c1c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

q.cachegorilla.com/r?fid=dgDsw7VfNXk

104.21.51.225

302 Found

1.3 kB

URL HTTP/2
q.cachegorilla.com/r?fid=dgDsw7VfNXk
IP
104.21.51.225:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.3 kB (1312 bytes)
Hash
f000770a0051249480249483caf13e38
0d3049512de1c4a379629dba848aa3d23674ab52
6ff5a7cce7d5901897f9e8504a90a81fac7d2ea108e3dcf53def80450b1268c4

HTTP Headers

GET /r?fid=dgDsw7VfNXk HTTP/1.1
Host: q.cachegorilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://adforcast.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Mon, 21 Nov 2022 04:29:04 GMT
location: https://www.ytube2dl.com
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pqSXF04PLVw28ieYGF29e5elBQAWO2XMW2xJeVpJ6wn8nJSfk%2F4d7ieWoKUtkldG9ipySXuX8MBf%2FZMDnCMx%2FpBJnYWObw27BvpzMYZQysu4Nra7Mlkuv6dKuCA8Bt78QLL%2FSMQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76d6aea488b31c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

680 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
680 B (680 bytes)
Hash
538c5573e1a4ba6727bd44523df821fa
a923367c3a882f4380f45938fc7096d66e04d60f
5ed3857366d76b57403577ec5db48438f49280490aa1ab465760332929cd1906

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4568
Cache-Control: max-age=162746
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:05 GMT
Etag: "637ac573-116"
Expires: Wed, 23 Nov 2022 01:41:31 GMT
Last-Modified: Mon, 21 Nov 2022 00:25:23 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 278

go.eabids.com/openrtb/p_imp.go?xref=p9fAiFz41eM410RvFUUdop01Kmm9adfddb--8oQMmL1KesNL3SXGGXsu4L7FX4x4h7ysy0uxel3PzEu3As153zDcyPrtjeaA4eEyB1VwvwFGcTYJdVGec3EVvnqyzwB4R3e4rdGeB27NjM-XvwzFBIJftBrBpwX9vE_h41zKKbOcGjEQAlbdP0uHADzjbzSc125nvKymoL3Qi_pTNNGudTiTVC4TTiNWejn3ppuK4kJzypndpdOzFaB4sVn-bfHozlFtfUjG2IP0J9bOYO9Vf-LKEgX591j0CrFpg32AICcDCx8q6WBGMmLA5ni1J8DRK-9KRGPbRY8f6Wntr7fK7gpADrNYUCyoRzdOqVK5D-9Hdyn3Dk-XcKAoHla2P45-ZpkoBK5uArLjcFuE_aEVmmsO2EQJLovScrih-jR14rmGuBzSNXtZZAtL6T3gxw9v0MThxo_ep9cl3bNcrHExaDO738kfT9fmz0GrayHiN2tuVN2fIKNxXX0rxpsycCCr9EpYPE5J80L8HgSf7_DUvuiHnCMwK3dUEj0nbH4JaWlw5QM9IfwoECn6q8NkjnAilTWhHlhxStMiPKZF0ovfUgyVPV6suOjiffTiqElNG0fyupMC94bUGz_mKT6vAgXMRZLhdWGTdzV14wcYrrwplIDLWbM2bgGUIFfn719Vzw8hTicPIw5vveZkyZL5vNT08TVz_-J63d-HE6L9ZiQ7LJXjcQJwQsvqbS3ok3CQK6DzOLUuFtqSgVg6P6snodWrecraqevduugel8sbY-qvtUKycdhrPGu8h0bi4K5hOTk94HNDZPVqiW8c4YcChlLnU6Fq6JNBkS83I1uthKgRYALKQowQ1EwRFv0uf5f48xaxCPpmkBoi-KwNWj2-bPIhP1une7TTsIMTytEaqqgRkmWF-bCjazvfkTn1STP2lvlBkn5H6bwQaKCa8tCM_Za4G6QJdRvHgVn9Gs0kQLXFBQXr04U-KhGOuYXU9PnXaPKmKALnP-N3SVLg3KGp0A48ye9mmDDgokItDIUs7Cw2LbeqtmQILXXhIegC63QDneuzBYasoeqtwC6jpfAqKn_T3gVWy7ThJTuqWO5M80EGDy4TZiCGj-uqe2HUaTo1yAGCwhqcbTkFr5F06PUR8USM9sMoMchSWvMQUO4DQy7d9ezHXD_PRY43of1dTmhXrPA1wgXoPcQOru8CxgJHVXQJ4aBkbu6Mkic37Da-jGDEJA-cuQhvEOwiEb6JMov46JJv_5UGkv1hZyB22ec_mRDTiREnu4_Fk6NviWTW03sg5GHAbruItQpZ8Vll2-Ho2yI1tjqXmsVvVGpbNEtSzQ5swBNuyjViWkVnca1XDqoZQLONIzDrXRq2SF5gXMTYrBbNOWm4H8cc_o6dPbKW-0OAxx1SPKbZl6saNSCfRqVTR1ZjB9_JoYnABLT2yMSFvbu-NLWnkSP1FTn9oJqOeCwmx17VY8ijkNoXeGY3A1ekJv76H81T4qhiKF2XOmqwOCf5riXqwGPIcR_1RoSI9aZIL-5yIjgSouJ_b0ScFxiVis5cs0_AZTyb1xVLdri8uzRUvaCsttvk7N4gmVgHPGQ7Nw01ZjLIYa_xpJwOTl1PaTD9vyObwWDNSeu66xBPC4e8zRfcPTfCLEafLIkTJ8iJA12lvC1e56adUvV4tOB6UKE56282li39PXDwVk28_T-VStN2B1TSQwuVvF0RU8hDzhbW8cdc5WzuTOp2mWIXOkgrSMb0P6BBZo0SQcmnyhRnbhMM5Eg1qiyszycscWqPLn94WxU9Vvh-PoAzyp1fidiVw4LqLKvRWo-vgpwTd2SwW-DOjszpxQTrs9_EJRgVsC38lS2KfFvYJNbVEiCc6Dqi0bmfGMPSBoint4E4TM1lMJzbkBCWE7Hpw1jjpcpQo4roAM4UoTR4giDwTiLkaUQeYDYyjq4RAgUDYLRsNJf_bGhiNejNAMGfftKPdLEk390gmBj0sI9E2mpbUmGsca3IWvSpr_ETCnP20_7E0S1yiJ7g8ZdEZXGK6uKiGE2oi7S_VUQCh7ttDUJ9L1Yuk_PVMdvXiLoDRpehLVzoOt3-_lcpvpbakL6Iwa30Sxk3c-G2Kz_cu_5vVJlAfLHTd_6QDv51_JVLT_wAZEyV8Fv3L2XtZkjhEtpquXOBipRx3LOzuNuQ6qId5M3S4NoLeLP8Adcu35UNDeVy4-7X3CO14ADe_zhUnCLd-yRGvpQEVVpHuxUkg6CuZgTjeyOZBDTn8ktZXmbO5CCU-3qErmlu0XFN37fT5yljd64ZX5mqbui4eWLCO8F1u5twFoY4Z8A1saDdfm72dnv9fTQsT9xriGOKo8MkTYEwVRykcyRCF-GfXlWCBriC3g4YjhS8Lw0hzEc3dJa9qs2kQBwNQdupYSC94aB9dTeLZ53PapyBs-0CCJnoNc88iGePEe1gcHa57dipwJ4yxQnygredLcKEfvcQri0skRbXMLNl22i-iHZyrSR5znGjyztm-6lTdWOn927ps_5HYiYn5sghnN0EB8gXg8HOQJhMh2ggMvkFcf0tNbn89CIUxkuZ855WOuIi2UGThQFBTgxFiqRM0Bte0ygaoVObjGTGYoCKGrO6KpxI1aDXutZW94PHvpUPf91wrSJkJhuw29bcLdc8lxsoSdkyTUB5otBImUpm93PJQWWfrLQQERzH3aLB7SZ_OOPAuqvLQOZvtyyhhe7D_7HOembQNIUSkW6hCzrXSNB3QgZ_SQ_LnSYJ_2APmC9a1-waBHw0w5gtel4tQrvFYinh6s81S5S722xsYuP5ePHLvYpohBuf-n3aHLIN5e2nl94_1aPAvEPIjdzAs7zFRp4u30c7SvGsQLBm-YptJyMzh0gcpR4zqCYcyDnkoGT1Jve1tbG84P7j8A304IW_dyUXkgMOPipv888sKO0gpJ-2UER_qsqiLidex0lVLhJ1E1I3i4UyYKiLKc42ztd_Ru7CnBb4eVppJLTF1I0rWiTLKwI2ex9RTZpei_g09sishOj9WBj_jnK6BREZVC5Z0EEpZcGu7svscq8p5NFaUYfGh34PTQ150vpz_tQI0b_IDihzKAoHiQQ9GXJk4REHaTLa5P51F5DxjaZVkvtYfpcUPHSj5xtj1_Q34A4rRVZ6Oi41n-4kyYAj0Y9KdZ9branyIwUA32hspwYDbBlsiacf7mgEAbSBePqI0Xiiu3JmF6UVBzYVXrYhTgogHW4uAgGXlCct2vs4pg9DTgaDh31iy4fzgVfBdXntkMNJGhKxEf92M_VlCpRSQ4IjFONWRA3YjA13-BkcvUEoTGhSBh0P39WO4xGF1Z4tr0KmZKSO3LQdyta95Z2nZ6v-YiTGuA4KZIvMa19hr-l4nLyjuVsXKhiVg8jhOYNQK1GD3cYSMZ2flfB_BRLyp-htzo3b3N9nxeThKhTO8PWzBRK8tMsj3Voz8y_r2BLQ7GOZ1osiqb0B23qmZAo-FQYc7P5kOdJcqXir5tXr2oLtszHcdHzKn0uFPnzOy4Tjk-eM8L1sbbMu1K6xhVTead6gVfXJVoZz_wTYCnK0D39TvQWC71nl8JYPUcKlIN0tnD2C1IcjQHW7HbF81tpxFIg_aOde9o2X7gCSZQKhc7mS56XWBxgHkD5oxF5ga5MQ8a7-D8tvLbpiYdoUMetMLkvTGiqAwxrAmPSBmuzFKbydvn0uEX1OxocVS3U6_2a74pLK59GqNHaFG8m7vkJexfTbqW4T_FBVtDd0AUzYivt4l5JBPmg0fy3ipWa5-MWNQwQg1AJg4eS33FZHs97PRv8ywPWZsffFUE2jkpApzoFb5aHWzlg60QV8h8DGZJmGrxUyMFy0fX8CRM7hO7KbVxlbNnkV-k1qyNJ4KWM7k33HkeYXNRvakSfOCgaIzQAFLHom6VubgW9wW8w7kcjH2aVccEedxnX7UkU_OF8bTpOTL_Rf4ovejivUr3YmLcNNTbKdOFMfRWiyuxSV8-c3q4DirjRPNXOi3XTWT-jjUVsZ7E_L0TA8tjNGWnMcfQRhPEYAeXhF6CHRUNTlTqzlimbYoPpGVI1zTz8plIEBZg_HIuReMonFdDTHjRun62Z0LnsbQFPZvS2Pajfz40sJgDMpF3BwU-4SkpDQ7TLqdl9l-kdNsBNNmal4w4lIR1vjOMhLz4Xc6vJbYD6S15JiWIhV0KTlKzYL-lOAP9mNyPUQFxxTo16ytG80KyRGWyl8HKXQOVqEBBu5oRAs_z83qrjsMnHpDhApxF1AI5zMCXYNIR4Wa7mUlIYpxqszn4QDhzc_0_6WyG01ezLsQjnSfwaylW5UFqaco9npQoJ4HoEQtXeGcr1ftpoUrBul_qYahbYT2F9OkbCYbEkwSVvw5qhaZ0zndGlnuGkRFgxi2CZBWNrq3r1950xC7o-Dl4i0FlnFcHBbMJTd6i2cN9t_39-FuJh7NIBALg_NvPgApbbpWGFy3mv0XGYPQmFByBGo12CNzg==

217.22.19.194

303 See Other

0 B

URL HTTP/2
go.eabids.com/openrtb/p_imp.go?xref=p9fAiFz41eM410RvFUUdop01Kmm9adfddb--8oQMmL1KesNL3SXGGXsu4L7FX4x4h7ysy0uxel3PzEu3As153zDcyPrtjeaA4eEyB1VwvwFGcTYJdVGec3EVvnqyzwB4R3e4rdGeB27NjM-XvwzFBIJftBrBpwX9vE_h41zKKbOcGjEQAlbdP0uHADzjbzSc125nvKymoL3Qi_pTNNGudTiTVC4TTiNWejn3ppuK4kJzypndpdOzFaB4sVn-bfHozlFtfUjG2IP0J9bOYO9Vf-LKEgX591j0CrFpg32AICcDCx8q6WBGMmLA5ni1J8DRK-9KRGPbRY8f6Wntr7fK7gpADrNYUCyoRzdOqVK5D-9Hdyn3Dk-XcKAoHla2P45-ZpkoBK5uArLjcFuE_aEVmmsO2EQJLovScrih-jR14rmGuBzSNXtZZAtL6T3gxw9v0MThxo_ep9cl3bNcrHExaDO738kfT9fmz0GrayHiN2tuVN2fIKNxXX0rxpsycCCr9EpYPE5J80L8HgSf7_DUvuiHnCMwK3dUEj0nbH4JaWlw5QM9IfwoECn6q8NkjnAilTWhHlhxStMiPKZF0ovfUgyVPV6suOjiffTiqElNG0fyupMC94bUGz_mKT6vAgXMRZLhdWGTdzV14wcYrrwplIDLWbM2bgGUIFfn719Vzw8hTicPIw5vveZkyZL5vNT08TVz_-J63d-HE6L9ZiQ7LJXjcQJwQsvqbS3ok3CQK6DzOLUuFtqSgVg6P6snodWrecraqevduugel8sbY-qvtUKycdhrPGu8h0bi4K5hOTk94HNDZPVqiW8c4YcChlLnU6Fq6JNBkS83I1uthKgRYALKQowQ1EwRFv0uf5f48xaxCPpmkBoi-KwNWj2-bPIhP1une7TTsIMTytEaqqgRkmWF-bCjazvfkTn1STP2lvlBkn5H6bwQaKCa8tCM_Za4G6QJdRvHgVn9Gs0kQLXFBQXr04U-KhGOuYXU9PnXaPKmKALnP-N3SVLg3KGp0A48ye9mmDDgokItDIUs7Cw2LbeqtmQILXXhIegC63QDneuzBYasoeqtwC6jpfAqKn_T3gVWy7ThJTuqWO5M80EGDy4TZiCGj-uqe2HUaTo1yAGCwhqcbTkFr5F06PUR8USM9sMoMchSWvMQUO4DQy7d9ezHXD_PRY43of1dTmhXrPA1wgXoPcQOru8CxgJHVXQJ4aBkbu6Mkic37Da-jGDEJA-cuQhvEOwiEb6JMov46JJv_5UGkv1hZyB22ec_mRDTiREnu4_Fk6NviWTW03sg5GHAbruItQpZ8Vll2-Ho2yI1tjqXmsVvVGpbNEtSzQ5swBNuyjViWkVnca1XDqoZQLONIzDrXRq2SF5gXMTYrBbNOWm4H8cc_o6dPbKW-0OAxx1SPKbZl6saNSCfRqVTR1ZjB9_JoYnABLT2yMSFvbu-NLWnkSP1FTn9oJqOeCwmx17VY8ijkNoXeGY3A1ekJv76H81T4qhiKF2XOmqwOCf5riXqwGPIcR_1RoSI9aZIL-5yIjgSouJ_b0ScFxiVis5cs0_AZTyb1xVLdri8uzRUvaCsttvk7N4gmVgHPGQ7Nw01ZjLIYa_xpJwOTl1PaTD9vyObwWDNSeu66xBPC4e8zRfcPTfCLEafLIkTJ8iJA12lvC1e56adUvV4tOB6UKE56282li39PXDwVk28_T-VStN2B1TSQwuVvF0RU8hDzhbW8cdc5WzuTOp2mWIXOkgrSMb0P6BBZo0SQcmnyhRnbhMM5Eg1qiyszycscWqPLn94WxU9Vvh-PoAzyp1fidiVw4LqLKvRWo-vgpwTd2SwW-DOjszpxQTrs9_EJRgVsC38lS2KfFvYJNbVEiCc6Dqi0bmfGMPSBoint4E4TM1lMJzbkBCWE7Hpw1jjpcpQo4roAM4UoTR4giDwTiLkaUQeYDYyjq4RAgUDYLRsNJf_bGhiNejNAMGfftKPdLEk390gmBj0sI9E2mpbUmGsca3IWvSpr_ETCnP20_7E0S1yiJ7g8ZdEZXGK6uKiGE2oi7S_VUQCh7ttDUJ9L1Yuk_PVMdvXiLoDRpehLVzoOt3-_lcpvpbakL6Iwa30Sxk3c-G2Kz_cu_5vVJlAfLHTd_6QDv51_JVLT_wAZEyV8Fv3L2XtZkjhEtpquXOBipRx3LOzuNuQ6qId5M3S4NoLeLP8Adcu35UNDeVy4-7X3CO14ADe_zhUnCLd-yRGvpQEVVpHuxUkg6CuZgTjeyOZBDTn8ktZXmbO5CCU-3qErmlu0XFN37fT5yljd64ZX5mqbui4eWLCO8F1u5twFoY4Z8A1saDdfm72dnv9fTQsT9xriGOKo8MkTYEwVRykcyRCF-GfXlWCBriC3g4YjhS8Lw0hzEc3dJa9qs2kQBwNQdupYSC94aB9dTeLZ53PapyBs-0CCJnoNc88iGePEe1gcHa57dipwJ4yxQnygredLcKEfvcQri0skRbXMLNl22i-iHZyrSR5znGjyztm-6lTdWOn927ps_5HYiYn5sghnN0EB8gXg8HOQJhMh2ggMvkFcf0tNbn89CIUxkuZ855WOuIi2UGThQFBTgxFiqRM0Bte0ygaoVObjGTGYoCKGrO6KpxI1aDXutZW94PHvpUPf91wrSJkJhuw29bcLdc8lxsoSdkyTUB5otBImUpm93PJQWWfrLQQERzH3aLB7SZ_OOPAuqvLQOZvtyyhhe7D_7HOembQNIUSkW6hCzrXSNB3QgZ_SQ_LnSYJ_2APmC9a1-waBHw0w5gtel4tQrvFYinh6s81S5S722xsYuP5ePHLvYpohBuf-n3aHLIN5e2nl94_1aPAvEPIjdzAs7zFRp4u30c7SvGsQLBm-YptJyMzh0gcpR4zqCYcyDnkoGT1Jve1tbG84P7j8A304IW_dyUXkgMOPipv888sKO0gpJ-2UER_qsqiLidex0lVLhJ1E1I3i4UyYKiLKc42ztd_Ru7CnBb4eVppJLTF1I0rWiTLKwI2ex9RTZpei_g09sishOj9WBj_jnK6BREZVC5Z0EEpZcGu7svscq8p5NFaUYfGh34PTQ150vpz_tQI0b_IDihzKAoHiQQ9GXJk4REHaTLa5P51F5DxjaZVkvtYfpcUPHSj5xtj1_Q34A4rRVZ6Oi41n-4kyYAj0Y9KdZ9branyIwUA32hspwYDbBlsiacf7mgEAbSBePqI0Xiiu3JmF6UVBzYVXrYhTgogHW4uAgGXlCct2vs4pg9DTgaDh31iy4fzgVfBdXntkMNJGhKxEf92M_VlCpRSQ4IjFONWRA3YjA13-BkcvUEoTGhSBh0P39WO4xGF1Z4tr0KmZKSO3LQdyta95Z2nZ6v-YiTGuA4KZIvMa19hr-l4nLyjuVsXKhiVg8jhOYNQK1GD3cYSMZ2flfB_BRLyp-htzo3b3N9nxeThKhTO8PWzBRK8tMsj3Voz8y_r2BLQ7GOZ1osiqb0B23qmZAo-FQYc7P5kOdJcqXir5tXr2oLtszHcdHzKn0uFPnzOy4Tjk-eM8L1sbbMu1K6xhVTead6gVfXJVoZz_wTYCnK0D39TvQWC71nl8JYPUcKlIN0tnD2C1IcjQHW7HbF81tpxFIg_aOde9o2X7gCSZQKhc7mS56XWBxgHkD5oxF5ga5MQ8a7-D8tvLbpiYdoUMetMLkvTGiqAwxrAmPSBmuzFKbydvn0uEX1OxocVS3U6_2a74pLK59GqNHaFG8m7vkJexfTbqW4T_FBVtDd0AUzYivt4l5JBPmg0fy3ipWa5-MWNQwQg1AJg4eS33FZHs97PRv8ywPWZsffFUE2jkpApzoFb5aHWzlg60QV8h8DGZJmGrxUyMFy0fX8CRM7hO7KbVxlbNnkV-k1qyNJ4KWM7k33HkeYXNRvakSfOCgaIzQAFLHom6VubgW9wW8w7kcjH2aVccEedxnX7UkU_OF8bTpOTL_Rf4ovejivUr3YmLcNNTbKdOFMfRWiyuxSV8-c3q4DirjRPNXOi3XTWT-jjUVsZ7E_L0TA8tjNGWnMcfQRhPEYAeXhF6CHRUNTlTqzlimbYoPpGVI1zTz8plIEBZg_HIuReMonFdDTHjRun62Z0LnsbQFPZvS2Pajfz40sJgDMpF3BwU-4SkpDQ7TLqdl9l-kdNsBNNmal4w4lIR1vjOMhLz4Xc6vJbYD6S15JiWIhV0KTlKzYL-lOAP9mNyPUQFxxTo16ytG80KyRGWyl8HKXQOVqEBBu5oRAs_z83qrjsMnHpDhApxF1AI5zMCXYNIR4Wa7mUlIYpxqszn4QDhzc_0_6WyG01ezLsQjnSfwaylW5UFqaco9npQoJ4HoEQtXeGcr1ftpoUrBul_qYahbYT2F9OkbCYbEkwSVvw5qhaZ0zndGlnuGkRFgxi2CZBWNrq3r1950xC7o-Dl4i0FlnFcHBbMJTd6i2cN9t_39-FuJh7NIBALg_NvPgApbbpWGFy3mv0XGYPQmFByBGo12CNzg==
IP
217.22.19.194:0
ASN
#42567 Mojohost B.v.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /openrtb/p_imp.go?xref=p9fAiFz41eM410RvFUUdop01Kmm9adfddb--8oQMmL1KesNL3SXGGXsu4L7FX4x4h7ysy0uxel3PzEu3As153zDcyPrtjeaA4eEyB1VwvwFGcTYJdVGec3EVvnqyzwB4R3e4rdGeB27NjM-XvwzFBIJftBrBpwX9vE_h41zKKbOcGjEQAlbdP0uHADzjbzSc125nvKymoL3Qi_pTNNGudTiTVC4TTiNWejn3ppuK4kJzypndpdOzFaB4sVn-bfHozlFtfUjG2IP0J9bOYO9Vf-LKEgX591j0CrFpg32AICcDCx8q6WBGMmLA5ni1J8DRK-9KRGPbRY8f6Wntr7fK7gpADrNYUCyoRzdOqVK5D-9Hdyn3Dk-XcKAoHla2P45-ZpkoBK5uArLjcFuE_aEVmmsO2EQJLovScrih-jR14rmGuBzSNXtZZAtL6T3gxw9v0MThxo_ep9cl3bNcrHExaDO738kfT9fmz0GrayHiN2tuVN2fIKNxXX0rxpsycCCr9EpYPE5J80L8HgSf7_DUvuiHnCMwK3dUEj0nbH4JaWlw5QM9IfwoECn6q8NkjnAilTWhHlhxStMiPKZF0ovfUgyVPV6suOjiffTiqElNG0fyupMC94bUGz_mKT6vAgXMRZLhdWGTdzV14wcYrrwplIDLWbM2bgGUIFfn719Vzw8hTicPIw5vveZkyZL5vNT08TVz_-J63d-HE6L9ZiQ7LJXjcQJwQsvqbS3ok3CQK6DzOLUuFtqSgVg6P6snodWrecraqevduugel8sbY-qvtUKycdhrPGu8h0bi4K5hOTk94HNDZPVqiW8c4YcChlLnU6Fq6JNBkS83I1uthKgRYALKQowQ1EwRFv0uf5f48xaxCPpmkBoi-KwNWj2-bPIhP1une7TTsIMTytEaqqgRkmWF-bCjazvfkTn1STP2lvlBkn5H6bwQaKCa8tCM_Za4G6QJdRvHgVn9Gs0kQLXFBQXr04U-KhGOuYXU9PnXaPKmKALnP-N3SVLg3KGp0A48ye9mmDDgokItDIUs7Cw2LbeqtmQILXXhIegC63QDneuzBYasoeqtwC6jpfAqKn_T3gVWy7ThJTuqWO5M80EGDy4TZiCGj-uqe2HUaTo1yAGCwhqcbTkFr5F06PUR8USM9sMoMchSWvMQUO4DQy7d9ezHXD_PRY43of1dTmhXrPA1wgXoPcQOru8CxgJHVXQJ4aBkbu6Mkic37Da-jGDEJA-cuQhvEOwiEb6JMov46JJv_5UGkv1hZyB22ec_mRDTiREnu4_Fk6NviWTW03sg5GHAbruItQpZ8Vll2-Ho2yI1tjqXmsVvVGpbNEtSzQ5swBNuyjViWkVnca1XDqoZQLONIzDrXRq2SF5gXMTYrBbNOWm4H8cc_o6dPbKW-0OAxx1SPKbZl6saNSCfRqVTR1ZjB9_JoYnABLT2yMSFvbu-NLWnkSP1FTn9oJqOeCwmx17VY8ijkNoXeGY3A1ekJv76H81T4qhiKF2XOmqwOCf5riXqwGPIcR_1RoSI9aZIL-5yIjgSouJ_b0ScFxiVis5cs0_AZTyb1xVLdri8uzRUvaCsttvk7N4gmVgHPGQ7Nw01ZjLIYa_xpJwOTl1PaTD9vyObwWDNSeu66xBPC4e8zRfcPTfCLEafLIkTJ8iJA12lvC1e56adUvV4tOB6UKE56282li39PXDwVk28_T-VStN2B1TSQwuVvF0RU8hDzhbW8cdc5WzuTOp2mWIXOkgrSMb0P6BBZo0SQcmnyhRnbhMM5Eg1qiyszycscWqPLn94WxU9Vvh-PoAzyp1fidiVw4LqLKvRWo-vgpwTd2SwW-DOjszpxQTrs9_EJRgVsC38lS2KfFvYJNbVEiCc6Dqi0bmfGMPSBoint4E4TM1lMJzbkBCWE7Hpw1jjpcpQo4roAM4UoTR4giDwTiLkaUQeYDYyjq4RAgUDYLRsNJf_bGhiNejNAMGfftKPdLEk390gmBj0sI9E2mpbUmGsca3IWvSpr_ETCnP20_7E0S1yiJ7g8ZdEZXGK6uKiGE2oi7S_VUQCh7ttDUJ9L1Yuk_PVMdvXiLoDRpehLVzoOt3-_lcpvpbakL6Iwa30Sxk3c-G2Kz_cu_5vVJlAfLHTd_6QDv51_JVLT_wAZEyV8Fv3L2XtZkjhEtpquXOBipRx3LOzuNuQ6qId5M3S4NoLeLP8Adcu35UNDeVy4-7X3CO14ADe_zhUnCLd-yRGvpQEVVpHuxUkg6CuZgTjeyOZBDTn8ktZXmbO5CCU-3qErmlu0XFN37fT5yljd64ZX5mqbui4eWLCO8F1u5twFoY4Z8A1saDdfm72dnv9fTQsT9xriGOKo8MkTYEwVRykcyRCF-GfXlWCBriC3g4YjhS8Lw0hzEc3dJa9qs2kQBwNQdupYSC94aB9dTeLZ53PapyBs-0CCJnoNc88iGePEe1gcHa57dipwJ4yxQnygredLcKEfvcQri0skRbXMLNl22i-iHZyrSR5znGjyztm-6lTdWOn927ps_5HYiYn5sghnN0EB8gXg8HOQJhMh2ggMvkFcf0tNbn89CIUxkuZ855WOuIi2UGThQFBTgxFiqRM0Bte0ygaoVObjGTGYoCKGrO6KpxI1aDXutZW94PHvpUPf91wrSJkJhuw29bcLdc8lxsoSdkyTUB5otBImUpm93PJQWWfrLQQERzH3aLB7SZ_OOPAuqvLQOZvtyyhhe7D_7HOembQNIUSkW6hCzrXSNB3QgZ_SQ_LnSYJ_2APmC9a1-waBHw0w5gtel4tQrvFYinh6s81S5S722xsYuP5ePHLvYpohBuf-n3aHLIN5e2nl94_1aPAvEPIjdzAs7zFRp4u30c7SvGsQLBm-YptJyMzh0gcpR4zqCYcyDnkoGT1Jve1tbG84P7j8A304IW_dyUXkgMOPipv888sKO0gpJ-2UER_qsqiLidex0lVLhJ1E1I3i4UyYKiLKc42ztd_Ru7CnBb4eVppJLTF1I0rWiTLKwI2ex9RTZpei_g09sishOj9WBj_jnK6BREZVC5Z0EEpZcGu7svscq8p5NFaUYfGh34PTQ150vpz_tQI0b_IDihzKAoHiQQ9GXJk4REHaTLa5P51F5DxjaZVkvtYfpcUPHSj5xtj1_Q34A4rRVZ6Oi41n-4kyYAj0Y9KdZ9branyIwUA32hspwYDbBlsiacf7mgEAbSBePqI0Xiiu3JmF6UVBzYVXrYhTgogHW4uAgGXlCct2vs4pg9DTgaDh31iy4fzgVfBdXntkMNJGhKxEf92M_VlCpRSQ4IjFONWRA3YjA13-BkcvUEoTGhSBh0P39WO4xGF1Z4tr0KmZKSO3LQdyta95Z2nZ6v-YiTGuA4KZIvMa19hr-l4nLyjuVsXKhiVg8jhOYNQK1GD3cYSMZ2flfB_BRLyp-htzo3b3N9nxeThKhTO8PWzBRK8tMsj3Voz8y_r2BLQ7GOZ1osiqb0B23qmZAo-FQYc7P5kOdJcqXir5tXr2oLtszHcdHzKn0uFPnzOy4Tjk-eM8L1sbbMu1K6xhVTead6gVfXJVoZz_wTYCnK0D39TvQWC71nl8JYPUcKlIN0tnD2C1IcjQHW7HbF81tpxFIg_aOde9o2X7gCSZQKhc7mS56XWBxgHkD5oxF5ga5MQ8a7-D8tvLbpiYdoUMetMLkvTGiqAwxrAmPSBmuzFKbydvn0uEX1OxocVS3U6_2a74pLK59GqNHaFG8m7vkJexfTbqW4T_FBVtDd0AUzYivt4l5JBPmg0fy3ipWa5-MWNQwQg1AJg4eS33FZHs97PRv8ywPWZsffFUE2jkpApzoFb5aHWzlg60QV8h8DGZJmGrxUyMFy0fX8CRM7hO7KbVxlbNnkV-k1qyNJ4KWM7k33HkeYXNRvakSfOCgaIzQAFLHom6VubgW9wW8w7kcjH2aVccEedxnX7UkU_OF8bTpOTL_Rf4ovejivUr3YmLcNNTbKdOFMfRWiyuxSV8-c3q4DirjRPNXOi3XTWT-jjUVsZ7E_L0TA8tjNGWnMcfQRhPEYAeXhF6CHRUNTlTqzlimbYoPpGVI1zTz8plIEBZg_HIuReMonFdDTHjRun62Z0LnsbQFPZvS2Pajfz40sJgDMpF3BwU-4SkpDQ7TLqdl9l-kdNsBNNmal4w4lIR1vjOMhLz4Xc6vJbYD6S15JiWIhV0KTlKzYL-lOAP9mNyPUQFxxTo16ytG80KyRGWyl8HKXQOVqEBBu5oRAs_z83qrjsMnHpDhApxF1AI5zMCXYNIR4Wa7mUlIYpxqszn4QDhzc_0_6WyG01ezLsQjnSfwaylW5UFqaco9npQoJ4HoEQtXeGcr1ftpoUrBul_qYahbYT2F9OkbCYbEkwSVvw5qhaZ0zndGlnuGkRFgxi2CZBWNrq3r1950xC7o-Dl4i0FlnFcHBbMJTd6i2cN9t_39-FuJh7NIBALg_NvPgApbbpWGFy3mv0XGYPQmFByBGo12CNzg== HTTP/1.1
Host: go.eabids.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 303 See Other
server: nginx
date: Mon, 21 Nov 2022 04:29:05 GMT
content-length: 0
location: http://go.goasrv.com/openrtb/p_imp.go?xref=4VEQ9NdOr0t52IhMNCeCGxiWdgMG2lJnBFr5pH2LXYedhepIE0JTCvWoimJ7mToqA80HK_KuEmsoP3U0EqYXclVRsM7cJLPp3G9qy_FoRGZFlFq1nWpIrmJuGY-hXFIeoTKxGIYFFxMCNxZBrWVIzToCSe3tngAduDRn92AAKsuO_NvaAWC2Qz1awsfscf6Az2iP-opqtBhRAXO3IVH2TnFxIaZTP5_CciZQ0FHIzGwmWKZiQGvy-w3K0wFSY1XZfq3sUWx0gGA9Skdb_imoPsJZFl69DRXkKHJbRFE_ek9f6MfMuaNe2qvIjrrmQMxJb38SeekRnxBv1B0Y0itfTlpO7Q2ANERmjrXUxXxYad75pNqPKpEfcSfor98nUmkqFn89q4CCdDqe6d_kt7kkA9e1q4snX1Mu1i3KV2b7P2GxFytkuabh12bsBp9xwfs6A1STHEhwPDLmXYLQ9S5YwqIwNA3lD6DbqJPWDHIq1Je3scEml3GPO6Bhy0wlzIa4w_GRJ2ivID4jFslp9LpWr_b-bXLu_1JRT-FPGiyPslMKU7K3V0lbxgLX7y6qO_reJZRFEgGEJum5fgaQybVsnZWpCNP7iaCtC88dWpnpHXGqfDnj0FR-OrOqaP0_30QicpjTyAbETOfgGsDkd0TktcGPn3Yl0_m45cvDGjMZPmYJxOhgi-bMN2cxGZY1ZzY4FZ_qZZTXxrOYtTyuw70SW1Pm2l8d-EsNUF6Ihi0XlL6VMskKR7alegR6V-0GPxsLD6bjH7MLOn-FYUvcL9Akg94UhcXSrpF5qKtfnkSkqJZzYOS2CKU5cmGtpiNX1UMU0T53lLISYQ8DrIUhqjWj25nJ8tvPzw4CqvL9Gy3Rdn9Qquqt_yn65dlR7QPhJ9CIUqZgFCZzl4WRsOCqyT8INw-s7GTmXFjaTnZAm_CRBsQdJGwU2q1hQuJIThk0gOhv7FQaFZGm5MnZHRmtXKJhBzXZi6oJV7uhdj7IBssOqan_dk-6wsKEASowtOxMBOwaAhpT2aRPH0fRB7ySlwI095vVWnoao_NjUOrLUkdXAXItkOeNrg8BLoSsNMKyhdyyb7vlJyl3LAUwqqjw-Y7MRbFWpSFVsn2tLJSAHJeURwa9HQyaF0eBUOzqz4y_kc8gdHFFbhwvSziBAEw2aiVAR9iaCKXuqJT5vWVMaQbhSa0-F1bkl_o9jfkb_8L-cV3e2gp9CYN2s62jN28fHya4BEwq550yAYrHxHzV8Bn0uo87lvauupGivyvtv1DkNQMeawAGcrkm4w5HOttWIRXEz-ej-zyi4d0ALEnkA53jcEL3jWHz7xQnGycm-lvm_8iTfNxgIqKrfkiWs_5pacT8JWqO6Wu535xLHnAuzAsuY-sHLJq6HasxyjxSktOVm8-0ZTgl00jnK2t8WOJO1JsaEixjYwuEu-BoSzb304mCyUXpZc1J8g2fmhMbRKXDlY0YgWeHYzgMe_b_tfvJ1r3RZSf0w2MgdpgRHwAVTm3XAZsfo-_Igry5QhM0INCaMIT4mVye27mJa4_L-hG2-rSAH_nt4G_X8R9m6aqmLiQJJ5rAR1NExUNgop4cic9FR4kbPTKFqB04UNMY4vs7zQ2L6JFEJsr0h2nZubb5IXmgkJnpR7Z1gm4sGHtgv_LyXWocVNdAVOnu968zEs5jj2xP7pzc2q6prPy-IJ7_ncYR6paUGUmYiqTDFpJNkMVWUrzCNq-s2RV5XTnt3HKLvD1qmTC_kOgjEG_3fiPu-a6PH-gP21pAzaha4fEfoW4unr7mvCJGwojAfdC5TQ3aPPKR4BcWhS8nieQo82ywd5IJhZL8WQDVhRgRiGl0D0GyIChH964KdRUsHsHb-y6Dixv5B-Z3ANLfLPfNr0KLmfK8GkEGYOsDlpx_QvtNfEWehu9nYOXvb1qqB-2St4c2j49gNvZyGzw65i5EVyWlyiU4wTq8JUNEofSK2SPo_otmJpnEmEHunukHI_lA9VqiSyVgwOoyBRx_t5DrCS9zmUGIp9sFYF3HvFLOUQ3tB2MOnjc77kZEkbEP8osxkQ-r36W9CWn0RNWKsOVNpyYaqYyOn7OGlkDZ4CFz5dSbCJWA91fxHQKpL7hdz_t2ThhdKQOJq5K0ZeaR58D8vs3nkDo6UrSATjKoqgBkQPTfDOv4RGorP57JWb7PL25NGIjYyBoMxdGOdGhr_KQtChZIvOFC7i_wDBp3cp9HNomSibXil2pspIjCWNnlPUAAOWaiS1qcqHomhsxpybnMHchK84cvXPHQKIIEo6F7A8WEnXVqVuxdfmntfenXVPClWq_MzNjiAUUazTbFrZ8h5iFjKy249mpNCnAh3HNl_VR5bbFgj7VyZoeCSfn7wlEfQAzNlfsfPDB6adDqFA4gO_J-LUCMszpUCbh9Ul3XhJN8tJOr-_MLxGt6mt_0SSFKMMxPp8xTCj_vS1ZrzjLALpm3IT3ZIIMCNfTunyKzr-vCF4dN-ItnD9GHSYHHTP_zSk-SR4vc9HnXhqpvaEkp_kz-mw_YP8HL2nplmO8B3hIH2leLdRPa88FKZ9kOhwxfczexs3RethJMrQ==
x-backend-server: nl2-web-203
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
1ec9fedbe916229e3e076eff7c8cad24
457c269a934ad9d21b93681ce913096f5823469c
ddf932682a3b31714ffb4595868cd6da0267987774c6e13ba91627ee21620b57

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4159
Cache-Control: max-age=93914
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:05 GMT
Etag: "6379ba2c-118"
Expires: Tue, 22 Nov 2022 06:34:19 GMT
Last-Modified: Sun, 20 Nov 2022 05:25:00 GMT
Server: ECS (amb/6B75)
X-Cache: HIT
Content-Length: 280

ocsp.digicert.com/

93.184.220.29

200 OK

912 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
912 B (912 bytes)
Hash
dce7e4421e3c753ed866a55e2a8b87a2
7ce13d28b86626a8dce95d360fd5d232b3c4bc12
f7cd924f767ea8c55ad0227e330f1daaef4c12b42504c3cf8a578fd62d2ba877

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2422
Cache-Control: max-age=162712
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:05 GMT
Etag: "637acdb4-117"
Expires: Wed, 23 Nov 2022 01:40:57 GMT
Last-Modified: Mon, 21 Nov 2022 01:00:36 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 279

misctraff.com/l/26997115f3e3b5c262a2

172.67.129.169

200 OK

52 kB

URL HTTP/2
misctraff.com/l/26997115f3e3b5c262a2
IP
172.67.129.169:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (40232), with no line terminators
Size
52 kB (51455 bytes)
Hash
21bd98677b6542786206eea4f5fc18e5
f35dd30410dbc8fcba0641ffb09e960fae6c922b
14e3f7c22adf3c17058cc6d027b643a5cab239dc67c141a70a0d163d485ab5f9

HTTP Headers

GET /l/26997115f3e3b5c262a2 HTTP/1.1
Host: misctraff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ytube2dl.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 21 Nov 2022 04:29:05 GMT
content-type: text/html
last-modified: Tue, 20 Aug 2019 14:25:21 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uiiENZdQfk9G5t8Lv%2BvShg%2BypR157H092Qlk68iaXbpo%2FWLXqpn2DB7RP5xBU%2Fjyi80fEXXa7RPDSz2T92C%2BSLORBKNDO1LCGYRbm9DKljzngq4%2FYS3DdQEvzzEr3iq1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76d6aeac78970b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

573 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
573 B (573 bytes)
Hash
f80450e75ac5cdd353a7d578a78d656c
3a598a8c93b3221d8480011b5a41a554ddb13d08
0870c5a62e2affa97f57d4037ba47cec4f1ce2886d04133a8eaa62ce45230767

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1565
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:05 GMT
Last-Modified: Mon, 21 Nov 2022 04:03:01 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 279

engine.spotscenered.info/link.engine?z=65496&guid=9c6b98fb-eec1-42a9-b793-641c8be15d39

104.18.97.60

302 Found

29 kB

URL HTTP/2
engine.spotscenered.info/link.engine?z=65496&guid=9c6b98fb-eec1-42a9-b793-641c8be15d39
IP
104.18.97.60:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
29 kB (28818 bytes)
Hash
2d77291b2441daa103c294af5f0ca135
f27c83c7a71f63ed1f9f81d80981a485fd0bb7e5
1952dbcf84d6fd4b63d8be7336c9fd65307e18ddb0573a4ef12a611376bdaa5e

HTTP Headers

GET /link.engine?z=65496&guid=9c6b98fb-eec1-42a9-b793-641c8be15d39 HTTP/1.1
Host: engine.spotscenered.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ytube2dl.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Mon, 21 Nov 2022 04:29:05 GMT
content-type: text/html; charset=utf-8
location: https://engine.spotscenered.info/Redirect.eng?MediaSegmentId=50693&dcid=1_ctx_d082ec59-7184-4bfd-8610-eb0053c1d224&vmId=00000000-0000-0000-0000-000000000000&abr=false&timeZoneOffset=&v=rqFF0X34yHxV-wXnS1igNrH0CwNjDCLc1ERV9rym3tl2AKqnrI1W70Oig995Ut407HRBVkYwxvtN7b7lulSqifSkdOa2NhOFzLBDuqCvrG50I75R4HNNr0ul5BaF100-tSMXse-5Kh99I2nK2QDAUTmMyrt4wSaWJTAAX8DWd1XTzxn5ib5cqgT8-vx3w4IduIAAwSFKzcG4PElVTwKEkWNtE89--4PpSyjqPwCL_xerSqLM5w3ZEv5MGPODLu65EO22tA5fLPv8tKRJHx_76qnjeJppmqqy8l3VXkQWle0cufXHwzgVlKZEXdelEL9wwEPx_tt_qa0YqgHhBtFKvthVXVcYsO50Xo4ep5tPIEmK440GigSOpL35oHL9w3dEc-x00Q53rulU7EGwv57wFhWCf-2csI6JNq3pc6IYBlOm6-jqIuhmC3tbTnmMbHasmffprScM5bEesKSQWEJ9LXHQ8Ml4DcrOHvUhuWD-EfbHgo7yzOY5vP_6iQdJlBIb79VR_ADoxkTYxQjlEdyW24_3qFxl4VSVPIvfwO9xKLW0CXY-m-12f6sEpuhyW0hDGh4uKhXYv78ukw1dfR7bfc8YBZHbCB6Q6bquam1XrkvwTmdSvDpO6Rfz_i3C4SyDjezcKvTvH5OESscisJJfuH6u-mToU67LC_XuJ9O1c07zl2f_hIuNyRP2wTPkno6y448q8xYrfLPZr7qEh_JJa65Ho5IteUbu6UpKk2T16CLCLMB_Bha5OnHAtGWpLA5jnqjlyiVkcg-x6tfe-eLyJ-wuyAj2FAsqvq_t6oU3NC5YUgW4f38EbW6IlQwSVZVXhE4qs63AQ7VqFtsBOdMIFiBoLIznkrdMm7NHrrd1B0UkLZmepugg8eaKQZCtq3r00&kw=&mw=1024&mh=535
vary: Accept-Encoding
cache-control: private, no-transform
content-encoding: gzip
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
set-cookie: IKSR={}; path=/; SameSite=None; secure
INF_DFL8=false; path=/; SameSite=None; secure
IUID=1365b197-00e1-46a9-a441-b8ac6cf79776; expires=Sun, 21-Nov-2032 04:29:05 GMT; path=/; SameSite=None; secure
ISSH=676C0D; path=/; SameSite=None; secure
VMI=; path=/; SameSite=None; secure
IPLH=#{}; expires=Sun, 21-Nov-2032 04:29:05 GMT; path=/; SameSite=None; secure; HttpOnly
IPLH_Q=#[]; expires=Sun, 21-Nov-2032 04:29:05 GMT; path=/; SameSite=None; secure; HttpOnly
CHN=#[]; expires=Sun, 21-Nov-2032 04:29:05 GMT; path=/; SameSite=None; secure; HttpOnly
MSSH=#{}; expires=Sun, 21-Nov-2032 04:29:05 GMT; path=/; SameSite=None; secure; HttpOnly
MSRH=#{}; expires=Sun, 21-Nov-2032 04:29:05 GMT; path=/; SameSite=None; secure; HttpOnly
ILP=null; expires=Sun, 21-Nov-2032 04:29:05 GMT; path=/; SameSite=None; secure
ILPLU=#1/1/0001 12:00:00 AM; expires=Sun, 21-Nov-2032 04:29:05 GMT; path=/; SameSite=None; secure; HttpOnly
ILEALC=#1/1/0001 12:00:00 AM; expires=Sun, 21-Nov-2032 04:29:05 GMT; path=/; SameSite=None; secure; HttpOnly
ILMPF=#False; expires=Mon, 21-Nov-2022 08:29:05 GMT; path=/; SameSite=None; secure; HttpOnly
IPMPLU=#; expires=Sun, 21-Nov-2032 04:29:05 GMT; path=/; SameSite=None; secure; HttpOnly
IPMUID=#; expires=Sun, 21-Nov-2032 04:29:05 GMT; path=/; SameSite=None; secure; HttpOnly
BSWUID=#; expires=Sun, 21-Nov-2032 04:29:05 GMT; path=/; SameSite=None; secure; HttpOnly
IKSR={}; path=/; SameSite=None; secure
IBL=#[]; expires=Sun, 21-Nov-2032 04:29:05 GMT; path=/; SameSite=None; secure; HttpOnly
IPLSH=#{}; expires=Sun, 21-Nov-2032 04:29:05 GMT; path=/; SameSite=None; secure; HttpOnly
IPLSH_Q=#[]; expires=Sun, 21-Nov-2032 04:29:05 GMT; path=/; SameSite=None; secure; HttpOnly
IZH=#{}; expires=Sun, 21-Nov-2032 04:29:05 GMT; path=/; SameSite=None; secure; HttpOnly
IZH_Q=#[]; expires=Sun, 21-Nov-2032 04:29:05 GMT; path=/; SameSite=None; secure; HttpOnly
IMCH=#{}; expires=Sun, 21-Nov-2032 04:29:05 GMT; path=/; SameSite=None; secure; HttpOnly
IMCH_Q=#[]; expires=Sun, 21-Nov-2032 04:29:05 GMT; path=/; SameSite=None; secure; HttpOnly
IMH=#{}; expires=Sun, 21-Nov-2032 04:29:05 GMT; path=/; SameSite=None; secure; HttpOnly
IMH_Q=#[]; expires=Sun, 21-Nov-2032 04:29:05 GMT; path=/; SameSite=None; secure; HttpOnly
ISH=#{"16924":[{"SId":"676C0D","D":"22/11/20T20:29:5"}]}; expires=Sun, 21-Nov-2032 04:29:05 GMT; path=/; SameSite=None; secure; HttpOnly
ISH_Q=#[16924]; expires=Sun, 21-Nov-2032 04:29:05 GMT; path=/; SameSite=None; secure; HttpOnly
ISPH=#{}; expires=Sun, 21-Nov-2032 04:29:05 GMT; path=/; SameSite=None; secure; HttpOnly
ISPH_Q=#[]; expires=Sun, 21-Nov-2032 04:29:05 GMT; path=/; SameSite=None; secure; HttpOnly
ICH=#{}; expires=Sun, 21-Nov-2032 04:29:05 GMT; path=/; SameSite=None; secure; HttpOnly
ICH_Q=#[]; expires=Sun, 21-Nov-2032 04:29:05 GMT; path=/; SameSite=None; secure; HttpOnly
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76d6aeaba872b4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

676 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
676 B (676 bytes)
Hash
7cc342d86a2d0c18d597163fcfe8a71d
d7fdb4bede80a4f02edb789a504fa5634949c33a
6375e914d5c5313054e3f4c5640d5ad4b16ca824be2ad2a59cbcfb157174cd11

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6452
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:05 GMT
Etag: "6379f828-117"
Last-Modified: Mon, 21 Nov 2022 02:41:33 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 279

xml.popmonetizer.com/redirect?feed=457655&auth=BcObps&pubid=155183

174.137.133.18

302 Found

0 B

URL HTTP/1.1
xml.popmonetizer.com/redirect?feed=457655&auth=BcObps&pubid=155183
IP
174.137.133.18:0
ASN
#27257 WEBAIR-INTERNET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect?feed=457655&auth=BcObps&pubid=155183 HTTP/1.1
Host: xml.popmonetizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Server: nginx
Date: Mon, 21 Nov 2022 04:29:05 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Age: 0
Location: http://tsyndicate.com/api/v1/direct/4e420276e1634be7bd548706bf4bd864?extID=362815
Pragma: no-cache

q.popbutler.com/r?fid=404Fp6kIN4q

172.67.155.254

204 No Content

0 B

URL HTTP/2
q.popbutler.com/r?fid=404Fp6kIN4q
IP
172.67.155.254:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /r?fid=404Fp6kIN4q HTTP/1.1
Host: q.popbutler.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.mpshark.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Mon, 21 Nov 2022 04:29:05 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LIK01bkhN1sKrUQPScG329wM2w4GnK6vAQWwxK11jWxat0gQ1M02xFG64RQamvlAdkF7sDASAxqWF7I2Hfh7b4859N%2FqAcSrSdKhzlC5Mjb3Zz8iBUouwbLEcX4a0Qnrsaw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76d6aeaf1d3eb50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

q.xmlrtb.com/r?fid=40vCpqrINnW

172.67.142.212

204 No Content

9.7 kB

URL HTTP/2
q.xmlrtb.com/r?fid=40vCpqrINnW
IP
172.67.142.212:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
9.7 kB (9696 bytes)
Hash
e5c107418b6ee6794f80206532b7af8e
ca3422c5b20d313a485187d50fee152963716189
72752bde933c556a6b00084c88418fd98b9f775b7ad6dba79bf792caf11d843f

HTTP Headers

GET /r?fid=40vCpqrINnW HTTP/1.1
Host: q.xmlrtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.mpshark.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Mon, 21 Nov 2022 04:29:05 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KQ72pNRrQb9u%2FB4bMHqLDFI69kR3rFHVciYSjUvkRT6%2FgOhhqb8z3loGjp%2FeqwBVqowVrTmmUF3J%2BEidibKzG9bRmuQhnW0soYSVw8sxSdc90SCvYM7OVl7IjfEkBck%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76d6aeaf28770b55-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
8bce3a7ed0e14e002a3647ec47881b1d
9f55d234df3b2bd083779815724059ac8ccd9e6d
6e4c2ad76a55c4b0509696f99742599cb0d6f88d54fdcb4df2fe8c68b6610e15

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1566
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:06 GMT
Last-Modified: Mon, 21 Nov 2022 04:03:01 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 279

cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js

104.17.25.14

200 OK

4.6 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text
Size
4.6 kB (4570 bytes)
Hash
0034a6d5953dccaafa8bec89564728c7
d277a4480a01d15e03978e4b5222ddf306b7f562
51198a285be709f63d93bd44500759fe4dc9350997e521b8a31775caef201422

HTTP Headers

GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytube2dl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 21 Nov 2022 04:29:04 GMT
content-type: application/javascript; charset=utf-8
content-length: 27748
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-15851"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2171968
expires: Sat, 11 Nov 2023 04:29:04 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y4fDF1Im7klj%2Bx4teQyOuh8T3wIbBBBzdXkgFUJJhMk2i4GUSohtjVwhWJXRmWD4JjoEAaYSfpFaTTQZOVqB1SNnyrAZ2Ft9rC11H0Q1XwCkFQZHhmlQackQm1PbfwadTpx%2FYwPh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76d6aea95fb20b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

18 kB

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
18 kB (18309 bytes)
Hash
5a617a508cc4e0fb0aee514132995b5a
cb8f33548d74aa907d1f23fa403c2400ccde65e4
26c5faf6dff04481b91f06064ad59614a4095f5463fdacf81109f560a2056ac6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6453
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:06 GMT
Etag: "6379f828-117"
Last-Modified: Mon, 21 Nov 2022 02:41:33 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 279

misctraff.com/l/26997115f3e3b5c262a2

172.67.129.169

200 OK

13 kB

URL HTTP/2
misctraff.com/l/26997115f3e3b5c262a2
IP
172.67.129.169:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text
Size
13 kB (13030 bytes)
Hash
d1952037cfb4d70f288b22d1976eaccb
7a488ce30f0b0ec86edd02452dbed27b22f229b8
ec231dd55f281d6279c3527f333f98c0bc73d6e36a0513699c15e58b8ac6726d

HTTP Headers

GET /l/26997115f3e3b5c262a2 HTTP/1.1
Host: misctraff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ytube2dl.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 21 Nov 2022 04:29:05 GMT
content-type: text/html
last-modified: Thu, 15 Oct 2020 14:13:33 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2QDQ%2Bj%2FBr9wdOl3w5DBSOFUVn2TML1CoLkF6UxfhjzyDHh83vTdyY0431RziiBVvbTvRximnEZBAu%2BY3SgOBET5Rx1h%2FZl21O2aN3qxo%2BB0ZNs3P3s3qvcZNZc0DqjDi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76d6aeaba8430b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.mpshark.com/

104.21.76.196

200 OK

24 kB

URL HTTP/2
www.mpshark.com/
IP
104.21.76.196:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (7311)
Size
24 kB (24451 bytes)
Hash
5d1464ff5338c5741a74f616fee50a5d
5379d96ac4c31a264b3eca6bec36aa9aae3892a4
f2c5371337c3605eb0a383f6315fbcff1c65273a259edcaae1ee2de2dbbe4c17

HTTP Headers

GET / HTTP/1.1
Host: www.mpshark.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ytube2dl.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 21 Nov 2022 04:29:05 GMT
content-type: text/html; charset=utf-8
vary: Cookie
set-cookie: session=eyJjc3JmX3Rva2VuIjoiOWIyODgzOTJmODUwMjA3ODAxNjMwNjUxZDZjYTI2NzMwYTdhMDM5YyJ9.Y3r-kQ.Y87lQV-6wQ7juY-v2I4HhOYqFQU; HttpOnly; Path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2FshQ5RGtlMVlgjUlAFboGVEa7osqJsg3HidStU2o%2Beh1S57WXWekXlZsnwcSWFPWGVI8jjefkco%2BM85udM2tTk6smqz1TQUogwqwE%2FRSiDbgpRLJouh3j79eE9kliayI6A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76d6aeab8fdbb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

q.cachegorilla.com/r?fid=dgDsw7VfNXk

104.21.51.225

302 Found

30 kB

URL HTTP/2
q.cachegorilla.com/r?fid=dgDsw7VfNXk
IP
104.21.51.225:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
30 kB (30081 bytes)
Hash
b07febd9e1af0b24b72da70a976405da
63b081d896c52498e56bbed19eff1d788eddfeef
a53380fcbf489aa99f94b828cebaeb349d1618214b346764371882218ec39c12

HTTP Headers

GET /r?fid=dgDsw7VfNXk HTTP/1.1
Host: q.cachegorilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://adforcast.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
date: Mon, 21 Nov 2022 04:29:05 GMT
location: https://www.ytube2dl.com
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jmHLOnWEUU9aQc%2Brk5P3tDz%2B9FUyqMD8c3MDJiHr8JprEA2A1Yuyz13lZkRB5QAON9qW1QxbKyo6M5h7UpfTqGRqmRZqwZ5R8Xq%2FUbxeeZQ%2BtoNcS1s%2BqUD%2FuTNLSM4y2ugeUkA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76d6aea7797d1c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

639 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
639 B (639 bytes)
Hash
0258ef104e7b13aef0c793b4a6598994
1d5404a1cc08ccd3e8d328b73d619495029bb2f9
4788ce6f1d097d1d174e99a765aff03b2fa1ff837514ba7c806e7d9e2f6c61e4

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "345B7F55E53B0E432C2B1DFE455FCF7C75C2AC81C12CFF7789C72647F2DB6856"
Last-Modified: Fri, 18 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4745
Expires: Mon, 21 Nov 2022 05:48:11 GMT
Date: Mon, 21 Nov 2022 04:29:06 GMT
Connection: keep-alive

digiadsply.com/m87673.jpg

104.18.5.101

200 OK

231 kB

URL HTTP/2
digiadsply.com/m87673.jpg
IP
104.18.5.101:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix\012- data
Size
231 kB (231352 bytes)
Hash
30012cdb8af6fb1b0807f2a304b220be
2210f528e861d6f1d31517cbc1f2e92d1e196d46
8b319096faf5b4287f73877de3f421bf004f2e2bf34c0ea37424e51fad7d48cc

HTTP Headers

GET /m87673.jpg HTTP/1.1
Host: digiadsply.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://engine.spotscenered.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 21 Nov 2022 04:29:06 GMT
content-type: image/jpeg
content-length: 230376
cf-ray: 76d6aeb49fa2b50f-OSL
accept-ranges: bytes
age: 1448253
cache-control: max-age=2592000
etag: "761874248a86755381e719557f95ed0b"
expires: Thu, 22 Dec 2022 04:29:06 GMT
last-modified: Wed, 15 May 2019 22:04:37 GMT
via: 1.1 f9a0ddc3860252ab6c4d02ab024b4891.cloudfront.net (CloudFront)
cf-cache-status: HIT
cf-bgj: h2pri
x-amz-cf-id: mRckKyeFyJI-phRYxWBWc6Bh4A7rQUbfCmRs-jhtJzrhmRjSlIwL2g==
x-amz-cf-pop: ARN1-C1
x-amz-storage-class: REDUCED_REDUNDANCY
x-cache: RefreshHit from cloudfront
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

40 kB

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
40 kB (39489 bytes)
Hash
b4f7056a31717218b264a5910df377b6
ee76e94e49577c3db1febd69e6f1a588d221a247
265fd30db1f5235b501fa007d503df0c2954d17868e782097a7804f6e104df87

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "345B7F55E53B0E432C2B1DFE455FCF7C75C2AC81C12CFF7789C72647F2DB6856"
Last-Modified: Fri, 18 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4745
Expires: Mon, 21 Nov 2022 05:48:11 GMT
Date: Mon, 21 Nov 2022 04:29:06 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

580 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
580 B (580 bytes)
Hash
96854362350a531c3477df1590b1cbee
fb84349ed5e727192f8dbd7afb6a7e854ceeb42f
2bef1679461d01a0f3c28734cba88413f5e67c788fb8b4a8a47f82967ee2558d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5424
Cache-Control: max-age=92305
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:07 GMT
Etag: "6379aef4-118"
Expires: Tue, 22 Nov 2022 06:07:32 GMT
Last-Modified: Sun, 20 Nov 2022 04:37:08 GMT
Server: ECS (amb/6B75)
X-Cache: HIT
Content-Length: 280

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
ce98d89bf5d3df861bf883810083b55a
a2bc048f90bd35410d91063b4cff9faee488f02a
4fd2194f4aa642141170c5066052aa5f67992a19e1bba70078925be809ad6e9a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5424
Cache-Control: max-age=92305
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:07 GMT
Etag: "6379aef4-118"
Expires: Tue, 22 Nov 2022 06:07:32 GMT
Last-Modified: Sun, 20 Nov 2022 04:37:08 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 280

q.cachegorilla.com/r?fid=dgDsw7VfNXk

104.21.51.225

302 Found

4.4 kB

URL HTTP/2
q.cachegorilla.com/r?fid=dgDsw7VfNXk
IP
104.21.51.225:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
4.4 kB (4395 bytes)
Hash
cc00c963282fe9fe63404db4765e1bd3
932bf0a8498bb2b7e799e41ffbb454ec89e800cd
faab24f1c573798d754924cb3703a08790175242d577d120a6d14001200df746

HTTP Headers

GET /r?fid=dgDsw7VfNXk HTTP/1.1
Host: q.cachegorilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://adforcast.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
date: Mon, 21 Nov 2022 04:29:04 GMT
location: https://www.ytube2dl.com
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3I%2B%2FS1lz5Zl9SLpg79jU65kZsQGygQk5Lji97ErqnegMVPaiDZxdb8F3DN%2Fv9TxMRNr8HNjZCnrrhd8tOgQQewj7p5%2BNiKa04keDBeh5hJRO%2F%2BRVnuo2ST7rO6UKvEGy5q6IRCA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76d6aea7797a1c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fanasti.com/rc/3d8a3d97e5?affclick=bmconv_20221121052906_5c8ab1f9_5314_46ff_86ea_35e56081f4ca&pubid=135921_Unknown

172.67.197.219

200 OK

1.9 kB

URL HTTP/2
fanasti.com/rc/3d8a3d97e5?affclick=bmconv_20221121052906_5c8ab1f9_5314_46ff_86ea_35e56081f4ca&pubid=135921_Unknown
IP
172.67.197.219:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.9 kB (1886 bytes)
Hash
5a0915f9e15fa7623214ce67964d9faf
b82eb68fe0aa1f15cc72e8c2dbec5f4802b0f91e
b30e57f525aaeeda50bba2fb5704b4e4473b9223adeed06ce7bc2c1d858b0ac6

HTTP Headers

GET /rc/3d8a3d97e5?affclick=bmconv_20221121052906_5c8ab1f9_5314_46ff_86ea_35e56081f4ca&pubid=135921_Unknown HTTP/1.1
Host: fanasti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://misctraff.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 21 Nov 2022 04:29:07 GMT
content-type: text/html; charset=utf-8
set-cookie: AWSALB=cwNfmWflxbxZwLSrSkQ+MC8nqLrwnev1ScfDIfiA1sAGv0Ya/icqaqlTjdBbISi0QgLew6AEhj/rrxu/Kx4OluY12bxYKqAeQv5CS8BE90jJosGaP9ei1SSMgJgH; Expires=Mon, 28 Nov 2022 04:29:07 GMT; Path=/
AWSALBCORS=cwNfmWflxbxZwLSrSkQ+MC8nqLrwnev1ScfDIfiA1sAGv0Ya/icqaqlTjdBbISi0QgLew6AEhj/rrxu/Kx4OluY12bxYKqAeQv5CS8BE90jJosGaP9ei1SSMgJgH; Expires=Mon, 28 Nov 2022 04:29:07 GMT; Path=/; SameSite=None
vary: Accept-Encoding, Accept-Language, Cookie
content-language: en
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3F7%2FJDtmsFZBJJ0kOoNzvM%2FxVDJj5GSNn4Ed%2FgbtvMkZ66X0IAZOVzEVWIpVjh%2F7VY3VhMz3qd4TqUVCLETxskgU0QY1qTNVt%2BLdlY%2BymtgSYwlM6WY9Qev61cZOZA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76d6aeb9ae4cb4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

concernederase.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSujiNKvKh4EUTmqCCz1fMjM2MOwTWuLK67axLZc3VV9Wy51V1NVff07JxWA5KD4Bw8%2BBN6v9nNEg2SHD0IMitIWBQyILqi%2Bz%2BIkKNITwbGPKj3o74H9X3v1Yf72RmhyNjp5ttmqLRmS60arb60pWJhclddv1b1aY1erG6p%2BELzYnVQOtt%2F1aetGn25%2BqbkO2apTn1KfepXV5SVoRkszVCo5HbXr3VprVmv%2Ba0mBvbR2mUeHPMg%2BmfkWSgxfXz73l0oPkEc3bks3U5qklfeiDLNUmPRF0fvxjuxyWNEizS0HsL4aN4N46aEfHoOJj6aK4DpH5QKEKgp8X7zEcRHc5oI%2BocPmQYaMkYgnkLen0DqCRSbgJvrUOI%2BAbjA%2Bgbi6Oa6sTnbfYiyEp2SyoN%2FoPIpqfz1HOLo22WtBtWrRmepMrHDICygBhOo3gRJdox06EHlx%2BDpB1DiF7L0YA1xdLDhtIESxUy9UhOocAItR2DOQ1Ye5SELPWSJh0icVlmrG1LaDoOw0eg0OeeNBuetzgXREo1mJ6TIeElvhDQZgesRuN1DYvewo0aw2Q9w2wWc8ODSKfHe2UNfFMglQe4IckaQK4I8Jcj7xaHQru6Km0K7LPDnsT6PjWJs0t4%2BOzRpT8ZkPzkjz5Rz8Z689Tt25Gk1EI1Os9Wg9ZaQVAa%2B36n7tE1b1OftTqfhw6kCyp2bSR2qKXnhp5%2BRqCl5gu8hYMdw%2BhhcPQ2W%2BWD5uF2nYNvjZodiGN%2FZ7rFI9pjW0u7WuIkgTIEkrSDd9fb1GXl%2BtqPur19B8pNL331W2ufgtkBiC7ynfiTo6RvjKyYnB1dM7sjdjSRVkRqycn9XU5bKx75%2BS%2B7mxorVy2506zVeAmV6%2B5p06RqLhYp7jnyzrISQdsVYLsn3q25LBpuZ217ObJwla5uvr6xGiZXOKRNPwNR99xG4mpLz0R%2Bzn%2Fnin30oO4HNCkTZCZkblDkGT%2FbgkgV7ZwisXvQEiYc8K8a2HiwutSLQclGzoID7Xx0s8n13Az1bAUuvI44K9G2Bvi7A9AguOz9OE3ty6d788UBXxoG2lYNAW%2F3JbLSl%2B7J0X0xJ%2B%2F2%2F4dRpVbZCGkpal0HYDcI2o6IbNrsB6%2FqyHbSYj9RN%2BfDfj%2F8DAAD%2F%2FwEAAP%2F%2FacSnlIAEAAA%3D

173.233.139.164

200 OK

7 B

URL HTTP/1.1
concernederase.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSujiNKvKh4EUTmqCCz1fMjM2MOwTWuLK67axLZc3VV9Wy51V1NVff07JxWA5KD4Bw8%2BBN6v9nNEg2SHD0IMitIWBQyILqi%2Bz%2BIkKNITwbGPKj3o74H9X3v1Yf72RmhyNjp5ttmqLRmS60arb60pWJhclddv1b1aY1erG6p%2BELzYnVQOtt%2F1aetGn25%2BqbkO2apTn1KfepXV5SVoRkszVCo5HbXr3VprVmv%2Ba0mBvbR2mUeHPMg%2BmfkWSgxfXz73l0oPkEc3bks3U5qklfeiDLNUmPRF0fvxjuxyWNEizS0HsL4aN4N46aEfHoOJj6aK4DpH5QKEKgp8X7zEcRHc5oI%2BocPmQYaMkYgnkLen0DqCRSbgJvrUOI%2BAbjA%2Bgbi6Oa6sTnbfYiyEp2SyoN%2FoPIpqfz1HOLo22WtBtWrRmepMrHDICygBhOo3gRJdox06EHlx%2BDpB1DiF7L0YA1xdLDhtIESxUy9UhOocAItR2DOQ1Ye5SELPWSJh0icVlmrG1LaDoOw0eg0OeeNBuetzgXREo1mJ6TIeElvhDQZgesRuN1DYvewo0aw2Q9w2wWc8ODSKfHe2UNfFMglQe4IckaQK4I8Jcj7xaHQru6Km0K7LPDnsT6PjWJs0t4%2BOzRpT8ZkPzkjz5Rz8Z689Tt25Gk1EI1Os9Wg9ZaQVAa%2B36n7tE1b1OftTqfhw6kCyp2bSR2qKXnhp5%2BRqCl5gu8hYMdw%2BhhcPQ2W%2BWD5uF2nYNvjZodiGN%2FZ7rFI9pjW0u7WuIkgTIEkrSDd9fb1GXl%2BtqPur19B8pNL331W2ufgtkBiC7ynfiTo6RvjKyYnB1dM7sjdjSRVkRqycn9XU5bKx75%2BS%2B7mxorVy2506zVeAmV6%2B5p06RqLhYp7jnyzrISQdsVYLsn3q25LBpuZ217ObJwla5uvr6xGiZXOKRNPwNR99xG4mpLz0R%2Bzn%2Fnin30oO4HNCkTZCZkblDkGT%2FbgkgV7ZwisXvQEiYc8K8a2HiwutSLQclGzoID7Xx0s8n13Az1bAUuvI44K9G2Bvi7A9AguOz9OE3ty6d788UBXxoG2lYNAW%2F3JbLSl%2B7J0X0xJ%2B%2F2%2F4dRpVbZCGkpal0HYDcI2o6IbNrsB6%2FqyHbSYj9RN%2BfDfj%2F8DAAD%2F%2FwEAAP%2F%2FacSnlIAEAAA%3D
IP
173.233.139.164:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSujiNKvKh4EUTmqCCz1fMjM2MOwTWuLK67axLZc3VV9Wy51V1NVff07JxWA5KD4Bw8%2BBN6v9nNEg2SHD0IMitIWBQyILqi%2Bz%2BIkKNITwbGPKj3o74H9X3v1Yf72RmhyNjp5ttmqLRmS60arb60pWJhclddv1b1aY1erG6p%2BELzYnVQOtt%2F1aetGn25%2BqbkO2apTn1KfepXV5SVoRkszVCo5HbXr3VprVmv%2Ba0mBvbR2mUeHPMg%2BmfkWSgxfXz73l0oPkEc3bks3U5qklfeiDLNUmPRF0fvxjuxyWNEizS0HsL4aN4N46aEfHoOJj6aK4DpH5QKEKgp8X7zEcRHc5oI%2BocPmQYaMkYgnkLen0DqCRSbgJvrUOI%2BAbjA%2Bgbi6Oa6sTnbfYiyEp2SyoN%2FoPIpqfz1HOLo22WtBtWrRmepMrHDICygBhOo3gRJdox06EHlx%2BDpB1DiF7L0YA1xdLDhtIESxUy9UhOocAItR2DOQ1Ye5SELPWSJh0icVlmrG1LaDoOw0eg0OeeNBuetzgXREo1mJ6TIeElvhDQZgesRuN1DYvewo0aw2Q9w2wWc8ODSKfHe2UNfFMglQe4IckaQK4I8Jcj7xaHQru6Km0K7LPDnsT6PjWJs0t4%2BOzRpT8ZkPzkjz5Rz8Z689Tt25Gk1EI1Os9Wg9ZaQVAa%2B36n7tE1b1OftTqfhw6kCyp2bSR2qKXnhp5%2BRqCl5gu8hYMdw%2BhhcPQ2W%2BWD5uF2nYNvjZodiGN%2FZ7rFI9pjW0u7WuIkgTIEkrSDd9fb1GXl%2BtqPur19B8pNL331W2ufgtkBiC7ynfiTo6RvjKyYnB1dM7sjdjSRVkRqycn9XU5bKx75%2BS%2B7mxorVy2506zVeAmV6%2B5p06RqLhYp7jnyzrISQdsVYLsn3q25LBpuZ217ObJwla5uvr6xGiZXOKRNPwNR99xG4mpLz0R%2Bzn%2Fnin30oO4HNCkTZCZkblDkGT%2FbgkgV7ZwisXvQEiYc8K8a2HiwutSLQclGzoID7Xx0s8n13Az1bAUuvI44K9G2Bvi7A9AguOz9OE3ty6d788UBXxoG2lYNAW%2F3JbLSl%2B7J0X0xJ%2B%2F2%2F4dRpVbZCGkpal0HYDcI2o6IbNrsB6%2FqyHbSYj9RN%2BfDfj%2F8DAAD%2F%2FwEAAP%2F%2FacSnlIAEAAA%3D HTTP/1.1
Host: concernederase.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hgamegallery.com/
Cookie: u_pl=17344826; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 21 Nov 2022 04:29:09 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 71452a8766cc75c94603645f574f556f
Strict-Transport-Security: max-age=0; includeSubdomains

concernederase.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuuzm9%2BKOtFxYsgMkcFmVTPx86Me1iMayQYk7i7knN1VfWkTHVXU9U9PZlTdEH2IDgHD35C55lkw%2Boiu0cPgkwEWYLCDohGNP%2BDCHsU6dmB0Rfq%2FajnhXqe9633D7JzQpGxs603zVBpzZZbNVp9YVvFwuSuunG96tMavVTdVvHF5qXqoHS2%2F7JPWzX6YvV1yXfNcp36lPrUr64qK0MzWJ6hUMmdrl%2Fr0lqzXvNbTQzsf2uXeXDMg%2Bifk6ehxPT%2FO%2FfvQfEJ4ujuFel2U5O89FqUaZYai744fjvejU0eI1qkofUQxsfzbhg3JeTjJZj4eK4Apn9YKkCgpsT7xUcQH89pIugfPWIaaMgYgXgCeX8CqSdQbAJubkCJBwTgAhubiKNbG8bmbO8Rykp0SioP%2F4LKp6TyxzOIo69XtBpUrxmdpcrEDoOwgBpMoHoTJNkJ0qEHlZ%2BAp%2B9BiZ%2FI8sN1xNHhptMGShQz9UpNoMIJtByBOQ9ZeZSHLPSQJR4icVZlrW5IaTsMwkaj0%2BScNxqctzoXRUs0mp2QIuMlvRHSZASuR%2BB2H4ndx64awWbfwe0UcMKDS6fEe2sffVEglwS5I8gZQa4I8pQg7xdHQru6K24J7bLAn8f6PDaKsUl7B%2BzIpD0Zk4PknDxVzsV7%2FPav2JVn1UA0Os1Wg9ZbQlIZ%2BH6n7tM2bVGftzudhg%2BnCii3NJM6VFPy3A8%2FIlFT8hjfR8BO4PQJuHoSLPPB8nG7TsF2xs0OxTC%2Bu9NjkewxraXdq3ETQZgCSVpBuucd6HPy7GxH3Z8%2Fh%2BSnl7%2F5pLRPwW2BxBZ4R31P0NM3x1dNTg6vmtyRe5tJqiI1ZOX%2BrqUslf%2F78g25lxsr1q640e1XeAmU6Z3r0qXrLBYq7jny1YoSQtpVY7kk3665bRlsZW5nJbNxlqxvvbq6FiVWOqdMPAFTD9wH4GpKLkS%2FzX7m879nUHYCmxWIslMyNyhzAp7swyUL9s4QWL3oCZIl5FkxtvVgcakVgZaLmgUF3L%2FqYJEfuJvo2QpYegNxVKBvC%2FR1AaZHcNmFcZrY08v3548HujIOtK0cBtrqj8rRfjGbb%2Bk%2Bm5L2u3%2FCqbOqbIU0lLQug7AbhG1GRTdsdgPW9WU7aDEfqZvy4d8f%2FgMAAP%2F%2FAQAA%2F%2F8lwLxAgAQAAA%3D%3D

173.233.139.164

200 OK

1.5 kB

URL HTTP/1.1
concernederase.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuuzm9%2BKOtFxYsgMkcFmVTPx86Me1iMayQYk7i7knN1VfWkTHVXU9U9PZlTdEH2IDgHD35C55lkw%2Boiu0cPgkwEWYLCDohGNP%2BDCHsU6dmB0Rfq%2FajnhXqe9633D7JzQpGxs603zVBpzZZbNVp9YVvFwuSuunG96tMavVTdVvHF5qXqoHS2%2F7JPWzX6YvV1yXfNcp36lPrUr64qK0MzWJ6hUMmdrl%2Fr0lqzXvNbTQzsf2uXeXDMg%2Bifk6ehxPT%2FO%2FfvQfEJ4ujuFel2U5O89FqUaZYai744fjvejU0eI1qkofUQxsfzbhg3JeTjJZj4eK4Apn9YKkCgpsT7xUcQH89pIugfPWIaaMgYgXgCeX8CqSdQbAJubkCJBwTgAhubiKNbG8bmbO8Rykp0SioP%2F4LKp6TyxzOIo69XtBpUrxmdpcrEDoOwgBpMoHoTJNkJ0qEHlZ%2BAp%2B9BiZ%2FI8sN1xNHhptMGShQz9UpNoMIJtByBOQ9ZeZSHLPSQJR4icVZlrW5IaTsMwkaj0%2BScNxqctzoXRUs0mp2QIuMlvRHSZASuR%2BB2H4ndx64awWbfwe0UcMKDS6fEe2sffVEglwS5I8gZQa4I8pQg7xdHQru6K24J7bLAn8f6PDaKsUl7B%2BzIpD0Zk4PknDxVzsV7%2FPav2JVn1UA0Os1Wg9ZbQlIZ%2BH6n7tM2bVGftzudhg%2BnCii3NJM6VFPy3A8%2FIlFT8hjfR8BO4PQJuHoSLPPB8nG7TsF2xs0OxTC%2Bu9NjkewxraXdq3ETQZgCSVpBuucd6HPy7GxH3Z8%2Fh%2BSnl7%2F5pLRPwW2BxBZ4R31P0NM3x1dNTg6vmtyRe5tJqiI1ZOX%2BrqUslf%2F78g25lxsr1q640e1XeAmU6Z3r0qXrLBYq7jny1YoSQtpVY7kk3665bRlsZW5nJbNxlqxvvbq6FiVWOqdMPAFTD9wH4GpKLkS%2FzX7m879nUHYCmxWIslMyNyhzAp7swyUL9s4QWL3oCZIl5FkxtvVgcakVgZaLmgUF3L%2FqYJEfuJvo2QpYegNxVKBvC%2FR1AaZHcNmFcZrY08v3548HujIOtK0cBtrqj8rRfjGbb%2Bk%2Bm5L2u3%2FCqbOqbIU0lLQug7AbhG1GRTdsdgPW9WU7aDEfqZvy4d8f%2FgMAAP%2F%2FAQAA%2F%2F8lwLxAgAQAAA%3D%3D
IP
173.233.139.164:0
ASN
#7979 SERVERS-COM

File type
data
Size
1.5 kB (1516 bytes)
Hash
3b39021fc4e0e7d692c7676997c692a4
ccbcef0f2d8e31d6a577134bec79c6bacdc83eda
6d2b5e394426a96b632eacf3194bddd569787fe41c4ff45685bd4d320bedd1f0

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuuzm9%2BKOtFxYsgMkcFmVTPx86Me1iMayQYk7i7knN1VfWkTHVXU9U9PZlTdEH2IDgHD35C55lkw%2Boiu0cPgkwEWYLCDohGNP%2BDCHsU6dmB0Rfq%2FajnhXqe9633D7JzQpGxs603zVBpzZZbNVp9YVvFwuSuunG96tMavVTdVvHF5qXqoHS2%2F7JPWzX6YvV1yXfNcp36lPrUr64qK0MzWJ6hUMmdrl%2Fr0lqzXvNbTQzsf2uXeXDMg%2Bifk6ehxPT%2FO%2FfvQfEJ4ujuFel2U5O89FqUaZYai744fjvejU0eI1qkofUQxsfzbhg3JeTjJZj4eK4Apn9YKkCgpsT7xUcQH89pIugfPWIaaMgYgXgCeX8CqSdQbAJubkCJBwTgAhubiKNbG8bmbO8Rykp0SioP%2F4LKp6TyxzOIo69XtBpUrxmdpcrEDoOwgBpMoHoTJNkJ0qEHlZ%2BAp%2B9BiZ%2FI8sN1xNHhptMGShQz9UpNoMIJtByBOQ9ZeZSHLPSQJR4icVZlrW5IaTsMwkaj0%2BScNxqctzoXRUs0mp2QIuMlvRHSZASuR%2BB2H4ndx64awWbfwe0UcMKDS6fEe2sffVEglwS5I8gZQa4I8pQg7xdHQru6K24J7bLAn8f6PDaKsUl7B%2BzIpD0Zk4PknDxVzsV7%2FPav2JVn1UA0Os1Wg9ZbQlIZ%2BH6n7tM2bVGftzudhg%2BnCii3NJM6VFPy3A8%2FIlFT8hjfR8BO4PQJuHoSLPPB8nG7TsF2xs0OxTC%2Bu9NjkewxraXdq3ETQZgCSVpBuucd6HPy7GxH3Z8%2Fh%2BSnl7%2F5pLRPwW2BxBZ4R31P0NM3x1dNTg6vmtyRe5tJqiI1ZOX%2BrqUslf%2F78g25lxsr1q640e1XeAmU6Z3r0qXrLBYq7jny1YoSQtpVY7kk3665bRlsZW5nJbNxlqxvvbq6FiVWOqdMPAFTD9wH4GpKLkS%2FzX7m879nUHYCmxWIslMyNyhzAp7swyUL9s4QWL3oCZIl5FkxtvVgcakVgZaLmgUF3L%2FqYJEfuJvo2QpYegNxVKBvC%2FR1AaZHcNmFcZrY08v3548HujIOtK0cBtrqj8rRfjGbb%2Bk%2Bm5L2u3%2FCqbOqbIU0lLQug7AbhG1GRTdsdgPW9WU7aDEfqZvy4d8f%2FgMAAP%2F%2FAQAA%2F%2F8lwLxAgAQAAA%3D%3D HTTP/1.1
Host: concernederase.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hgamegallery.com/
Cookie: u_pl=17344826; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 21 Nov 2022 04:29:09 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 94cbea3b3d51854407b94ccb46ef2e8e
Strict-Transport-Security: max-age=0; includeSubdomains

cdn.cloudimagesb.com/si/b9/5d/e2/b95de288caeec55111c172964c8a9c84/1662036680.jpg

45.133.44.10

200 OK

21 kB

URL HTTP/1.1
cdn.cloudimagesb.com/si/b9/5d/e2/b95de288caeec55111c172964c8a9c84/1662036680.jpg
IP
45.133.44.10:0
ASN
#39572 DataWeb Global Group B.V.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Size
21 kB (20566 bytes)
Hash
8f4953c1b8baece7bb7d226247561ce2
da5d440970606602026d7900a55ae2fd27a3f170
8fd9df7d8e48ff2519631e82e01519d4f1c65abd41ec977c18abb58df9832919

HTTP Headers

GET /si/b9/5d/e2/b95de288caeec55111c172964c8a9c84/1662036680.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hgamegallery.com/

HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 04:29:09 GMT
Content-Type: image/jpeg
Content-Length: 20566
Connection: keep-alive
Server: nginx/1.17.6
Last-Modified: Thu, 01 Sep 2022 12:51:28 GMT
ETag: "6310aad0-5056"
Expires: Wed, 23 Nov 2022 04:29:09 GMT
Cache-Control: max-age=172800
X-Proxy-Cache: HIT
Accept-Ranges: bytes

cdn.cloudimagesb.com/si/47/97/d2/4797d24d30d760fa18a53e15c6bbde7c/1668496161.png

45.133.44.10

200 OK

113 kB

URL HTTP/1.1
cdn.cloudimagesb.com/si/47/97/d2/4797d24d30d760fa18a53e15c6bbde7c/1668496161.png
IP
45.133.44.10:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 320 x 240, 8-bit/color RGBA, non-interlaced\012- data
Size
113 kB (112700 bytes)
Hash
a85aa1de5c20ac4eb372e7f76f32ae7f
cc839c5f4d10d95e79ad9b161dff4453ace53149
d5e4a4cd44386fa562de135e43cfe7fdafe70387dd40d805873c982a25ebae83

HTTP Headers

GET /si/47/97/d2/4797d24d30d760fa18a53e15c6bbde7c/1668496161.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hgamegallery.com/

HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 04:29:09 GMT
Content-Type: image/png
Content-Length: 112700
Connection: keep-alive
Server: nginx/1.17.6
Last-Modified: Tue, 15 Nov 2022 07:09:29 GMT
ETag: "63733b29-1b83c"
Expires: Wed, 23 Nov 2022 04:29:09 GMT
Cache-Control: max-age=172800
X-Proxy-Cache: HIT
Accept-Ranges: bytes

cdn.cloudimagesb.com/si/28/80/ff/2880ff40cd55fcd3dccbf0b5a4550082/1668496177.png

45.133.44.10

200 OK

123 kB

URL HTTP/1.1
cdn.cloudimagesb.com/si/28/80/ff/2880ff40cd55fcd3dccbf0b5a4550082/1668496177.png
IP
45.133.44.10:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 320 x 240, 8-bit/color RGBA, non-interlaced\012- data
Size
123 kB (123291 bytes)
Hash
1c26658a8e0980350d9b1ddd575fa2e1
99514e6f4091235f9ea4ba0933edd20f31c9d031
3b43b009a295edad0eb4c0617671b86f5bb68c732bd57fa090adcdb5807f99a3

HTTP Headers

GET /si/28/80/ff/2880ff40cd55fcd3dccbf0b5a4550082/1668496177.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hgamegallery.com/

HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 04:29:09 GMT
Content-Type: image/png
Content-Length: 123291
Connection: keep-alive
Server: nginx/1.17.6
Last-Modified: Tue, 15 Nov 2022 07:09:43 GMT
ETag: "63733b37-1e19b"
Expires: Wed, 23 Nov 2022 04:29:09 GMT
Cache-Control: max-age=172800
X-Proxy-Cache: HIT
Accept-Ranges: bytes

cdn.cloudimagesb.com/si/05/ad/dd/05addd62695f348ef4439268d6563f04/1668496169.png

45.133.44.10

200 OK

144 kB

URL HTTP/1.1
cdn.cloudimagesb.com/si/05/ad/dd/05addd62695f348ef4439268d6563f04/1668496169.png
IP
45.133.44.10:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 320 x 240, 8-bit/color RGBA, non-interlaced\012- data
Size
144 kB (144325 bytes)
Hash
d76c93ff8a660d41a613c8ef00e2d201
b62383271edfc4b32b571059bcf67c4c33680303
83d31a43474028aa1fe7244059469065fd98dfddca0b11eb04002fa45c039e26

HTTP Headers

GET /si/05/ad/dd/05addd62695f348ef4439268d6563f04/1668496169.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hgamegallery.com/

HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 04:29:09 GMT
Content-Type: image/png
Content-Length: 144325
Connection: keep-alive
Server: nginx/1.17.6
Last-Modified: Tue, 15 Nov 2022 07:09:36 GMT
ETag: "63733b30-233c5"
Expires: Wed, 23 Nov 2022 04:29:09 GMT
Cache-Control: max-age=172800
X-Proxy-Cache: HIT
Accept-Ranges: bytes

concernederase.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSujiPGHwcVL0KEOUkCMls9PzIz5hCMcSUYk5hEcvFSXVU9U251V1PVPT07p9WA5JY5ePAn9H6zmyVxkeQPEKRXkLAoZEB0D%2B7do4g5ivTuwOqDfu99%2Fb3D971Xn6xn%2B4QiY3tX3jUTpTVb6jRo%2FeQNFQuTu%2Fql63WfNuiZ%2Bg0Vn26fqY%2BrZEev%2B7TToKfqb0u%2BYpaa1KfUp359WVkZmvHSAQuVbPf9Rp822s2G32ljbP%2BPXebBMQ9itE9ehBLzJ4cPH0DxEnF0%2F7x0K6lJXnsryjRLjcVIbL0fr8QmjxEdtaH1EMZbi2kYNyfks2Mw8dbCAcxoo3KAQM2J96uPIN5ayEQw2jxUGmjIGIF4FvmohNQlFCvBzU0o8YgAXODSZcTRnUvG5mz1kGUVOye1x39B5XNS%2B%2F0lxNG357Qa168ZnaXKxA7jsIAal1CDEkm2g3TiQeU74OnHUOJnsvT4IuJo47LTBkoUB%2B6VKqHCElpOwZyHrPqUhyz0kCUeIrFXZ51%2BSGk3DMJWq9fmnLdanHd6p0VHtNq9kCLjlbwp0mQKrqfgdg2JXcOKmsJm38MNCzjhwaVz4r23hpEokEuC3BHkjCBXBHlKkI%2BKTaFd0xV3hHZZ4C9qc1Fbxcykg3W2adKBjMl6sk9eqPbiHb%2F7G1bkXj0QrV6706LNjpBUBr7fa%2Fq0SzvU591er%2BXDqQLKHTuwOlFzcuLHn5CoOXmKryFgO3B6B1w9D5b5YPms26Rgw1m7RzGJ7w8HLJIDprW0qw1uIghTIElrSFe9db1PXj64UfejPyH57tntk3%2BXtz84BW4LJLbAh%2BoHgoG%2BNbtqcrJx1eSOPLicpCpSE1bd71rKUvnEvXfkam6suHDeTe%2B%2BwSuiarevS5deZLFQ8cCRb84pIaRdNpZL8t0Fd0MGVzI3PJfZOEsuXnlz%2BUKUWOmcMnEJph49V4KrOXl69%2FzBy3xleQhlS9isQJTtkkVAmR3wZA0u2T1778T2cf%2FVP%2BAMgdVHM0FSQ54VM9sMjn5qRaDlEWZBAfcfHBz16%2B4WBrYGlt5EHBUY2QIjXYDpKVz2zCxN7O7Zh59X8QUCXZsF2tY2Am31p3PS%2F%2BXrKn1VpS8PN%2B3UXl12QhpK2pRB2A%2FCLqOiH7b7Aev7sht0mI%2FUzfnkn9v%2FAgAA%2F%2F8BAAD%2F%2F%2BKAcdiABAAA

173.233.139.164

200 OK

7 B

URL HTTP/1.1
concernederase.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSujiPGHwcVL0KEOUkCMls9PzIz5hCMcSUYk5hEcvFSXVU9U251V1PVPT07p9WA5JY5ePAn9H6zmyVxkeQPEKRXkLAoZEB0D%2B7do4g5ivTuwOqDfu99%2Fb3D971Xn6xn%2B4QiY3tX3jUTpTVb6jRo%2FeQNFQuTu%2Fql63WfNuiZ%2Bg0Vn26fqY%2BrZEev%2B7TToKfqb0u%2BYpaa1KfUp359WVkZmvHSAQuVbPf9Rp822s2G32ljbP%2BPXebBMQ9itE9ehBLzJ4cPH0DxEnF0%2F7x0K6lJXnsryjRLjcVIbL0fr8QmjxEdtaH1EMZbi2kYNyfks2Mw8dbCAcxoo3KAQM2J96uPIN5ayEQw2jxUGmjIGIF4FvmohNQlFCvBzU0o8YgAXODSZcTRnUvG5mz1kGUVOye1x39B5XNS%2B%2F0lxNG357Qa168ZnaXKxA7jsIAal1CDEkm2g3TiQeU74OnHUOJnsvT4IuJo47LTBkoUB%2B6VKqHCElpOwZyHrPqUhyz0kCUeIrFXZ51%2BSGk3DMJWq9fmnLdanHd6p0VHtNq9kCLjlbwp0mQKrqfgdg2JXcOKmsJm38MNCzjhwaVz4r23hpEokEuC3BHkjCBXBHlKkI%2BKTaFd0xV3hHZZ4C9qc1Fbxcykg3W2adKBjMl6sk9eqPbiHb%2F7G1bkXj0QrV6706LNjpBUBr7fa%2Fq0SzvU591er%2BXDqQLKHTuwOlFzcuLHn5CoOXmKryFgO3B6B1w9D5b5YPms26Rgw1m7RzGJ7w8HLJIDprW0qw1uIghTIElrSFe9db1PXj64UfejPyH57tntk3%2BXtz84BW4LJLbAh%2BoHgoG%2BNbtqcrJx1eSOPLicpCpSE1bd71rKUvnEvXfkam6suHDeTe%2B%2BwSuiarevS5deZLFQ8cCRb84pIaRdNpZL8t0Fd0MGVzI3PJfZOEsuXnlz%2BUKUWOmcMnEJph49V4KrOXl69%2FzBy3xleQhlS9isQJTtkkVAmR3wZA0u2T1778T2cf%2FVP%2BAMgdVHM0FSQ54VM9sMjn5qRaDlEWZBAfcfHBz16%2B4WBrYGlt5EHBUY2QIjXYDpKVz2zCxN7O7Zh59X8QUCXZsF2tY2Am31p3PS%2F%2BXrKn1VpS8PN%2B3UXl12QhpK2pRB2A%2FCLqOiH7b7Aev7sht0mI%2FUzfnkn9v%2FAgAA%2F%2F8BAAD%2F%2F%2BKAcdiABAAA
IP
173.233.139.164:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSujiPGHwcVL0KEOUkCMls9PzIz5hCMcSUYk5hEcvFSXVU9U251V1PVPT07p9WA5JY5ePAn9H6zmyVxkeQPEKRXkLAoZEB0D%2B7do4g5ivTuwOqDfu99%2Fb3D971Xn6xn%2B4QiY3tX3jUTpTVb6jRo%2FeQNFQuTu%2Fql63WfNuiZ%2Bg0Vn26fqY%2BrZEev%2B7TToKfqb0u%2BYpaa1KfUp359WVkZmvHSAQuVbPf9Rp822s2G32ljbP%2BPXebBMQ9itE9ehBLzJ4cPH0DxEnF0%2F7x0K6lJXnsryjRLjcVIbL0fr8QmjxEdtaH1EMZbi2kYNyfks2Mw8dbCAcxoo3KAQM2J96uPIN5ayEQw2jxUGmjIGIF4FvmohNQlFCvBzU0o8YgAXODSZcTRnUvG5mz1kGUVOye1x39B5XNS%2B%2F0lxNG357Qa168ZnaXKxA7jsIAal1CDEkm2g3TiQeU74OnHUOJnsvT4IuJo47LTBkoUB%2B6VKqHCElpOwZyHrPqUhyz0kCUeIrFXZ51%2BSGk3DMJWq9fmnLdanHd6p0VHtNq9kCLjlbwp0mQKrqfgdg2JXcOKmsJm38MNCzjhwaVz4r23hpEokEuC3BHkjCBXBHlKkI%2BKTaFd0xV3hHZZ4C9qc1Fbxcykg3W2adKBjMl6sk9eqPbiHb%2F7G1bkXj0QrV6706LNjpBUBr7fa%2Fq0SzvU591er%2BXDqQLKHTuwOlFzcuLHn5CoOXmKryFgO3B6B1w9D5b5YPms26Rgw1m7RzGJ7w8HLJIDprW0qw1uIghTIElrSFe9db1PXj64UfejPyH57tntk3%2BXtz84BW4LJLbAh%2BoHgoG%2BNbtqcrJx1eSOPLicpCpSE1bd71rKUvnEvXfkam6suHDeTe%2B%2BwSuiarevS5deZLFQ8cCRb84pIaRdNpZL8t0Fd0MGVzI3PJfZOEsuXnlz%2BUKUWOmcMnEJph49V4KrOXl69%2FzBy3xleQhlS9isQJTtkkVAmR3wZA0u2T1778T2cf%2FVP%2BAMgdVHM0FSQ54VM9sMjn5qRaDlEWZBAfcfHBz16%2B4WBrYGlt5EHBUY2QIjXYDpKVz2zCxN7O7Zh59X8QUCXZsF2tY2Am31p3PS%2F%2BXrKn1VpS8PN%2B3UXl12QhpK2pRB2A%2FCLqOiH7b7Aev7sht0mI%2FUzfnkn9v%2FAgAA%2F%2F8BAAD%2F%2F%2BKAcdiABAAA HTTP/1.1
Host: concernederase.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hgamegallery.com/
Cookie: u_pl=17344826; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 21 Nov 2022 04:29:09 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 62761740a5cc998e7b41b592e0bc54c4
Strict-Transport-Security: max-age=0; includeSubdomains

s.w.org/images/core/emoji/14.0.0/svg/1f346.svg

192.0.77.48

200 OK

432 B

URL HTTP/2
s.w.org/images/core/emoji/14.0.0/svg/1f346.svg
IP
192.0.77.48:0
ASN
#2635 AUTOMATTIC

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (432), with no line terminators
Size
432 B (432 bytes)
Hash
f92a9f8821057c551982b659b268ed8e
6238f3b621be938ec83d96306647991cf8cec28f
6a51feacbc0c6653c8adf378b5bf03b10a82f8ff387674f6434d3ee9019416af

HTTP Headers

GET /images/core/emoji/14.0.0/svg/1f346.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 04:29:09 GMT
content-type: image/svg+xml
content-length: 432
last-modified: Tue, 12 Apr 2022 03:50:38 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 1
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2

s.w.org/images/core/emoji/14.0.0/svg/1f60f.svg

192.0.77.48

200 OK

1.4 kB

URL HTTP/2
s.w.org/images/core/emoji/14.0.0/svg/1f60f.svg
IP
192.0.77.48:0
ASN
#2635 AUTOMATTIC

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1389), with no line terminators
Size
1.4 kB (1389 bytes)
Hash
480eb6b0f6c22cbc1d98d6ff93e1edc1
4783d272ed82b97f07330743d8d951a2446c01d3
9b365ccd80dfed36f75598c5c06251b56764fde6914bed50a8ec3b43285c35e0

HTTP Headers

GET /images/core/emoji/14.0.0/svg/1f60f.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 04:29:09 GMT
content-type: image/svg+xml
content-length: 1389
last-modified: Tue, 12 Apr 2022 03:50:38 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 1
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e9ecb364fccfae4aad59726771bf60f2
6dcf1cde146ab0c5fc80946c1378739c01d484e0
b55b2b73581c7bf1354274f7d3c0db3a8edd7d80dd60bc4e3c8e1012ce2430c7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B55B2B73581C7BF1354274F7D3C0DB3A8EDD7D80DD60BC4E3C8E1012CE2430C7"
Last-Modified: Sat, 19 Nov 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3545
Expires: Mon, 21 Nov 2022 05:28:14 GMT
Date: Mon, 21 Nov 2022 04:29:09 GMT
Connection: keep-alive

revoketypes.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRitjiuKXqJ4UFCZgwcFd7a7p3t%2BzGFJjJHg5ockGo%2FWX8%2BWW93VVHVP7%2B5pMaARBEdy8dj7ZpMlGiS5K4bZgMiikPEge3APQu6ikKPI7A4sfof6vqr3Dt97rz7dLPeJj5LuXTxn1pXWdCFu%2Bo3Xr6pMmMo1zl9pBH7TP9G4qrJ2dKKxOj3s4K3Aj5v%2BG413JV8xC6Ef%2BH7gB40zysrErC4coFD5nV7Q7PnNKGwGcYRV%2B%2F%2B7Kz046kEM9snzUGLy5PLP96D4GFl697R0K4XJ33wnLTUtjMVAbL%2BfrWSmypAejYn1kGTbMzaMmxDy9TGYbHumAGawNVUApibE%2Bz0Ay7Zna4INbh5uyjRkBiaeRTUYQ%2BoxFB2Dm2tQ4iEBuMD5C8jSW%2BeNrejaIUqn6ITMPf4HqpqQuT9eQJZ%2Bd0qr1cZlo8tCmcxhNamhVsdQ%2FTHycgfFugdV7YAXn0CJX8nC4yVk6dYFpw2U2HstCZLIb3XD%2BZBRMR9FfjxP21zOd1jMut1emCTt8MAipcZQyRhaDkHdMZTOQ6k8lImHMveQir0GjXuJ73cSlrRa3Yhz3mpxHnfbIhatqJv4KPlUwxBFPgTXQ3C7gdxuYEUNYcv7cMs1nPDgCoKBqFFJgsoRVJSgUgRVQVAN6ptCu9DVt4R2JQtmPZz1Vj0yRX%2BT3jRFX2ZkM98nz02N856%2BnWNF7jW6sRAyClshb7Og7cdR0A56STdMRMxD1qVwqoZyx0Cdh3U1IS%2F%2F9AtyNSFP8Q0wugOnd8DVcdDyFdBq1Al90OVR1PWxnt1d7tNU9qnW0q41uUkhTI28mEOx5m3qffLSQYg9HkLy3cU%2FP5h78UbxPbitkdsaH6sHBH19fXTJVGTrkqkcuXchL1Sq1uk04MsFLeTcN%2B%2FJtcpYcfa0G94%2ByafAdLxzRbpiiWZCZX1Hvj2lhJD2jLFckh%2FOuquSXSzd8qnSZmW%2BdPHtM2fT3ErnlMnGoOph5wa4mpBnzm0cfN1Xv3gAZcewZY203CWzgjI74PkGXL67%2BPDD4%2Bzc5G84Q2D1EYflHqqyHtmQHT1qNSHRZ4%2Bg5e7i%2FUcfnfy8swTKajh5ZAOTuz%2F%2BdcjfdNfRtx5ocQ1ZWmNgawx0DaqHcOUToyK3u4u%2FtQ4KTHsjpq23xbTVXx3a69ReQ8aJn0g%2FlCzpsaRDfdFLoh6jvUB2WEwDFG7C1%2F%2F98j8AAAD%2F%2FwEAAP%2F%2FTAyNCJYEAAA%3D

173.233.137.44

200 OK

59 B

URL HTTP/1.1
revoketypes.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRitjiuKXqJ4UFCZgwcFd7a7p3t%2BzGFJjJHg5ockGo%2FWX8%2BWW93VVHVP7%2B5pMaARBEdy8dj7ZpMlGiS5K4bZgMiikPEge3APQu6ikKPI7A4sfof6vqr3Dt97rz7dLPeJj5LuXTxn1pXWdCFu%2Bo3Xr6pMmMo1zl9pBH7TP9G4qrJ2dKKxOj3s4K3Aj5v%2BG413JV8xC6Ef%2BH7gB40zysrErC4coFD5nV7Q7PnNKGwGcYRV%2B%2F%2B7Kz046kEM9snzUGLy5PLP96D4GFl697R0K4XJ33wnLTUtjMVAbL%2BfrWSmypAejYn1kGTbMzaMmxDy9TGYbHumAGawNVUApibE%2Bz0Ay7Zna4INbh5uyjRkBiaeRTUYQ%2BoxFB2Dm2tQ4iEBuMD5C8jSW%2BeNrejaIUqn6ITMPf4HqpqQuT9eQJZ%2Bd0qr1cZlo8tCmcxhNamhVsdQ%2FTHycgfFugdV7YAXn0CJX8nC4yVk6dYFpw2U2HstCZLIb3XD%2BZBRMR9FfjxP21zOd1jMut1emCTt8MAipcZQyRhaDkHdMZTOQ6k8lImHMveQir0GjXuJ73cSlrRa3Yhz3mpxHnfbIhatqJv4KPlUwxBFPgTXQ3C7gdxuYEUNYcv7cMs1nPDgCoKBqFFJgsoRVJSgUgRVQVAN6ptCu9DVt4R2JQtmPZz1Vj0yRX%2BT3jRFX2ZkM98nz02N856%2BnWNF7jW6sRAyClshb7Og7cdR0A56STdMRMxD1qVwqoZyx0Cdh3U1IS%2F%2F9AtyNSFP8Q0wugOnd8DVcdDyFdBq1Al90OVR1PWxnt1d7tNU9qnW0q41uUkhTI28mEOx5m3qffLSQYg9HkLy3cU%2FP5h78UbxPbitkdsaH6sHBH19fXTJVGTrkqkcuXchL1Sq1uk04MsFLeTcN%2B%2FJtcpYcfa0G94%2ByafAdLxzRbpiiWZCZX1Hvj2lhJD2jLFckh%2FOuquSXSzd8qnSZmW%2BdPHtM2fT3ErnlMnGoOph5wa4mpBnzm0cfN1Xv3gAZcewZY203CWzgjI74PkGXL67%2BPDD4%2Bzc5G84Q2D1EYflHqqyHtmQHT1qNSHRZ4%2Bg5e7i%2FUcfnfy8swTKajh5ZAOTuz%2F%2BdcjfdNfRtx5ocQ1ZWmNgawx0DaqHcOUToyK3u4u%2FtQ4KTHsjpq23xbTVXx3a69ReQ8aJn0g%2FlCzpsaRDfdFLoh6jvUB2WEwDFG7C1%2F%2F98j8AAAD%2F%2FwEAAP%2F%2FTAyNCJYEAAA%3D
IP
173.233.137.44:0
ASN
#7979 SERVERS-COM

File type
data
Size
59 B (59 bytes)
Hash
d99b0aee39b603403e89dfbc62b53914
0ee91f316242249ad47667c306c3f67f884a87b3
490003186d1dd350ce04d9ac6397ef369f9efa3df7aba2d28f3a91de4dab80c6

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRitjiuKXqJ4UFCZgwcFd7a7p3t%2BzGFJjJHg5ockGo%2FWX8%2BWW93VVHVP7%2B5pMaARBEdy8dj7ZpMlGiS5K4bZgMiikPEge3APQu6ikKPI7A4sfof6vqr3Dt97rz7dLPeJj5LuXTxn1pXWdCFu%2Bo3Xr6pMmMo1zl9pBH7TP9G4qrJ2dKKxOj3s4K3Aj5v%2BG413JV8xC6Ef%2BH7gB40zysrErC4coFD5nV7Q7PnNKGwGcYRV%2B%2F%2B7Kz046kEM9snzUGLy5PLP96D4GFl697R0K4XJ33wnLTUtjMVAbL%2BfrWSmypAejYn1kGTbMzaMmxDy9TGYbHumAGawNVUApibE%2Bz0Ay7Zna4INbh5uyjRkBiaeRTUYQ%2BoxFB2Dm2tQ4iEBuMD5C8jSW%2BeNrejaIUqn6ITMPf4HqpqQuT9eQJZ%2Bd0qr1cZlo8tCmcxhNamhVsdQ%2FTHycgfFugdV7YAXn0CJX8nC4yVk6dYFpw2U2HstCZLIb3XD%2BZBRMR9FfjxP21zOd1jMut1emCTt8MAipcZQyRhaDkHdMZTOQ6k8lImHMveQir0GjXuJ73cSlrRa3Yhz3mpxHnfbIhatqJv4KPlUwxBFPgTXQ3C7gdxuYEUNYcv7cMs1nPDgCoKBqFFJgsoRVJSgUgRVQVAN6ptCu9DVt4R2JQtmPZz1Vj0yRX%2BT3jRFX2ZkM98nz02N856%2BnWNF7jW6sRAyClshb7Og7cdR0A56STdMRMxD1qVwqoZyx0Cdh3U1IS%2F%2F9AtyNSFP8Q0wugOnd8DVcdDyFdBq1Al90OVR1PWxnt1d7tNU9qnW0q41uUkhTI28mEOx5m3qffLSQYg9HkLy3cU%2FP5h78UbxPbitkdsaH6sHBH19fXTJVGTrkqkcuXchL1Sq1uk04MsFLeTcN%2B%2FJtcpYcfa0G94%2ByafAdLxzRbpiiWZCZX1Hvj2lhJD2jLFckh%2FOuquSXSzd8qnSZmW%2BdPHtM2fT3ErnlMnGoOph5wa4mpBnzm0cfN1Xv3gAZcewZY203CWzgjI74PkGXL67%2BPDD4%2Bzc5G84Q2D1EYflHqqyHtmQHT1qNSHRZ4%2Bg5e7i%2FUcfnfy8swTKajh5ZAOTuz%2F%2BdcjfdNfRtx5ocQ1ZWmNgawx0DaqHcOUToyK3u4u%2FtQ4KTHsjpq23xbTVXx3a69ReQ8aJn0g%2FlCzpsaRDfdFLoh6jvUB2WEwDFG7C1%2F%2F98j8AAAD%2F%2FwEAAP%2F%2FTAyNCJYEAAA%3D HTTP/1.1
Host: revoketypes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hgamegallery.com/
Cookie: u_pl=17344880; uid_id2=f1f40382-2bad-4405-a6ce-7b5b8892ff62:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 21 Nov 2022 04:29:10 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 839e0092c40d2a0072d5ef0b7ea14828
Strict-Transport-Security: max-age=0; includeSubdomains

r3.o.lencr.org/

23.36.77.32

200 OK

1.1 kB

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.1 kB (1143 bytes)
Hash
c8c1d8e812347ec8667b70e2a6a79e5d
15353b7748c35df20f9fe71a26583e360d620b2c
c046870c8abd588ac6254372534c8f6fc00d8928f6edc0c3242003000b0c93e1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7F102F0DCDA5D31F36AF051FB9F5970EBCAD56D230DABA65CD52E1BE38050084"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15254
Expires: Mon, 21 Nov 2022 08:43:24 GMT
Date: Mon, 21 Nov 2022 04:29:10 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

755 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
755 B (755 bytes)
Hash
0e5027ef18cd6aa6ade86993043bb639
839bdede77b0090837444c7c9af51e0ce8fdb0f1
fe40803ed42272917ba32afecb724c73c36f0aab6f1ee09b4783db8481cc09e4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DC793BAAE4F7896AC0C9C46CAFF3B49A015AB1712C7FC21F8650C42314F55518"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11872
Expires: Mon, 21 Nov 2022 07:47:02 GMT
Date: Mon, 21 Nov 2022 04:29:10 GMT
Connection: keep-alive

monkeysloveyou.com/chicken.gif?z=1938828&pb=7a334378f2ec0c2a900993b4981417a41669012143&psp=mEpXpB01cetR-YniOuyTLzFD1Wk0A2O-0RyXSYFY7zZxCTooyrHp_Bvv_NNuhWSrQud8jaHsvbfZwVjTf8sM0bCS2QUV_4Ev6E9_xFbjqDERzmpGk7vjUIZLhT_9eHD1c4PrtL5eGQ0qv0YBH-Wi3e0keywDoiRzqlE4sIXXxpgsC86rQ6inTx9npy6qpBVAMcXcs4OJt62ZynE4QJ1LQz-J7aZ2p59aM2M7mjPrHNMTXI-Ho3Jz89oMlodK31fHWot92r8Dm7PkuejdjtjZpwkjWmmmuZA1ZNxnkagTBNU0Femf423ku2W_GxJgT_0uthnX2NaQz6jSZ8xtTpHSsrTY-1SvfmFIKSiI83LT8Z_DkBjXienimcjLDZdPA6mGynh4dacVss_fM77DrwF1xN1s_m1_wVobUYZ-XV3kc0bkjvCJDSrTno5bYcWuQ0UnSpwsll3-LKhMm_qhVcNsGig3K6LIbPkjKx3MEIJ6lJZnGo8zzGpiO2MjLgCKA2wR6J4r4jPdjIZqp2oFVtv3iBz_2SAYEyPcUQeRHGQrHeruDhR2FcknfKvUmrzJjHdVHQ4wQEW-NbfdmrjXB_hP7k3FWxb16xzUX4Xel-aGfZUngR5KGKOJrYgQg6FyECcIbATaQH6NJMpZ3iR1XvpgKcoQzxQgRSdzxxNitIzEAE_NK-xEejBFrySZ2pqY8aUt2QFa5UGwbSF5ikuOoOA-JFXxxaLJ1LlUfkHBb5lqFqAKFeHoWOn7O3DoHwMRTGfELfbPopM0vJqNML7uCYbbx5_ZpuSk6QvaW5akpvZFPlb-1t3QUFaZNz7SWOeYBzyaSepZccObdDd0kKjGvNMWrYIYNc6qco4LIXgcUa0fOa6arQVO8uiEM91HAvG65Y8rp_30nHfyNUKyaEvHEAKENBJRYUH28E-_8U4oS_oyrzHV31rbrRVJO_Q1cRBe_s7lbY_VT1kfs57dmBtsbrJYWZ7ufbYUV5QcwlIm2Jh_wF3zLDMgH_ALJYjIvTeSJ9-emYLV7ugeI-7DcY5kHT03DW79mjW2iit3rBCmfPjKqIEoOv6SX29SDNJSEOV1VJTLuc1S9CIkqpc3z0Z-3gXTB2sLsKUbEyOQJX7RecCVJongw9iXBO1NDD1iPIXuVQysG09yEvPdl1DZd6UyNc5xZ9OuZaancEgC9VOhMVuRPw8ggUjIAA7Uv7LtdHtNCbOf_wzc2qv-DLBRHnsY66b-1Z_CygQO&abvar=0&os=0

62.122.171.6

200 OK

325 B

URL HTTP/2
monkeysloveyou.com/chicken.gif?z=1938828&pb=7a334378f2ec0c2a900993b4981417a41669012143&psp=mEpXpB01cetR-YniOuyTLzFD1Wk0A2O-0RyXSYFY7zZxCTooyrHp_Bvv_NNuhWSrQud8jaHsvbfZwVjTf8sM0bCS2QUV_4Ev6E9_xFbjqDERzmpGk7vjUIZLhT_9eHD1c4PrtL5eGQ0qv0YBH-Wi3e0keywDoiRzqlE4sIXXxpgsC86rQ6inTx9npy6qpBVAMcXcs4OJt62ZynE4QJ1LQz-J7aZ2p59aM2M7mjPrHNMTXI-Ho3Jz89oMlodK31fHWot92r8Dm7PkuejdjtjZpwkjWmmmuZA1ZNxnkagTBNU0Femf423ku2W_GxJgT_0uthnX2NaQz6jSZ8xtTpHSsrTY-1SvfmFIKSiI83LT8Z_DkBjXienimcjLDZdPA6mGynh4dacVss_fM77DrwF1xN1s_m1_wVobUYZ-XV3kc0bkjvCJDSrTno5bYcWuQ0UnSpwsll3-LKhMm_qhVcNsGig3K6LIbPkjKx3MEIJ6lJZnGo8zzGpiO2MjLgCKA2wR6J4r4jPdjIZqp2oFVtv3iBz_2SAYEyPcUQeRHGQrHeruDhR2FcknfKvUmrzJjHdVHQ4wQEW-NbfdmrjXB_hP7k3FWxb16xzUX4Xel-aGfZUngR5KGKOJrYgQg6FyECcIbATaQH6NJMpZ3iR1XvpgKcoQzxQgRSdzxxNitIzEAE_NK-xEejBFrySZ2pqY8aUt2QFa5UGwbSF5ikuOoOA-JFXxxaLJ1LlUfkHBb5lqFqAKFeHoWOn7O3DoHwMRTGfELfbPopM0vJqNML7uCYbbx5_ZpuSk6QvaW5akpvZFPlb-1t3QUFaZNz7SWOeYBzyaSepZccObdDd0kKjGvNMWrYIYNc6qco4LIXgcUa0fOa6arQVO8uiEM91HAvG65Y8rp_30nHfyNUKyaEvHEAKENBJRYUH28E-_8U4oS_oyrzHV31rbrRVJO_Q1cRBe_s7lbY_VT1kfs57dmBtsbrJYWZ7ufbYUV5QcwlIm2Jh_wF3zLDMgH_ALJYjIvTeSJ9-emYLV7ugeI-7DcY5kHT03DW79mjW2iit3rBCmfPjKqIEoOv6SX29SDNJSEOV1VJTLuc1S9CIkqpc3z0Z-3gXTB2sLsKUbEyOQJX7RecCVJongw9iXBO1NDD1iPIXuVQysG09yEvPdl1DZd6UyNc5xZ9OuZaancEgC9VOhMVuRPw8ggUjIAA7Uv7LtdHtNCbOf_wzc2qv-DLBRHnsY66b-1Z_CygQO&abvar=0&os=0
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type
data
Size
325 B (325 bytes)
Hash
fb4af3982a990adaf62779339478b60a
ab122191d4a2579d8fd9f88ea9e92b91224aee66
89a4b326f6e385b9a5b07cfffde62005810ff567c57ed62a7b36ca1a06b2a151

HTTP Headers

GET /chicken.gif?z=1938828&pb=7a334378f2ec0c2a900993b4981417a41669012143&psp=mEpXpB01cetR-YniOuyTLzFD1Wk0A2O-0RyXSYFY7zZxCTooyrHp_Bvv_NNuhWSrQud8jaHsvbfZwVjTf8sM0bCS2QUV_4Ev6E9_xFbjqDERzmpGk7vjUIZLhT_9eHD1c4PrtL5eGQ0qv0YBH-Wi3e0keywDoiRzqlE4sIXXxpgsC86rQ6inTx9npy6qpBVAMcXcs4OJt62ZynE4QJ1LQz-J7aZ2p59aM2M7mjPrHNMTXI-Ho3Jz89oMlodK31fHWot92r8Dm7PkuejdjtjZpwkjWmmmuZA1ZNxnkagTBNU0Femf423ku2W_GxJgT_0uthnX2NaQz6jSZ8xtTpHSsrTY-1SvfmFIKSiI83LT8Z_DkBjXienimcjLDZdPA6mGynh4dacVss_fM77DrwF1xN1s_m1_wVobUYZ-XV3kc0bkjvCJDSrTno5bYcWuQ0UnSpwsll3-LKhMm_qhVcNsGig3K6LIbPkjKx3MEIJ6lJZnGo8zzGpiO2MjLgCKA2wR6J4r4jPdjIZqp2oFVtv3iBz_2SAYEyPcUQeRHGQrHeruDhR2FcknfKvUmrzJjHdVHQ4wQEW-NbfdmrjXB_hP7k3FWxb16xzUX4Xel-aGfZUngR5KGKOJrYgQg6FyECcIbATaQH6NJMpZ3iR1XvpgKcoQzxQgRSdzxxNitIzEAE_NK-xEejBFrySZ2pqY8aUt2QFa5UGwbSF5ikuOoOA-JFXxxaLJ1LlUfkHBb5lqFqAKFeHoWOn7O3DoHwMRTGfELfbPopM0vJqNML7uCYbbx5_ZpuSk6QvaW5akpvZFPlb-1t3QUFaZNz7SWOeYBzyaSepZccObdDd0kKjGvNMWrYIYNc6qco4LIXgcUa0fOa6arQVO8uiEM91HAvG65Y8rp_30nHfyNUKyaEvHEAKENBJRYUH28E-_8U4oS_oyrzHV31rbrRVJO_Q1cRBe_s7lbY_VT1kfs57dmBtsbrJYWZ7ufbYUV5QcwlIm2Jh_wF3zLDMgH_ALJYjIvTeSJ9-emYLV7ugeI-7DcY5kHT03DW79mjW2iit3rBCmfPjKqIEoOv6SX29SDNJSEOV1VJTLuc1S9CIkqpc3z0Z-3gXTB2sLsKUbEyOQJX7RecCVJongw9iXBO1NDD1iPIXuVQysG09yEvPdl1DZd6UyNc5xZ9OuZaancEgC9VOhMVuRPw8ggUjIAA7Uv7LtdHtNCbOf_wzc2qv-DLBRHnsY66b-1Z_CygQO&abvar=0&os=0 HTTP/1.1
Host: monkeysloveyou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=221120232911346b8d710d43e991155a76ae
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 04:29:10 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: ppucnt=0; Path=/; Expires=Tue, 22 Nov 2022 04:29:10 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

revoketypes.com/err.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRitjiuKXqJ4UFCZgwcFd7a7p3umxxyWxBgJbn5IovFodVX1bLnVXU1V9%2FTunBYDGkFwJBePvW82WaJBkrtimA2IDAoZD7IH9yDkLgo5iszuwOJ3qO%2Breu%2Fwvffq061yn7go6d7Fc3oglaJLYdNtvH5VZlxXtnH%2BSsNzm%2B6JxlWZtYMTjfXZYfpveW7YdN9ovCvYml7yXc91PddrnJFGJHp96QCFzO90vWbXbQZ%2B0wsDrJv%2F323pwFIHvL9Pnofk0ydXf74HycbI0runhV0rdP7mO2mpaKEN%2Bnzn%2FWwt01WG9GhMjIMk25mzoe2UkK%2BPQWc7cwXQ%2Fe2ZAsRySpzfPcTZznxNxP2bh5vGCiJDzJ9F1R9DqDEkHYPpa5D8IQEYx%2FkLyNJb57Wp6MYhSmfolCw8%2FgeympKFP15Aln53Ssn1xmWtykLqzGI9qSHXx5C9MfJyF8XAgax2wYpPIPmvZOnxCrJ0%2B4JVGpLvvZZ4SeC2In%2FRjylfDAI3XKRtJhY7cRhHUddPkrZ%2FYJGUY8hkDCWGoPYYSuuglA7KxEGZO0j5XoOG3cR1O0mctFpRwBhrtRgLozYPeSuIEhclm2kYosiHYGoIZjaRm02sySFMeR92tYblDmxB0Oc1KkFQWYKKElSSoCoIqn59kyvr2%2FoWV7aMvXn3571Vj3TR26I3ddETGdnK98lzM%2BOcp2%2FnWBN7jSjkXAR%2By2ft2Gu7YeC1vW4S%2BQkPmR9HFFbWkPYYqHUwkFPy8k%2B%2FIJdT8hTbREx3YdUumDwOWr4CWo06vgu6OgoiF4Ps7mqPpqJHlRJmo8l0Cq5r5MUCig1nS%2B2Tlw5C7DIfgk2W%2F%2Fxg4cUbxfdgpkZuanwsHxD01PXRJV2R7Uu6suTehbyQqRzQWcCXC1qIhW%2FeExuVNvzsaTu8fZLNgNl454qwxQrNuMx6lnx7SnIuzBltmCA%2FnLVXRXyxtKunSpOV%2BcrFt8%2BcTXMjrJU6G4PKh50bYHJKnjm3efB1X%2F3iAaQZw5Q10nJC5gWpd8HyTdh8svzww%2BPxuenfsJrAqCNOnDuoynpk%2FPjoUckpCT57BCUmy%2FcffXTy884KaFzDiiMbYjH58a9D%2Fpa9jp5xQItryNIafVOjr2pQNYQtnxgVuZks%2F9Y6KMTKGcXKONuxMuqrQ3ut3Gtwt9Nxmc%2FCJGrxKIhEt82Tju9HHRqHwvVQ2Ckb%2FPvlfwAAAP%2F%2FAQAA%2F%2F9t0ekVlgQAAA%3D%3D&errd=no%20impr%20and%20no%20err

173.233.137.44

200 OK

288 B

URL HTTP/1.1
revoketypes.com/err.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRitjiuKXqJ4UFCZgwcFd7a7p3umxxyWxBgJbn5IovFodVX1bLnVXU1V9%2FTunBYDGkFwJBePvW82WaJBkrtimA2IDAoZD7IH9yDkLgo5iszuwOJ3qO%2Breu%2Fwvffq061yn7go6d7Fc3oglaJLYdNtvH5VZlxXtnH%2BSsNzm%2B6JxlWZtYMTjfXZYfpveW7YdN9ovCvYml7yXc91PddrnJFGJHp96QCFzO90vWbXbQZ%2B0wsDrJv%2F323pwFIHvL9Pnofk0ydXf74HycbI0runhV0rdP7mO2mpaKEN%2Bnzn%2FWwt01WG9GhMjIMk25mzoe2UkK%2BPQWc7cwXQ%2Fe2ZAsRySpzfPcTZznxNxP2bh5vGCiJDzJ9F1R9DqDEkHYPpa5D8IQEYx%2FkLyNJb57Wp6MYhSmfolCw8%2FgeympKFP15Aln53Ssn1xmWtykLqzGI9qSHXx5C9MfJyF8XAgax2wYpPIPmvZOnxCrJ0%2B4JVGpLvvZZ4SeC2In%2FRjylfDAI3XKRtJhY7cRhHUddPkrZ%2FYJGUY8hkDCWGoPYYSuuglA7KxEGZO0j5XoOG3cR1O0mctFpRwBhrtRgLozYPeSuIEhclm2kYosiHYGoIZjaRm02sySFMeR92tYblDmxB0Oc1KkFQWYKKElSSoCoIqn59kyvr2%2FoWV7aMvXn3571Vj3TR26I3ddETGdnK98lzM%2BOcp2%2FnWBN7jSjkXAR%2By2ft2Gu7YeC1vW4S%2BQkPmR9HFFbWkPYYqHUwkFPy8k%2B%2FIJdT8hTbREx3YdUumDwOWr4CWo06vgu6OgoiF4Ps7mqPpqJHlRJmo8l0Cq5r5MUCig1nS%2B2Tlw5C7DIfgk2W%2F%2Fxg4cUbxfdgpkZuanwsHxD01PXRJV2R7Uu6suTehbyQqRzQWcCXC1qIhW%2FeExuVNvzsaTu8fZLNgNl454qwxQrNuMx6lnx7SnIuzBltmCA%2FnLVXRXyxtKunSpOV%2BcrFt8%2BcTXMjrJU6G4PKh50bYHJKnjm3efB1X%2F3iAaQZw5Q10nJC5gWpd8HyTdh8svzww%2BPxuenfsJrAqCNOnDuoynpk%2FPjoUckpCT57BCUmy%2FcffXTy884KaFzDiiMbYjH58a9D%2Fpa9jp5xQItryNIafVOjr2pQNYQtnxgVuZks%2F9Y6KMTKGcXKONuxMuqrQ3ut3Gtwt9Nxmc%2FCJGrxKIhEt82Tju9HHRqHwvVQ2Ckb%2FPvlfwAAAP%2F%2FAQAA%2F%2F9t0ekVlgQAAA%3D%3D&errd=no%20impr%20and%20no%20err
IP
173.233.137.44:0
ASN
#7979 SERVERS-COM

File type
HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
288 B (288 bytes)
Hash
d2cdd8685f7f28d3a89545258685d6b5
c3587ccb452bf1981d331a6086c05fd6a50189b1
549f5d662a8b354d75261c785362425cc75ed097d2e721f72c21a7d17f4f91cc

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /err.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRitjiuKXqJ4UFCZgwcFd7a7p3umxxyWxBgJbn5IovFodVX1bLnVXU1V9%2FTunBYDGkFwJBePvW82WaJBkrtimA2IDAoZD7IH9yDkLgo5iszuwOJ3qO%2Breu%2Fwvffq061yn7go6d7Fc3oglaJLYdNtvH5VZlxXtnH%2BSsNzm%2B6JxlWZtYMTjfXZYfpveW7YdN9ovCvYml7yXc91PddrnJFGJHp96QCFzO90vWbXbQZ%2B0wsDrJv%2F323pwFIHvL9Pnofk0ydXf74HycbI0runhV0rdP7mO2mpaKEN%2Bnzn%2FWwt01WG9GhMjIMk25mzoe2UkK%2BPQWc7cwXQ%2Fe2ZAsRySpzfPcTZznxNxP2bh5vGCiJDzJ9F1R9DqDEkHYPpa5D8IQEYx%2FkLyNJb57Wp6MYhSmfolCw8%2FgeympKFP15Aln53Ssn1xmWtykLqzGI9qSHXx5C9MfJyF8XAgax2wYpPIPmvZOnxCrJ0%2B4JVGpLvvZZ4SeC2In%2FRjylfDAI3XKRtJhY7cRhHUddPkrZ%2FYJGUY8hkDCWGoPYYSuuglA7KxEGZO0j5XoOG3cR1O0mctFpRwBhrtRgLozYPeSuIEhclm2kYosiHYGoIZjaRm02sySFMeR92tYblDmxB0Oc1KkFQWYKKElSSoCoIqn59kyvr2%2FoWV7aMvXn3571Vj3TR26I3ddETGdnK98lzM%2BOcp2%2FnWBN7jSjkXAR%2By2ft2Gu7YeC1vW4S%2BQkPmR9HFFbWkPYYqHUwkFPy8k%2B%2FIJdT8hTbREx3YdUumDwOWr4CWo06vgu6OgoiF4Ps7mqPpqJHlRJmo8l0Cq5r5MUCig1nS%2B2Tlw5C7DIfgk2W%2F%2Fxg4cUbxfdgpkZuanwsHxD01PXRJV2R7Uu6suTehbyQqRzQWcCXC1qIhW%2FeExuVNvzsaTu8fZLNgNl454qwxQrNuMx6lnx7SnIuzBltmCA%2FnLVXRXyxtKunSpOV%2BcrFt8%2BcTXMjrJU6G4PKh50bYHJKnjm3efB1X%2F3iAaQZw5Q10nJC5gWpd8HyTdh8svzww%2BPxuenfsJrAqCNOnDuoynpk%2FPjoUckpCT57BCUmy%2FcffXTy884KaFzDiiMbYjH58a9D%2Fpa9jp5xQItryNIafVOjr2pQNYQtnxgVuZks%2F9Y6KMTKGcXKONuxMuqrQ3ut3Gtwt9Nxmc%2FCJGrxKIhEt82Tju9HHRqHwvVQ2Ckb%2FPvlfwAAAP%2F%2FAQAA%2F%2F9t0ekVlgQAAA%3D%3D&errd=no%20impr%20and%20no%20err HTTP/1.1
Host: revoketypes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hgamegallery.com/
Cookie: u_pl=17344880; uid_id2=f1f40382-2bad-4405-a6ce-7b5b8892ff62:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 21 Nov 2022 04:29:10 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2134875eb6a038606b09b62cd7fe17e4
Strict-Transport-Security: max-age=0; includeSubdomains

spikereekvelocity.com/fwih4jgc?key=d9108d59c1176704036dde15ca47e48e&psid=17344874

192.243.59.12

200 OK

30 kB

URL HTTP/1.1
spikereekvelocity.com/fwih4jgc?key=d9108d59c1176704036dde15ca47e48e&psid=17344874
IP
192.243.59.12:0
ASN
#39572 DataWeb Global Group B.V.

File type
data
Size
30 kB (30536 bytes)
Hash
3f3807bb95ec1785439a56afb0475c1f
29c55c01d906a9a59cb5948ffd9537178f5aa8f3
0fae48ef6521f7cea0dab84055aedbfdd6c32e99344ef9061d5ebf0f1ed991b9

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /fwih4jgc?key=d9108d59c1176704036dde15ca47e48e&psid=17344874 HTTP/1.1
Host: spikereekvelocity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hgamegallery.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 21 Nov 2022 04:29:10 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=15184015; expires=Tue, 22 Nov 2022 04:29:10 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTE4NDAxNSwiayI6ImQ5MTA4ZDU5YzExNzY3MDQwMzZkZGUxNWNhNDdlNDhlIiwic2lkIjoiMTczNDQ4NzQiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjoyOCwicHQiOjQsInBrIjoiZndpaDRqZ2MiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly9oZ2FtZWdhbGxlcnkuY29tLyJ9fQ.uxAE44aKk5MW0BjwsrjJMeVhA6tAuYlpIWdEccu-BFY; expires=Mon, 21 Nov 2022 04:30:10 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: afceb033d036da591015c0f8b4f5091b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

hgamegallery.com/wp-admin/admin-ajax.php

162.144.3.79

200 OK

66 B

URL HTTP/2
hgamegallery.com/wp-admin/admin-ajax.php
IP
162.144.3.79:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JSON data\012- , ASCII text, with no line terminators
Size
66 B (66 bytes)
Hash
14e8dbf9c9d834e8b318d192a9aa5749
26740f184ed25bb42b47226d24b2a8a8e8c52b62
d9400a8bd907f3d428eaaa90170304f2cf292e5e0b1154e36d2127ef92831ac3

HTTP Headers

POST /wp-admin/admin-ajax.php HTTP/1.1
Host: hgamegallery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 50
Origin: http://hgamegallery.com
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: http://hgamegallery.com
access-control-allow-credentials: true
x-robots-tag: noindex
x-content-type-options: nosniff
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 3
x-nginx-cache: WordPress
content-length: 66
content-type: application/json; charset=UTF-8
date: Mon, 21 Nov 2022 04:29:10 GMT
server: Apache
X-Firefox-Spdy: h2

streamtape.com/e/eLJpmLa02kiYqzW/

104.21.47.209

200 OK

0 B

URL HTTP/2
streamtape.com/e/eLJpmLa02kiYqzW/
IP
104.21.47.209:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /e/eLJpmLa02kiYqzW/ HTTP/1.1
Host: streamtape.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hgamegallery.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 21 Nov 2022 04:29:02 GMT
content-type: text/html; charset=UTF-8
cache-control: private
set-cookie: _b=kube16; path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E1sF2Y8AH8UTKjeptcEgWEFrxgAwBQ%2FxJoKRxbmzcOt%2B1a5neUSk%2BlM2lDaNGA4rZXMkZjM%2FsazXmO%2FhsVlLUIZ6aviyMxAVvfQOfh7LJPHO4PfyovgO2nj5nxNjuEjaYA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76d6ae9cbd65b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery-migrate.min.js

192.0.77.37

200 OK

0 B

URL HTTP/2
c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery-migrate.min.js
IP
192.0.77.37:0
ASN
#2635 AUTOMATTIC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /c/6.1.1/wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 04:29:02 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
content-encoding: br
expires: Tue, 21 Nov 2023 04:29:02 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2

s.w.org/images/core/emoji/14.0.0/svg/1f4a6.svg

192.0.77.48

200 OK

0 B

URL HTTP/2
s.w.org/images/core/emoji/14.0.0/svg/1f4a6.svg
IP
192.0.77.48:0
ASN
#2635 AUTOMATTIC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/core/emoji/14.0.0/svg/1f4a6.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 04:29:09 GMT
content-type: image/svg+xml
last-modified: Tue, 12 Apr 2022 03:50:38 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css

192.0.77.37

200 OK

0 B

URL HTTP/2
c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
IP
192.0.77.37:0
ASN
#2635 AUTOMATTIC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /c/6.1.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 04:29:01 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
content-encoding: br
expires: Tue, 21 Nov 2023 04:29:01 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2

c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery.min.js

192.0.77.37

200 OK

0 B

URL HTTP/2
c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery.min.js
IP
192.0.77.37:0
ASN
#2635 AUTOMATTIC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /c/6.1.1/wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 04:29:02 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 19 Sep 2022 14:16:24 GMT
content-encoding: br
expires: Tue, 21 Nov 2023 04:29:02 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2

s.w.org/images/core/emoji/14.0.0/svg/1f39e.svg

192.0.77.48

200 OK

0 B

URL HTTP/2
s.w.org/images/core/emoji/14.0.0/svg/1f39e.svg
IP
192.0.77.48:0
ASN
#2635 AUTOMATTIC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/core/emoji/14.0.0/svg/1f39e.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 04:29:09 GMT
content-type: image/svg+xml
last-modified: Tue, 12 Apr 2022 03:53:43 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

bg4nxu2u5t.com/get/1876944?zoneid=1876944&jp=_cl0hhnonftfus7bkn50e46&nojs=0&ix=0&abvar=0&t=0&x=891&y=501&wcks=0&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=1516754791611063

62.122.171.6

200 OK

0 B

URL HTTP/2
bg4nxu2u5t.com/get/1876944?zoneid=1876944&jp=_cl0hhnonftfus7bkn50e46&nojs=0&ix=0&abvar=0&t=0&x=891&y=501&wcks=0&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=1516754791611063
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /get/1876944?zoneid=1876944&jp=_cl0hhnonftfus7bkn50e46&nojs=0&ix=0&abvar=0&t=0&x=891&y=501&wcks=0&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=1516754791611063 HTTP/1.1
Host: bg4nxu2u5t.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamtape.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 04:29:03 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=221120232946c700292f7d4bb8aea761c4f1; Path=/; Expires=Tue, 21 Nov 2023 04:29:03 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

stats.wp.com/e-202247.js

192.0.76.3

200 OK

0 B

URL HTTP/2
stats.wp.com/e-202247.js
IP
192.0.76.3:0
ASN
#2635 AUTOMATTIC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /e-202247.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 04:29:02 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"6197c5cf-3508"
content-encoding: br
expires: Mon, 13 Nov 2023 09:17:34 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.8.2/css/all.css

172.64.132.15

200 OK

0 B

URL HTTP/2
use.fontawesome.com/releases/v5.8.2/css/all.css
IP
172.64.132.15:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /releases/v5.8.2/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytube2dl.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 21 Nov 2022 04:29:04 GMT
content-type: text/css
x-amz-id-2: OUhyQEJ5B1WrzEMPio0YBW+W9rmluowRdghuyLYMb93aNEX7MTVeyHutEa9gf9HeYAtfbK02lqM=
x-amz-request-id: F0PQ58ST6Z2H1861
last-modified: Wed, 30 Jun 2021 15:47:00 GMT
etag: W/"77cbad34e5ce95e70847b074e05faeab"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 2215039
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s7ZVHJrjZE3wJ2wp5eSUpe2btYqjBvxFprjikisL1hifPlpArFMyxuWtQtkTjBmBqZFuny8460imMw58DUd4%2BsNXsqi4gx7H705hEiPQWkfziInHKxjCx36kGLe02Zrtg6DQDGKh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76d6aeaa0fd073e3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

c0.wp.com/c/6.1.1/wp-includes/css/dist/block-library/style.min.css

192.0.77.37

200 OK

0 B

URL HTTP/2
c0.wp.com/c/6.1.1/wp-includes/css/dist/block-library/style.min.css
IP
192.0.77.37:0
ASN
#2635 AUTOMATTIC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /c/6.1.1/wp-includes/css/dist/block-library/style.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 04:29:01 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 11 Nov 2022 14:56:45 GMT
content-encoding: br
expires: Tue, 21 Nov 2023 04:29:01 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2

fanasti.com/rc/3d8a3d97e5?affclick=bmconv_20221121052906_23cfefc2_b052_41f1_b1d4_2920bd7d89a3&pubid=135921_Unknown

172.67.197.219

200 OK

0 B

URL HTTP/2
fanasti.com/rc/3d8a3d97e5?affclick=bmconv_20221121052906_23cfefc2_b052_41f1_b1d4_2920bd7d89a3&pubid=135921_Unknown
IP
172.67.197.219:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /rc/3d8a3d97e5?affclick=bmconv_20221121052906_23cfefc2_b052_41f1_b1d4_2920bd7d89a3&pubid=135921_Unknown HTTP/1.1
Host: fanasti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://misctraff.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 21 Nov 2022 04:29:07 GMT
content-type: text/html; charset=utf-8
set-cookie: AWSALB=0Qontscac0vSIiJ0qNlvYG3cHcYXuCn5cJ8a2VgYA5zx/B51WJ8mNZlEGwmLvwixCMaiBnE9b1YLKSeyBebKK8jEzCN97JoczUfOwl3Y1i9h86F5uc2kf7NfKg1D; Expires=Mon, 28 Nov 2022 04:29:07 GMT; Path=/
AWSALBCORS=0Qontscac0vSIiJ0qNlvYG3cHcYXuCn5cJ8a2VgYA5zx/B51WJ8mNZlEGwmLvwixCMaiBnE9b1YLKSeyBebKK8jEzCN97JoczUfOwl3Y1i9h86F5uc2kf7NfKg1D; Expires=Mon, 28 Nov 2022 04:29:07 GMT; Path=/; SameSite=None
vary: Accept-Encoding, Accept-Language, Cookie
content-language: en
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TVly4KbkaevbiBp1OwNC%2Bk5gliFJasEdxoNwY9ApvElnT7sEk324yxgJWTkp8YoOe2BgWYx6UVIE7wScR5EPD6rpIlxOZsPOEG%2Bvlcj8PEGAk1UHMDjAApxsxgP8VQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76d6aeba7e9bb4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

c0.wp.com/p/jetpack/11.5.1/_inc/build/related-posts/related-posts.min.js

192.0.77.37

200 OK

0 B

URL HTTP/2
c0.wp.com/p/jetpack/11.5.1/_inc/build/related-posts/related-posts.min.js
IP
192.0.77.37:0
ASN
#2635 AUTOMATTIC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /p/jetpack/11.5.1/_inc/build/related-posts/related-posts.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 04:29:01 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 07 Dec 2021 16:56:47 GMT
content-encoding: br
expires: Tue, 21 Nov 2023 04:29:01 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2

cdnjs.buymeacoffee.com/1.0.0/widget.prod.min.js

172.67.70.99

200 OK

0 B

URL HTTP/2
cdnjs.buymeacoffee.com/1.0.0/widget.prod.min.js
IP
172.67.70.99:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /1.0.0/widget.prod.min.js HTTP/1.1
Host: cdnjs.buymeacoffee.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 21 Nov 2022 04:29:02 GMT
content-type: application/javascript; charset=UTF-8
age: 1107490
cache-control: public, max-age=2678400, must-revalidate
etag: W/"04fdc5869e458463191b1590830f47bc-ssl-df"
vary: Accept-Encoding
x-nf-request-id: 01GCA3ZK099MAGGF6D0H0VRYTW
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=plnsVePy0QZq91IF%2Fb%2ByjLztLlz0tY3dImzWU3rF7bzSVhFs9NnvkvKcUbdJ3adR09U00Sb%2B%2BU5%2FX0sfhZzz%2BO7hSf58yxNZbmG8uwmuxIWDIkPCLmiCKR0yyYgZqoxK3nAQIfLdyYA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76d6ae978a39b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

908356674.tapecontent.net/radosgw/eLJpmLa02kiYqzW/Zg-S2LDlBxXSPhu1-obr6tiVPuVfXjPV-dwbIb0yTJCA79l2e4TGYK9IrPC22SLu4ZrAWWoMM8dH_deLilUyVcNcDR_xEUM1Fjwf-OzP79i-eTt-Ap0PYPoDym_SWG4Gzg4TqUjkLzQvgwvkYJwD_aetlLV9gjnacd1UhHGDpOLSCJSYEzOVxjANHcSkGOY2NbyKzW0Nb3eDEQ3Le-0HoVOedVTQAcg10Ku5bujW-pNCYkDT1MZDbqXTiq1FQtBQaGH5-ER1YZEQCQcR/0566?stream=1

54.36.108.66

206 Partial Content

0 B

URL HTTP/1.1
908356674.tapecontent.net/radosgw/eLJpmLa02kiYqzW/Zg-S2LDlBxXSPhu1-obr6tiVPuVfXjPV-dwbIb0yTJCA79l2e4TGYK9IrPC22SLu4ZrAWWoMM8dH_deLilUyVcNcDR_xEUM1Fjwf-OzP79i-eTt-Ap0PYPoDym_SWG4Gzg4TqUjkLzQvgwvkYJwD_aetlLV9gjnacd1UhHGDpOLSCJSYEzOVxjANHcSkGOY2NbyKzW0Nb3eDEQ3Le-0HoVOedVTQAcg10Ku5bujW-pNCYkDT1MZDbqXTiq1FQtBQaGH5-ER1YZEQCQcR/0566?stream=1
IP
54.36.108.66:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /radosgw/eLJpmLa02kiYqzW/Zg-S2LDlBxXSPhu1-obr6tiVPuVfXjPV-dwbIb0yTJCA79l2e4TGYK9IrPC22SLu4ZrAWWoMM8dH_deLilUyVcNcDR_xEUM1Fjwf-OzP79i-eTt-Ap0PYPoDym_SWG4Gzg4TqUjkLzQvgwvkYJwD_aetlLV9gjnacd1UhHGDpOLSCJSYEzOVxjANHcSkGOY2NbyKzW0Nb3eDEQ3Le-0HoVOedVTQAcg10Ku5bujW-pNCYkDT1MZDbqXTiq1FQtBQaGH5-ER1YZEQCQcR/0566?stream=1 HTTP/1.1
Host: 908356674.tapecontent.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://streamtape.com
Range: bytes=0-
Referer: https://streamtape.com/
Connection: keep-alive
Sec-Fetch-Dest: video
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 206 Partial Content
Server: openresty
Date: Mon, 21 Nov 2022 04:29:04 GMT
Content-Type: video/mp4
Content-Length: 44313670
Last-Modified: Wed, 31 Aug 2022 02:39:30 GMT
Connection: keep-alive
ETag: "630ec9e2-2a42c46"
Access-Control-Allow-Origin: *
Allow: OPTIONS, GET, HEAD, POST
Access-Control-Allow-Headers: Upgrade-Insecure-Requests,Range,Content-Type,If-Modified-Since
Access-Control-Expose-Headers: ETag,Expires,Location,Content-Length,Accept-Ranges,Content-Encoding,Content-Range
Content-Range: bytes 0-44313669/44313670

cdn.barscreative1.com/sb/interstitial/software/flashPlayer/mac/multi/1/index.html

45.133.44.4

200 OK

0 B

URL HTTP/2
cdn.barscreative1.com/sb/interstitial/software/flashPlayer/mac/multi/1/index.html
IP
45.133.44.4:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sb/interstitial/software/flashPlayer/mac/multi/1/index.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://hgamegallery.com
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 21 Nov 2022 04:29:10 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Wed, 01 Sep 2021 12:22:33 GMT
etag: W/"612f7089-cfb"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Mon, 21 Nov 2022 05:29:10 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (143)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations