Report - igg-games.cc/25648-scars-of-summer-free-download.html

Report Overview

Submitted URL
igg-games.cc/25648-scars-of-summer-free-download.html
IP
188.114.97.1
ASN
#13335 CLOUDFLARENET
Submitted
2022-12-01 11:57:27
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
36

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
www.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	445 B	164 kB	142.250.74.35
disqus.com	1759	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.4 kB	24 kB	151.101.192.134
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.165.176.211
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	369 B	21 kB	216.239.32.178
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	70 kB	34.120.237.76
cdn.viglink.com	4113	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	822 B	1.1 kB	54.230.111.6
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.1 kB	17 kB	23.36.76.226
c.disquscdn.com	3983	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	12 kB	618 kB	143.204.55.72
referrer.disqus.com	6065	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	976 B	337 B	199.232.192.134
d24ak3f2b.top	105412	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	360 B	157 B	64.58.113.244
spo76rt28r.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	777 B	630 B	78.46.92.254
unpkg.com	11693	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	760 B	1.1 kB	104.16.124.175
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	2.9 kB	23.36.76.226
bo2217ok3tro9.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	64 kB	78.46.92.254
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	383 B	39 kB	142.250.74.168
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
links.services.disqus.com	11149	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	929 B	1.6 kB	199.232.196.64
igg-games.com	143566	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	116 kB	188.114.96.1
simplewebanalysis.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	784 B	810 B	52.28.211.11
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	5.6 kB	142.250.74.131
handbagcordial.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.5 kB	4.3 kB	192.243.59.12
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	368 B	1.2 kB	216.58.211.4
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	486 B	16 kB	142.250.74.35
igg-games.cc	536645	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.3 kB	457 kB	188.114.97.1
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	350 B	1.0 kB	143.204.42.158
a.disquscdn.com	8084	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	399 B	2.2 kB	199.232.194.49
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	389 B	35 kB	142.250.74.170
unseenreport.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	846 B	192.243.59.13
www.spikereekvelocity.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	4.1 kB	173.233.137.36
friendshipmale.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	357 B	960 B	172.64.203.23
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
pennilesscomingall.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	42 kB	192.243.59.20
igggames-cc.disqus.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	736 B	48 kB	199.232.196.134
yearbookhobblespinal.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.1 kB	6.4 kB	192.243.59.13
cdn.yourwebbars.com	62037	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	434 B	739 B	104.26.7.19
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	4.4 kB	93.184.220.29

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-01	medium	igg-games.cc/25648-scars-of-summer-free-download.html	Phishing
2022-12-01	medium	igg-games.cc/assets/img/user.svg	Phishing
2022-12-01	medium	igg-games.cc/assets/img/tag.svg	Phishing
2022-12-01	medium	d24ak3f2b.top/advertisers.js	Malware
2022-12-01	medium	igg-games.cc/25648-scars-of-summer-free-download.html	Phishing
2022-12-01	medium	igg-games.cc/assets/img/clock.svg	Phishing
2022-12-01	medium	igg-games.cc/assets/img/link.svg	Phishing
2022-12-01	medium	igg-games.cc/assets/js/app.min.js?v1.0.0	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-12-01	medium	handbagcordial.com	Sinkholed
2022-12-01	medium	handbagcordial.com	Sinkholed
2022-12-01	medium	yearbookhobblespinal.com	Sinkholed
2022-12-01	medium	d24ak3f2b.top	Sinkholed
2022-12-01	medium	yearbookhobblespinal.com	Sinkholed
2022-12-01	medium	unseenreport.com	Sinkholed
2022-12-01	medium	spikereekvelocity.com	Sinkholed
2022-12-01	medium	unseenreport.com	Sinkholed
2022-12-01	medium	yearbookhobblespinal.com	Sinkholed
2022-12-01	medium	spikereekvelocity.com	Sinkholed

JavaScript (41)

	URL	Size	First Seen	Last Seen
	unknown	0 B	2023-03-07	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 23:11:22 Times Seen37104266 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	igg-games.cc/25648-scars-of-summer-free-download.html	450 B	2023-03-11	2023-03-11
Pretty URL igg-games.cc/25648-scars-of-summer-free-download.html IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:32:38 Last Seen2023-03-11 23:32:38 Times Seen1 Hash 80214c55e1848668b3caad4ad21488d9 9e0e7fb9e1bfe4f8240458ddfb315514be4643fa e509c4cb9ce4f9d0205d4e529ffd45c4da886b590875cd8381fb8d881a55bb12 Loading...

	igg-games.cc/25648-scars-of-summer-free-download.html	490 B	2023-03-07	2023-10-21
Pretty URL igg-games.cc/25648-scars-of-summer-free-download.html IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:41:16 Last Seen2023-10-21 21:29:38 Times Seen19 Hash 45336bd0308c22fdc640d871675752e9 23514cbcb551342e29b39fb20695e1798379a632 6f22514c350d37cb1af221ca7a932b354c5bae5672ed0dd7b752f02aa7742c60 Loading...

	c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js	80 kB	2023-03-07	2024-04-26
Pretty URL c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js IP 143.204.55.72 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:17 Last Seen2024-04-26 05:48:59 Times Seen3542 Hash 6a2058c1873047f445835a25ca19ca8c c05084762dc4cfafe00c2a7daab90e27ae94d783 9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18 Loading...

	disqus.com/recommendations/?base=default&f=igggames-cc&t_u=https%3A%2F%2Figg-games.cc%2F25648-scars-of-summer-free-download.html&t_d=Scars%20of%20Summer%20Free%20Download&t_t=Scars%20of%20Summer%20Free%20Download#version=a8da87d7cbfbe43094a93ca94d7c15f4	791 B	2023-03-07	2023-04-05
Pretty URL disqus.com/recommendations/?base=default&f=igggames-cc&t_u=https%3A%2F%2Figg-games.cc%2F25648-scars-of-summer-free-download.html&t_d=Scars%20of%20Summer%20Free%20Download&t_t=Scars%20of%20Summer%20Free%20Download#version=a8da87d7cbfbe43094a93ca94d7c15f4 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:25:11 Last Seen2023-04-05 02:08:48 Times Seen49 Hash 5d4ac7bad9b7dbcac4e67428c2942b07 fe6e742dd3975d724f2a6e0ea3a0007fdd59827c dd0a98d75d9b121ce2acd88802650b6e439789d3ed6a6d8c45827069d47d16b4 Loading...

	igg-games.cc/25648-scars-of-summer-free-download.html	1.4 kB	2023-03-11	2023-03-12
Pretty URL igg-games.cc/25648-scars-of-summer-free-download.html IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:32:38 Last Seen2023-03-12 06:22:46 Times Seen1 Hash f133f9b61f7b567287b9fa13c689d9e4 a5cbaf47a5f908ba0c7d50bc78ccfec26f7d3ed7 12bccd6f1f1868c89956a0e63c70090b57d98f7d6ef11a9b34a86b7e137a77e5 Loading...

	www.spikereekvelocity.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660	2.1 kB	2023-03-07	2023-04-05
Pretty URL www.spikereekvelocity.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:21 Last Seen2023-04-05 02:12:07 Times Seen388 Hash 4fd91164aa79d34ae401150b9f112bbe a09fe46ece27e06c82f059c481090481804461bc e717b18eba32145b270f89fb30d50c51c6fdd7060deff6f467fc8621973123f8 Loading...

	pennilesscomingall.com/b3/53/f5/b353f519af43f14cd46c4b529e95b229.js	54 kB	2023-03-11	2023-03-11
Pretty URL pennilesscomingall.com/b3/53/f5/b353f519af43f14cd46c4b529e95b229.js IP 192.243.59.20 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:32:38 Last Seen2023-03-11 23:32:38 Times Seen1 Hash 5eb834b9852b3bb205c3f3a372ed6464 4abc2623ffbefab66731b68376571fd2aad6c584 e03e2ac9640c1668bdb37a272e8e00ebd146a8de6223b42809430ea0bcdfa6fd Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-26
Pretty URL www.google-analytics.com/analytics.js IP 216.239.32.178 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-26 05:50:27 Times Seen1534 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	bo2217ok3tro9.com/1/?lpkey=160c6957892b615b40&uclick=h9b71mftfe&uclickhash=h9b71mftfe-h9b71mftfe-17dz-166o-ir8n-bza7-oje8-89956b	345 B	2023-03-07	2023-04-02
Pretty URL bo2217ok3tro9.com/1/?lpkey=160c6957892b615b40&uclick=h9b71mftfe&uclickhash=h9b71mftfe-h9b71mftfe-17dz-166o-ir8n-bza7-oje8-89956b IP 78.46.92.254 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:01 Last Seen2023-04-02 21:21:41 Times Seen22 Hash bca1472f41277be431694f0cb2233996 e7fff34fca4298e603b31b47992cf529253c5eba c75beb5635e3341c401d27e6e6877dccfab2382029bbaa708987117a039826e1 Loading...

	pennilesscomingall.com/2eb4df8d0d6d886694c166caac78d7c0/invoke.js	27 kB	2023-03-08	2023-03-11
Pretty URL pennilesscomingall.com/2eb4df8d0d6d886694c166caac78d7c0/invoke.js IP 192.243.59.20 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:25:01 Last Seen2023-03-11 23:52:25 Times Seen1 Hash 735e49f24a43cf23ca72f9c59fa8665e a59222d48e557711523a1cd25cb4a4c2ea8146d8 44778e4c66e33e23884ab6dc15ac39f521158dd3eb172a128f9c4d2ecfbb45e9 Loading...

	igggames-cc.disqus.com/embed.js	80 kB	2023-03-11	2023-03-11
Pretty URL igggames-cc.disqus.com/embed.js IP 199.232.196.134 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:32:38 Last Seen2023-03-11 23:32:38 Times Seen1 Hash 0ad22d78db4b373d933accc0fd043980 7b96a3d017efc9844a91df6e7ccd1448b2d51315 6979cb39034c6bd80be5cb45b9d359ff9ef10ac2bc3842b41a8e554a3b8c636d Loading...

	c.disquscdn.com/next/embed/lounge.load.d116ecc015365797cd7bed9492b731bc.js	958 B	2023-03-11	2023-03-11
Pretty URL c.disquscdn.com/next/embed/lounge.load.d116ecc015365797cd7bed9492b731bc.js IP 143.204.55.72 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:35:33 Last Seen2023-03-11 23:32:52 Times Seen1 Hash 98cfde76e7c9a495fa6e5b88bda8457a 0b84401a5dbd74ca52ad5ca56259df74f2b37371 7334160587c81c60ff3719b9364a608618cf75f75cd5fdbc3100ea24666cfbd9 Loading...

	disqus.com/next/config.js	17 kB	2023-03-08	2023-03-11
Pretty URL disqus.com/next/config.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:26:42 Last Seen2023-03-11 23:52:38 Times Seen1 Hash 0695a487175aa0b58b20498fdc9f64bb c88e976b7a3d21dc4ee66d68530153dbe0d42c0b 67af3e37e9bd319dfa5250a60e3849b2172a9727c2aa0e1cf27aac1a9f42b49a Loading...

	c.disquscdn.com/next/recommendations/common.bundle.39e0b59fe2b480f09dc3146c64ff6edc.js	269 kB	2023-03-11	2023-03-11
Pretty URL c.disquscdn.com/next/recommendations/common.bundle.39e0b59fe2b480f09dc3146c64ff6edc.js IP 143.204.55.72 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:32:38 Last Seen2023-03-11 23:32:52 Times Seen1 Hash c8dd5ae173d27b793f96d4cea3f4c3cc 88a06b0caf603e5dd0c042af94f698ec621dd699 c331d6e2379d9108c08ff7093155eb01e55292a2192efd528173a0718dead04b Loading...

	bo2217ok3tro9.com/1/?lpkey=160c6957892b615b40&uclick=h9b71mftfe&uclickhash=h9b71mftfe-h9b71mftfe-17dz-166o-ir8n-bza7-oje8-89956b	1.0 kB	2023-03-07	2023-04-02
Pretty URL bo2217ok3tro9.com/1/?lpkey=160c6957892b615b40&uclick=h9b71mftfe&uclickhash=h9b71mftfe-h9b71mftfe-17dz-166o-ir8n-bza7-oje8-89956b IP 78.46.92.254 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:01 Last Seen2023-04-02 21:21:41 Times Seen22 Hash 51cd48cd7270fe9e878fddf0c6a52cc5 cb24d699143cca47436fc6da7d7c2201bc8dedaa 78ce78ed179f2941cf5e90e89273b21625cabb5fa2c9b08e1548f54c61bede43 Loading...

	www.spikereekvelocity.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=15765219	357 B	2023-03-07	2023-04-05
Pretty URL www.spikereekvelocity.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=15765219 IP 173.233.137.36 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:21:39 Last Seen2023-04-05 02:08:58 Times Seen138 Hash 7901f5d3ff7ad16e7c532afe4cbd0fdc 7f923233aa6f62ef5897c7700f4d57e0a4c3ead1 fa514b84f8c6fdfcac78e966f7bcf5834de5f364862494cf608d2f637c824db6 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LcCY5cUAAAAAA_SZQSTJfioaxkS1vVcGuv9gNui&co=aHR0cHM6Ly9ibzIyMTdvazN0cm85LmNvbTo0NDM.&hl=en&v=Km9gKuG06He-isPsP6saG8cn&size=normal&cb=tr5x4qjv23to	36 kB	2023-03-11	2023-03-11
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LcCY5cUAAAAAA_SZQSTJfioaxkS1vVcGuv9gNui&co=aHR0cHM6Ly9ibzIyMTdvazN0cm85LmNvbTo0NDM.&hl=en&v=Km9gKuG06He-isPsP6saG8cn&size=normal&cb=tr5x4qjv23to IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:32:38 Last Seen2023-03-11 23:32:38 Times Seen1 Hash 4f575a240a604df0c55cfec04776bddf 9bf0b1faf7173e93b3d784417c26f21a48b8d23a a55c7e96f8140967170dc8377b2b37d3d7aa87d9e76f9af3875ccf07b1b91ca0 Loading...

	igggames-cc.disqus.com/recommendations.js	66 kB	2023-03-11	2023-03-11
Pretty URL igggames-cc.disqus.com/recommendations.js IP 199.232.196.134 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:32:38 Last Seen2023-03-11 23:32:38 Times Seen1 Hash 3a5fe814d48a80ad5984158e7290aaf4 9dd3852c892da09ee1e904feb1858621ebdb620c 6d46dd0615acace07f7ad931e9f740134d1507a9ceb00508e0a8030a3e5b5587 Loading...

	unpkg.com/axios/dist/axios.min.js	30 kB	2023-03-08	2023-10-31
Pretty URL unpkg.com/axios/dist/axios.min.js IP 104.16.124.175 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:59 Last Seen2023-10-31 09:32:50 Times Seen5 Hash a73e018d5428a9ff3ea9794da00964e9 59ceac748ce58f546ca2fa0c44a41a87c5191610 c493537a12290bafdb938d453332243c08dea3c718be71a7c5bbff62000cd688 Loading...

	pennilesscomingall.com/b0/5c/f7/b05cf75156dd9a0e55479900a876fc41.js	37 kB	2023-03-11	2023-03-11
Pretty URL pennilesscomingall.com/b0/5c/f7/b05cf75156dd9a0e55479900a876fc41.js IP 192.243.59.20 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:32:38 Last Seen2023-03-11 23:32:38 Times Seen1 Hash 4f7d22f2e2e5f099e8a6897551cfe0b6 fcb1dbeb6f9a14eba779b7ea71b7f4297cc2f345 b1356c3c806d5a0d16bbb2cde736c92c890690b295a72aaa7d8b4aabeda1137d Loading...

	igg-games.cc/25648-scars-of-summer-free-download.html	341 B	2023-03-07	2023-09-02
Pretty URL igg-games.cc/25648-scars-of-summer-free-download.html IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:41:16 Last Seen2023-09-02 21:50:44 Times Seen6 Hash f18a45d19aff4a50e37cd146dd39503a 4ab5c04b97b522f3f3bb9301e8c7d2615a33cef0 dff74968ca7a4d609389928655e72f02d62196d66b2a722d878a3cb8c0d5f9ca Loading...

	c.disquscdn.com/next/embed/common.bundle.365bd1d5046c1dce8ea9ac5e4907bdb4.js	289 kB	2023-03-11	2023-03-11
Pretty URL c.disquscdn.com/next/embed/common.bundle.365bd1d5046c1dce8ea9ac5e4907bdb4.js IP 143.204.55.72 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:51:10 Last Seen2023-03-11 23:32:52 Times Seen1 Hash b4edc2a738e446c2cc9e5f944603cd0d 41db8e956e85f3fff72ef1eab93fee51ceb3ff8f ac8b92143d85bc30ea3915561ceb33e98ba54ffbe9d6265ec71c702fbb1f6cea Loading...

	c.disquscdn.com/next/recommendations/recommendations.bundle.a7942bfa7a9020c903037fbdc08e6ca7.js	67 kB	2023-03-08	2023-03-11
Pretty URL c.disquscdn.com/next/recommendations/recommendations.bundle.a7942bfa7a9020c903037fbdc08e6ca7.js IP 143.204.55.72 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:26:42 Last Seen2023-03-11 23:32:52 Times Seen1 Hash e1b86f32850157d32d746e1e24345338 90a7dd5831cf44fc3c63c1c583759499a9f20bd7 5b15429a297767ae59ad631880ed367530cf2068caadf2159907b1fe79ec5a10 Loading...

	www.google.com/recaptcha/api.js	850 B	2023-03-08	2023-03-17
Pretty URL www.google.com/recaptcha/api.js IP 216.58.211.4 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:03 Last Seen2023-03-17 23:14:58 Times Seen1 Hash a6d9f11246866ef6247a51ae9116cf53 1ba0ec4e57dd5d3845edb729fea44e6f709c7aca 60eac53947f6a289ca775891e56b3a4a1084cb8763fe2bf4220b759a58761f1d Loading...

	www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js	409 kB	2023-03-08	2023-03-17
Pretty URL www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:03 Last Seen2023-03-17 23:14:58 Times Seen1 Hash b2507198388fcc94ca9e94ed4c5561c5 8853fc86f1c616bd20a73e3e24442036fd90fd2f 02c7565a86d6d3a80295b85161d78fc88d8c79a0e314c0c7777570237a365ed0 Loading...

	www.google.com/recaptcha/api2/bframe?hl=en&v=Km9gKuG06He-isPsP6saG8cn&k=6LcCY5cUAAAAAA_SZQSTJfioaxkS1vVcGuv9gNui	178 B	2023-03-07	2023-03-26
Pretty URL www.google.com/recaptcha/api2/bframe?hl=en&v=Km9gKuG06He-isPsP6saG8cn&k=6LcCY5cUAAAAAA_SZQSTJfioaxkS1vVcGuv9gNui IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:03 Last Seen2023-03-26 04:31:20 Times Seen6 Hash 6431e6cca24a8985dc44d9d5627f3e5b 0e96a7cc963052ebf557442e6dce4afd3665b616 4791415880d871c43656fcf43e4f97b981db32ce62ac5ca57ad229aff2087546 Loading...

	disqus.com/embed/comments/?base=default&f=igggames-cc&t_i=25648&t_u=https%3A%2F%2Figg-games.cc%2F25648-scars-of-summer-free-download.html&t_d=Scars%20of%20Summer%20Free%20Download&t_t=Scars%20of%20Summer%20Free%20Download&s_o=default#version=d116ecc015365797cd7bed9492b731bc	763 B	2023-03-07	2024-04-26
Pretty URL disqus.com/embed/comments/?base=default&f=igggames-cc&t_i=25648&t_u=https%3A%2F%2Figg-games.cc%2F25648-scars-of-summer-free-download.html&t_d=Scars%20of%20Summer%20Free%20Download&t_t=Scars%20of%20Summer%20Free%20Download&s_o=default#version=d116ecc015365797cd7bed9492b731bc IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:19 Last Seen2024-04-26 01:52:40 Times Seen1079 Hash 43bcb432d5d086849c14d4451aa9c33b b5c773123027aa2bbee88de6c515a2c1825ba4f9 051839fd68df41ce054e271eebdc1cfcfa0ba9f5eb2a2632dabcb4b6569f5bc8 Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js	97 kB	2023-03-07	2024-04-26
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-26 22:31:30 Times Seen118760 Hash 4f252523d4af0b478c810c2547a63e19 5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Loading...

	c.disquscdn.com/next/recommendations/recommendations.load.a8da87d7cbfbe43094a93ca94d7c15f4.js	923 B	2023-03-11	2023-03-11
Pretty URL c.disquscdn.com/next/recommendations/recommendations.load.a8da87d7cbfbe43094a93ca94d7c15f4.js IP 143.204.55.72 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:05:25 Last Seen2023-03-11 23:32:52 Times Seen1 Hash 2b9b12dfbe34d29cf4b16c099cd2e608 4f5a503e40202222656b75f86f921b779aabc001 146dc99dc2cb92bbd558b169da7c64483a5af845fb633870fe5c483883207f45 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-547JG5H	98 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-547JG5H IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:32:38 Last Seen2023-03-11 23:32:38 Times Seen1 Hash 1abd2ec877c1dd3013fca1257309a86c 4aa2ba21b136bd48326790276aac590660b7e0a5 0414c75286b9384940794b3e6371d4ea6dce47c3756a2ec2862ebc3b34c9bfa3 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LcCY5cUAAAAAA_SZQSTJfioaxkS1vVcGuv9gNui&co=aHR0cHM6Ly9ibzIyMTdvazN0cm85LmNvbTo0NDM.&hl=en&v=Km9gKuG06He-isPsP6saG8cn&size=normal&cb=tr5x4qjv23to	69 B	2023-03-07	2024-04-26
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LcCY5cUAAAAAA_SZQSTJfioaxkS1vVcGuv9gNui&co=aHR0cHM6Ly9ibzIyMTdvazN0cm85LmNvbTo0NDM.&hl=en&v=Km9gKuG06He-isPsP6saG8cn&size=normal&cb=tr5x4qjv23to IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-04-26 23:06:01 Times Seen99629 Hash 45ecf7458f42da80ac248ad42d610372 a5b3edf8328769bc754e6e616a957ceed4fdadd7 75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf Loading...

		Size	First Seen	Last Seen
	#1 Eval - 82c9a2fb869a00185d19c62601a52743	23 kB	2023-03-07	2024-01-14
Pretty Observations First Seen2023-03-07 01:28:42 Last Seen2024-01-14 23:10:59 Times Seen100 Hash 82c9a2fb869a00185d19c62601a52743 604f3ceb72e52e29e884e0f7215e4b02c852c3a3 4cf17b51b4eeed2bea29d824b69b91ffb8a3a5807d9fb9263aaa729ff4d3f2e4 Loading...

	#2 Eval - 806f2d97105b300b4b5c594b860841ff	16 kB	2023-03-08	2023-03-17
Pretty Observations First Seen2023-03-08 14:22:03 Last Seen2023-03-17 23:14:58 Times Seen1 Hash 806f2d97105b300b4b5c594b860841ff d89d7c7eea801d1e1ff172b2cbe554e4e3606ee2 ac67106da7775f013b7cb9730c8cde5cfa186d74c2bff74fe27579bb046366be Loading...

	#3 Eval - 127ac839a41bdd9ab92ad47b7411cdaf	29 B	2023-03-08	2024-01-15
Pretty Observations First Seen2023-03-08 14:23:53 Last Seen2024-01-15 00:09:04 Times Seen889 Hash 127ac839a41bdd9ab92ad47b7411cdaf c2f81b12778c909f055c3967caa638b643c4916a b2ebc210c5c379879d07a4a9e046a4ea803d56dcc91d533db817ec272cbcfaf4 Loading...

	#4 Eval - ae29ed92f6bcf000b77945d046e689b4	64 B	2023-03-08	2023-03-17
Pretty Observations First Seen2023-03-08 14:22:03 Last Seen2023-03-17 23:14:58 Times Seen1 Hash ae29ed92f6bcf000b77945d046e689b4 a4d4bd1aa2d7a4fae1ef26244a5cb8f40d62ea91 14ed98b8b82987bce49c9e6a0f9b620434ec92ad83e9815037257823fe34071e Loading...

	#5 Eval - f7656e08f419dab0921bcffc274655f4	22 B	2023-03-08	2023-03-17
Pretty Observations First Seen2023-03-08 14:22:03 Last Seen2023-03-17 23:14:58 Times Seen1 Hash f7656e08f419dab0921bcffc274655f4 5acf6b5d541b60f71be9ac794938821eb3bfbdcd c4e7ca158015332be1df536c970a209b44cb4744fae720ed1caaefdc87f37f93 Loading...

	#6 Eval - 90f3d1091691c8df716ce3a330211da8	19 kB	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 23:32:38 Last Seen2023-03-11 23:32:38 Times Seen1 Hash 90f3d1091691c8df716ce3a330211da8 2a86f29606272b0f2fa39b04361b0d8f66b2086a c117b7075b080f6016756f064c3f705b6550e4325416feb53ad5ad0ef22061d3 Loading...

	#7 Eval - e838c48a2ad3ca7b3611c5c2c8b63fe4	22 B	2023-03-08	2023-03-17
Pretty Observations First Seen2023-03-08 14:22:03 Last Seen2023-03-17 23:14:58 Times Seen1 Hash e838c48a2ad3ca7b3611c5c2c8b63fe4 3e54acc073cfa8db68daf806991e34eeef26d115 d8fc182869d21957579c2a09eae263e41ab53e4c30c4ffa96d93584a64eb6f77 Loading...

	#8 Eval - 2bd83da2c87f72f62435d9d0acf0e38f	469 B	2023-03-11	2023-03-12
Pretty Observations First Seen2023-03-11 23:32:38 Last Seen2023-03-12 06:22:46 Times Seen1 Hash 2bd83da2c87f72f62435d9d0acf0e38f 0726e70425e735fe4ccf2ebf92eea84ccbc975ae 6c9e10007ceb0ba34a29928d59ec038cf982cf86c67c349a38904d1a9e674588 Loading...

		Size	First Seen	Last Seen
	#1 Write - cb09a5e98aa0d3aaa13100c7d19674d7	120 B	2023-03-07	2024-01-14
Pretty Observations First Seen2023-03-07 14:41:16 Last Seen2024-01-14 23:10:59 Times Seen12 Hash cb09a5e98aa0d3aaa13100c7d19674d7 566acaf35dd7f837f5330edd86cd69c11d544ba4 ab5dc0f65f436b35da8dcd2bdee539723a5eaa9a85f1fe281e8f768a107b8922 Loading...

HTTP Transactions (124)

URL IP Response Size

igg-games.cc/25648-scars-of-summer-free-download.html

188.114.97.1

301 Moved Permanently

269 B

URL HTTP/1.1
igg-games.cc/25648-scars-of-summer-free-download.html
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
269 B (269 bytes)
Hash
f80a4f51563a84f3bcd2c73566e7e6f1
51a745692194567327a036a87b1c74504fe2f384
d4ad656ba2fbc4678ac5936d88c13b2ab5a11e046e4b517d76ae83546fd2d980

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /25648-scars-of-summer-free-download.html HTTP/1.1
Host: igg-games.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Thu, 01 Dec 2022 11:57:15 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://igg-games.cc/25648-scars-of-summer-free-download.html
Cache-Control: max-age=7200
Expires: Thu, 01 Dec 2022 13:57:15 GMT
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GXJ1DY0iRRBqDYCwPVexD%2FV1IwJ%2FfSzCDf5bxafXs2%2BItKb9CwP4B%2B9%2BvIwo6Y29dOz4aM9OhQZalh1lxx16rDR%2Bx9uZYn6wfQX7yxV7uETvNhVncjIDe3wS%2FqZoWsw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772ba4e9294d0afa-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a5daf4dc99951793ae2315d4795e8146
4427507ca4d3a5632cc8f598afbc85e2195d00bd
94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3258
Expires: Thu, 01 Dec 2022 12:51:33 GMT
Date: Thu, 01 Dec 2022 11:57:15 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
0c748388899e8a8d3680355da2ea5020
903c620cd137613daafb0da0508c37b2f4a67212
39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1513
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 11:57:15 GMT
Last-Modified: Thu, 01 Dec 2022 11:32:02 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9fce5679881bf302a8978a0b462f01a9
b699fe030ea13ac73813e655c42ed9b531925e2b
a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6235
Expires: Thu, 01 Dec 2022 13:41:10 GMT
Date: Thu, 01 Dec 2022 11:57:15 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 01 Dec 2022 11:19:46 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2249
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: m6FKR3Nv27V9w/ssHMYIysXP5tQMHa/TB68rpzBE5jvNOshw6ywWH/9vvtMAPgsAWhLI6dKJFsI=
x-amz-request-id: PKK2NDMKTBN8HYQK
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 01 Dec 2022 11:46:15 GMT
age: 660
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 11:57:15 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
a6c0069e86ca8743c63d3f5d1f58cda7
c42da5b13f4cd6a417f70ceea299adba46b5be22
99937357f18d656c1e32041f90cd8cbe3f3dcec8facb849d2b7119f00c221aa9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=156475
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 11:57:15 GMT
Etag: "638856d6-117"
Expires: Sat, 03 Dec 2022 07:25:10 GMT
Last-Modified: Thu, 01 Dec 2022 07:25:10 GMT
Server: nginx
Content-Length: 279

igg-games.cc/assets/img/logo-1.png

188.114.96.1

200 OK

22 kB

URL HTTP/2
igg-games.cc/assets/img/logo-1.png
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 516 x 181, 8-bit colormap, non-interlaced\012- data
Size
22 kB (22508 bytes)
Hash
2a0e3b5067b0262ff4d8b05cf51efd53
a82bd12933364a897565c7087142c5e164bb6558
949143c983bc5a7abfe2907f53a238e29d4b80ccb50fa843fa2ab1dd6009ede6

HTTP Headers

GET /assets/img/logo-1.png HTTP/1.1
Host: igg-games.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igg-games.cc/25648-scars-of-summer-free-download.html
Cookie: PHPSESSID=ge1d8t0s9gr9l5b6ld8081nnsm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 11:57:15 GMT
content-type: image/png
content-length: 22508
last-modified: Fri, 05 Feb 2021 13:23:21 GMT
etag: "57ec-5ba96b9588440"
cache-control: max-age=2592000
expires: Sat, 31 Dec 2022 10:51:31 GMT
cf-cache-status: HIT
age: 3944
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2eHEGAnRrU7w1dJuukdWZeY6HOor4ajfP1xmVMC4%2BDtNMjcAha%2FUjS8mp84wS6xMT0iXeWTiiTslSL6aHsNpAzpqWFXXSQzKqlhoFyLSO49LLMpP8GE%2FAY80xcbq6CU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 772ba4ee1e68b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

igg-games.cc/assets/css/all.min.css?v1.0.0

188.114.96.1

200 OK

50 kB

URL HTTP/2
igg-games.cc/assets/css/all.min.css?v1.0.0
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
50 kB (49991 bytes)
Hash
21626cd2715f746ee9d880a1798a05b1
27db7f2ae3dda965a9f74cadd8a0ada5b0237612
db78f8a30b036aba57cfb16864522bc3259b0e79500867200ea97f808303a9dc

HTTP Headers

GET /assets/css/all.min.css?v1.0.0 HTTP/1.1
Host: igg-games.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igg-games.cc/25648-scars-of-summer-free-download.html
Cookie: PHPSESSID=ge1d8t0s9gr9l5b6ld8081nnsm
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 11:57:15 GMT
content-type: text/css
last-modified: Fri, 05 Feb 2021 13:23:21 GMT
etag: W/"4a1c4-5ba96b9588440-gzip"
cache-control: max-age=2592000
expires: Fri, 02 Dec 2022 02:07:49 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2540966
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8LSVrTfRujkuv7TkzNZprzkArN5wKG5MArOVBzfr0JyUwBmh4ImLpqoWIPSpwd6r6W7B7n0FBmtwjJ3RiA%2FmZblP3g5JuXnFnQhoQXbIgU6tTg2rjqudF6Y%2F1sL4Ot4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772ba4ee1e63b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

igg-games.com/wp-content/uploads/2021/04/Scars-of-Summer-Free-Download.jpg

188.114.96.1

200 OK

39 kB

URL HTTP/2
igg-games.com/wp-content/uploads/2021/04/Scars-of-Summer-Free-Download.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 670x384, components 3\012- data
Size
39 kB (38733 bytes)
Hash
265c3f7243fba3cc9b3d316c02d8fc59
bf1ba2498afcc5890b353d20d2ea9198fd8fd3a6
5868c2aa58648f9dbd67c069c5194cee3aa4118d74435519dcf90f412370fbac

HTTP Headers

GET /wp-content/uploads/2021/04/Scars-of-Summer-Free-Download.jpg HTTP/1.1
Host: igg-games.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igg-games.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 01 Dec 2022 11:57:15 GMT
content-type: image/jpeg
content-length: 38733
last-modified: Sun, 11 Apr 2021 19:02:10 GMT
vary: Accept-Encoding
etag: "607347b2-974d"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 57033
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zy5U2FxY9DSFTpjsELGoe%2FH%2Fj9nAWKOWOFJGlDIkMU9lE0duNgH6qHEx89W3J4cxQYfMuAY%2BWKOssaj%2BNFAu%2F%2BPYVXK%2BrNpkbVs1GKg1fGeBVzEbfnBxypRcvJu1%2B59J"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772ba4ee9922b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

igg-games.cc/assets/img/user.svg

188.114.96.1

200 OK

565 B

URL HTTP/2
igg-games.cc/assets/img/user.svg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text
Size
565 B (565 bytes)
Hash
a51e8b75b7baa36a9ee35a37818180e5
c125f2e9a6d4b62b72b8b3743393f27ae53ad36c
26840756d16454c1391c10b455a7a5851cbe33b95b47a9cee2b0efe873e3825e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/img/user.svg HTTP/1.1
Host: igg-games.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igg-games.cc/25648-scars-of-summer-free-download.html
Cookie: PHPSESSID=ge1d8t0s9gr9l5b6ld8081nnsm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 11:57:15 GMT
content-type: image/svg+xml
last-modified: Fri, 05 Feb 2021 13:23:21 GMT
etag: W/"1fa-5ba96b9588440"
cache-control: max-age=14400
expires: Thu, 01 Dec 2022 12:51:31 GMT
cf-cache-status: HIT
age: 3944
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GGRFUvgxVaZ7jq%2FdM1SYu26uWTllS3LKkRe1ZvN8IjMUaPxH%2BDuBqvOA%2FL0yNy3ZP28d8Mbq0fKGtNzBFyiO2EVz7VofdEhMkKb68CfbpIj8yUNgATunyX5bQmlBaKE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 772ba4ee1e6ab50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

igg-games.com/wp-content/uploads/2021/04/Scars-of-Summer-Torrent-Download.jpg

188.114.96.1

200 OK

45 kB

URL HTTP/2
igg-games.com/wp-content/uploads/2021/04/Scars-of-Summer-Torrent-Download.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 600x384, components 3\012- data
Size
45 kB (44735 bytes)
Hash
a2c3d9813db01a61551bafcca13c83e3
f485d4d2ba5ad05c6d875bf8932b514b653d1801
9c1b4158ddcdd6aa29c59af4dcf74d6241be6b192f6625cf1843de8646ab8e89

HTTP Headers

GET /wp-content/uploads/2021/04/Scars-of-Summer-Torrent-Download.jpg HTTP/1.1
Host: igg-games.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igg-games.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 01 Dec 2022 11:57:15 GMT
content-type: image/jpeg
content-length: 44735
last-modified: Sun, 11 Apr 2021 19:02:19 GMT
vary: Accept-Encoding
etag: "607347bb-aebf"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 57033
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nhtt1fbXwOK1%2B8IClWQDtUKO3vJ%2BeZmyZKZW70zXM%2BSP%2FHj2iiCZZ5uYdDWZvQCHknCkOtw665829Y8kSixA3CrHRJhC36IfDMll4XXe3Yfl5dSSZSO3%2Fo2EIx8F5PDh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772ba4eec963b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

igg-games.com/wp-content/uploads/2021/04/Scars-of-Summer-PC-Crack.jpg

188.114.96.1

200 OK

30 kB

URL HTTP/2
igg-games.com/wp-content/uploads/2021/04/Scars-of-Summer-PC-Crack.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 680x382, components 3\012- data
Size
30 kB (29851 bytes)
Hash
c89ec86ff0e9ebb42b53daf7e27aeff7
a162a83d17bd43876f2c9bc42de384e5960a5db8
cbcf2de0209368fac80af4e7c2fbbf9f14c50ea5ef26aedd796401ad71935f53

HTTP Headers

GET /wp-content/uploads/2021/04/Scars-of-Summer-PC-Crack.jpg HTTP/1.1
Host: igg-games.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igg-games.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 01 Dec 2022 11:57:15 GMT
content-type: image/jpeg
content-length: 29851
last-modified: Sun, 11 Apr 2021 19:02:14 GMT
vary: Accept-Encoding
etag: "607347b6-749b"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 57033
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=281idgLTKp1KV70OxjIPMd%2F%2BRAafhh3r%2FFKV1CPcBKcarOrFFg0Hwzo2VnETuVewLoRYUpf3fuCsv%2BNdQjd6nKSr%2BMvw2T%2FBbxXW35ESeMiOrSTRDkTB4cKK9deDgeXH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772ba4eec965b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
f9d6c2414be2cd05c1585ef7bcfdf4a2
45c274e8dc5616b56a8e49cc3869b8af16c298ea
4966445600fdf40168cf88d502b9d4c57d55b20775f4c34ab77060d5cce6bdbd

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3173
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 11:57:15 GMT
Last-Modified: Thu, 01 Dec 2022 11:04:22 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
a6c0069e86ca8743c63d3f5d1f58cda7
c42da5b13f4cd6a417f70ceea299adba46b5be22
99937357f18d656c1e32041f90cd8cbe3f3dcec8facb849d2b7119f00c221aa9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=156475
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 11:57:15 GMT
Etag: "638856d6-117"
Expires: Sat, 03 Dec 2022 07:25:10 GMT
Last-Modified: Thu, 01 Dec 2022 07:25:10 GMT
Server: nginx
Content-Length: 279

igg-games.cc/assets/img/tag.svg

188.114.96.1

200 OK

376 kB

URL HTTP/2
igg-games.cc/assets/img/tag.svg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text
Size
376 kB (376420 bytes)
Hash
ce15e2c7ae19ad4bde605acca2568106
ea230ac98a80274d4cf886f875288a2018e97d14
c6125637eb286d2f356b9200f7651310dcfb4d04c9f49cc6aa9a1aef63006647

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/img/tag.svg HTTP/1.1
Host: igg-games.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igg-games.cc/25648-scars-of-summer-free-download.html
Cookie: PHPSESSID=ge1d8t0s9gr9l5b6ld8081nnsm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 11:57:15 GMT
content-type: image/svg+xml
last-modified: Fri, 05 Feb 2021 13:23:21 GMT
etag: W/"28c-5ba96b9588440"
cache-control: max-age=14400
expires: Thu, 01 Dec 2022 12:51:32 GMT
cf-cache-status: HIT
age: 3943
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=chOeWYZs7dyCd%2Bc1J%2Fmv%2FV7WseAXD1XwScPDekZkOZN9otCxt2a9DE15WSPaKFCRBRbp6Rrdifk8lDLOUVBjvkQtr2zaI1ArwBrktwrjFoK7NjProYr73aAwxvn%2Bm5U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 772ba4ee1e6db50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 01 Dec 2022 11:08:56 GMT
cache-control: public,max-age=3600
age: 2900
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
1f88399f3fdd89dbb9ca1229cb67143a
325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3
831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1564
Cache-Control: max-age=164137
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 11:57:16 GMT
Etag: "63886ea9-1d7"
Expires: Sat, 03 Dec 2022 09:32:53 GMT
Last-Modified: Thu, 01 Dec 2022 09:06:49 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9169697757789e2db9f7c6a910ca2666
9c665eabe2cb006402658d63bb5569825b1bd2ea
fd925587b4511ff8992a0dc2eea8a9d91a5a64703db027ca0918514207dfb32f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FD925587B4511FF8992A0DC2EEA8A9D91A5A64703DB027CA0918514207DFB32F"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19875
Expires: Thu, 01 Dec 2022 17:28:31 GMT
Date: Thu, 01 Dec 2022 11:57:16 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
747877f61f686f440fc13df466e98419
54d6f7875afeafc5ad345f0cfc57ee0532b5ee30
b8bcdc3d33f4f5cd1efdf0b16b42fe9a3f715b4df86271bec9505800bd27b6d9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B8BCDC3D33F4F5CD1EFDF0B16B42FE9A3F715B4DF86271BEC9505800BD27B6D9"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8788
Expires: Thu, 01 Dec 2022 14:23:44 GMT
Date: Thu, 01 Dec 2022 11:57:16 GMT
Connection: keep-alive

push.services.mozilla.com/

35.165.176.211

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.165.176.211:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: KaWaF0N+TFT+k0dhRk4KPA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: TdljrQZQh9b03T1MqPs2RjhRx5k=

pennilesscomingall.com/b0/5c/f7/b05cf75156dd9a0e55479900a876fc41.js

192.243.59.20

200 OK

13 kB

URL HTTP/1.1
pennilesscomingall.com/b0/5c/f7/b05cf75156dd9a0e55479900a876fc41.js
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with very long lines (37141), with no line terminators
Size
13 kB (13414 bytes)
Hash
3153d61d86fa187674133c76f74148ee
db2f3f0c55193f4b3b78b6487e4c286c8edaeb99
2ca791cd3cb4bcc1f41fc03ba6cddb74f788f2c2245b6b5d6f28491b2fb4be99

HTTP Headers

GET /b0/5c/f7/b05cf75156dd9a0e55479900a876fc41.js HTTP/1.1
Host: pennilesscomingall.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igg-games.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 01 Dec 2022 11:57:16 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8fa4a2e3ab379318f51790fd127ab688
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

pennilesscomingall.com/b3/53/f5/b353f519af43f14cd46c4b529e95b229.js

192.243.59.20

200 OK

17 kB

URL HTTP/1.1
pennilesscomingall.com/b3/53/f5/b353f519af43f14cd46c4b529e95b229.js
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with very long lines (53762), with no line terminators
Size
17 kB (17190 bytes)
Hash
d96e9bd92eac9c758cbf51d7208d7727
2b5d183b881d88a78c348a10d6f2a44ca338d49c
6d0be27afdbcc22e55073b074044dfb9888b25e032609d7f7ff703cb3b17e24b

HTTP Headers

GET /b3/53/f5/b353f519af43f14cd46c4b529e95b229.js HTTP/1.1
Host: pennilesscomingall.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igg-games.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 01 Dec 2022 11:57:16 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e8b7f882397741dee83d03edd7244591
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

e1.o.lencr.org/

23.36.76.226

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
16388acd9cf4bcbd556417f150a6d669
99476e4f7e880e432776c5629dfddfdb8cab2052
19871287895bc6e8a30a0fd2f69269288d483e85d8510a18de34259a7fd0ff05

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "19871287895BC6E8A30A0FD2F69269288D483E85D8510A18DE34259A7FD0FF05"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10072
Expires: Thu, 01 Dec 2022 14:45:08 GMT
Date: Thu, 01 Dec 2022 11:57:16 GMT
Connection: keep-alive

pennilesscomingall.com/2eb4df8d0d6d886694c166caac78d7c0/invoke.js

192.243.59.20

200 OK

9.8 kB

URL HTTP/1.1
pennilesscomingall.com/2eb4df8d0d6d886694c166caac78d7c0/invoke.js
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
exported SGML document, ASCII text, with very long lines (26945), with no line terminators
Size
9.8 kB (9781 bytes)
Hash
784c6a211d8b695266d8ddf287519e27
6c053f9a5361ab3ee99ae226ef101f88aa50836b
b1a464325e15c66572c98c165e8547392dba7fb87fbb5c33a9a3bf8dba93976f

HTTP Headers

GET /2eb4df8d0d6d886694c166caac78d7c0/invoke.js HTTP/1.1
Host: pennilesscomingall.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igg-games.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 01 Dec 2022 11:57:16 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3fa52ca9be6a2f0fffb3e1a7cfbf436e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

ocsp.sca1b.amazontrust.com/

143.204.42.158

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.158:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
819f953b0edd066d30cf5847c5564d3c
12f3ea06c2a617db03caa556e37c1cb106d44f93
9794d926ccf993a8cd760c76077cf94f5b270633aff450e45934a5c8fd52d62d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=93323
Date: Thu, 01 Dec 2022 11:57:16 GMT
Etag: "63875b15-1d7"
Expires: Fri, 02 Dec 2022 13:52:39 GMT
Last-Modified: Wed, 30 Nov 2022 13:31:01 GMT
Server: ECS (nyb/1D13)
X-Cache: Miss from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _kYfxHJ6v2zyKB4J4fFoAUKoqANaZfipWH2yHPIBOGExuo4HZvS7Vw==
Age: 1298

simplewebanalysis.com/stats

52.28.211.11

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
52.28.211.11:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
ff74e239d6fa705496a655247bb11b03
ec22cbde3db8347374e295a3fd9ca326f7e12e5d
dd9e12fcc20ff1f9fa0c505fec5069558f76705403f49b849d5b57d3ac82b442

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://igg-games.cc
Connection: keep-alive
Referer: https://igg-games.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 11:57:17 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://igg-games.cc
access-control-allow-credentials: true
set-cookie: uid_id2=32178727-48ef-4724-a72b-0ca834efd9f4:2:1; expires=Sun, 28 Nov 2032 11:57:17 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

simplewebanalysis.com/stats

52.28.211.11

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
52.28.211.11:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
31e647c2a4505d1654903c3455dceeb2
9beed25fc95f34a0d3de4af53e0c3f4a466a3636
02952bec65ab809ac9c9e9ab2f8ef322d14d440deaa1c36b0e4dde05a264ebba

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://igg-games.cc
Connection: keep-alive
Referer: https://igg-games.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 01 Dec 2022 11:57:17 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://igg-games.cc
access-control-allow-credentials: true
set-cookie: uid_id2=4b027afe-39ed-41f3-898c-a764ba55daef:3:1; expires=Sun, 28 Nov 2032 11:57:17 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
16388acd9cf4bcbd556417f150a6d669
99476e4f7e880e432776c5629dfddfdb8cab2052
19871287895bc6e8a30a0fd2f69269288d483e85d8510a18de34259a7fd0ff05

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "19871287895BC6E8A30A0FD2F69269288D483E85D8510A18DE34259A7FD0FF05"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10071
Expires: Thu, 01 Dec 2022 14:45:08 GMT
Date: Thu, 01 Dec 2022 11:57:17 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
188c50963e7939b1f26a31dbcb8c8200
859416e6148ea6618584e53604efcf072bb989cc
3a313cd3c1693a886bfbf6ffc6fbac78f87e6ded2b9a7749553444ada65ce36e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 11:57:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google-analytics.com/analytics.js

216.239.32.178

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
216.239.32.178:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igg-games.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 01 Dec 2022 10:46:55 GMT
expires: Thu, 01 Dec 2022 12:46:55 GMT
cache-control: public, max-age=7200
age: 4222
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
188c50963e7939b1f26a31dbcb8c8200
859416e6148ea6618584e53604efcf072bb989cc
3a313cd3c1693a886bfbf6ffc6fbac78f87e6ded2b9a7749553444ada65ce36e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 11:57:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

igggames-cc.disqus.com/embed.js

199.232.196.134

200 OK

26 kB

URL HTTP/1.1
igggames-cc.disqus.com/embed.js
IP
199.232.196.134:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (32006)
Size
26 kB (25622 bytes)
Hash
7f05e82093a73e9ba5b29bf4e9fbee26
5c78a21b3749104bc5c16b9ee33282ad39029406
65142d64dcc25a17fb950f825a5345ecb7a56bcbcd4463185c46aeb863e9f343

HTTP Headers

GET /embed.js HTTP/1.1
Host: igggames-cc.disqus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igg-games.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 25622
Server: openresty
Content-Type: application/javascript; charset=utf-8
X-Service: router
Content-Encoding: gzip
Date: Thu, 01 Dec 2022 11:57:17 GMT
Age: 0
Vary: Accept-Encoding
Cache-Control: private, max-age=60
Strict-Transport-Security: max-age=300; includeSubdomains
Cross-Origin-Resource-Policy: cross-origin
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0c1731f3430ccf07042633f4bd9c1b1e
52473028de4ab8abec730a682fca297a161363dd
1415c2caef711b78278db8fa2cf24d327a9e41526d61c345c1965a89d29e5749

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1415C2CAEF711B78278DB8FA2CF24D327A9E41526D61C345C1965A89D29E5749"
Last-Modified: Tue, 29 Nov 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6118
Expires: Thu, 01 Dec 2022 13:39:15 GMT
Date: Thu, 01 Dec 2022 11:57:17 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

1.1 kB

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.1 kB (1091 bytes)
Hash
97d16008bea48bbdd2fc2be737220837
04b83329ca20524b5228934f1df36fd8e92d5908
90135cda78bdc12f31b3327cc857e938614df904a6cdcc83a1f9731b2ede397c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "700EDD4D5D63C800BCCCA41F53BD4836861F68B04709654E0DC29AC86C18C4F4"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10020
Expires: Thu, 01 Dec 2022 14:44:17 GMT
Date: Thu, 01 Dec 2022 11:57:17 GMT
Connection: keep-alive

disqus.com/embed/comments/?base=default&f=igggames-cc&t_i=25648&t_u=https%3A%2F%2Figg-games.cc%2F25648-scars-of-summer-free-download.html&t_d=Scars%20of%20Summer%20Free%20Download&t_t=Scars%20of%20Summer%20Free%20Download&s_o=default

151.101.192.134

200 OK

2.8 kB

URL HTTP/1.1
disqus.com/embed/comments/?base=default&f=igggames-cc&t_i=25648&t_u=https%3A%2F%2Figg-games.cc%2F25648-scars-of-summer-free-download.html&t_d=Scars%20of%20Summer%20Free%20Download&t_t=Scars%20of%20Summer%20Free%20Download&s_o=default
IP
151.101.192.134:0
ASN
#54113 FASTLY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (2947)
Size
2.8 kB (2773 bytes)
Hash
b269dea8e6c09f636d34a0dd9b02fdef
f24d32cbd496944ba9ddf9d3905d2e4e1d1e0fb3
ce763a16207bdc691590a868c397c286337630a6dce91b96fd474590875676a5

HTTP Headers

GET /embed/comments/?base=default&f=igggames-cc&t_i=25648&t_u=https%3A%2F%2Figg-games.cc%2F25648-scars-of-summer-free-download.html&t_d=Scars%20of%20Summer%20Free%20Download&t_t=Scars%20of%20Summer%20Free%20Download&s_o=default HTTP/1.1
Host: disqus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igg-games.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 2773
Server: nginx
Content-Type: text/html; charset=utf-8
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Last-Modified: Mon, 12 Apr 2021 20:38:37 GMT
ETag: W/"lounge:view:8475327476.29bbbf9b925210034f8866edcc6b15d7.2"
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Referrer-Policy: no-referrer-when-downgrade
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Date: Thu, 01 Dec 2022 11:57:17 GMT
Age: 0
Vary: Accept-Encoding
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains

c.disquscdn.com/next/embed/lounge.load.d116ecc015365797cd7bed9492b731bc.js

143.204.55.72

200 OK

496 B

URL HTTP/2
c.disquscdn.com/next/embed/lounge.load.d116ecc015365797cd7bed9492b731bc.js
IP
143.204.55.72:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (958), with no line terminators
Size
496 B (496 bytes)
Hash
1c3ac2de409e67c85a414ddf415a5706
1ab9839ad9f09cc2c12d0d635724a377795f88f5
87ea121b8929364d60c3a72877c87a5b4ff78d85de3c896cdfeaa6ed6890ed6a

HTTP Headers

GET /next/embed/lounge.load.d116ecc015365797cd7bed9492b731bc.js HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://disqus.com
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 496
date: Tue, 29 Nov 2022 16:11:03 GMT
server: nginx
last-modified: Fri, 25 Nov 2022 05:53:01 GMT
etag: "6380583d-1f0"
content-encoding: gzip
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Wed, 29 Nov 2023 16:11:03 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: E9Hk5BgaoSV6tSvRVPNgctx8r7PL-m1P3KE9ctXUqgc_feC02hrUzw==
age: 157574
X-Firefox-Spdy: h2

192.243.59.12

307 Temporary Redirect

0 B

URL HTTP/1.1
handbagcordial.com/watch.622862887468.js?key=2eb4df8d0d6d886694c166caac78d7c0&kw=%5B%22scars%22%2C%22of%22%2C%22summer%22%2C%22free%22%2C%22download%22%2C%22%C2%AB%22%2C%22igggames%22%5D&refer=https%3A%2F%2Figg-games.cc%2F25648-scars-of-summer-free-download.html&tz=0&dev=e&res=12.1055&uuid=32178727-48ef-4724-a72b-0ca834efd9f4%3A2%3A1
IP
192.243.59.12:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /watch.622862887468.js?key=2eb4df8d0d6d886694c166caac78d7c0&kw=%5B%22scars%22%2C%22of%22%2C%22summer%22%2C%22free%22%2C%22download%22%2C%22%C2%AB%22%2C%22igggames%22%5D&refer=https%3A%2F%2Figg-games.cc%2F25648-scars-of-summer-free-download.html&tz=0&dev=e&res=12.1055&uuid=32178727-48ef-4724-a72b-0ca834efd9f4%3A2%3A1 HTTP/1.1
Host: handbagcordial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://igg-games.cc
Connection: keep-alive
Referer: https://igg-games.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.6
Date: Thu, 01 Dec 2022 11:57:17 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://igg-games.cc
Access-Control-Allow-Origin: https://igg-games.cc
Access-Control-Allow-Credentials: true
Location: https://handbagcordial.com/watch.622862887468.js?key=2eb4df8d0d6d886694c166caac78d7c0&kw=%5B%22scars%22%2C%22of%22%2C%22summer%22%2C%22free%22%2C%22download%22%2C%22%C2%AB%22%2C%22igggames%22%5D&refer=https%3A%2F%2Figg-games.cc%2F25648-scars-of-summer-free-download.html&tz=0&dev=e&res=12.1055&uuid=32178727-48ef-4724-a72b-0ca834efd9f4%3A2%3A1&shu=36b46c966807cfa85541e61166ea2ee8d1e8fe2c396d018c870495df58b5980aee2f574076a6ac3b8c681bda05e225d9e0caa2550becfeb513ca1bcc329360f22d9709a4cd3ee5c87aae3a2d51014bf9e3fb0f&pst=1669895897&rmtc=t
Set-Cookie: u_pl=15765219; expires=Fri, 02 Dec 2022 11:57:17 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTc2NTIxOSwiayI6IjJlYjRkZjhkMGQ2ZDg4NjY5NGMxNjZjYWFjNzhkN2MwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzcyMTMwLCJwaWQiOjE1MTE5MiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJqdjFpNHcya2gwIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vaWdnLWdhbWVzLmNjLzI1NjQ4LXNjYXJzLW9mLXN1bW1lci1mcmVlLWRvd25sb2FkLmh0bWwifX0.XjeOBhYMsjVq2AuR6is_hB2hInzr1nIoi5c6WxthafU; expires=Thu, 01 Dec 2022 11:58:17 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 94982f351b1c041f9969f166c3e0f40a
Strict-Transport-Security: max-age=0; includeSubdomains

c.disquscdn.com/next/embed/common.bundle.365bd1d5046c1dce8ea9ac5e4907bdb4.js

143.204.55.72

200 OK

95 kB

URL HTTP/2
c.disquscdn.com/next/embed/common.bundle.365bd1d5046c1dce8ea9ac5e4907bdb4.js
IP
143.204.55.72:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (32023)
Size
95 kB (94893 bytes)
Hash
ed36f033a8b17d64c351cf4023adc999
af70b17fc8e328aee847a345bdf712a2c84bd7c3
034c07bf402ed5552c71899af3ca8d7fb96e6b9ce8710b75f22217a19f5f5c35

HTTP Headers

GET /next/embed/common.bundle.365bd1d5046c1dce8ea9ac5e4907bdb4.js HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 94893
date: Tue, 29 Nov 2022 16:11:03 GMT
server: nginx
last-modified: Fri, 25 Nov 2022 05:53:01 GMT
etag: "6380583d-172ad"
content-encoding: gzip
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Wed, 29 Nov 2023 16:11:03 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: xxTiAR8XuhTWdGLtYrgacEL8fQjbSvy5IRLH-xSmc97dvI59avEWYQ==
age: 157574
X-Firefox-Spdy: h2

c.disquscdn.com/next/embed/styles/lounge.7280beb4e2588b7f9e7845bf19e315e9.css

143.204.55.72

200 OK

31 kB

URL HTTP/2
c.disquscdn.com/next/embed/styles/lounge.7280beb4e2588b7f9e7845bf19e315e9.css
IP
143.204.55.72:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (65469)
Size
31 kB (30673 bytes)
Hash
badf542046922732b33187c787f20707
fd2bef276d0265fd9c90cf966b6c34ca4cc754e4
ab090de247a8d36524d25345394523862c10daf207a89e2f9ad69e43c3e3b32a

HTTP Headers

GET /next/embed/styles/lounge.7280beb4e2588b7f9e7845bf19e315e9.css HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: text/css; charset=utf-8
content-length: 30673
date: Tue, 29 Nov 2022 16:11:14 GMT
server: nginx
last-modified: Fri, 25 Nov 2022 05:53:01 GMT
etag: "6380583d-77d1"
content-encoding: gzip
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Wed, 29 Nov 2023 16:11:14 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: -RzvAjYuZ4hiFYdfr9R5ZUWyc4N2ArV2aBQoUQPi4nAC8YKfHshrVw==
age: 157563
X-Firefox-Spdy: h2

c.disquscdn.com/next/embed/lounge.bundle.62fb92af5c9511c5dc81068eb508a621.js

143.204.55.72

200 OK

129 kB

URL HTTP/2
c.disquscdn.com/next/embed/lounge.bundle.62fb92af5c9511c5dc81068eb508a621.js
IP
143.204.55.72:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (32010)
Size
129 kB (128680 bytes)
Hash
7110001527d9c195f598b6f80285890b
28abca73749e57f98679ce63c1d26cd64ea57fca
1687e857e1d1406d96a2ab79b2a5e389e37264a35a423c94c963798716b01da7

HTTP Headers

GET /next/embed/lounge.bundle.62fb92af5c9511c5dc81068eb508a621.js HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 128680
date: Tue, 29 Nov 2022 16:11:04 GMT
server: nginx
last-modified: Fri, 25 Nov 2022 05:53:01 GMT
etag: "6380583d-1f6a8"
content-encoding: gzip
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Wed, 29 Nov 2023 16:11:04 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: doo8lh2FPMex93RgeijHJqAzY0JFUwZFyobQW-CwGEUtvokIIlURiw==
age: 157573
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5722
Expires: Thu, 01 Dec 2022 13:32:39 GMT
Date: Thu, 01 Dec 2022 11:57:17 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5722
Expires: Thu, 01 Dec 2022 13:32:39 GMT
Date: Thu, 01 Dec 2022 11:57:17 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5722
Expires: Thu, 01 Dec 2022 13:32:39 GMT
Date: Thu, 01 Dec 2022 11:57:17 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9674 bytes)
Hash
5508d05a290b663fd89ead9b58f2efd8
53650399f9a986ba54addd668b4557109d12003b
65704a961410fdd318c491fedf002c8e9b184cd34b76fe1b67026d42ce21be3f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9674
x-amzn-requestid: 7e7d0183-9667-462a-8d44-d125998c1ae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEoHVAoAMFvAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1d-280ba97e3fe1bf7244cbde35;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ym_L3s5E6MLy6BxqNkVxok6L6hA4c-ilSsEqt42j2IbiXYPb4c6-VQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:52:57 GMT
age: 50660
etag: "53650399f9a986ba54addd668b4557109d12003b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

handbagcordial.com/watch.622862887468.js?key=2eb4df8d0d6d886694c166caac78d7c0&kw=%5B%22scars%22%2C%22of%22%2C%22summer%22%2C%22free%22%2C%22download%22%2C%22%C2%AB%22%2C%22igggames%22%5D&refer=https%3A%2F%2Figg-games.cc%2F25648-scars-of-summer-free-download.html&tz=0&dev=e&res=12.1055&uuid=32178727-48ef-4724-a72b-0ca834efd9f4%3A2%3A1&shu=36b46c966807cfa85541e61166ea2ee8d1e8fe2c396d018c870495df58b5980aee2f574076a6ac3b8c681bda05e225d9e0caa2550becfeb513ca1bcc329360f22d9709a4cd3ee5c87aae3a2d51014bf9e3fb0f&pst=1669895897&rmtc=t

192.243.59.12

200 OK

642 B

URL HTTP/1.1
handbagcordial.com/watch.622862887468.js?key=2eb4df8d0d6d886694c166caac78d7c0&kw=%5B%22scars%22%2C%22of%22%2C%22summer%22%2C%22free%22%2C%22download%22%2C%22%C2%AB%22%2C%22igggames%22%5D&refer=https%3A%2F%2Figg-games.cc%2F25648-scars-of-summer-free-download.html&tz=0&dev=e&res=12.1055&uuid=32178727-48ef-4724-a72b-0ca834efd9f4%3A2%3A1&shu=36b46c966807cfa85541e61166ea2ee8d1e8fe2c396d018c870495df58b5980aee2f574076a6ac3b8c681bda05e225d9e0caa2550becfeb513ca1bcc329360f22d9709a4cd3ee5c87aae3a2d51014bf9e3fb0f&pst=1669895897&rmtc=t
IP
192.243.59.12:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document text\012- HTML document, ASCII text, with very long lines (602)
Size
642 B (642 bytes)
Hash
cacb65113c5672dfcd91b1197e85ba5b
cc89a622830a6948f8c1f28e0a94df2d9a34d603
090ce978c8d97438949d43b16a251bb88162f7e7d28ce6e393022f5581f4c948

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /watch.622862887468.js?key=2eb4df8d0d6d886694c166caac78d7c0&kw=%5B%22scars%22%2C%22of%22%2C%22summer%22%2C%22free%22%2C%22download%22%2C%22%C2%AB%22%2C%22igggames%22%5D&refer=https%3A%2F%2Figg-games.cc%2F25648-scars-of-summer-free-download.html&tz=0&dev=e&res=12.1055&uuid=32178727-48ef-4724-a72b-0ca834efd9f4%3A2%3A1&shu=36b46c966807cfa85541e61166ea2ee8d1e8fe2c396d018c870495df58b5980aee2f574076a6ac3b8c681bda05e225d9e0caa2550becfeb513ca1bcc329360f22d9709a4cd3ee5c87aae3a2d51014bf9e3fb0f&pst=1669895897&rmtc=t HTTP/1.1
Host: handbagcordial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://igg-games.cc
Referer: https://igg-games.cc/
Connection: keep-alive
Cookie: u_pl=15765219; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTc2NTIxOSwiayI6IjJlYjRkZjhkMGQ2ZDg4NjY5NGMxNjZjYWFjNzhkN2MwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzcyMTMwLCJwaWQiOjE1MTE5MiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJqdjFpNHcya2gwIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vaWdnLWdhbWVzLmNjLzI1NjQ4LXNjYXJzLW9mLXN1bW1lci1mcmVlLWRvd25sb2FkLmh0bWwifX0.XjeOBhYMsjVq2AuR6is_hB2hInzr1nIoi5c6WxthafU
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 01 Dec 2022 11:57:17 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://igg-games.cc
Access-Control-Allow-Origin: https://igg-games.cc
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=32178727-48ef-4724-a72b-0ca834efd9f4:2:1; expires=Thu, 08 Dec 2022 11:57:17 GMT; secure; SameSite=None
iprc27696660cb9ac8baf085cb9c8f768a1c=2717340; expires=Fri, 02 Dec 2022 13:57:17 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 02 Dec 2022 11:57:17 GMT; secure; SameSite=None
uncs=1; expires=Fri, 02 Dec 2022 11:57:17 GMT; secure; SameSite=None
pdhtkv5=true; expires=Fri, 02 Dec 2022 11:57:17 GMT; secure; SameSite=None
uncs5=1; expires=Fri, 02 Dec 2022 11:57:17 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d81b705f26eb3cb8509672e08f6626de
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8740 bytes)
Hash
26d6dffbf400da4803a2e76e2a8ef2f8
2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8
04c6e31623fe48cbe83dc91635bfa47b337590f18919995b08d5bde27e929e03

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8740
x-amzn-requestid: c6c3e3dc-c9a2-4fda-a83b-cdd6ae81166b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP7uyE9CoAMF6Xg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63830cc4-2c8940405044071a082ee678;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qykE_oaoqqPTgqGnfUo74mH29IOS97b5sZb_3VmB9yW7KUiJ1a7dnA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 18:58:06 GMT
age: 61151
etag: "2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12898 bytes)
Hash
820cf89fcab8380adff42982c9fb11ed
84241ddddbbfd7de30118307fb1a62800d0a4cb3
0d051495f06ac84de934283b40cbfee7a042d32153a73486dd7c017430e882d8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12898
x-amzn-requestid: 9b594c3c-6b8c-4589-8fcb-b3d7518b46f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cQZBNFxToAMF_9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63833ba1-767f510d72eef86d0cc892df;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 10:27:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kZfRQsF_Fo2UtTqK0ByOPeQK-IzTQO9JtTmxIMlapmsd93SJk_4VYw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:47:30 GMT
age: 50987
etag: "84241ddddbbfd7de30118307fb1a62800d0a4cb3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.8 kB (4803 bytes)
Hash
cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: ad2d9243-5e32-4faf-8ff3-b9abd3af1e89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb1_hEJJIAMF4Vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387d063-596f5833509112ee6cbedf54;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:51:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jM-fTqLsmU3c_gc9Wle-lvCwXelA9Sid9axtzJQDsfOHv23yUbKsBw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 22:43:35 GMT
age: 47622
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

16 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
16 kB (16038 bytes)
Hash
ffd12f9c423ffc627d9e3b3145944fe4
5cf9a7a784952e1bb0cbe499104f1774b1269d08
a25f1b752d9af599aefd73073c105853130f1759905269de3d582d2eb35fe167

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 16038
x-amzn-requestid: 925134ee-dd35-45ed-8da7-d60c9c484993
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbz80EHboAMFtmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cd1e-48de287757e82632291365ee;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:37:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: I8qQQUMSVzFmXqjWM1n_F1XEE-ZQcpEF81OwJgf9i3Q5M8XiFAa8Zg==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:52:00 GMT
age: 50717
etag: "5cf9a7a784952e1bb0cbe499104f1774b1269d08"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc2c1d47-fc4a-4f23-a6f7-5ac8f3a68490.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12035 bytes)
Hash
acffcb88ce68b2d70c9c046a7b5a4aa8
cd016e6c0bf5c6eef06e933c9a5257ff4fca9bc1
692d782ac1d812de6dadbcfe46034b6b5d8bbd586e56beedd96dc4d65445dd4c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc2c1d47-fc4a-4f23-a6f7-5ac8f3a68490.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12035
x-amzn-requestid: 2711a135-b390-43ef-9e95-92438058bc27
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbz81FIpIAMFs9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cd1e-742f7f293df074340ab6a217;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:37:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ygs-Qd7UU_k4t4_breZTyqkHqGjJzlH1UMa9ncww5_IGpJ1n781jfg==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:51:55 GMT
age: 50722
etag: "cd016e6c0bf5c6eef06e933c9a5257ff4fca9bc1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

yearbookhobblespinal.com/sbar.json?key=b05cf75156dd9a0e55479900a876fc41&uuid=4b027afe-39ed-41f3-898c-a764ba55daef%3A3%3A1

192.243.59.13

200 OK

3.9 kB

URL HTTP/1.1
yearbookhobblespinal.com/sbar.json?key=b05cf75156dd9a0e55479900a876fc41&uuid=4b027afe-39ed-41f3-898c-a764ba55daef%3A3%3A1
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type
JSON data\012- , ASCII text, with very long lines (5897), with no line terminators
Size
3.9 kB (3916 bytes)
Hash
09f06865eb263113d90b64b327d0e986
38210e90ca9e94336ff4926119948f82d5e10a2a
6ef0a6fa3f1313abf6b6a0926e9ebb781e0883422ceae39ec86acef25acefdc6

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /sbar.json?key=b05cf75156dd9a0e55479900a876fc41&uuid=4b027afe-39ed-41f3-898c-a764ba55daef%3A3%3A1 HTTP/1.1
Host: yearbookhobblespinal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://igg-games.cc
Connection: keep-alive
Referer: https://igg-games.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 01 Dec 2022 11:57:18 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://igg-games.cc
Access-Control-Allow-Origin: https://igg-games.cc
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15765220; expires=Fri, 02 Dec 2022 11:57:17 GMT; secure; SameSite=None
uid_id2=4b027afe-39ed-41f3-898c-a764ba55daef:3:1; expires=Thu, 08 Dec 2022 11:57:17 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 02 Dec 2022 11:57:18 GMT; secure; SameSite=None
uncs=1; expires=Fri, 02 Dec 2022 11:57:18 GMT; secure; SameSite=None
pdhtkv29=true; expires=Fri, 02 Dec 2022 11:57:18 GMT; secure; SameSite=None
uncs29=1; expires=Fri, 02 Dec 2022 11:57:18 GMT; secure; SameSite=None
slecb05cf75156dd9a0e55479900a876fc41=[3760951]; expires=Thu, 01 Dec 2022 11:57:23 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 597e555c370ce23fe5a254cc0d944aec
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

disqus.com/api/3.0/forums/details?forum=igggames-cc&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

151.101.192.134

200 OK

3.1 kB

URL HTTP/1.1
disqus.com/api/3.0/forums/details?forum=igggames-cc&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
IP
151.101.192.134:0
ASN
#54113 FASTLY

File type
JSON data\012- , ASCII text, with very long lines (3145), with no line terminators
Size
3.1 kB (3145 bytes)
Hash
896a56f84eb5866b5f82179d7a2fe779
58e8769a8641cd5dcef3707a33a9c83f60b9c866
7509bb2872e3ba1587476ee587829cb360125484cfda2a5d80c57506ae801290

HTTP Headers

GET /api/3.0/forums/details?forum=igggames-cc&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F HTTP/1.1
Host: disqus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://disqus.com/embed/comments/?base=default&f=igggames-cc&t_i=25648&t_u=https%3A%2F%2Figg-games.cc%2F25648-scars-of-summer-free-download.html&t_d=Scars%20of%20Summer%20Free%20Download&t_t=Scars%20of%20Summer%20Free%20Download&s_o=default
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 3145
Server: nginx
Content-Type: application/json
X-Frame-Options: SAMEORIGIN
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Thu, 01 Dec 2022 11:57:18 GMT
Age: 0
Vary: Origin, Cookie
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains

c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

143.204.55.72

200 OK

13 kB

URL HTTP/2
c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
IP
143.204.55.72:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (13079), with no line terminators
Size
13 kB (13079 bytes)
Hash
4da5413f5086c5755b46094b813dbfcd
87669f231ce245cdd9b7d80ebf8194e2ae62e7b1
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

HTTP Headers

GET /next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c.disquscdn.com/next/embed/styles/lounge.7280beb4e2588b7f9e7845bf19e315e9.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml; charset=utf-8
content-length: 13079
date: Fri, 04 Nov 2022 03:33:20 GMT
server: nginx
last-modified: Wed, 02 Nov 2022 16:07:12 GMT
etag: "636295b0-3317"
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Sat, 04 Nov 2023 03:33:20 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: GwneNzfYyQ02e7qYyfLcNBEE7roQu1YbHe1VXjUi8IRXVEJCeSIZYQ==
age: 2363038
X-Firefox-Spdy: h2

c.disquscdn.com/next/embed/assets/img/sprite.ad630a07080a45451f139a7487853ff8.png

143.204.55.72

200 OK

1.8 kB

URL HTTP/2
c.disquscdn.com/next/embed/assets/img/sprite.ad630a07080a45451f139a7487853ff8.png
IP
143.204.55.72:0
ASN
#16509 AMAZON-02

File type
PNG image data, 172 x 81, 8-bit colormap, non-interlaced\012- data
Size
1.8 kB (1763 bytes)
Hash
ad630a07080a45451f139a7487853ff8
c2673d7404fc947fab20eed21416f9656149018d
9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3

HTTP Headers

GET /next/embed/assets/img/sprite.ad630a07080a45451f139a7487853ff8.png HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c.disquscdn.com/next/embed/styles/lounge.7280beb4e2588b7f9e7845bf19e315e9.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 1763
date: Sat, 05 Nov 2022 01:16:36 GMT
server: nginx
last-modified: Wed, 02 Nov 2022 16:07:12 GMT
etag: "636295b0-6e3"
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Sun, 05 Nov 2023 01:16:36 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: zVfNzeBT0aA_HnQme-EJSwJSUFTHYdmAuEFBHylQrhj2dwgdKlfLsQ==
age: 2284842
X-Firefox-Spdy: h2

c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2

143.204.55.72

200 OK

7.9 kB

URL HTTP/2
c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
IP
143.204.55.72:0
ASN
#16509 AMAZON-02

File type
Web Open Font Format (Version 2), TrueType, length 7900, version 1.0\012- data
Size
7.9 kB (7900 bytes)
Hash
4cc7a703d2fdfe684151ff8ac24d45f1
046adee74e5ce76db11491906a21c09399391571
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5

HTTP Headers

GET /next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2 HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://disqus.com
Connection: keep-alive
Referer: https://c.disquscdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/octet-stream
content-length: 7900
date: Sat, 05 Nov 2022 01:01:02 GMT
server: nginx
last-modified: Wed, 02 Nov 2022 16:07:12 GMT
etag: "636295b0-1edc"
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Sun, 05 Nov 2023 01:01:02 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: L8EEt41QbhwZP0Ox-utRFOVWZNVh1rE5N4nyM74o8sZdyzoovWgmkg==
age: 2285776
X-Firefox-Spdy: h2

a.disquscdn.com/1668443441/images/noavatar92.png

199.232.194.49

200 OK

1.6 kB

URL HTTP/2
a.disquscdn.com/1668443441/images/noavatar92.png
IP
199.232.194.49:0
ASN
#54113 FASTLY

File type
PNG image data, 92 x 92, 8-bit/color RGB, non-interlaced\012- data
Size
1.6 kB (1644 bytes)
Hash
675fb4b91ca717db030507f2d84bcfdf
c8728df74487f907230358a1b08ae1a1b25f9ed4
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

HTTP Headers

GET /1668443441/images/noavatar92.png HTTP/1.1
Host: a.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/png
server: nginx
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
etag: "60395f01-66c"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Sat, 17 Dec 2022 15:17:21 GMT
cache-control: max-age=2592000
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: 5jOcp7ZrxH_QP-anBdpxd4jymgR2jnU0w8efi16t4yWllUlIDXje4w==
date: Thu, 01 Dec 2022 11:57:18 GMT
age: 1197597
strict-transport-security: max-age=300; includeSubdomains
content-length: 1644
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
99b8f0fe68f4ddcab73e403b09ede81c
3cefe839f899d267e3a2bce19223ffdbb199ddea
fc720e0fb963dfcd88d230fd0820ab09c71c9ed776ddb553e3df4192343b91fc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC720E0FB963DFCD88D230FD0820AB09C71C9ED776DDB553E3DF4192343B91FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9953
Expires: Thu, 01 Dec 2022 14:43:11 GMT
Date: Thu, 01 Dec 2022 11:57:18 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3519a58310eefa01756f0440e2acd7dd
50153382830684a6abb653dc7b4e41d7c7e386b5
5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 11:57:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

142.250.74.170

200 OK

34 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
IP
142.250.74.170:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (32077)
Size
34 kB (33951 bytes)
Hash
fd2b58574f9637ba7ef639267349d848
6eda5ea93f549ceb5693f6f1c038893fa56a510d
75627d4b97e5e6294a8f88f5eeaf9b616696dc8600db9701c47ef05f067880ec

HTTP Headers

GET /ajax/libs/jquery/1.12.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igg-games.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33951
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 18:51:00 GMT
expires: Thu, 30 Nov 2023 18:51:00 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 61578
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

disqus.com/api/3.0/threadReactions/loadReactions?thread=8475327476&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

151.101.192.134

200 OK

1.3 kB

URL HTTP/1.1
disqus.com/api/3.0/threadReactions/loadReactions?thread=8475327476&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
IP
151.101.192.134:0
ASN
#54113 FASTLY

File type
JSON data\012- , ASCII text, with very long lines (1339), with no line terminators
Size
1.3 kB (1339 bytes)
Hash
8e7b1bef5f57d39c87b0bc415afb2c90
48c179a298162097492c6739510f267a35e078ba
ead854b45c448afafd62259fa1cee6b509cdf0d5e9add99b8e0d9e16db9f589e

HTTP Headers

GET /api/3.0/threadReactions/loadReactions?thread=8475327476&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F HTTP/1.1
Host: disqus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://disqus.com/embed/comments/?base=default&f=igggames-cc&t_i=25648&t_u=https%3A%2F%2Figg-games.cc%2F25648-scars-of-summer-free-download.html&t_d=Scars%20of%20Summer%20Free%20Download&t_t=Scars%20of%20Summer%20Free%20Download&s_o=default
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1339
Server: nginx
Content-Type: application/json
Cache-Control: stale-while-revalidate=30, max-age=60
X-Frame-Options: SAMEORIGIN
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Thu, 01 Dec 2022 11:57:18 GMT
Age: 0
Vary: Origin, Cookie
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains

c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js

143.204.55.72

200 OK

27 kB

URL HTTP/2
c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
IP
143.204.55.72:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (32024)
Size
27 kB (26578 bytes)
Hash
0c2785ae737e4a3a6baf270c42954aaa
ba03fa7243d6e4f184c3f2f05f733f5f40b96cc3
75310b8dcb511e824684c40202fb6edb67136e7b747e2d42c71a628bce42c2f2

HTTP Headers

GET /next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igg-games.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 26578
date: Fri, 28 Oct 2022 16:37:58 GMT
server: nginx
last-modified: Thu, 27 Oct 2022 21:17:31 GMT
etag: "635af56b-67d2"
content-encoding: gzip
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Sat, 28 Oct 2023 16:37:58 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: YYn-Vuqi8nzTGAPRdAftL4w7vzZGhRReSOLM6Z9WE0IR_ZzkBXHw8Q==
age: 2920760
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3519a58310eefa01756f0440e2acd7dd
50153382830684a6abb653dc7b4e41d7c7e386b5
5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 11:57:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

igggames-cc.disqus.com/recommendations.js

199.232.196.134

200 OK

21 kB

URL HTTP/1.1
igggames-cc.disqus.com/recommendations.js
IP
199.232.196.134:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (32056)
Size
21 kB (21348 bytes)
Hash
cc096ed01d9a06d3ab3d999878e05618
8809009924e6ddc85944c6c2141139096b1a48c8
97112ede49e6de2ac98a6c50d7ca55218c158f555504f18b7ae1635fbc2dfed1

HTTP Headers

GET /recommendations.js HTTP/1.1
Host: igggames-cc.disqus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igg-games.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 21348
Server: openresty
Content-Type: application/javascript; charset=utf-8
Cache-Control: stale-while-revalidate=60, public, stale-if-error=86400, max-age=60
X-Service: router
Content-Encoding: gzip
Date: Thu, 01 Dec 2022 11:57:18 GMT
Age: 0
Vary: Accept-Encoding, Accept, Accept-Encoding, X-Forwarded-Proto, X-Disqus-Shortname, X-Disqus-Device, X-Disqus-Experiment, X-Disqus-Is-Private, X-Disqus-Development-Base
Strict-Transport-Security: max-age=300; includeSubdomains
Cross-Origin-Resource-Policy: cross-origin
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect

referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&load_time=318&event=init_embed&thread=8475327476&forum=igggames-cc&forum_id=5934107&imp=95uqepp20gfbiq&thread_slug=scars_of_summer_free_download&user_type=anon&referrer=https%3A%2F%2Figg-games.cc%2F&theme=next&dnt=0&tracking_enabled=0&experiment=network_default_hidden&variant=fallthrough&service=dynamic&promoted_enabled=false&max_enabled=false

199.232.192.134

200 OK

43 B

URL HTTP/1.1
referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&load_time=318&event=init_embed&thread=8475327476&forum=igggames-cc&forum_id=5934107&imp=95uqepp20gfbiq&thread_slug=scars_of_summer_free_download&user_type=anon&referrer=https%3A%2F%2Figg-games.cc%2F&theme=next&dnt=0&tracking_enabled=0&experiment=network_default_hidden&variant=fallthrough&service=dynamic&promoted_enabled=false&max_enabled=false
IP
199.232.192.134:0
ASN
#54113 FASTLY

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /juggler/event.gif?abe=0&embed_hidden=0&load_time=318&event=init_embed&thread=8475327476&forum=igggames-cc&forum_id=5934107&imp=95uqepp20gfbiq&thread_slug=scars_of_summer_free_download&user_type=anon&referrer=https%3A%2F%2Figg-games.cc%2F&theme=next&dnt=0&tracking_enabled=0&experiment=network_default_hidden&variant=fallthrough&service=dynamic&promoted_enabled=false&max_enabled=false HTTP/1.1
Host: referrer.disqus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://disqus.com/embed/comments/?base=default&f=igggames-cc&t_i=25648&t_u=https%3A%2F%2Figg-games.cc%2F25648-scars-of-summer-free-download.html&t_d=Scars%20of%20Summer%20Free%20Download&t_t=Scars%20of%20Summer%20Free%20Download&s_o=default
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 43
Server: nginx
Content-Type: image/gif
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Thu, 01 Dec 2022 11:57:18 GMT
Cross-Origin-Resource-Policy: cross-origin

d24ak3f2b.top/advertisers.js

64.58.113.244

200 OK

0 B

URL HTTP/1.1
d24ak3f2b.top/advertisers.js
IP
64.58.113.244:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: d24ak3f2b.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igg-games.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 01 Dec 2022 11:57:18 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive

cdn.viglink.com/images/pixel.gif?ch=1&rn=6.410854686985951

54.230.111.6

200 OK

43 B

URL HTTP/2
cdn.viglink.com/images/pixel.gif?ch=1&rn=6.410854686985951
IP
54.230.111.6:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

HTTP Headers

GET /images/pixel.gif?ch=1&rn=6.410854686985951 HTTP/1.1
Host: cdn.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igg-games.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
content-length: 43
last-modified: Tue, 10 Feb 2015 03:29:39 GMT
accept-ranges: bytes
server: AmazonS3
date: Thu, 01 Dec 2022 11:57:18 GMT
cache-control: max-age=15, must-revalidate
etag: "221d8352905f2c38b3cb2bd191d630b0"
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: HZk-bgGN0k8TFyoBS6jiZwZbJXhBzRPmVq85OvZFpf8vaP8hXvgD8A==
age: 3
X-Firefox-Spdy: h2

cdn.viglink.com/images/pixel.gif?ch=2&rn=6.410854686985951

54.230.111.6

200 OK

43 B

URL HTTP/2
cdn.viglink.com/images/pixel.gif?ch=2&rn=6.410854686985951
IP
54.230.111.6:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

HTTP Headers

GET /images/pixel.gif?ch=2&rn=6.410854686985951 HTTP/1.1
Host: cdn.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igg-games.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
content-length: 43
last-modified: Tue, 10 Feb 2015 03:29:39 GMT
accept-ranges: bytes
server: AmazonS3
date: Thu, 01 Dec 2022 11:57:18 GMT
cache-control: max-age=15, must-revalidate
etag: "221d8352905f2c38b3cb2bd191d630b0"
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: AwphcSriITHKJp94AWTtflh1UttAqO23OPTSDarc50coTw_oXWmLYQ==
age: 3
X-Firefox-Spdy: h2

disqus.com/recommendations/?base=default&f=igggames-cc&t_u=https%3A%2F%2Figg-games.cc%2F25648-scars-of-summer-free-download.html&t_d=Scars%20of%20Summer%20Free%20Download&t_t=Scars%20of%20Summer%20Free%20Download

151.101.192.134

200 OK

2.4 kB

URL HTTP/1.1
disqus.com/recommendations/?base=default&f=igggames-cc&t_u=https%3A%2F%2Figg-games.cc%2F25648-scars-of-summer-free-download.html&t_d=Scars%20of%20Summer%20Free%20Download&t_t=Scars%20of%20Summer%20Free%20Download
IP
151.101.192.134:0
ASN
#54113 FASTLY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (2883)
Size
2.4 kB (2356 bytes)
Hash
3be03c7b30568f174a0890b3a4040910
fae4acfaf87969be55c0c948ac0a5793dea22318
64039e93dddc3b7e9a7c055858cd20b19eda3583645dfbcd7c7556d3adb6e8e0

HTTP Headers

GET /recommendations/?base=default&f=igggames-cc&t_u=https%3A%2F%2Figg-games.cc%2F25648-scars-of-summer-free-download.html&t_d=Scars%20of%20Summer%20Free%20Download&t_t=Scars%20of%20Summer%20Free%20Download HTTP/1.1
Host: disqus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igg-games.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 2356
Server: nginx
Content-Type: text/html; charset=utf-8
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Last-Modified: Fri, 04 Dec 2020 03:26:17 GMT
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-while-revalidate=30, no-cache, must-revalidate, stale-if-error=3600, public
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Date: Thu, 01 Dec 2022 11:57:18 GMT
Age: 0
Vary: Accept-Encoding
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains

c.disquscdn.com/next/recommendations/recommendations.load.a8da87d7cbfbe43094a93ca94d7c15f4.js

143.204.55.72

200 OK

447 B

URL HTTP/2
c.disquscdn.com/next/recommendations/recommendations.load.a8da87d7cbfbe43094a93ca94d7c15f4.js
IP
143.204.55.72:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (923), with no line terminators
Size
447 B (447 bytes)
Hash
7b2b4e6322bfe3824b088b008e9df6eb
7f9ba4617174f744cc231926f24b809ebe66ae24
30e59c3418772e2ddd8cb6ffcfc0c512fad41860b4754a1482b53988954bcc2e

HTTP Headers

GET /next/recommendations/recommendations.load.a8da87d7cbfbe43094a93ca94d7c15f4.js HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://disqus.com
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 447
date: Tue, 29 Nov 2022 16:11:03 GMT
server: nginx
last-modified: Fri, 25 Nov 2022 05:53:01 GMT
etag: "6380583d-1bf"
content-encoding: gzip
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Wed, 29 Nov 2023 16:11:03 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: oBF-gljsLw25JSG9oc2wF7DipbvPsGc5Db3VrQxWylF2OYo_zrPzTw==
age: 157575
X-Firefox-Spdy: h2

c.disquscdn.com/next/recommendations/common.bundle.39e0b59fe2b480f09dc3146c64ff6edc.js

143.204.55.72

200 OK

89 kB

URL HTTP/2
c.disquscdn.com/next/recommendations/common.bundle.39e0b59fe2b480f09dc3146c64ff6edc.js
IP
143.204.55.72:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (32023)
Size
89 kB (88909 bytes)
Hash
b31b88c6e00a638cfb5b566bf512842e
e93bd167c71854d62f7aa3a7873d1d5dd2975ae9
36857765b66baf709ac00624f97742366d40b1d5649295d46c1f439ae06cc908

HTTP Headers

GET /next/recommendations/common.bundle.39e0b59fe2b480f09dc3146c64ff6edc.js HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 88909
date: Tue, 29 Nov 2022 16:11:03 GMT
server: nginx
last-modified: Fri, 25 Nov 2022 05:53:01 GMT
etag: "6380583d-15b4d"
content-encoding: gzip
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Wed, 29 Nov 2023 16:11:03 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: LAD-9RP__iT19F5MUdNj0DNYgOqf7HZiJLNuOsHWJLSIdI9NCu3-tQ==
age: 157575
X-Firefox-Spdy: h2

c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/upvote-512x512.png

143.204.55.72

200 OK

8.2 kB

URL HTTP/2
c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/upvote-512x512.png
IP
143.204.55.72:0
ASN
#16509 AMAZON-02

File type
PNG image data, 512 x 512, 4-bit colormap, non-interlaced\012- data
Size
8.2 kB (8170 bytes)
Hash
89ff513465e139d86c4a052f02d6dccf
781461f90f66ca20682e27f9062eabb4acfac039
ddc6aec4144b67f0a2a12d687f3c4b8a9faf7c445847d0e25dcb5bd1a9ba9018

HTTP Headers

GET /next/current/publisher-admin/assets/img/emoji/upvote-512x512.png HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 8170
server: nginx
last-modified: Fri, 25 Nov 2022 05:53:01 GMT
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
accept-ranges: bytes
date: Thu, 01 Dec 2022 11:55:34 GMT
expires: Thu, 01 Dec 2022 12:00:01 GMT
cache-control: max-age=300, public
etag: "6380583d-1fea"
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 7UBeW9r_CeVN_H_JAD6wVfx20TYZU-5c8G5lzeFtP7dIJepfgjadvg==
age: 137
X-Firefox-Spdy: h2

c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/funny-512x512.png

143.204.55.72

200 OK

8.9 kB

URL HTTP/2
c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/funny-512x512.png
IP
143.204.55.72:0
ASN
#16509 AMAZON-02

File type
PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Size
8.9 kB (8883 bytes)
Hash
80ec843281e6130a88e665c83c2c12d5
9c5f6596db508919719447b155b2483acf455918
20a91bd509668238b6af8e16475c5e2611bcd2861d0eec2e0d4f6815e81449bd

HTTP Headers

GET /next/current/publisher-admin/assets/img/emoji/funny-512x512.png HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 8883
server: nginx
last-modified: Fri, 25 Nov 2022 05:53:01 GMT
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
accept-ranges: bytes
date: Thu, 01 Dec 2022 11:56:01 GMT
expires: Thu, 01 Dec 2022 12:01:01 GMT
cache-control: max-age=300, public
etag: "6380583d-22b3"
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: NHSMQ3hxTkOg4hZntXII99ocmgB2_7w3iXERCJAUmIlINO7YK4iqOw==
age: 77
X-Firefox-Spdy: h2

c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/love-512x512.png

143.204.55.72

200 OK

12 kB

URL HTTP/2
c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/love-512x512.png
IP
143.204.55.72:0
ASN
#16509 AMAZON-02

File type
PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Size
12 kB (11910 bytes)
Hash
11d71f65e58bb5c9afb8534ba31c6f75
f6eda383c77467a03c7d8420e632f1a52840323d
e422b07ca1550e55cd90a518e910fd3cfb4d9337ea6092357f9761aa77ac9e33

HTTP Headers

GET /next/current/publisher-admin/assets/img/emoji/love-512x512.png HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 11910
server: nginx
last-modified: Fri, 25 Nov 2022 05:53:01 GMT
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
accept-ranges: bytes
date: Thu, 01 Dec 2022 11:56:51 GMT
expires: Thu, 01 Dec 2022 12:01:51 GMT
cache-control: max-age=300, public
etag: "6380583d-2e86"
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 6dltREaC-2bbPq3oXPaXYnCFg7Qhd9Gm3yqqjhwXEQG1pnCR9UauSQ==
age: 27
X-Firefox-Spdy: h2

c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/surprised-512x512.png

143.204.55.72

200 OK

7.3 kB

URL HTTP/2
c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/surprised-512x512.png
IP
143.204.55.72:0
ASN
#16509 AMAZON-02

File type
PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Size
7.3 kB (7308 bytes)
Hash
13431b9bca0ec3070b4277d7162d0755
7b2f254ac0fdf367c35f4c8dd4b14de44aedde52
4e14ce1bd0d4433eee84cbb16196a7a051126f07af888ef7f9d252120f32f907

HTTP Headers

GET /next/current/publisher-admin/assets/img/emoji/surprised-512x512.png HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 7308
server: nginx
last-modified: Fri, 25 Nov 2022 05:53:01 GMT
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
accept-ranges: bytes
date: Thu, 01 Dec 2022 11:55:34 GMT
expires: Thu, 01 Dec 2022 12:00:19 GMT
cache-control: max-age=300, public
etag: "6380583d-1c8c"
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 4z1fOLAzWHTcuImrkvNCFaFXpQ9OQAabLQ5MjaGGjyx9DY8WylbAZg==
age: 119
X-Firefox-Spdy: h2

c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/angry-512x512.png

143.204.55.72

200 OK

21 kB

URL HTTP/2
c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/angry-512x512.png
IP
143.204.55.72:0
ASN
#16509 AMAZON-02

File type
PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Size
21 kB (20675 bytes)
Hash
b45cab9606431ca5a8bf31869d1a6961
6e8a52f738ef316270abc1a3ee10be6531432d62
db865c8f3642f3485829c0ee0008fe04a32cc66af70867b39f60395a7fed3984

HTTP Headers

GET /next/current/publisher-admin/assets/img/emoji/angry-512x512.png HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 20675
server: nginx
last-modified: Fri, 25 Nov 2022 05:53:01 GMT
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
accept-ranges: bytes
date: Thu, 01 Dec 2022 11:55:38 GMT
expires: Thu, 01 Dec 2022 12:00:38 GMT
cache-control: max-age=300, public
etag: "6380583d-50c3"
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 3F1iVgaHT4Rd1YIIJRdXJKKUxuQAkYSYnedQMSDQnD8VbgGO7PS34g==
age: 100
X-Firefox-Spdy: h2

c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/sad-512x512.png

143.204.55.72

200 OK

9.0 kB

URL HTTP/2
c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/sad-512x512.png
IP
143.204.55.72:0
ASN
#16509 AMAZON-02

File type
PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Size
9.0 kB (8986 bytes)
Hash
e84a77b79c9a1423d57ef6cf7f6bb2d9
5877e999ab7ac53cce47c2de47311cb203834a0c
11c401a81e32b086bea3798c033009907b429fb601411da6ffc266b78184898a

HTTP Headers

GET /next/current/publisher-admin/assets/img/emoji/sad-512x512.png HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 8986
server: nginx
last-modified: Fri, 25 Nov 2022 05:53:01 GMT
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
accept-ranges: bytes
date: Thu, 01 Dec 2022 11:55:34 GMT
expires: Thu, 01 Dec 2022 12:00:18 GMT
cache-control: max-age=300, public
etag: "6380583d-231a"
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: F5jgKmah0PWmyLA-hHM1FTYQCKTxy1ADPaptvCiVx3EENZ4DGtimQg==
age: 120
X-Firefox-Spdy: h2

c.disquscdn.com/next/recommendations/styles/recommendations.10022a97346f1c6e3798931bbd8e4bb5.css

143.204.55.72

200 OK

3.0 kB

URL HTTP/2
c.disquscdn.com/next/recommendations/styles/recommendations.10022a97346f1c6e3798931bbd8e4bb5.css
IP
143.204.55.72:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (14131), with no line terminators
Size
3.0 kB (2978 bytes)
Hash
e469e3b929d327230768372d944c950f
a153a1db31549e58f4fb957c38f7e737075cec28
92ad1ac4b05d52f039295fc4b974be49f3ef60b8eb951bf0d2c9b87ae1898289

HTTP Headers

GET /next/recommendations/styles/recommendations.10022a97346f1c6e3798931bbd8e4bb5.css HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: text/css; charset=utf-8
content-length: 2978
date: Wed, 02 Nov 2022 06:51:49 GMT
server: nginx
last-modified: Thu, 27 Oct 2022 21:17:31 GMT
etag: "635af56b-ba2"
content-encoding: gzip
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Thu, 02 Nov 2023 06:51:49 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: eJso0bpJeZ7bh_31gijlyKZZFOHUmboVePrjFO1eUc0JWPZqyL9HkA==
age: 2523929
X-Firefox-Spdy: h2

c.disquscdn.com/next/recommendations/recommendations.bundle.a7942bfa7a9020c903037fbdc08e6ca7.js

143.204.55.72

200 OK

20 kB

URL HTTP/2
c.disquscdn.com/next/recommendations/recommendations.bundle.a7942bfa7a9020c903037fbdc08e6ca7.js
IP
143.204.55.72:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (32022)
Size
20 kB (20287 bytes)
Hash
23ad06e062dabb110472dcb577eb4632
076a74465e9a106b53dfe7bf7e20b26055fb426c
24301ea85d3ca431ada4eead60331ca94a9bc24e66601e2653bccd0086f8b4c5

HTTP Headers

GET /next/recommendations/recommendations.bundle.a7942bfa7a9020c903037fbdc08e6ca7.js HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 20287
date: Sun, 13 Nov 2022 01:02:19 GMT
server: nginx
last-modified: Fri, 11 Nov 2022 07:03:00 GMT
etag: "636df3a4-4f3f"
content-encoding: gzip
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Mon, 13 Nov 2023 01:02:19 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Goph8jvTGxPdxNOvNLOVCpqFIj-Wga96FnaM20arsM8I9TBwX_Rv8g==
age: 1594499
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
19741ebec8686cb577a2d29f93cc637b
efaad05750007f3b49a51ccd2e80f36d34d92cf4
20dc9d41a4644b71e08407122c7b384e646f24748eacb28c44082048b64b4744

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3400
Cache-Control: max-age=113079
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 11:57:18 GMT
Etag: "6387a00d-116"
Expires: Fri, 02 Dec 2022 19:21:57 GMT
Last-Modified: Wed, 30 Nov 2022 18:25:17 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 278

yearbookhobblespinal.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQYscRRitTlYQPSnx4EEZgkgEd7Z6pntn2hyiMUaCySYkkXitrqqeLbe6q6nqnt7dgywGJKDIBkFykt43myzRIMkPEGXWS1gQdzzooi4oingyIATEi8zuwOJ3qO%2Breu%2Fw3qvvvbVyl1CUbOfCObOstGYzYZM2jl1RmTCVa8xdbvi0SY83rqhsNjjeWBwftv%2BST8MmfaHxuuQLZqZFfUp96jdOKysTszizh0LldyK%2FGdFm0Gr6YYBF%2B%2F%2B7Kz045kH0d8mTUGL0yPz9e1B8iCy9e0q6hcLkL76WlpoVxqIvNt7MFjJTZUgPxsR6SLKNCRvGjQi5cQgm25g4gOmvjx0gViPife8jzjYmMhH3b%2B4rjTVkhlg8jqo%2FhNRDKDYEN1ehxDYBuMDceWTprTljK7a0j7IxOiJTD%2F%2BGqkZk6ucjyNLPT2q12LhkdFkokzksJjXU4hCqN0RebqJY9qCqTfDiXSjxDZl5eBZZun7eaQMldp4LYtrqsEROtyMppgM%2FaU93oy6fZp3ZIGZhKJhM9iJSagiVDKHlKpg7jNJ5KJWHMvFQ5h5SsdNgYZRQ2knipN3uBpzzdpvzsDsrQtEOuglFycceVlHkq%2BB6FdyuILcrWFDXt8kPsOVXcPM1nPDgCoK%2BqFFJgsoRVIygUgRVQVD165tCu5arbwntytif9Nakt%2BuBKXpr7KYpejIja%2FkueWIvuwcf%2FoYFudOIaciTTuiHs0JEjMowDDpRRCnrdmYTHvhwqoZyh8Cch2U1Ikf%2B%2BhW5GpFDczcQs004vQmungIrnwGrBp0WBZsfBF2K5ewuE25a9XrTPZZK1%2BQcwtTIiykUS96a3iVP72mJeAeSb7189J1%2Ffjz67e%2FgtkZua7ytvibo6WuDi6Yi6xdN5ci983mhUrXMxn98qWCFnPr0DblUGSvOnHKrt1%2FhY2A83rksXXGWZUJlPUc%2BO6mEkPa0sVySL864KzK%2BULr5k6XNyvzshVdPn0lzK51TJhuCqe3OR%2BBqRB47t7K3vc9%2BcB%2FKDmHLGmm5RSYFZTbB8xW4fOvEL7f%2F%2FUO%2FfwrOEFh9wIlzD1VZD2wrPnjUakSOHXkLWm6d%2BOnOo%2F7zfy6BxTWcPIghlltfPtjnr7lr6FkPrLiKLK3RtzX6ugbTq3Dl4UGR260T37X3CrH2BrG23nqsrb6%2BH69TOw0ZJjSRtCXjJIqTDqMiSoIoZpEvO3HIfBRuxK99%2FMl%2FAAAA%2F%2F8BAAD%2F%2F3lsbmyZBAAA

192.243.59.13

200 OK

7 B

URL HTTP/1.1
yearbookhobblespinal.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQYscRRitTlYQPSnx4EEZgkgEd7Z6pntn2hyiMUaCySYkkXitrqqeLbe6q6nqnt7dgywGJKDIBkFykt43myzRIMkPEGXWS1gQdzzooi4oingyIATEi8zuwOJ3qO%2Breu%2Fw3qvvvbVyl1CUbOfCObOstGYzYZM2jl1RmTCVa8xdbvi0SY83rqhsNjjeWBwftv%2BST8MmfaHxuuQLZqZFfUp96jdOKysTszizh0LldyK%2FGdFm0Gr6YYBF%2B%2F%2B7Kz045kH0d8mTUGL0yPz9e1B8iCy9e0q6hcLkL76WlpoVxqIvNt7MFjJTZUgPxsR6SLKNCRvGjQi5cQgm25g4gOmvjx0gViPife8jzjYmMhH3b%2B4rjTVkhlg8jqo%2FhNRDKDYEN1ehxDYBuMDceWTprTljK7a0j7IxOiJTD%2F%2BGqkZk6ucjyNLPT2q12LhkdFkokzksJjXU4hCqN0RebqJY9qCqTfDiXSjxDZl5eBZZun7eaQMldp4LYtrqsEROtyMppgM%2FaU93oy6fZp3ZIGZhKJhM9iJSagiVDKHlKpg7jNJ5KJWHMvFQ5h5SsdNgYZRQ2knipN3uBpzzdpvzsDsrQtEOuglFycceVlHkq%2BB6FdyuILcrWFDXt8kPsOVXcPM1nPDgCoK%2BqFFJgsoRVIygUgRVQVD165tCu5arbwntytif9Nakt%2BuBKXpr7KYpejIja%2FkueWIvuwcf%2FoYFudOIaciTTuiHs0JEjMowDDpRRCnrdmYTHvhwqoZyh8Cch2U1Ikf%2B%2BhW5GpFDczcQs004vQmungIrnwGrBp0WBZsfBF2K5ewuE25a9XrTPZZK1%2BQcwtTIiykUS96a3iVP72mJeAeSb7189J1%2Ffjz67e%2FgtkZua7ytvibo6WuDi6Yi6xdN5ci983mhUrXMxn98qWCFnPr0DblUGSvOnHKrt1%2FhY2A83rksXXGWZUJlPUc%2BO6mEkPa0sVySL864KzK%2BULr5k6XNyvzshVdPn0lzK51TJhuCqe3OR%2BBqRB47t7K3vc9%2BcB%2FKDmHLGmm5RSYFZTbB8xW4fOvEL7f%2F%2FUO%2FfwrOEFh9wIlzD1VZD2wrPnjUakSOHXkLWm6d%2BOnOo%2F7zfy6BxTWcPIghlltfPtjnr7lr6FkPrLiKLK3RtzX6ugbTq3Dl4UGR260T37X3CrH2BrG23nqsrb6%2BH69TOw0ZJjSRtCXjJIqTDqMiSoIoZpEvO3HIfBRuxK99%2FMl%2FAAAA%2F%2F8BAAD%2F%2F3lsbmyZBAAA
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSQYscRRitTlYQPSnx4EEZgkgEd7Z6pntn2hyiMUaCySYkkXitrqqeLbe6q6nqnt7dgywGJKDIBkFykt43myzRIMkPEGXWS1gQdzzooi4oingyIATEi8zuwOJ3qO%2Breu%2Fw3qvvvbVyl1CUbOfCObOstGYzYZM2jl1RmTCVa8xdbvi0SY83rqhsNjjeWBwftv%2BST8MmfaHxuuQLZqZFfUp96jdOKysTszizh0LldyK%2FGdFm0Gr6YYBF%2B%2F%2B7Kz045kH0d8mTUGL0yPz9e1B8iCy9e0q6hcLkL76WlpoVxqIvNt7MFjJTZUgPxsR6SLKNCRvGjQi5cQgm25g4gOmvjx0gViPife8jzjYmMhH3b%2B4rjTVkhlg8jqo%2FhNRDKDYEN1ehxDYBuMDceWTprTljK7a0j7IxOiJTD%2F%2BGqkZk6ucjyNLPT2q12LhkdFkokzksJjXU4hCqN0RebqJY9qCqTfDiXSjxDZl5eBZZun7eaQMldp4LYtrqsEROtyMppgM%2FaU93oy6fZp3ZIGZhKJhM9iJSagiVDKHlKpg7jNJ5KJWHMvFQ5h5SsdNgYZRQ2knipN3uBpzzdpvzsDsrQtEOuglFycceVlHkq%2BB6FdyuILcrWFDXt8kPsOVXcPM1nPDgCoK%2BqFFJgsoRVIygUgRVQVD165tCu5arbwntytif9Nakt%2BuBKXpr7KYpejIja%2FkueWIvuwcf%2FoYFudOIaciTTuiHs0JEjMowDDpRRCnrdmYTHvhwqoZyh8Cch2U1Ikf%2B%2BhW5GpFDczcQs004vQmungIrnwGrBp0WBZsfBF2K5ewuE25a9XrTPZZK1%2BQcwtTIiykUS96a3iVP72mJeAeSb7189J1%2Ffjz67e%2FgtkZua7ytvibo6WuDi6Yi6xdN5ci983mhUrXMxn98qWCFnPr0DblUGSvOnHKrt1%2FhY2A83rksXXGWZUJlPUc%2BO6mEkPa0sVySL864KzK%2BULr5k6XNyvzshVdPn0lzK51TJhuCqe3OR%2BBqRB47t7K3vc9%2BcB%2FKDmHLGmm5RSYFZTbB8xW4fOvEL7f%2F%2FUO%2FfwrOEFh9wIlzD1VZD2wrPnjUakSOHXkLWm6d%2BOnOo%2F7zfy6BxTWcPIghlltfPtjnr7lr6FkPrLiKLK3RtzX6ugbTq3Dl4UGR260T37X3CrH2BrG23nqsrb6%2BH69TOw0ZJjSRtCXjJIqTDqMiSoIoZpEvO3HIfBRuxK99%2FMl%2FAAAA%2F%2F8BAAD%2F%2F3lsbmyZBAAA HTTP/1.1
Host: yearbookhobblespinal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igg-games.cc/
Cookie: u_pl=15765220; uid_id2=4b027afe-39ed-41f3-898c-a764ba55daef:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecb05cf75156dd9a0e55479900a876fc41=[3760951]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 01 Dec 2022 11:57:18 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2f83e25b63a479cd5d68ffd045b151fe
Strict-Transport-Security: max-age=0; includeSubdomains

disqus.com/api/3.0/forums/details?forum=igggames-cc&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

151.101.192.134

200 OK

3.1 kB

URL HTTP/1.1
disqus.com/api/3.0/forums/details?forum=igggames-cc&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
IP
151.101.192.134:0
ASN
#54113 FASTLY

File type
JSON data\012- , ASCII text, with very long lines (3145), with no line terminators
Size
3.1 kB (3145 bytes)
Hash
896a56f84eb5866b5f82179d7a2fe779
58e8769a8641cd5dcef3707a33a9c83f60b9c866
7509bb2872e3ba1587476ee587829cb360125484cfda2a5d80c57506ae801290

HTTP Headers

GET /api/3.0/forums/details?forum=igggames-cc&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F HTTP/1.1
Host: disqus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://disqus.com/recommendations/?base=default&f=igggames-cc&t_u=https%3A%2F%2Figg-games.cc%2F25648-scars-of-summer-free-download.html&t_d=Scars%20of%20Summer%20Free%20Download&t_t=Scars%20of%20Summer%20Free%20Download
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 3145
Server: nginx
Content-Type: application/json
X-Frame-Options: SAMEORIGIN
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Thu, 01 Dec 2022 11:57:18 GMT
Age: 1
Vary: Origin, Cookie
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains

links.services.disqus.com/api/ping

199.232.196.64

200 OK

316 B

URL HTTP/1.1
links.services.disqus.com/api/ping
IP
199.232.196.64:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (316), with no line terminators
Size
316 B (316 bytes)
Hash
cec72669daf3aad7b0e8eb0c104f3386
075ec66f80145f705a503396bafb7a229c81dbbc
5c03f2f749511cb181f857eb4cca65e6aaaa8a472bb086797ae345e2b3e9d85d

HTTP Headers

POST /api/ping HTTP/1.1
Host: links.services.disqus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 168
Origin: https://igg-games.cc
Connection: keep-alive
Referer: https://igg-games.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 316
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://igg-games.cc
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Date: Thu, 01 Dec 2022 11:57:18 GMT
Set-Cookie: vglnk.Agent.p=e0474103c230feac15b9aa78ab45f1a3; Expires=Fri, 01 Dec 2023 11:57:18 GMT; path=/
vglnk.PartnerRfsh.p=; Expires=Fri, 01 Dec 2023 11:57:18 GMT; path=/

links.services.disqus.com/api/domains

199.232.196.64

200 OK

41 B

URL HTTP/1.1
links.services.disqus.com/api/domains
IP
199.232.196.64:0
ASN
#54113 FASTLY

File type
ASCII text, with no line terminators
Size
41 B (41 bytes)
Hash
09ba0e46f883f090ac075ca5e1305384
729f5ea464758b6bf634312fa833711fc4d20496
ad8794fccbef8a1572135f1aea1205a1cc9159ea652bec13188ed846b1e7ad6b

HTTP Headers

POST /api/domains HTTP/1.1
Host: links.services.disqus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 288
Origin: https://igg-games.cc
Connection: keep-alive
Referer: https://igg-games.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 41
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://igg-games.cc
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Date: Thu, 01 Dec 2022 11:57:19 GMT
Set-Cookie: vglnk.Agent.p=12f9c4a5f62edc8efc189a3b8fef70ab; Expires=Fri, 01 Dec 2023 11:57:19 GMT; path=/
vglnk.PartnerRfsh.p=; Expires=Fri, 01 Dec 2023 11:57:19 GMT; path=/

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
77a6b6638e0ee5ec4eeb988d3d3af050
219272781fc7a6ac331496b257c7976daa7b62de
d3092d8548c448fab08751eb00cce0ffb883786084d77320da1e0a858b70c5cb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3092D8548C448FAB08751EB00CCE0FFB883786084D77320DA1E0A858B70C5CB"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14790
Expires: Thu, 01 Dec 2022 16:03:49 GMT
Date: Thu, 01 Dec 2022 11:57:19 GMT
Connection: keep-alive

disqus.com/api/3.0/discovery/listRecommendations.json?forum=igggames-cc&thread=url%3Ahttps%3A%2F%2Figg-games.cc%2F25648-scars-of-summer-free-download.html&limit=8&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

151.101.192.134

200 OK

6.4 kB

URL HTTP/1.1
disqus.com/api/3.0/discovery/listRecommendations.json?forum=igggames-cc&thread=url%3Ahttps%3A%2F%2Figg-games.cc%2F25648-scars-of-summer-free-download.html&limit=8&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
IP
151.101.192.134:0
ASN
#54113 FASTLY

File type
JSON data\012- , ASCII text, with very long lines (6371), with no line terminators
Size
6.4 kB (6371 bytes)
Hash
4d021657071f73715da5d96c7e6117b4
66c2733016ac5fa94d036ef57717efe6ff96ca7b
3fcdd94af2b47723a4a1b344879ad1255e525c8ea8f2d68bd53fc42d92b93c89

HTTP Headers

GET /api/3.0/discovery/listRecommendations.json?forum=igggames-cc&thread=url%3Ahttps%3A%2F%2Figg-games.cc%2F25648-scars-of-summer-free-download.html&limit=8&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F HTTP/1.1
Host: disqus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://disqus.com/recommendations/?base=default&f=igggames-cc&t_u=https%3A%2F%2Figg-games.cc%2F25648-scars-of-summer-free-download.html&t_d=Scars%20of%20Summer%20Free%20Download&t_t=Scars%20of%20Summer%20Free%20Download
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 6371
Server: nginx
Content-Type: application/json
Cache-Control: stale-while-revalidate=450, public, max-age=1800
X-Frame-Options: SAMEORIGIN
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Thu, 01 Dec 2022 11:57:19 GMT
Age: 0
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains

c.disquscdn.com/get?url=https%3A%2F%2Figg-games.com%2Fwp-content%2Fuploads%2F2021%2F10%2FRenai-Karichaimashita-Koikari-Love-For-Hire-Free-Download.jpg&key=F2pcsPnTlwyb7we2b3rXJw&h=200

143.204.55.72

200 OK

17 kB

URL HTTP/2
c.disquscdn.com/get?url=https%3A%2F%2Figg-games.com%2Fwp-content%2Fuploads%2F2021%2F10%2FRenai-Karichaimashita-Koikari-Love-For-Hire-Free-Download.jpg&key=F2pcsPnTlwyb7we2b3rXJw&h=200
IP
143.204.55.72:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 75", baseline, precision 8, 348x200, components 3\012- data
Size
17 kB (16772 bytes)
Hash
2762942dd1c790ba6c62753abe8d438a
dd615bb256379682288c237ac4b59cf632441802
8eb53042fb6c3780dcf030e2a1eb1341510f499ce497e6402031d6df704a3a37

HTTP Headers

GET /get?url=https%3A%2F%2Figg-games.com%2Fwp-content%2Fuploads%2F2021%2F10%2FRenai-Karichaimashita-Koikari-Love-For-Hire-Free-Download.jpg&key=F2pcsPnTlwyb7we2b3rXJw&h=200 HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 16772
date: Sun, 27 Nov 2022 02:15:23 GMT
server: nginx
referrer-policy: no-referrer, strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d3Max%2BmNpy3Bo8h7dMckjktHDCt2wDr83rw0BNLdmyAhujJdRyln84m%2BHNsoHsfEjPedd38OPAB%2FkYtlJDc0g4fFmbXRMEdCA0A88XFd9pv74r28A6LHx0ZXV0JkUCOD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expires: Tue, 27 Dec 2022 02:15:23 GMT
cache-control: max-age=2592000
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
accept-ranges: bytes
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: gA73s1q_W-1Es4-FvMYKrpZkj0ScXHxI83ISNbPkVriyRV-P6TOPAA==
age: 380516
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

6.7 kB

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
6.7 kB (6719 bytes)
Hash
4d86615127e0da7fb568a13eb2ef3d26
1f9d470232d2ecbb706703583641db46743e8ffc
4e20c88072e151c5b97452cdaba6cbf7fa53f090d98ef6fa738e0d8d6230603a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E876BEFABFFDE8BD8DFBB45B626F5710C96FB51B3A18CB63767BFFC6197E7017"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8838
Expires: Thu, 01 Dec 2022 14:24:37 GMT
Date: Thu, 01 Dec 2022 11:57:19 GMT
Connection: keep-alive

c.disquscdn.com/get?url=https%3A%2F%2Figg-games.com%2Fwp-content%2Fuploads%2F2021%2F10%2FBlack-Widow-Recharged-Free-Download.jpg&key=dyT2ANmZdMKqaTUz5TUCww&h=200

143.204.55.72

200 OK

15 kB

URL HTTP/2
c.disquscdn.com/get?url=https%3A%2F%2Figg-games.com%2Fwp-content%2Fuploads%2F2021%2F10%2FBlack-Widow-Recharged-Free-Download.jpg&key=dyT2ANmZdMKqaTUz5TUCww&h=200
IP
143.204.55.72:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 75", baseline, precision 8, 348x200, components 3\012- data
Size
15 kB (14752 bytes)
Hash
d55ba73880a43b7acb49a53a05b5910b
0e71df554809ce23a92386f49f578a55972b1009
1c14819674ada0fe83ea6d72d5257c2277ca0f359d40bc74aa80a8effd33ff6b

HTTP Headers

GET /get?url=https%3A%2F%2Figg-games.com%2Fwp-content%2Fuploads%2F2021%2F10%2FBlack-Widow-Recharged-Free-Download.jpg&key=dyT2ANmZdMKqaTUz5TUCww&h=200 HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 14752
date: Wed, 09 Nov 2022 07:56:06 GMT
server: nginx
referrer-policy: no-referrer, strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xsZaSpLV3JTWVvnej03b953G%2BM9TDP%2Bw6Gsj53eVknk5F7%2Bd%2F9kHVSBekIvqnS8I56v4Q18jY7prJxrKbj0WJS2lz2QoOJvvM3cE7tNv3bZv5LkygPy%2BVjWmIZfwi92l"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expires: Fri, 09 Dec 2022 07:56:06 GMT
cache-control: max-age=2592000
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
accept-ranges: bytes
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ggOs0YX45qRplIzZTXTdUjYAGCC9q3G8g8vwjI-koL-r4SIMquWbXw==
age: 2046488
X-Firefox-Spdy: h2

c.disquscdn.com/get?url=https%3A%2F%2Figg-games.com%2Fwp-content%2Fuploads%2F2021%2F10%2FTactical-Combat-Department-Free-Download.jpg&key=k8oxNoC7omVgQrZlMsqKVA&h=200

143.204.55.72

200 OK

18 kB

URL HTTP/2
c.disquscdn.com/get?url=https%3A%2F%2Figg-games.com%2Fwp-content%2Fuploads%2F2021%2F10%2FTactical-Combat-Department-Free-Download.jpg&key=k8oxNoC7omVgQrZlMsqKVA&h=200
IP
143.204.55.72:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 75", baseline, precision 8, 348x200, components 3\012- data
Size
18 kB (17591 bytes)
Hash
c747b6b0ca19a65accc8e3549527e6c1
ae3b4522721fa26a8270ccf1ea917d1d670729db
efbdeda7acba6dedac41d9b529c37c0ed971b30c203f2b85f08f92bafa13a0a3

HTTP Headers

GET /get?url=https%3A%2F%2Figg-games.com%2Fwp-content%2Fuploads%2F2021%2F10%2FTactical-Combat-Department-Free-Download.jpg&key=k8oxNoC7omVgQrZlMsqKVA&h=200 HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 17591
date: Wed, 30 Nov 2022 03:21:13 GMT
server: nginx
referrer-policy: no-referrer, strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2FcLCQTZkRQlsx93kKLtxMcbvvaOrMG8%2BTwgSiX3a%2BUn4OlfhHEg5tHUVh5sqnUmpXidjQIqxmNkBjckH4K1uV5QPMsH9U1AUNyZDTo%2BbGumsS6YD5vabl4SnSYGqpt%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expires: Fri, 30 Dec 2022 03:21:13 GMT
cache-control: max-age=2592000
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
accept-ranges: bytes
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 7BZna4oUwEsQY16EscjXk-M9xdEoa5HcJCA1hLCnQbI38LUs-yJJuQ==
age: 117366
X-Firefox-Spdy: h2

c.disquscdn.com/get?url=https%3A%2F%2Figg-games.com%2Fwp-content%2Fuploads%2F2021%2F10%2FDarkest-Dungeon-II-Free-Download.jpg&key=ipwnzvXMGSTs3gn87OpVMQ&h=200

143.204.55.72

200 OK

15 kB

URL HTTP/2
c.disquscdn.com/get?url=https%3A%2F%2Figg-games.com%2Fwp-content%2Fuploads%2F2021%2F10%2FDarkest-Dungeon-II-Free-Download.jpg&key=ipwnzvXMGSTs3gn87OpVMQ&h=200
IP
143.204.55.72:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 75", baseline, precision 8, 356x200, components 3\012- data
Size
15 kB (14738 bytes)
Hash
94444b6192968604d3bedfaf68a32f19
9fa9523b5aab37de80408478d07fcae37bf2dd20
875a9af33d34d1cff02c6e83bc0d3a3cf25e6c682ba407f34cd20dd23fe49be2

HTTP Headers

GET /get?url=https%3A%2F%2Figg-games.com%2Fwp-content%2Fuploads%2F2021%2F10%2FDarkest-Dungeon-II-Free-Download.jpg&key=ipwnzvXMGSTs3gn87OpVMQ&h=200 HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 14738
date: Tue, 08 Nov 2022 03:57:56 GMT
server: nginx
referrer-policy: no-referrer, strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c7ChWcDRGb9R19glu4F6w8cp2hF6IXg19YscjBrdiiXxeyxp7qFBTei8z37LK7DJZPk%2BQ1QLnHICgIsnOqjwnByz3aUDiuLuGKDu4YpwLVf0rF%2B%2B9Ac778%2FROreY42cH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expires: Thu, 08 Dec 2022 03:57:56 GMT
cache-control: max-age=2592000
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
accept-ranges: bytes
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: lsZIs2aFZVWhY9taCLxAWXN306Ha3RzOSGJ9z9bcCxCkxOuaBVvt8A==
age: 2474455
X-Firefox-Spdy: h2

c.disquscdn.com/get?url=https%3A%2F%2Figg-games.com%2Fwp-content%2Fuploads%2F2021%2F10%2FThe-Sundew-Free-Download.jpg&key=ZIgjnbIKZA1X8Kk6jKEYQg&h=200

143.204.55.72

200 OK

17 kB

URL HTTP/2
c.disquscdn.com/get?url=https%3A%2F%2Figg-games.com%2Fwp-content%2Fuploads%2F2021%2F10%2FThe-Sundew-Free-Download.jpg&key=ZIgjnbIKZA1X8Kk6jKEYQg&h=200
IP
143.204.55.72:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 75", baseline, precision 8, 348x200, components 3\012- data
Size
17 kB (17166 bytes)
Hash
b9392ce6f683cbb26e5afd19d50140f7
a9dcb4221b85d88117ba737775e2eef50a576ec3
77ec5db708947bc3607fcb6a16505497077f626977d0fe8ca7fe527f108ce0ca

HTTP Headers

GET /get?url=https%3A%2F%2Figg-games.com%2Fwp-content%2Fuploads%2F2021%2F10%2FThe-Sundew-Free-Download.jpg&key=ZIgjnbIKZA1X8Kk6jKEYQg&h=200 HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 17166
date: Wed, 30 Nov 2022 00:12:21 GMT
server: nginx
referrer-policy: no-referrer, strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B8DXjZ5xuJMi%2BlDPy0RJfDcnhVlF5LLm6mOxdnC5F%2B5jRB5GY%2F7UlXnuNudXng3QmhGcM8n2wOgq8RD1CQ0csIN8Ig%2B2SKT7jcGjAzWfHyiIBHBn7ariKW84ORiJ%2Fex8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expires: Fri, 30 Dec 2022 00:12:21 GMT
cache-control: max-age=2592000
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
accept-ranges: bytes
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: or08EQk1woCTAa0Z6xr3BdgvNz68pwm_6kwMKGw59mMr8e_hn04gng==
age: 128698
X-Firefox-Spdy: h2

c.disquscdn.com/get?url=https%3A%2F%2Figg-games.com%2Fwp-content%2Fuploads%2F2021%2F10%2FLust-Theory-Season-1-Free-Download-1.jpg&key=zBBeH6yfKAldzoRU962wEw&h=200

143.204.55.72

200 OK

10 kB

URL HTTP/2
c.disquscdn.com/get?url=https%3A%2F%2Figg-games.com%2Fwp-content%2Fuploads%2F2021%2F10%2FLust-Theory-Season-1-Free-Download-1.jpg&key=zBBeH6yfKAldzoRU962wEw&h=200
IP
143.204.55.72:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 75", baseline, precision 8, 348x200, components 3\012- data
Size
10 kB (10271 bytes)
Hash
bb636c4e33920428190d8a5b9d1e0e4b
9fd27f4d29cf809a60759be08c3e853d93e4bf90
e310ca0cac11a50b328058758c122264156774cc28a62a00d871da409402a752

HTTP Headers

GET /get?url=https%3A%2F%2Figg-games.com%2Fwp-content%2Fuploads%2F2021%2F10%2FLust-Theory-Season-1-Free-Download-1.jpg&key=zBBeH6yfKAldzoRU962wEw&h=200 HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 10271
date: Thu, 24 Nov 2022 08:02:28 GMT
server: nginx
referrer-policy: no-referrer, strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YW6YeKl1a%2BBFP7TZI1gsjdJMvDIoGORcO3vGxwJ%2BDFL6m%2BLWvaxpIk3W%2BJc5mX4kAejLgWDUlEmbdGAlaMP1wIGTWnuFaNOOllS7RStkl7MYmMUEkqbRVsJkRlK%2FgOKX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expires: Sat, 24 Dec 2022 08:02:28 GMT
cache-control: max-age=2592000
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
accept-ranges: bytes
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: f8Wlxzx4YAByLAbAe1BiwDiC-egWUmGabgw-zv8upy61OAhhYlitPg==
age: 653553
X-Firefox-Spdy: h2

c.disquscdn.com/get?url=https%3A%2F%2Figg-games.com%2Fwp-content%2Fuploads%2F2021%2F10%2FFetish-Locator-Week-Two-Free-Download.jpg&key=8E7fwaeXnDlx6qIKs32_sg&h=200

143.204.55.72

200 OK

14 kB

URL HTTP/2
c.disquscdn.com/get?url=https%3A%2F%2Figg-games.com%2Fwp-content%2Fuploads%2F2021%2F10%2FFetish-Locator-Week-Two-Free-Download.jpg&key=8E7fwaeXnDlx6qIKs32_sg&h=200
IP
143.204.55.72:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 75", baseline, precision 8, 348x200, components 3\012- data
Size
14 kB (13706 bytes)
Hash
24c63251cd77762741c9317b7c1f0d91
b8d93021a6fb5960e87da56f5ecfebab1bb2be9d
28e0695578dafc644bcbc974138c4a95353c32d837dd3dcb29e106a51f3fd3e9

HTTP Headers

GET /get?url=https%3A%2F%2Figg-games.com%2Fwp-content%2Fuploads%2F2021%2F10%2FFetish-Locator-Week-Two-Free-Download.jpg&key=8E7fwaeXnDlx6qIKs32_sg&h=200 HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 13706
date: Thu, 10 Nov 2022 01:48:33 GMT
server: nginx
referrer-policy: no-referrer, strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9yCGKcnwd2n3gdgd2slYjIbM9u8f%2F49RS6P2I4oGa3ErG3rOcMw3eLR1ZiGmH5%2F4SUzejE6Dfn99arW%2FK%2FsbOERaenPDrBN7hHO%2B%2F5e1coNOTsFAbPlx7XV4s7nmHPKA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expires: Sat, 10 Dec 2022 01:48:33 GMT
cache-control: max-age=2592000
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
accept-ranges: bytes
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _3wfXygBtpU84MNaRtuNC9of1RTm5tLHyXJrFHaGivx0S0uRl6pBKw==
age: 2003517
X-Firefox-Spdy: h2

c.disquscdn.com/get?url=https%3A%2F%2Figg-games.com%2Fwp-content%2Fuploads%2F2021%2F10%2FGrim-Nights-2-Free-Download.jpg&key=PuKBOFp-7my8Za9ioOaOqA&h=200

143.204.55.72

200 OK

7.7 kB

URL HTTP/2
c.disquscdn.com/get?url=https%3A%2F%2Figg-games.com%2Fwp-content%2Fuploads%2F2021%2F10%2FGrim-Nights-2-Free-Download.jpg&key=PuKBOFp-7my8Za9ioOaOqA&h=200
IP
143.204.55.72:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 75", baseline, precision 8, 348x200, components 3\012- data
Size
7.7 kB (7676 bytes)
Hash
703bbaa1e1abd7c9b1d79ba0f461aae3
76e7007e33ece6df317698106d38fb29b25dc4ba
97feeca367ece86cfe7987bc8c4cbc9235c1c3a86d7cc0bf463b65e2b3f9c742

HTTP Headers

GET /get?url=https%3A%2F%2Figg-games.com%2Fwp-content%2Fuploads%2F2021%2F10%2FGrim-Nights-2-Free-Download.jpg&key=PuKBOFp-7my8Za9ioOaOqA&h=200 HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 7676
date: Tue, 29 Nov 2022 01:46:29 GMT
server: nginx
referrer-policy: no-referrer, strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2DtzPBoiooMuJDMYBWZ5L%2Fu4GOXv4lbbRcSUYnbP0AZDG3QgMxvqG6czxyRsCZN7HGtCA6yqOvAm%2BHIslLPojGLwvFAGDShLlrVQzQ3eRr3mgEpMNRRv7E44hyxPERgg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expires: Thu, 29 Dec 2022 01:46:29 GMT
cache-control: max-age=2592000
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
accept-ranges: bytes
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rB5JjU7dYYBO1bZThZsMJ9D9PYxj9gS7frRCsXlrqlfkRHMtycFA5A==
age: 327043
X-Firefox-Spdy: h2

unseenreport.com/pxf.gif?uuid=32178727-48ef-4724-a72b-0ca834efd9f4&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=b05cf75156dd9a0e55479900a876fc41&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=11

192.243.59.13

200 OK

1 B

URL HTTP/1.1
unseenreport.com/pxf.gif?uuid=32178727-48ef-4724-a72b-0ca834efd9f4&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=b05cf75156dd9a0e55479900a876fc41&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=11
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=32178727-48ef-4724-a72b-0ca834efd9f4&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=b05cf75156dd9a0e55479900a876fc41&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=11 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igg-games.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 01 Dec 2022 11:57:19 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e8882bc7a6b7c4f011f4aa0bd6840f00
Strict-Transport-Security: max-age=0; includeSubdomains

www.spikereekvelocity.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=15765219

173.233.137.36

200 OK

1.3 kB

URL HTTP/1.1
www.spikereekvelocity.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=15765219
IP
173.233.137.36:0
ASN
#7979 SERVERS-COM

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
1.3 kB (1258 bytes)
Hash
8ea0dcd356f095a0c88bf829d55d44c0
82a040fcef2b798812d2cb46d98984431f98ed16
b5771120299ae54995f257bca957e78cd05487cbf924cf5e6c7b7dc216052fdc

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=15765219 HTTP/1.1
Host: www.spikereekvelocity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igg-games.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 01 Dec 2022 11:57:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16122660; expires=Fri, 02 Dec 2022 11:57:19 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTU3NjUyMTkiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9pZ2ctZ2FtZXMuY2MvIn19.Lot06upWKfz70UpQRZNdJDSOoF5vMKj9e3gyCpNEI-4; expires=Thu, 01 Dec 2022 11:58:19 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: aa317a529be231e29af1f5da0758746b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

unseenreport.com/pxf.gif?uuid=32178727-48ef-4724-a72b-0ca834efd9f4&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=b353f519af43f14cd46c4b529e95b229&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=11

192.243.59.13

200 OK

1 B

URL HTTP/1.1
unseenreport.com/pxf.gif?uuid=32178727-48ef-4724-a72b-0ca834efd9f4&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=b353f519af43f14cd46c4b529e95b229&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=11
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=32178727-48ef-4724-a72b-0ca834efd9f4&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=b353f519af43f14cd46c4b529e95b229&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=11 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igg-games.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 01 Dec 2022 11:57:19 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 992058f8fba9044be3489d8567c4c935
Strict-Transport-Security: max-age=0; includeSubdomains

e1.o.lencr.org/

23.36.76.226

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
3c22f6742a681063615a548ae5fbc532
631eaaad4049c5b6f54eb2b4e127b77240868636
a8e170fec241ad3ec9acc075fa8d7ce2184d129bf69f5ace3e7229aa3bfd59c7

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "A8E170FEC241AD3EC9ACC075FA8D7CE2184D129BF69F5ACE3E7229AA3BFD59C7"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2765
Expires: Thu, 01 Dec 2022 12:43:24 GMT
Date: Thu, 01 Dec 2022 11:57:19 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.76.226

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
3c22f6742a681063615a548ae5fbc532
631eaaad4049c5b6f54eb2b4e127b77240868636
a8e170fec241ad3ec9acc075fa8d7ce2184d129bf69f5ace3e7229aa3bfd59c7

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "A8E170FEC241AD3EC9ACC075FA8D7CE2184D129BF69F5ACE3E7229AA3BFD59C7"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2765
Expires: Thu, 01 Dec 2022 12:43:24 GMT
Date: Thu, 01 Dec 2022 11:57:19 GMT
Connection: keep-alive

yearbookhobblespinal.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fbrowsers%2Fff%2F3%2Findex.html&l=1525&fd=733

192.243.59.13

200 OK

0 B

URL HTTP/1.1
yearbookhobblespinal.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fbrowsers%2Fff%2F3%2Findex.html&l=1525&fd=733
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fbrowsers%2Fff%2F3%2Findex.html&l=1525&fd=733 HTTP/1.1
Host: yearbookhobblespinal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igg-games.cc/
Cookie: u_pl=15765220; uid_id2=4b027afe-39ed-41f3-898c-a764ba55daef:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecb05cf75156dd9a0e55479900a876fc41=[3760951]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 01 Dec 2022 11:57:19 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

www.spikereekvelocity.com/dyfc1k09?shu=1d75d53aec2a7f4a0d5f859dac9523765b4815dd917901087af9792a210507e2625a516869cdb38bf7a9f5f2b76b2bf040a34c0e6e7f176f33f5382a1ac38af82ce490268ced28f19a1d6716125bf638da7c5f92f4ba638c83c4b1d627e4f938&pst=1669895899&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Figg-games.cc%2F&psid=15765219

173.233.137.36

302 Found

0 B

URL HTTP/1.1
www.spikereekvelocity.com/dyfc1k09?shu=1d75d53aec2a7f4a0d5f859dac9523765b4815dd917901087af9792a210507e2625a516869cdb38bf7a9f5f2b76b2bf040a34c0e6e7f176f33f5382a1ac38af82ce490268ced28f19a1d6716125bf638da7c5f92f4ba638c83c4b1d627e4f938&pst=1669895899&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Figg-games.cc%2F&psid=15765219
IP
173.233.137.36:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /dyfc1k09?shu=1d75d53aec2a7f4a0d5f859dac9523765b4815dd917901087af9792a210507e2625a516869cdb38bf7a9f5f2b76b2bf040a34c0e6e7f176f33f5382a1ac38af82ce490268ced28f19a1d6716125bf638da7c5f92f4ba638c83c4b1d627e4f938&pst=1669895899&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Figg-games.cc%2F&psid=15765219 HTTP/1.1
Host: www.spikereekvelocity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.spikereekvelocity.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660
Cookie: u_pl=16122660; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTU3NjUyMTkiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9pZ2ctZ2FtZXMuY2MvIn19.Lot06upWKfz70UpQRZNdJDSOoF5vMKj9e3gyCpNEI-4; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

HTTP/1.1 302 Found
Server: nginx/1.19.5
Date: Thu, 01 Dec 2022 11:57:19 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://spo76rt28r.com/news.php?key=ra60tm42lesurp8cpy3o&SUB_ID_SHORT(action)=1912945e9e66143f1514f3f8f700058c&COST_CPA=0.700000&PLACEMENT_ID=16122660&BANNER_ID=2033306&COUNTRY_CODE=NO&IAB_CATEGORY=IAB24&BROWSER_NAME=Firefox&USER_OS=Windows&PUBLISHER_ID=97299&ZONE_ID=146415&USER_CARRIER=Blix%20Solutions&CATEGORY_ALIAS=Other
Set-Cookie: iprcaa07b238856edb552131e1067de134be=3806410; expires=Fri, 02 Dec 2022 11:57:19 GMT
pdhtkv=true; expires=Fri, 02 Dec 2022 11:57:19 GMT
uncs=1; expires=Fri, 02 Dec 2022 11:57:19 GMT
pdhtkv28=true; expires=Fri, 02 Dec 2022 11:57:19 GMT
uncs28=1; expires=Fri, 02 Dec 2022 11:57:19 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e307743cc35a80336aea7e9a966f970f
Strict-Transport-Security: max-age=0; includeSubdomains

spo76rt28r.com/news.php?key=ra60tm42lesurp8cpy3o&SUB_ID_SHORT(action)=1912945e9e66143f1514f3f8f700058c&COST_CPA=0.700000&PLACEMENT_ID=16122660&BANNER_ID=2033306&COUNTRY_CODE=NO&IAB_CATEGORY=IAB24&BROWSER_NAME=Firefox&USER_OS=Windows&PUBLISHER_ID=97299&ZONE_ID=146415&USER_CARRIER=Blix%20Solutions&CATEGORY_ALIAS=Other

78.46.92.254

302 Found

0 B

URL HTTP/1.1
spo76rt28r.com/news.php?key=ra60tm42lesurp8cpy3o&SUB_ID_SHORT(action)=1912945e9e66143f1514f3f8f700058c&COST_CPA=0.700000&PLACEMENT_ID=16122660&BANNER_ID=2033306&COUNTRY_CODE=NO&IAB_CATEGORY=IAB24&BROWSER_NAME=Firefox&USER_OS=Windows&PUBLISHER_ID=97299&ZONE_ID=146415&USER_CARRIER=Blix%20Solutions&CATEGORY_ALIAS=Other
IP
78.46.92.254:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /news.php?key=ra60tm42lesurp8cpy3o&SUB_ID_SHORT(action)=1912945e9e66143f1514f3f8f700058c&COST_CPA=0.700000&PLACEMENT_ID=16122660&BANNER_ID=2033306&COUNTRY_CODE=NO&IAB_CATEGORY=IAB24&BROWSER_NAME=Firefox&USER_OS=Windows&PUBLISHER_ID=97299&ZONE_ID=146415&USER_CARRIER=Blix%20Solutions&CATEGORY_ALIAS=Other HTTP/1.1
Host: spo76rt28r.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Server: nginx/1.22.0
Date: Thu, 01 Dec 2022 11:57:20 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uclick=h9b71mftfe; expires=Fri, 02-Dec-2022 11:57:20 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=h9b71mftfe-h9b71mftfe-17dz-166o-ir8n-bza7-oje8-89956b; expires=Fri, 02-Dec-2022 11:57:20 GMT; Max-Age=86400; path=/; secure; SameSite=none
Location: https://bo2217ok3tro9.com/1/?lpkey=160c6957892b615b40&uclick=h9b71mftfe&uclickhash=h9b71mftfe-h9b71mftfe-17dz-166o-ir8n-bza7-oje8-89956b
Strict-Transport-Security: max-age=31536000

bo2217ok3tro9.com/1/?lpkey=160c6957892b615b40&uclick=h9b71mftfe&uclickhash=h9b71mftfe-h9b71mftfe-17dz-166o-ir8n-bza7-oje8-89956b

78.46.92.254

200 OK

1.4 kB

URL HTTP/1.1
bo2217ok3tro9.com/1/?lpkey=160c6957892b615b40&uclick=h9b71mftfe&uclickhash=h9b71mftfe-h9b71mftfe-17dz-166o-ir8n-bza7-oje8-89956b
IP
78.46.92.254:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
1.4 kB (1429 bytes)
Hash
0bbb113ff85b78b6485a9783946e6948
8663005f0ad88c2a768937edb56177387103594d
70c7e9fa94eb5b8fb5b61e0ee25167ace062bea13773331f7d02814822fbf004

HTTP Headers

GET /1/?lpkey=160c6957892b615b40&uclick=h9b71mftfe&uclickhash=h9b71mftfe-h9b71mftfe-17dz-166o-ir8n-bza7-oje8-89956b HTTP/1.1
Host: bo2217ok3tro9.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 01 Dec 2022 11:57:20 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
a7768a8a4d5f2b246e1c7184e4526eef
424a0bbdad4a58e0eeced80d976613d4925a8f55
6233da50858bbd760a4da93d72eaf8b0a3379184601e8eb76db9a306af568c71

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1495
Cache-Control: max-age=98554
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 11:57:20 GMT
Etag: "63876ec3-117"
Expires: Fri, 02 Dec 2022 15:19:54 GMT
Last-Modified: Wed, 30 Nov 2022 14:54:59 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
16c3ad4a2bc7f419fb354b37778f8b2f
d193a1336556dcf6b4975a057e7c849037eef0ff
5993deb5a53b2e844b9027a6b6906c718f6e9f69c27388199c4343a80ef067f6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 11:57:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/recaptcha/api.js

216.58.211.4

200 OK

553 B

URL HTTP/2
www.google.com/recaptcha/api.js
IP
216.58.211.4:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (850), with no line terminators
Size
553 B (553 bytes)
Hash
1309ff133720d219cc98090d66a051ed
b96fc5a893e42be16d687d7abdecdb13d348a019
358683c66634ea5ee3021c93111d8621d583880bcbbfadf3ec2ff87a15ea1038

HTTP Headers

GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bo2217ok3tro9.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
expires: Thu, 01 Dec 2022 11:57:20 GMT
date: Thu, 01 Dec 2022 11:57:20 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 553
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
533f66ef53706466ce20dc9aebf11812
0c0d713d538eb224deeb9241917a117205f16cb2
8ce7b68022c847b59b9a132ada3a75eea73bb57bae4683901c8df08fa255ba79

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 11:57:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
188c50963e7939b1f26a31dbcb8c8200
859416e6148ea6618584e53604efcf072bb989cc
3a313cd3c1693a886bfbf6ffc6fbac78f87e6ded2b9a7749553444ada65ce36e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 11:57:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtm.js?id=GTM-547JG5H

142.250.74.168

200 OK

39 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-547JG5H
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1921)
Size
39 kB (38567 bytes)
Hash
62eae8a87df3300f817698a28646ee92
bb7a371a35d1f60cb4b3ce1895f8ed76ebfb2f59
2447e1e627ce8d3ea062dd20f2c4309cf5600fe301634b53735cd7ff7b4654af

HTTP Headers

GET /gtm.js?id=GTM-547JG5H HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bo2217ok3tro9.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 01 Dec 2022 11:57:20 GMT
expires: Thu, 01 Dec 2022 11:57:20 GMT
cache-control: private, max-age=900
last-modified: Thu, 01 Dec 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 38567
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

bo2217ok3tro9.com/1/bg.png

78.46.92.254

200 OK

61 kB

URL HTTP/1.1
bo2217ok3tro9.com/1/bg.png
IP
78.46.92.254:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 400 x 299, 8-bit grayscale, non-interlaced\012- data
Size
61 kB (61362 bytes)
Hash
d7096ad35844972e015e865729d13235
42c79d98b50275dcc447bd61d845ee2ed52ae45e
8bccdb408e67a3b44e0f5d417486c8d251f2e4acbae8542465aad3c7052341dd

HTTP Headers

GET /1/bg.png HTTP/1.1
Host: bo2217ok3tro9.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bo2217ok3tro9.com/1/?lpkey=160c6957892b615b40&uclick=h9b71mftfe&uclickhash=h9b71mftfe-h9b71mftfe-17dz-166o-ir8n-bza7-oje8-89956b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 01 Dec 2022 11:57:20 GMT
Content-Type: image/png
Content-Length: 61362
Last-Modified: Wed, 13 Jul 2022 07:58:38 GMT
Connection: keep-alive
ETag: "62ce7b2e-efb2"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes

bo2217ok3tro9.com/favicon.png

78.46.92.254

404 Not Found

114 B

URL HTTP/1.1
bo2217ok3tro9.com/favicon.png
IP
78.46.92.254:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
114 B (114 bytes)
Hash
b9841984dca9ab290d79563f36ae6d8d
35a6cc4edf0c92bd155144871968659dafb4d1c3
546c212f587bf539f97ed64bbc3ae6c09bd7ee64976e71f091df859c217a0c14

HTTP Headers

GET /favicon.png HTTP/1.1
Host: bo2217ok3tro9.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bo2217ok3tro9.com/1/?lpkey=160c6957892b615b40&uclick=h9b71mftfe&uclickhash=h9b71mftfe-h9b71mftfe-17dz-166o-ir8n-bza7-oje8-89956b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Server: nginx/1.22.0
Date: Thu, 01 Dec 2022 11:57:20 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 11:57:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js

142.250.74.35

200 OK

163 kB

URL HTTP/2
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (730)
Size
163 kB (162976 bytes)
Hash
79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6

HTTP Headers

GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bo2217ok3tro9.com
Connection: keep-alive
Referer: https://bo2217ok3tro9.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 19:09:57 GMT
expires: Tue, 28 Nov 2023 19:09:57 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 233243
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.35

200 OK

15 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 21:48:03 GMT
expires: Fri, 24 Nov 2023 21:48:03 GMT
cache-control: public, max-age=31536000
age: 569358
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

unpkg.com/axios@1.2.0/dist/axios.min.js

104.16.124.175

200 OK

0 B

URL HTTP/2
unpkg.com/axios@1.2.0/dist/axios.min.js
IP
104.16.124.175:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /axios@1.2.0/dist/axios.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bo2217ok3tro9.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 11:57:20 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"7396-Wc6sdIzlj1RsovoMRKQah8UZFhA"
via: 1.1 fly.io
fly-request-id: 01GJGC0D1SRCGJTEVMAF435H8Z-ams
cf-cache-status: HIT
age: 751578
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 772ba50cdaee1bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2

igg-games.cc/25648-scars-of-summer-free-download.html

188.114.96.1

200 OK

0 B

URL HTTP/2
igg-games.cc/25648-scars-of-summer-free-download.html
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /25648-scars-of-summer-free-download.html HTTP/1.1
Host: igg-games.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Thu, 01 Dec 2022 11:57:15 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=ge1d8t0s9gr9l5b6ld8081nnsm; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r8jneaxmwNjkwnBHhvuJPW0WD6IDCMEoWbt9cg%2FEQQbQxXrlxgsKCWqa51mfAt6WR146suw8YOzbbxKimmpyQxd8z1Q5CGjm%2B%2F%2F8cel9%2B1Uc4PwPU3aupCFET%2BgFFdY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772ba4ec8c21b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

friendshipmale.com/sfp.js

172.64.203.23

200 OK

0 B

URL HTTP/2
friendshipmale.com/sfp.js
IP
172.64.203.23:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igg-games.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 01 Dec 2022 11:57:16 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 66440ce40b101845b191d8c802daf1f8
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Thu, 01 Dec 2022 11:57:16 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DoPvmgGpnXM4lqBN8n0X5eC%2Fl%2FOlvi6j1CkCeCSh3HHJHu%2FV3LZtuECcKwWljDuA2%2F71uM74cUrBCLjGw8N6LThSxYaqjAAjG1rwHcdCHs9qWzyxlAC96YfA0GRgSXGWkoBNU44%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 772ba4f49db08926-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

igg-games.cc/assets/img/clock.svg

188.114.96.1

200 OK

0 B

URL HTTP/2
igg-games.cc/assets/img/clock.svg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/img/clock.svg HTTP/1.1
Host: igg-games.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igg-games.cc/25648-scars-of-summer-free-download.html
Cookie: PHPSESSID=ge1d8t0s9gr9l5b6ld8081nnsm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 11:57:15 GMT
content-type: image/svg+xml
last-modified: Fri, 05 Feb 2021 13:23:21 GMT
etag: W/"235-5ba96b9588440"
cache-control: max-age=14400
expires: Thu, 01 Dec 2022 12:51:31 GMT
cf-cache-status: HIT
age: 3944
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CiJcE1kKt6HEBaaK1o4uFPYp%2FpS%2BDrMOIAdkPDyHmvhem7eqeMLLcjv8Y27k4seUOt%2BqACIQiGH1lNXQP9iAz4WojDyguRObu8jKH0d2akesBZ9R6AWlzJlijmJa5ko%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 772ba4ee1e6cb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.yourwebbars.com/sb/notifications/software/multi/browsers/ff/3/index.html

104.26.7.19

200 OK

0 B

URL HTTP/2
cdn.yourwebbars.com/sb/notifications/software/multi/browsers/ff/3/index.html
IP
104.26.7.19:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sb/notifications/software/multi/browsers/ff/3/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://igg-games.cc
Connection: keep-alive
Referer: https://igg-games.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 01 Dec 2022 11:57:19 GMT
content-type: text/html
last-modified: Thu, 08 Sep 2022 07:49:53 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6BD9a20e8KlcQ1lvaB%2FmnGtihXO9CMdWgXq9IW2NND9UEfzVA6db52d7kMJsMzmD2z5k404tRQf78caDbKnQeExHhbPv2TzzixR5l9IJGAHeS24x%2FNo7gJKtUkFBezjnqx0AUhQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 772ba50129bbb4f3-OSL
content-encoding: br
X-Firefox-Spdy: h2

unpkg.com/axios/dist/axios.min.js

104.16.124.175

302 Found

0 B

URL HTTP/2
unpkg.com/axios/dist/axios.min.js
IP
104.16.124.175:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /axios/dist/axios.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bo2217ok3tro9.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Thu, 01 Dec 2022 11:57:20 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /axios@1.2.0/dist/axios.min.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GK6RQ7F7HMYETAEN46GM8GZG-fra
cf-cache-status: HIT
age: 50
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 772ba50cbad31bfe-OSL
X-Firefox-Spdy: h2

igg-games.cc/assets/img/link.svg

188.114.96.1

200 OK

0 B

URL HTTP/2
igg-games.cc/assets/img/link.svg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/img/link.svg HTTP/1.1
Host: igg-games.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igg-games.cc/25648-scars-of-summer-free-download.html
Cookie: PHPSESSID=ge1d8t0s9gr9l5b6ld8081nnsm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 11:57:15 GMT
content-type: image/svg+xml
last-modified: Fri, 05 Feb 2021 13:23:21 GMT
etag: W/"33e-5ba96b9588440"
cache-control: max-age=14400
expires: Thu, 01 Dec 2022 12:51:32 GMT
cf-cache-status: HIT
age: 3943
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EMLDErb%2BsieFZ%2BZty7vSlP8Iu6kEkdL4jcaudU2CuySdTM9Yg5STbFHjJ3B0LnUyabmMSfafJJlMEL4Xz18D1JZpga%2BT3qt5tQqGrsXQmaJZpExkmrzn0OU2eeIjgrM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 772ba4ee2e84b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

igg-games.cc/assets/js/app.min.js?v1.0.0

188.114.96.1

200 OK

0 B

URL HTTP/2
igg-games.cc/assets/js/app.min.js?v1.0.0
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/app.min.js?v1.0.0 HTTP/1.1
Host: igg-games.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igg-games.cc/25648-scars-of-summer-free-download.html
Cookie: PHPSESSID=ge1d8t0s9gr9l5b6ld8081nnsm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 11:57:15 GMT
content-type: application/javascript
last-modified: Fri, 05 Feb 2021 13:23:21 GMT
etag: W/"fc2ce-5ba96b9588440-gzip"
cache-control: max-age=259200
expires: Fri, 02 Dec 2022 15:17:41 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 160774
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VL52Vp2xDQwUFK5S%2FPF%2FoO0rqb%2Bbb%2BzP8WuEI%2BwSyELlYFTpPDbedkJYQmlD7u93b9N3zgVqomCNofmVPI328volYFdS%2B3wK7NPDGNwjyXoGyjNDIlFB3McyVmYT1JU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772ba4ee2e87b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (41)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP