Report - goocivede.com/?l=k9CnI4sNudOwbBW&b=17360875&z=5628284&s=64800e8a1a9534000111b05b&campid=430839&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93_

Report Overview

Submitted URL
goocivede.com/?l=k9CnI4sNudOwbBW&b=17360875&z=5628284&s=64800e8a1a9534000111b05b&campid=430839&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&ymid=64800e8a1a9534000111b05b
IP
139.45.197.156
ASN
#9002 RETN Limited
Submitted
2023-06-07 04:59:25
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
14

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
datatechone.com	unknown	2021-12-24	2015-06-17	2023-06-06	530 B	466 B	139.45.195.253
cdntechone.com	64371	2021-12-24	2021-12-24	2023-06-06	401 B	19 kB	172.64.141.36
goocivede.com	unknown	2023-06-02	2023-06-02	2023-06-06	6.1 kB	419 kB	139.45.197.156
littlecdn.com	11785	2019-06-04	2019-06-04	2023-06-06	1.5 kB	1.3 MB	172.67.10.98
my.rtmark.net	9054	2014-10-29	2015-02-04	2023-06-06	896 B	1.5 kB	139.45.195.8
ocsp.sectigo.com	487	2018-08-16	2019-11-29	2023-06-06	330 B	963 B	104.18.15.101

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator
2023-06-07	medium	goocivede.com
2023-06-07	medium	goocivede.com
2023-06-07	medium	goocivede.com
2023-06-07	medium	goocivede.com
2023-06-07	medium	goocivede.com
2023-06-07	medium	goocivede.com
2023-06-07	medium	goocivede.com

ThreatFox

No alerts detected

JavaScript (17)

	URL	Size	First Seen	Last Seen
	goocivede.com/?l=k9CnI4sNudOwbBW&b=17360875&z=5628284&s=64800e8a1a9534000111b05b&campid=430839&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&ymid=64800e8a1a9534000111b05b	32 B	2023-03-13	2024-01-28
Pretty URL goocivede.com/?l=k9CnI4sNudOwbBW&b=17360875&z=5628284&s=64800e8a1a9534000111b05b&campid=430839&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&ymid=64800e8a1a9534000111b05b IP 139.45.197.156 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 19:53:55 Last Seen2024-01-28 19:21:22 Times Seen1703 Hash 4e5e8fb36d83dde24fb98e62a9779375 da75c65907e31036bfef95ac91601b3d748c1344 5c68e3331e69338f026762bb1b00dc710d7fe9c4eb0ae299d534010aa9ab33ab Loading...

	goocivede.com/?l=k9CnI4sNudOwbBW&b=17360875&z=5628284&s=64800e8a1a9534000111b05b&campid=430839&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&ymid=64800e8a1a9534000111b05b	332 B	2023-03-14	2024-04-23
Pretty URL goocivede.com/?l=k9CnI4sNudOwbBW&b=17360875&z=5628284&s=64800e8a1a9534000111b05b&campid=430839&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&ymid=64800e8a1a9534000111b05b IP 139.45.197.156 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-14 01:32:19 Last Seen2024-04-23 21:54:51 Times Seen1280 Hash 52d382e83f41fc840c1bcd927c97e49e 388f8db07351da5b427cafb6ecfc92743a10f0ad 08b2904b157a5fb364299a696d706bedd3919d410472994cf0251200ca81f1b6 Loading...

	goocivede.com/?l=k9CnI4sNudOwbBW&b=17360875&z=5628284&s=64800e8a1a9534000111b05b&campid=430839&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&ymid=64800e8a1a9534000111b05b	978 B	2023-05-16	2023-08-13
Pretty URL goocivede.com/?l=k9CnI4sNudOwbBW&b=17360875&z=5628284&s=64800e8a1a9534000111b05b&campid=430839&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&ymid=64800e8a1a9534000111b05b IP 139.45.197.156 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-16 23:16:15 Last Seen2023-08-13 03:48:56 Times Seen456 Hash c6ab66a155db334b0e62c47b2d51ebc9 fe206a4db5046163a542d8eae401c0e807337dad 3d659d1acd89e88db92e6434c7e6194775d7e8e652418cee6c89587cc617bd60 Loading...

	goocivede.com/?l=k9CnI4sNudOwbBW&b=17360875&z=5628284&s=64800e8a1a9534000111b05b&campid=430839&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&ymid=64800e8a1a9534000111b05b	38 B	2023-03-13	2024-04-25
Pretty URL goocivede.com/?l=k9CnI4sNudOwbBW&b=17360875&z=5628284&s=64800e8a1a9534000111b05b&campid=430839&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&ymid=64800e8a1a9534000111b05b IP 139.45.197.156 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 22:51:58 Last Seen2024-04-25 13:01:48 Times Seen5353 Hash 3ea1379d18e4ec6bccefeba76a1b33b4 90afb068cee6917494ddd820bcb2fe44de7e5e43 15c832dee58f1c08fb6bf51935a10f95cb0482d19441cefbb469a82278e54bae Loading...

	goocivede.com/?l=k9CnI4sNudOwbBW&b=17360875&z=5628284&s=64800e8a1a9534000111b05b&campid=430839&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&ymid=64800e8a1a9534000111b05b	11 kB	2023-06-07	2023-06-07
Pretty URL goocivede.com/?l=k9CnI4sNudOwbBW&b=17360875&z=5628284&s=64800e8a1a9534000111b05b&campid=430839&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&ymid=64800e8a1a9534000111b05b IP 139.45.197.156 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-07 06:59:26 Last Seen2023-06-07 06:59:26 Times Seen1 Hash c890db19fc7df30be6ab352a91f19d4a c34de6fb8d79eb04083fff67e9dd335d7789c3ba acb016dc75de2708fde41e7e0944e14109f5409085f13ee80c508d1cdbb2850a Loading...

	goocivede.com/?l=k9CnI4sNudOwbBW&b=17360875&z=5628284&s=64800e8a1a9534000111b05b&campid=430839&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&ymid=64800e8a1a9534000111b05b	4.0 kB	2023-06-07	2023-06-07
Pretty URL goocivede.com/?l=k9CnI4sNudOwbBW&b=17360875&z=5628284&s=64800e8a1a9534000111b05b&campid=430839&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&ymid=64800e8a1a9534000111b05b IP 139.45.197.156 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-07 06:59:26 Last Seen2023-06-07 06:59:26 Times Seen1 Hash 8a468c23336f0e8fb67d94edd7d46d87 2b610d19617aa032ca13958c044838deced8c07a 08e519a8faf0975805dabab6df276d94705bbe7b2a16d42e2c668a650b571e94 Loading...

	goocivede.com/?l=k9CnI4sNudOwbBW&b=17360875&z=5628284&s=64800e8a1a9534000111b05b&campid=430839&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&ymid=64800e8a1a9534000111b05b	489 B	2023-03-07	2024-02-16
Pretty URL goocivede.com/?l=k9CnI4sNudOwbBW&b=17360875&z=5628284&s=64800e8a1a9534000111b05b&campid=430839&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&ymid=64800e8a1a9534000111b05b IP 139.45.197.156 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03:03 Last Seen2024-02-16 12:44:28 Times Seen5069 Hash b59d52e5c8c1c905dd20084f27bc5261 492b79822be8f2f1d46714e43274e2500de5c0c5 4795baeddefb045a60541029990e6da282eb7d0cb2f9d20da866382567029649 Loading...

	goocivede.com/?l=k9CnI4sNudOwbBW&b=17360875&z=5628284&s=64800e8a1a9534000111b05b&campid=430839&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&ymid=64800e8a1a9534000111b05b	27 B	2023-03-07	2024-04-25
Pretty URL goocivede.com/?l=k9CnI4sNudOwbBW&b=17360875&z=5628284&s=64800e8a1a9534000111b05b&campid=430839&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&ymid=64800e8a1a9534000111b05b IP 139.45.197.156 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:27:36 Last Seen2024-04-25 09:47:31 Times Seen3008 Hash dcdca1271ff14fa2a37aac2fdd562ad7 6f8d97801b33f24f2a736c00e1bc5805d9fd5eb7 66d82b0643143d1e9fa6ec2c7e07af701b2b274bc4db74b60ee4dcf5862d229c Loading...

	goocivede.com/?l=k9CnI4sNudOwbBW&b=17360875&z=5628284&s=64800e8a1a9534000111b05b&campid=430839&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&ymid=64800e8a1a9534000111b05b	5.6 kB	2023-06-07	2023-06-07
Pretty URL goocivede.com/?l=k9CnI4sNudOwbBW&b=17360875&z=5628284&s=64800e8a1a9534000111b05b&campid=430839&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&ymid=64800e8a1a9534000111b05b IP 139.45.197.156 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-07 06:59:26 Last Seen2023-06-07 06:59:26 Times Seen1 Hash 489f539d8505aa81069b1bbc82740c0d b153dcddb1ef44de1d245bd30657cba1283b123a af6f9696c0dff5985c4e349d922ca97f5053e8901b872bccb6aa780bab5eb982 Loading...

	goocivede.com/?l=k9CnI4sNudOwbBW&b=17360875&z=5628284&s=64800e8a1a9534000111b05b&campid=430839&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&ymid=64800e8a1a9534000111b05b	3.0 kB	2023-05-06	2024-02-19
Pretty URL goocivede.com/?l=k9CnI4sNudOwbBW&b=17360875&z=5628284&s=64800e8a1a9534000111b05b&campid=430839&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&ymid=64800e8a1a9534000111b05b IP 139.45.197.156 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-06 09:59:04 Last Seen2024-02-19 06:07:20 Times Seen112 Hash 5a291902893692fbb17dfd65c9ff4ca1 7d732591b8427f7c55eb5ce94b22de9ca3e9ece3 bcf9d25b721d8beb0aa5ec6a32dbc15f0d4cb59e6ebcc93fb4da50226cb753a3 Loading...

	goocivede.com/?l=k9CnI4sNudOwbBW&b=17360875&z=5628284&s=64800e8a1a9534000111b05b&campid=430839&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&ymid=64800e8a1a9534000111b05b	243 B	2023-03-07	2024-04-18
Pretty URL goocivede.com/?l=k9CnI4sNudOwbBW&b=17360875&z=5628284&s=64800e8a1a9534000111b05b&campid=430839&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&ymid=64800e8a1a9534000111b05b IP 139.45.197.156 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 13:21:30 Last Seen2024-04-18 13:14:14 Times Seen1018 Hash 9c8b4c2757a2ba84e7374a4a2fb73e6d 824c4afa2e871938c12f7c5698fe98f3f19a95c5 415d44cc3ea93f4be94854a2677c8fef5a136343c45546c218d0fb25d5092bc1 Loading...

	goocivede.com/pfe/current/micro.tag.min.js?uhd=1&z=5256482&ymid=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&var=5628284&sw=/sw-check-permissions/5256482&var_3=17360875_430839	42 kB	2023-06-02	2023-10-13
Pretty URL goocivede.com/pfe/current/micro.tag.min.js?uhd=1&z=5256482&ymid=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&var=5628284&sw=/sw-check-permissions/5256482&var_3=17360875_430839 IP 139.45.197.156 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-02 15:59:24 Last Seen2023-10-13 16:29:22 Times Seen1059 Hash e204f67bb8419861390e10b3622cf6d7 ab1fb1305fb4780c71b851b821d3e083f522ff1a c6f10a8ca367a8e72b3ac96138ac8d1dcaf095cdaa7c5ca0c26b7ea652263eac Loading...

	goocivede.com/?l=k9CnI4sNudOwbBW&b=17360875&z=5628284&s=64800e8a1a9534000111b05b&campid=430839&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&ymid=64800e8a1a9534000111b05b	2.1 kB	2023-05-06	2023-06-20
Pretty URL goocivede.com/?l=k9CnI4sNudOwbBW&b=17360875&z=5628284&s=64800e8a1a9534000111b05b&campid=430839&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&ymid=64800e8a1a9534000111b05b IP 139.45.197.156 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-06 09:59:04 Last Seen2023-06-20 13:06:09 Times Seen46 Hash df37bd97f06a8812fbdfc2707a4f6fae fd04939380476748456314ae61f1a6187dfbc13e 93dd54d649fe230485c1782bdc4d34c643696ceda77a93bfcfbcfcbc438ec1c0 Loading...

	goocivede.com/?l=k9CnI4sNudOwbBW&b=17360875&z=5628284&s=64800e8a1a9534000111b05b&campid=430839&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&ymid=64800e8a1a9534000111b05b	3.7 kB	2023-04-05	2023-07-04
Pretty URL goocivede.com/?l=k9CnI4sNudOwbBW&b=17360875&z=5628284&s=64800e8a1a9534000111b05b&campid=430839&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&ymid=64800e8a1a9534000111b05b IP 139.45.197.156 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 01:39:26 Last Seen2023-07-04 05:43:10 Times Seen122 Hash 4e514f316db401f0fb6c33bec933bbb6 dfa09cc56c2a4165089fe971aaec7f4c70f32741 f053895f5402707a43b7c5cb0d4e6435a1d6959251fb414d9ff3bfc76ab5fdb5 Loading...

	goocivede.com/?l=k9CnI4sNudOwbBW&b=17360875&z=5628284&s=64800e8a1a9534000111b05b&campid=430839&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&ymid=64800e8a1a9534000111b05b	2.8 kB	2023-05-06	2023-06-20
Pretty URL goocivede.com/?l=k9CnI4sNudOwbBW&b=17360875&z=5628284&s=64800e8a1a9534000111b05b&campid=430839&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&ymid=64800e8a1a9534000111b05b IP 139.45.197.156 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-06 09:59:04 Last Seen2023-06-20 13:06:09 Times Seen46 Hash 9fc5efa32d15b9a3928087b1848d3828 aeb348098b879988364230d522346081d509ecab 04ccc3a62206a1ed1b73a8866c190eb8e6215dcd995ce808c49e43b7ce4991ec Loading...

	goocivede.com/?l=k9CnI4sNudOwbBW&b=17360875&z=5628284&s=64800e8a1a9534000111b05b&campid=430839&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&ymid=64800e8a1a9534000111b05b	2.7 kB	2023-06-07	2023-06-07
Pretty URL goocivede.com/?l=k9CnI4sNudOwbBW&b=17360875&z=5628284&s=64800e8a1a9534000111b05b&campid=430839&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&ymid=64800e8a1a9534000111b05b IP 139.45.197.156 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-07 06:59:26 Last Seen2023-06-07 06:59:26 Times Seen1 Hash fc968cb94cd8ded3c8a216b65af4fc49 f9f356fc4ac9dfd9750c0bd177ffffc16bdeb1f8 5f5055cc760101f789ee8e46c6aa465aea0c559012b16be1d2ac30163e582fa6 Loading...

	cdntechone.com/stattag.js	18 kB	2023-05-22	2023-09-07
Pretty URL cdntechone.com/stattag.js IP 172.64.141.36 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-22 16:28:01 Last Seen2023-09-07 08:45:40 Times Seen4488 Hash 0fdff67feab23cc69ecfb6800fc54cb7 eb84c650e6d27e290795207b1f37dd7b67f2aa06 456e420aecd5ac679cc2bcb33daf7c063f54894fd076e99e05c06629234d3378 Loading...

HTTP Transactions (15)

URL IP Response Size

goocivede.com/pfe/current/micro.tag.min.js?uhd=1&z=5256482&ymid=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&var=5628284&sw=/sw-check-permissions/5256482&var_3=17360875_430839

139.45.197.156

200 OK

355 kB

URL GET HTTP/2
goocivede.com/pfe/current/micro.tag.min.js?uhd=1&z=5256482&ymid=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&var=5628284&sw=/sw-check-permissions/5256482&var_3=17360875_430839
IP
139.45.197.156:443
ASN
#9002 RETN Limited

Requested by
https://goocivede.com/?l=k9CnI4sNudOwbBW&b=17360875&z=5628284&s=64800e8a1a9534000111b05b&campid=430839&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&ymid=64800e8a1a9534000111b05b
Certificate
IssuerLet's Encrypt
Subjectgoocivede.com
Fingerprint66:2E:57:7E:EA:BE:CA:89:08:2B:06:11:C4:4B:14:98:21:3B:AD:65
ValidityFri, 02 Jun 2023 11:46:57 GMT - Thu, 31 Aug 2023 11:46:56 GMT

File type
C source, ASCII text, with very long lines (42013), with no line terminators
Size
355 kB (354961 bytes)
Hash
e204f67bb8419861390e10b3622cf6d7
ab1fb1305fb4780c71b851b821d3e083f522ff1a
c6f10a8ca367a8e72b3ac96138ac8d1dcaf095cdaa7c5ca0c26b7ea652263eac

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pfe/current/micro.tag.min.js?uhd=1&z=5256482&ymid=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&var=5628284&sw=/sw-check-permissions/5256482&var_3=17360875_430839 HTTP/1.1
Host: goocivede.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goocivede.com/?l=k9CnI4sNudOwbBW&b=17360875&z=5628284&s=64800e8a1a9534000111b05b&campid=430839&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&ymid=64800e8a1a9534000111b05b
Cookie: reverse=XoylB_EsEnGgb54WDuRPbM5MDW5d8PUl9pv3oC0oEQA; OAID=9eb0cb6e8e675d07996abd60c99ff85a; oaidts=1686113947
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Jun 2023 04:59:07 GMT
content-type: application/javascript
last-modified: Fri, 02 Jun 2023 13:09:05 GMT
vary: Accept-Encoding
etag: W/"6479e9f1-a41d"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: br
X-Firefox-Spdy: h2

littlecdn.com/apps/templates/_assets/videos/dating/5.mp4

172.67.10.98

206 Partial Content

968 kB

URL GET HTTP/2
littlecdn.com/apps/templates/_assets/videos/dating/5.mp4
IP
172.67.10.98:443
ASN
#13335 CLOUDFLARENET

Requested by
https://goocivede.com/?l=k9CnI4sNudOwbBW&b=17360875&z=5628284&s=64800e8a1a9534000111b05b&campid=430839&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&ymid=64800e8a1a9534000111b05b
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF9:14:9E:F3:4F:17:83:0E:22:54:EF:3E:FD:37:20:6C:1D:08:CE:1F
ValidityTue, 11 Apr 2023 00:00:00 GMT - Wed, 10 Apr 2024 23:59:59 GMT

File type
ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size
968 kB (968522 bytes)
Hash
404e6afdf8e6e90efb0ca81a5c160180
713a8db6b9c17d70c577b1684d02669771f5f4ea
5039915e3497a2230a31543807c5e016bc9896b677ff85a3c782395ffa2bf9b0

HTTP Headers

GET /apps/templates/_assets/videos/dating/5.mp4 HTTP/1.1
Host: littlecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://goocivede.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 206 Partial Content
date: Wed, 07 Jun 2023 04:59:07 GMT
content-type: video/mp4
content-length: 968522
last-modified: Fri, 02 Jun 2023 12:44:38 GMT
vary: Accept-Encoding
etag: "6479e436-ec74a"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
cf-cache-status: REVALIDATED
content-range: bytes 0-968521/968522
server: cloudflare
cf-ray: 7d3652ebcc99b51b-OSL
X-Firefox-Spdy: h2

my.rtmark.net/gid.js?userId=9eb0cb6e8e675d07996abd60c99ff85a

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js?userId=9eb0cb6e8e675d07996abd60c99ff85a
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://goocivede.com/?l=k9CnI4sNudOwbBW&b=17360875&z=5628284&s=64800e8a1a9534000111b05b&campid=430839&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&ymid=64800e8a1a9534000111b05b
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
Fingerprint84:56:36:C3:24:DE:FB:F0:E7:EB:EB:9D:C8:B6:28:31:B5:3C:8B:80
ValiditySat, 06 May 2023 08:48:01 GMT - Fri, 04 Aug 2023 08:48:00 GMT

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
9ad1ef343500615979018235c4f3202f
c10aa359e31a746842e96b1d3d08471d8e5b0fdd
26ea0db78cc8b4ac6bd0c56eea61b52aadd0614243aed4ceca59e173ac52cb1d

HTTP Headers

GET /gid.js?userId=9eb0cb6e8e675d07996abd60c99ff85a HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goocivede.com/
Origin: https://goocivede.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 07 Jun 2023 04:59:07 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://goocivede.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=9eb0cb6e8e675d07996abd60c99ff85a; expires=Thu, 06 Jun 2024 04:59:07 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

my.rtmark.net/gid.js

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://goocivede.com/?l=k9CnI4sNudOwbBW&b=17360875&z=5628284&s=64800e8a1a9534000111b05b&campid=430839&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&ymid=64800e8a1a9534000111b05b
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
Fingerprint84:56:36:C3:24:DE:FB:F0:E7:EB:EB:9D:C8:B6:28:31:B5:3C:8B:80
ValiditySat, 06 May 2023 08:48:01 GMT - Fri, 04 Aug 2023 08:48:00 GMT

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
b9fbca6ad185b47b9055f6a769c7591c
83ef943a903c68e41f38d0311419821c55a28c74
96b682d7fc91c997892dd253d5e1a1ddd819437c6afe3b72898a388c8e8dd7d3

HTTP Headers

GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goocivede.com/
Origin: https://goocivede.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Jun 2023 04:59:07 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://goocivede.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=c33ae84300594fd1a46704a541fee7a0; expires=Thu, 06 Jun 2024 04:59:07 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

goocivede.com/zone?&pub=0&zone_id=5256482&is_mobile=false&domain=goocivede.com&var=5628284&ymid=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&var_3=17360875_430839&var_4=&dsig=&action=prerequest

139.45.197.156

200 OK

0 B

URL POST HTTP/2
goocivede.com/zone?&pub=0&zone_id=5256482&is_mobile=false&domain=goocivede.com&var=5628284&ymid=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&var_3=17360875_430839&var_4=&dsig=&action=prerequest
IP
139.45.197.156:443
ASN
#9002 RETN Limited

Requested by
https://goocivede.com/?l=k9CnI4sNudOwbBW&b=17360875&z=5628284&s=64800e8a1a9534000111b05b&campid=430839&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&ymid=64800e8a1a9534000111b05b
Certificate
IssuerLet's Encrypt
Subjectgoocivede.com
Fingerprint66:2E:57:7E:EA:BE:CA:89:08:2B:06:11:C4:4B:14:98:21:3B:AD:65
ValidityFri, 02 Jun 2023 11:46:57 GMT - Thu, 31 Aug 2023 11:46:56 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /zone?&pub=0&zone_id=5256482&is_mobile=false&domain=goocivede.com&var=5628284&ymid=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&var_3=17360875_430839&var_4=&dsig=&action=prerequest HTTP/1.1
Host: goocivede.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goocivede.com
DNT: 1
Connection: keep-alive
Referer: https://goocivede.com/?l=k9CnI4sNudOwbBW&b=17360875&z=5628284&s=64800e8a1a9534000111b05b&campid=430839&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&ymid=64800e8a1a9534000111b05b
Cookie: reverse=XoylB_EsEnGgb54WDuRPbM5MDW5d8PUl9pv3oC0oEQA; OAID=9eb0cb6e8e675d07996abd60c99ff85a; oaidts=1686113947
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Jun 2023 04:59:07 GMT
content-length: 0
x-trace-id: 0f74c13f6e205c4d4a089f0b786641d3
access-control-allow-origin: https://goocivede.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.15.101

471 B

URL
ocsp.sectigo.com/
IP
104.18.15.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
2e5bd52099cb7bb00d6158d34afd16a4
499c0eb240719ee25c75d3c611ec95666b0738e3
3782ac2a7fbbceb89e2db7b06824689cc21fda66f534172139e9ff534fc6c9a3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 07 Jun 2023 04:59:08 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 05 Jun 2023 02:07:10 GMT
Expires: Mon, 12 Jun 2023 02:07:09 GMT
Etag: "499c0eb240719ee25c75d3c611ec95666b0738e3"
Cache-Control: max-age=421728,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d3652efc829b51b-OSL

goocivede.com/sw-check-permissions/5256482?var=5628284&var_3=17360875_430839&ymid=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&uhd=1

139.45.197.156

200 OK

285 B

URL GET HTTP/2
goocivede.com/sw-check-permissions/5256482?var=5628284&var_3=17360875_430839&ymid=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&uhd=1
IP
139.45.197.156:443
ASN
#9002 RETN Limited

Requested by
https://goocivede.com/?l=k9CnI4sNudOwbBW&b=17360875&z=5628284&s=64800e8a1a9534000111b05b&campid=430839&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&ymid=64800e8a1a9534000111b05b
Certificate
IssuerLet's Encrypt
Subjectgoocivede.com
Fingerprint66:2E:57:7E:EA:BE:CA:89:08:2B:06:11:C4:4B:14:98:21:3B:AD:65
ValidityFri, 02 Jun 2023 11:46:57 GMT - Thu, 31 Aug 2023 11:46:56 GMT

File type
Java source, ASCII text
Size
285 B (285 bytes)
Hash
59c43cfdc20d6738f173dc4f421d1982
3e75e8fb0dafc1dc66974211dcfc6a03738d1464
e62271174993f8116dc8fd1aa67eeb9cb88438a7e5e9474df1537d35ee5ee64e

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /sw-check-permissions/5256482?var=5628284&var_3=17360875_430839&ymid=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&uhd=1 HTTP/1.1
Host: goocivede.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://goocivede.com/?l=k9CnI4sNudOwbBW&b=17360875&z=5628284&s=64800e8a1a9534000111b05b&campid=430839&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&ymid=64800e8a1a9534000111b05b
Cookie: reverse=XoylB_EsEnGgb54WDuRPbM5MDW5d8PUl9pv3oC0oEQA; OAID=9eb0cb6e8e675d07996abd60c99ff85a; oaidts=1686113947; syncedCookie=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Jun 2023 04:59:07 GMT
content-type: application/javascript
vary: Accept-Encoding
x-powered-by: PHP/7.4.27
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: br
X-Firefox-Spdy: h2

goocivede.com/favicon.ico

139.45.197.156

204 No Content

0 B

URL GET HTTP/2
goocivede.com/favicon.ico
IP
139.45.197.156:443
ASN
#9002 RETN Limited

Requested by
https://goocivede.com/?l=k9CnI4sNudOwbBW&b=17360875&z=5628284&s=64800e8a1a9534000111b05b&campid=430839&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&ymid=64800e8a1a9534000111b05b
Certificate
IssuerLet's Encrypt
Subjectgoocivede.com
Fingerprint66:2E:57:7E:EA:BE:CA:89:08:2B:06:11:C4:4B:14:98:21:3B:AD:65
ValidityFri, 02 Jun 2023 11:46:57 GMT - Thu, 31 Aug 2023 11:46:56 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: goocivede.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goocivede.com/?l=k9CnI4sNudOwbBW&b=17360875&z=5628284&s=64800e8a1a9534000111b05b&campid=430839&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&ymid=64800e8a1a9534000111b05b
Cookie: reverse=XoylB_EsEnGgb54WDuRPbM5MDW5d8PUl9pv3oC0oEQA; OAID=c33ae84300594fd1a46704a541fee7a0; oaidts=1686113947; syncedCookie=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Wed, 07 Jun 2023 04:59:08 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

littlecdn.com/apps/templates/questions/video-bg/css/style.css?v=1

172.67.10.98

200 OK

5.9 kB

URL GET HTTP/2
littlecdn.com/apps/templates/questions/video-bg/css/style.css?v=1
IP
172.67.10.98:443
ASN
#13335 CLOUDFLARENET

Requested by
https://goocivede.com/?l=k9CnI4sNudOwbBW&b=17360875&z=5628284&s=64800e8a1a9534000111b05b&campid=430839&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&ymid=64800e8a1a9534000111b05b
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF9:14:9E:F3:4F:17:83:0E:22:54:EF:3E:FD:37:20:6C:1D:08:CE:1F
ValidityTue, 11 Apr 2023 00:00:00 GMT - Wed, 10 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (6289), with no line terminators
Size
5.9 kB (5873 bytes)
Hash
12c178d07c2d854af16b9527ff43b6d4
140d579c530f5b9aa068c4488f7ef5cae108265c
1fbd5955c653000637d7437681a9f3f1e398b8fd0682af3f688d9694e0235a73

HTTP Headers

GET /apps/templates/questions/video-bg/css/style.css?v=1 HTTP/1.1
Host: littlecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goocivede.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 07 Jun 2023 04:59:07 GMT
content-type: text/css
last-modified: Fri, 02 Jun 2023 12:44:38 GMT
vary: Accept-Encoding
etag: W/"6479e436-16f1"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
cf-cache-status: HIT
age: 5040
server: cloudflare
cf-ray: 7d3652eb3c39b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2

goocivede.com/track-impression-applab?z=5628284&b=17360875&ymid=64800e8a1a9534000111b05b&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&var_3=17360875_430839&redirect=false&redirectUrl=https%3A%2F%2Ftrk.mail.ru%2Fc%2Fb1gnt7%3Fmt_gaid%3D%7Bmt_gaid%7D%26did%3D%24%7BSUBID%7D%26mt_sub1%3Dzeydoo_2%253A5628284%253A474_89a3984a-749c-48ba-be56-29d12d6d1b93__%253A1%253A%7Bbrowser%7D%26mt_sub2%3D5628284%26mt_creative%3D17360875%26land_state%3Dbefore_render%26land_id%3Dk9CnI4sNudOwbBW%26land_generation_time%3D2023-06-06_23%3A59%3A07%26land_error_code%3D%26ruid%3D%7Bruid%7D%26mgeo%3D%7Bmgeo%7D%26oaid%3D9eb0cb6e8e675d07996abd60c99ff85a%26land_type%3Drtr%26land_tracker%3Dmarker%26land_purchase_method%3Dapk

139.45.197.156

200 OK

825 B

URL GET HTTP/2
goocivede.com/track-impression-applab?z=5628284&b=17360875&ymid=64800e8a1a9534000111b05b&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&var_3=17360875_430839&redirect=false&redirectUrl=https%3A%2F%2Ftrk.mail.ru%2Fc%2Fb1gnt7%3Fmt_gaid%3D%7Bmt_gaid%7D%26did%3D%24%7BSUBID%7D%26mt_sub1%3Dzeydoo_2%253A5628284%253A474_89a3984a-749c-48ba-be56-29d12d6d1b93__%253A1%253A%7Bbrowser%7D%26mt_sub2%3D5628284%26mt_creative%3D17360875%26land_state%3Dbefore_render%26land_id%3Dk9CnI4sNudOwbBW%26land_generation_time%3D2023-06-06_23%3A59%3A07%26land_error_code%3D%26ruid%3D%7Bruid%7D%26mgeo%3D%7Bmgeo%7D%26oaid%3D9eb0cb6e8e675d07996abd60c99ff85a%26land_type%3Drtr%26land_tracker%3Dmarker%26land_purchase_method%3Dapk
IP
139.45.197.156:443
ASN
#9002 RETN Limited

Requested by
https://goocivede.com/?l=k9CnI4sNudOwbBW&b=17360875&z=5628284&s=64800e8a1a9534000111b05b&campid=430839&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&ymid=64800e8a1a9534000111b05b
Certificate
IssuerLet's Encrypt
Subjectgoocivede.com
Fingerprint66:2E:57:7E:EA:BE:CA:89:08:2B:06:11:C4:4B:14:98:21:3B:AD:65
ValidityFri, 02 Jun 2023 11:46:57 GMT - Thu, 31 Aug 2023 11:46:56 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (879), with no line terminators
Size
825 B (825 bytes)
Hash
e4b1788545124bbaed4ac6818ff6575b
d5265e8fc1491873223097a34dd355074d7de317
8725f53d79192ba4da53245871aaee3f8d914b9f2226a2437a3715ca37474279

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /track-impression-applab?z=5628284&b=17360875&ymid=64800e8a1a9534000111b05b&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&var_3=17360875_430839&redirect=false&redirectUrl=https%3A%2F%2Ftrk.mail.ru%2Fc%2Fb1gnt7%3Fmt_gaid%3D%7Bmt_gaid%7D%26did%3D%24%7BSUBID%7D%26mt_sub1%3Dzeydoo_2%253A5628284%253A474_89a3984a-749c-48ba-be56-29d12d6d1b93__%253A1%253A%7Bbrowser%7D%26mt_sub2%3D5628284%26mt_creative%3D17360875%26land_state%3Dbefore_render%26land_id%3Dk9CnI4sNudOwbBW%26land_generation_time%3D2023-06-06_23%3A59%3A07%26land_error_code%3D%26ruid%3D%7Bruid%7D%26mgeo%3D%7Bmgeo%7D%26oaid%3D9eb0cb6e8e675d07996abd60c99ff85a%26land_type%3Drtr%26land_tracker%3Dmarker%26land_purchase_method%3Dapk HTTP/1.1
Host: goocivede.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goocivede.com/?l=k9CnI4sNudOwbBW&b=17360875&z=5628284&s=64800e8a1a9534000111b05b&campid=430839&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&ymid=64800e8a1a9534000111b05b
DNT: 1
Connection: keep-alive
Cookie: reverse=XoylB_EsEnGgb54WDuRPbM5MDW5d8PUl9pv3oC0oEQA; OAID=9eb0cb6e8e675d07996abd60c99ff85a; oaidts=1686113947; syncedCookie=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 07 Jun 2023 04:59:07 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-trace-id: 84130b459d208de86065fdbf86fcdebc
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: *
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2

datatechone.com/log/add?cid=79b8b31a-f5b5-449e-9c97-e907dd6cec81

139.45.195.253

200 OK

2 B

URL POST HTTP/1.1
datatechone.com/log/add?cid=79b8b31a-f5b5-449e-9c97-e907dd6cec81
IP
139.45.195.253:443
ASN
#9002 RETN Limited

Requested by
https://goocivede.com/?l=k9CnI4sNudOwbBW&b=17360875&z=5628284&s=64800e8a1a9534000111b05b&campid=430839&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&ymid=64800e8a1a9534000111b05b
Certificate
IssuerSectigo Limited
Subjectdatatechone.com
Fingerprint8E:B7:22:E4:97:95:3C:60:FC:7C:41:39:A6:B7:B7:E2:48:B2:D0:18
ValiditySun, 18 Dec 2022 00:00:00 GMT - Sun, 24 Dec 2023 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

HTTP Headers

POST /log/add?cid=79b8b31a-f5b5-449e-9c97-e907dd6cec81 HTTP/1.1
Host: datatechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1523
Origin: https://goocivede.com
DNT: 1
Connection: keep-alive
Referer: https://goocivede.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Wed, 07 Jun 2023 04:59:08 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://goocivede.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

cdntechone.com/stattag.js

172.64.141.36

200 OK

18 kB

URL GET HTTP/2
cdntechone.com/stattag.js
IP
172.64.141.36:443
ASN
#13335 CLOUDFLARENET

Requested by
https://goocivede.com/?l=k9CnI4sNudOwbBW&b=17360875&z=5628284&s=64800e8a1a9534000111b05b&campid=430839&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&ymid=64800e8a1a9534000111b05b
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint22:B1:48:87:A8:EF:B2:9B:65:EB:D6:C6:FD:8D:EF:A7:A7:DE:52:29
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (17871)
Size
18 kB (18521 bytes)
Hash
0fdff67feab23cc69ecfb6800fc54cb7
eb84c650e6d27e290795207b1f37dd7b67f2aa06
456e420aecd5ac679cc2bcb33daf7c063f54894fd076e99e05c06629234d3378

HTTP Headers

GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goocivede.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 07 Jun 2023 04:59:07 GMT
content-type: application/javascript
last-modified: Fri, 19 May 2023 08:43:53 GMT
etag: W/"646736c9-4859"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 3400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TqatfkMKn1r50KcG5%2Bk2bgnEbABKAqcdIJGLjrb049dskgDShLQv8WqK5XKamqr7HKtYDMjZCCJuOUHguvMSVRKgkvEH%2BsqSn79DD701cocUNVZSAZvGl95B9uPv2sZhDg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d3652eda8ed773e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

goocivede.com/rotate?zz=5822560&var=5628284&ymid=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&uid=c33ae84300594fd1a46704a541fee7a0

139.45.197.156

200 OK

718 B

URL GET HTTP/2
goocivede.com/rotate?zz=5822560&var=5628284&ymid=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&uid=c33ae84300594fd1a46704a541fee7a0
IP
139.45.197.156:443
ASN
#9002 RETN Limited

Requested by
https://goocivede.com/?l=k9CnI4sNudOwbBW&b=17360875&z=5628284&s=64800e8a1a9534000111b05b&campid=430839&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&ymid=64800e8a1a9534000111b05b
Certificate
IssuerLet's Encrypt
Subjectgoocivede.com
Fingerprint66:2E:57:7E:EA:BE:CA:89:08:2B:06:11:C4:4B:14:98:21:3B:AD:65
ValidityFri, 02 Jun 2023 11:46:57 GMT - Thu, 31 Aug 2023 11:46:56 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (725), with no line terminators
Size
718 B (718 bytes)
Hash
0b00d9d19f73d0f40eb041bb65edf8c6
ae4ae186156c5dd9c4761ce31e4142dfe0c7e250
e92fd6bc26f854ddea9cd55ce5eeb4b33721d073b244fac0706df1ee9a6635b3

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /rotate?zz=5822560&var=5628284&ymid=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&uid=c33ae84300594fd1a46704a541fee7a0 HTTP/1.1
Host: goocivede.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goocivede.com/?l=k9CnI4sNudOwbBW&b=17360875&z=5628284&s=64800e8a1a9534000111b05b&campid=430839&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&ymid=64800e8a1a9534000111b05b
DNT: 1
Connection: keep-alive
Cookie: reverse=XoylB_EsEnGgb54WDuRPbM5MDW5d8PUl9pv3oC0oEQA; OAID=9eb0cb6e8e675d07996abd60c99ff85a; oaidts=1686113947; syncedCookie=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 07 Jun 2023 04:59:08 GMT
content-type: application/javascript
x-trace-id: 65fbc7839c8ccdb78066d166034235c1
pragma: no-cache
timing-allow-origin: *
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
vary: Accept-Encoding, Origin
access-control-allow-origin: https://goocivede.com/
access-control-expose-headers: Link
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
set-cookie: OAID=c33ae84300594fd1a46704a541fee7a0; expires=Thu, 06 Jun 2024 04:59:07 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2

goocivede.com/?l=k9CnI4sNudOwbBW&b=17360875&z=5628284&s=64800e8a1a9534000111b05b&campid=430839&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&ymid=64800e8a1a9534000111b05b

139.45.197.156

200 OK

58 kB

URL User Request GET HTTP/2
goocivede.com/?l=k9CnI4sNudOwbBW&b=17360875&z=5628284&s=64800e8a1a9534000111b05b&campid=430839&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&ymid=64800e8a1a9534000111b05b
IP
139.45.197.156:443
ASN
#9002 RETN Limited

Certificate
IssuerLet's Encrypt
Subjectgoocivede.com
Fingerprint66:2E:57:7E:EA:BE:CA:89:08:2B:06:11:C4:4B:14:98:21:3B:AD:65
ValidityFri, 02 Jun 2023 11:46:57 GMT - Thu, 31 Aug 2023 11:46:56 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1956), with CRLF, LF line terminators
Size
58 kB (58032 bytes)
Hash
e08a67c53453823b2f316dfd59c53e3b
9753caa3d0af356c15b4698f9477eb5d8aafc12e
7c8fe2e4df93862bc69446a833e6a8851eb1fa8386785208b728b433e117793d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /?l=k9CnI4sNudOwbBW&b=17360875&z=5628284&s=64800e8a1a9534000111b05b&campid=430839&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&ymid=64800e8a1a9534000111b05b HTTP/1.1
Host: goocivede.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 07 Jun 2023 04:59:07 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.27
set-cookie: reverse=XoylB_EsEnGgb54WDuRPbM5MDW5d8PUl9pv3oC0oEQA; expires=Wed, 07-Jun-2023 05:59:07 GMT; Max-Age=3600; path=/
OAID=9eb0cb6e8e675d07996abd60c99ff85a; expires=Thu, 11-Nov-2077 09:58:14 GMT; Max-Age=1717736347; path=/
oaidts=1686113947; expires=Thu, 11-Nov-2077 09:58:14 GMT; Max-Age=1717736347; path=/
syncedCookie=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: br
X-Firefox-Spdy: h2

littlecdn.com/apps/templates/_assets/videos/dating/1.mp4

172.67.10.98

206 Partial Content

342 kB

URL GET HTTP/2
littlecdn.com/apps/templates/_assets/videos/dating/1.mp4
IP
172.67.10.98:443
ASN
#13335 CLOUDFLARENET

Requested by
https://goocivede.com/?l=k9CnI4sNudOwbBW&b=17360875&z=5628284&s=64800e8a1a9534000111b05b&campid=430839&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93__&ymid=64800e8a1a9534000111b05b
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF9:14:9E:F3:4F:17:83:0E:22:54:EF:3E:FD:37:20:6C:1D:08:CE:1F
ValidityTue, 11 Apr 2023 00:00:00 GMT - Wed, 10 Apr 2024 23:59:59 GMT

File type
ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size
342 kB (342422 bytes)
Hash
5841092fcc1d651999a0e75f86306f87
0d9c9071cfb1861e05b9ec3c7d3af3048eb0aa29
f385d25ffcf716b080dadd46aab2de1c5c973b62a4f44031a87e835e4921c663

HTTP Headers

GET /apps/templates/_assets/videos/dating/1.mp4 HTTP/1.1
Host: littlecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://goocivede.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 206 Partial Content
date: Wed, 07 Jun 2023 04:59:07 GMT
content-type: video/mp4
content-length: 342422
last-modified: Fri, 02 Jun 2023 12:44:38 GMT
vary: Accept-Encoding
etag: "6479e436-53996"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
cf-cache-status: HIT
age: 6764
content-range: bytes 0-342421/342422
server: cloudflare
cf-ray: 7d3652ebcc95b51b-OSL
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (17)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML