Report - ckk.ai/J8Wtg7Mv

Report Overview

Submitted URL
ckk.ai/J8Wtg7Mv
IP
188.114.96.1
ASN
#13335 CLOUDFLARENET
Submitted
2023-02-07 11:38:46
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
16

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	54.148.242.254
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-13T07:36:03Z	363 B	21 kB	142.250.74.14
www.gstatic.com	unknown	2016-07-26T11:37:06Z	2023-03-13T07:57:11Z	423 B	165 kB	216.58.211.3
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
tzegilo.com	unknown	2022-01-14T16:27:15Z	2023-03-13T06:33:04Z	348 B	832 B	172.67.141.224
cdn.itskiddien.club	unknown	2022-10-06T18:03:35Z	2023-03-13T08:06:22Z	1.4 kB	3.4 kB	139.45.197.236
www.recaptcha.net	2060	2012-07-11T16:32:37Z	2023-03-13T06:24:11Z	407 B	1.1 kB	142.250.74.3
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	985 B	35 kB	216.58.207.227
forfrogadiertor.com	179003	2021-08-10T04:57:34Z	2023-03-13T09:00:57Z	1.7 kB	23 kB	139.45.197.239
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-13T08:22:43Z	340 B	963 B	172.64.155.188
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	5.7 kB	15 kB	95.101.11.115
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.8 kB	76 kB	34.120.237.76
iclickcdn.com	45415	2020-03-25T20:06:34Z	2023-03-13T07:00:47Z	350 B	1.0 kB	104.26.13.118
cdn.itskiddoan.club	24539	2021-09-23T12:55:49Z	2023-03-13T07:00:47Z	1.4 kB	2.1 kB	139.45.197.236
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-13T08:28:24Z	376 B	45 kB	142.250.74.40
trustbummler.com	unknown	2022-05-27T01:39:55Z	2023-03-13T07:00:47Z	360 B	1.4 kB	142.91.159.133
upgulpinon.com	83187	2020-06-05T14:59:18Z	2023-03-13T01:30:40Z	6.8 kB	5.4 kB	139.45.197.242
mediasama.com	166244	2015-11-22T06:12:08Z	2023-03-13T06:52:35Z	6.4 kB	4.2 MB	149.56.38.113
fleraprt.com	unknown	2022-01-14T23:55:14Z	2023-03-13T06:33:10Z	470 B	474 B	139.45.195.254
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	1.4 kB	2.2 kB	93.184.220.29
oaphoace.net	unknown	2022-05-04T19:35:14Z	2023-03-13T08:06:21Z	2.3 kB	2.0 kB	139.45.197.239
ajax.googleapis.com	12905	2013-08-16T11:51:31Z	2023-03-13T08:37:09Z	389 B	31 kB	142.250.74.74
bedrapiona.com	34930	2020-05-08T15:43:48Z	2023-03-13T05:31:15Z	401 B	2.5 kB	139.45.197.234
ckk.ai	unknown	2019-04-22T22:44:42Z	2023-03-13T01:03:51Z	444 B	1.4 kB	188.114.96.1
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	446 B	630 B	142.250.74.74
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	2.7 kB	108 kB	142.250.74.131

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-02-07	medium	trustbummler.com	Sinkholed
2023-02-07	medium	forfrogadiertor.com	Sinkholed
2023-02-07	medium	forfrogadiertor.com	Sinkholed
2023-02-07	medium	fleraprt.com	Sinkholed
2023-02-07	medium	oaphoace.net	Sinkholed
2023-02-07	medium	forfrogadiertor.com	Sinkholed
2023-02-07	medium	oaphoace.net	Sinkholed
2023-02-07	medium	oaphoace.net	Sinkholed

ThreatFox

No alerts detected

JavaScript (26)

	URL	Size	First Seen	Last Seen
	www.googletagmanager.com/gtag/js?id=UA-113561579-8	112 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=UA-113561579-8 IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:00:10 Last Seen2023-03-13 19:00:10 Times Seen1 Hash 5d1117d8c2ac15fc25de22ed268c14c9 1b37f2c41759d2b96bf88b04810e8e2f14a35596 d1e1995338319e01dc18f691672bb13c404942fc0dde8e1a78d7b9be38263277 Loading...

	upgulpinon.com/27/843a9f1226eda0484b879504742bc6d9	410 kB	2023-03-13	2023-03-13
Pretty URL upgulpinon.com/27/843a9f1226eda0484b879504742bc6d9 IP 139.45.197.242 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:57:03 Last Seen2023-03-13 19:00:10 Times Seen1 Hash 9f59babc3c87d9a134b783f8227393a0 e324af09d2caaf44d5552e76c1e6fbbbeb8fc811 f4bf9c2d13f075ae514fd90eae80abbf0be057f62a8650c17fd88586edca6ab0 Loading...

	forfrogadiertor.com/400/5533285	84 kB	2023-03-13	2023-03-13
Pretty URL forfrogadiertor.com/400/5533285 IP 139.45.197.239 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:00:10 Last Seen2023-03-13 19:00:10 Times Seen1 Hash e5ce68c8fd04713d23d10669a928ad28 7b922845b0f635a096abb1f072aeca46a60a1881 1e58738b280ef34a01d2e08939ce9ccf9ee6eee85ac8ee2734e2c95ec1250728 Loading...

	tzegilo.com/stattag.js	17 kB	2023-03-13	2023-03-14
Pretty URL tzegilo.com/stattag.js IP 172.67.141.224 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:57:04 Last Seen2023-03-14 07:35:08 Times Seen1 Hash 0576b696d0d93d3d09a14184fd321641 54ae6d8827838d84d082db92a01fe8534c6f3782 a79a9f73119b87e83d5762597cd84b735e443825d2e320e8f55693843ae5bacc Loading...

	ckk.ai/J8Wtg7Mv	102 B	2023-03-07	2024-05-07
Pretty URL ckk.ai/J8Wtg7Mv IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:01:22 Last Seen2024-05-07 17:24:07 Times Seen69 Hash ea63ff4f4742b4aa558f8960f24321fc 11326481f53e4c7c546ea8a3b6c8c6c9d5f3173f 7fc5a11cbe7f9e9815748889cea6101fb2a2184232db2e6843d57bb0d6bf4bae Loading...

	ckk.ai/J8Wtg7Mv	183 B	2023-03-08	2023-03-14
Pretty URL ckk.ai/J8Wtg7Mv IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:36:14 Last Seen2023-03-14 13:52:29 Times Seen1 Hash 278f4859ff8cc16f330ae670d6ab1f1d 9ea923bfd18fa5d911e56acea6b4de664cb52b55 8545636616d8d5e3458d4ac45a20e804febd767f4ea7a08c60d07b39ff94f8d4 Loading...

	ckk.ai/J8Wtg7Mv	1.2 kB	2023-03-13	2023-03-14
Pretty URL ckk.ai/J8Wtg7Mv IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 04:36:40 Last Seen2023-03-14 15:58:54 Times Seen1 Hash 0833d800344c619baf97386eb4333c57 191af8e8789ce81a131407e5a6e363edb121e3ba 90b0fa3087a10bc463c6427118b9b99a5a24c5860383c06209cd422097c2d9d4 Loading...

	ckk.ai/J8Wtg7Mv	155 B	2023-03-07	2023-03-26
Pretty URL ckk.ai/J8Wtg7Mv IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:47 Last Seen2023-03-26 04:26:44 Times Seen6 Hash c6a6fe70fe2719213ad5d26dedb4f43f 20a55f2ea4452e31e80cc2622b56b6f9aa25b8e1 875080c3fe702e15c616187d65a7c18501c850340859ac6c4b8447aa735234a4 Loading...

	cdn.itskiddien.club/apu.php?zoneid=5535659	78 kB	2023-03-13	2023-03-13
Pretty URL cdn.itskiddien.club/apu.php?zoneid=5535659 IP 139.45.197.236 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:00:10 Last Seen2023-03-13 19:00:10 Times Seen1 Hash ea3c0b4b47b9cd855724062fa8e6566f 4a5c52bf6cab4d112a18bf2a14f887334bf40162 717f8bfc55b79f95a1aa55120f81eee43b7b948f7ab34e3e596ec4e2c562c618 Loading...

	mediasama.com/starharem/01/s/index_rt.html	66 B	2023-03-07	2023-04-05
Pretty URL mediasama.com/starharem/01/s/index_rt.html IP 149.56.38.113 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:04 Last Seen2023-04-05 01:59:44 Times Seen2 Hash a34c74f5a0f4c82a893bd20da6a62f14 8a062e7b3d648e5a4bd24d63c34fb6d77bf8853a f8ad5d8fad94dc20cfc2d172435b5556d3ca13289566d16bb8a3f84ecaa11ef1 Loading...

	ckk.ai/cloud_theme/build/js/script.min.js?ver=6.6.1	224 kB	2023-03-13	2023-03-13
Pretty URL ckk.ai/cloud_theme/build/js/script.min.js?ver=6.6.1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 04:36:40 Last Seen2023-03-13 20:08:21 Times Seen1 Hash 5358f9beed2e7fd376053a2e797fccd6 5d70e9ee5c5ff33864170626de5361e0f8a7f454 cc2c754c98625c14b00ae0bf8efb628288bcb654196e9f4eb8f105866223a7c4 Loading...

	ckk.ai/J8Wtg7Mv	193 B	2023-03-07	2023-03-26
Pretty URL ckk.ai/J8Wtg7Mv IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:19 Last Seen2023-03-26 04:26:44 Times Seen6 Hash 02a6a83c864c4ad0b3cf04227c0a4d3f c1989a61041ef47a143ffe1e9ce3bdba0d9269e7 20a199a756d01a8ef05b4b3dbf84c4f022b4fc84ce2c1a9b6f0d491942a81f12 Loading...

	mediasama.com/starharem/01/s/index_rt.html	1.5 kB	2023-03-07	2023-04-05
Pretty URL mediasama.com/starharem/01/s/index_rt.html IP 149.56.38.113 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:04 Last Seen2023-04-05 01:59:44 Times Seen2 Hash 4d9b111ab737a0a624f183fabc53f9e0 8f00b34fb084ab6d382adf2eaf39ce63d6c0a485 69e434a040e615971563c02e2d45d52b362510ba6131141e72f60f9208564a51 Loading...

	ckk.ai/J8Wtg7Mv	198 B	2023-03-07	2024-04-07
Pretty URL ckk.ai/J8Wtg7Mv IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:19 Last Seen2024-04-07 15:27:50 Times Seen161 Hash 63766cfc13da10bbb548c0304d52b1f1 9a8c6c72606382f008eaa7ad3b9be3977599a58a ca9330eed6a6b98a1dd3b2558c68a78ea867c2862c72b8415f772cba0963c88d Loading...

	iclickcdn.com/tag.min.js	74 kB	2023-03-13	2023-03-13
Pretty URL iclickcdn.com/tag.min.js IP 104.26.13.118 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:30:17 Last Seen2023-03-13 20:16:57 Times Seen1 Hash 1ad71e63ae1f75e2fb8b6c88e6b773d0 b265d824a991eb1eac2e176dc7be4b06dfda5136 976c850ea45f5b66b189249d6b96cfd966dd9fe80ae9e3c58759a3c9dff815da Loading...

	www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit	921 B	2023-03-13	2023-03-13
Pretty URL www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit IP 142.250.74.3 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:51:35 Last Seen2023-03-13 20:29:22 Times Seen1 Hash fe9aa169004914895c60241a152957c0 0bf1d1d996838f9106210db863451dc3b57e179a 8cda5cccb88044c5add71002a4dff39ebdb349efd273d77b7010404db9a8c4e7 Loading...

	www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js	412 kB	2023-03-13	2023-03-14
Pretty URL www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js IP 216.58.211.3 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:35:27 Last Seen2023-03-14 08:38:41 Times Seen1 Hash d2aff4cd4e40d9bfa2c1f818bcad7ce2 4cc960f771819bccd4783520506e3909e8ec0fcd d808130157ed1fca0469f5f40210d7d1b2dc2c41add64e658bb3222aea4d9eba Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js	87 kB	2023-03-07	2024-05-08
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js IP 142.250.74.74 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-05-08 23:37:46 Times Seen109823 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	mediasama.com/starharem/01/s/js/main.js	1.3 kB	2023-03-07	2024-03-04
Pretty URL mediasama.com/starharem/01/s/js/main.js IP 149.56.38.113 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:04 Last Seen2024-03-04 05:36:19 Times Seen58 Hash dee042800157426b09099ecf3eb7d004 f0a082059f6f9174869ce1f52b7ee6423a311641 4bad52d0b87da525c7eefbc4bb92656abb89bb6bbec58c54848523ec7ae09587 Loading...

	ckk.ai/main/wp-content/themes/Newspaper/js/tagdiv_theme.min.js	209 kB	2023-03-07	2024-04-07
Pretty URL ckk.ai/main/wp-content/themes/Newspaper/js/tagdiv_theme.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:19 Last Seen2024-04-07 15:27:51 Times Seen314 Hash 0aec173e27fe2509b282ebca08fc9173 7ddf608375d5abd1b0ee126ae4c58aa4f40ec908 c19c9186e84024b69f2b855f6c24fd9f44f68618dd00839a2da55e1dd614fb42 Loading...

	upgulpinon.com/1?z=5324394	18 kB	2023-03-13	2023-03-13
Pretty URL upgulpinon.com/1?z=5324394 IP 139.45.197.242 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:00:10 Last Seen2023-03-13 19:00:10 Times Seen1 Hash 742cd4965418c694f26883708d002448 2ed3c1660a6e6e2d7065fec35f99bcfedef7bf81 75a9e4d049555e6fff58231962cfd87c2e0ab9e842d1606f61a1aeaaf7156484 Loading...

	cdn.itskiddoan.club/apu.php?zoneid=5225632	78 kB	2023-03-13	2023-03-13
Pretty URL cdn.itskiddoan.club/apu.php?zoneid=5225632 IP 139.45.197.236 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:00:10 Last Seen2023-03-13 19:00:10 Times Seen1 Hash a5bc83ba5fb1a42713d0c7a338145992 5616957e46e83de1798e41c9c5d51e7d0dcf44b6 1f7e7260f9b6ec49134dc62dac5d0bfa8a8551dd0df32cdb0450400e1bf946ad Loading...

	oaphoace.net/401/5292343	85 kB	2023-03-13	2023-03-13
Pretty URL oaphoace.net/401/5292343 IP 139.45.197.239 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:00:10 Last Seen2023-03-13 19:00:10 Times Seen1 Hash b5c2b6f07a550a89731a1943773f6472 34891655feac924f08d721c7c22fd5f988a888bc b4473e6c0abb66c61eba63ee324ffab06863de2b1c0c939b936bc8f9620956a7 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 73497a37c3561adbd8ce84e4f017b368	9 B	2023-03-07	2024-05-08
Pretty Observations First Seen2023-03-07 01:03:23 Last Seen2024-05-08 22:52:39 Times Seen2337 Hash 73497a37c3561adbd8ce84e4f017b368 9193ae73cb3dd2833be8c942714d5544bfb628c9 9312a1adbbf0a4c05fc296d158ec3bd39acfe50e9e98ff02688139aad6fc3351 Loading...

		Size	First Seen	Last Seen
	#1 Write - 763f7f1aec350cd1a46238d1d5c3c229	7 B	2023-03-07	2024-05-08
Pretty Observations First Seen2023-03-07 01:03:11 Last Seen2024-05-08 23:28:10 Times Seen1177 Hash 763f7f1aec350cd1a46238d1d5c3c229 b4ee6522335b033249255b4cc1d572993282aafb 2f26233595d165e6868c5bb9e5e835506039e72c61a36a1bafb0827abfe746a5 Loading...

HTTP Transactions (88)

URL IP Response Size

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
e1f21e0363dbc2f2f1fbd9a8df46a3e2
84426dcdcd01df8689abae186e73cc6b62a316d7
51c3f29ce4aaa8642f51ba4271371d86227ad39e6966c2a40e2f35bbbe99415c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5890
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 11:38:33 GMT
Last-Modified: Tue, 07 Feb 2023 10:00:23 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dca68db7aea32f6683ce8d542c078f04
19c495238df74fca680e21f18627ff94de5dd2e5
35cab3987fc0e4a41b305cb208c1e33fa38ce8bdfd9f386c3dc0411dd4d5ac61

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35CAB3987FC0E4A41B305CB208C1E33FA38CE8BDFD9F386C3DC0411DD4D5AC61"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5942
Expires: Tue, 07 Feb 2023 13:17:35 GMT
Date: Tue, 07 Feb 2023 11:38:33 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7903
Expires: Tue, 07 Feb 2023 13:50:17 GMT
Date: Tue, 07 Feb 2023 11:38:34 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Backoff, Alert, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 07 Feb 2023 11:36:31 GMT
content-type: application/json
age: 123
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2407
Expires: Tue, 07 Feb 2023 12:18:41 GMT
Date: Tue, 07 Feb 2023 11:38:34 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: jxASqEhcMnq1qbZCRC1pvtIjWiaeuuEqA1orE0WrdE/yHht3ENfVTV+ljKgoyb4NWwkwBrDr/kk=
x-amz-request-id: HA80KA1130GFYN1E
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 07 Feb 2023 10:45:32 GMT
age: 3182
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 07 Feb 2023 11:38:34 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Expires, Pragma, Retry-After, Last-Modified, ETag, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 07 Feb 2023 10:51:19 GMT
age: 2835
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
e1f21e0363dbc2f2f1fbd9a8df46a3e2
84426dcdcd01df8689abae186e73cc6b62a316d7
51c3f29ce4aaa8642f51ba4271371d86227ad39e6966c2a40e2f35bbbe99415c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5891
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 11:38:34 GMT
Last-Modified: Tue, 07 Feb 2023 10:00:23 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5044
Expires: Tue, 07 Feb 2023 13:02:38 GMT
Date: Tue, 07 Feb 2023 11:38:34 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

37 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
37 kB (36644 bytes)
Hash
fbbafbcd48bbd91a7964e4869339ea71
6164af4a479bb26ba2e5d5062792c6908a353f59
2eda54491d273433f2dea8dc8f2122c27aa282bb255fb6ac98ffeabc5dfc6026

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 11:38:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
56cb3cc147c1039f42a8a47894e9bc6d
3cb18b95a8b12c16c05e060b0445285f1203a517
c4160fc080be4a0f945e6f5d423a8e42c2a4f8b048dc032ceb7aef25773f4eb4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C4160FC080BE4A0F945E6F5D423A8E42C2A4F8B048DC032CEB7AEF25773F4EB4"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9815
Expires: Tue, 07 Feb 2023 14:22:09 GMT
Date: Tue, 07 Feb 2023 11:38:34 GMT
Connection: keep-alive

www.googletagmanager.com/gtag/js?id=UA-113561579-8

142.250.74.40

200 OK

44 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-113561579-8
IP
142.250.74.40:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1759)
Size
44 kB (43920 bytes)
Hash
2a3e06cea774c61ae5e422f95e4bcaa5
c2ef13225cffcf1f6f4c00b54c9d5b60f27b1e4e
11c7a7a78c0d73207c129317c074a462e8986aad12a30908fd3c7ac40a680cc5

HTTP Headers

GET /gtag/js?id=UA-113561579-8 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 Feb 2023 11:38:34 GMT
expires: Tue, 07 Feb 2023 11:38:34 GMT
cache-control: private, max-age=900
last-modified: Tue, 07 Feb 2023 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43920
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
adb07686d50920e1180f9f570c432815
b2a3746ff9cdc128da3ad7d88285e99238133441
5380e2a8bf55c9efc01533fdb4267fd4f7244af9ed9adab9f8d86f1a68012764

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3157
Cache-Control: max-age=133753
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 11:38:34 GMT
Etag: "63e1935e-117"
Expires: Thu, 09 Feb 2023 00:47:47 GMT
Last-Modified: Mon, 06 Feb 2023 23:55:10 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

67 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
67 kB (66642 bytes)
Hash
c75beb1530e114cdc3e9f799ac2c12ae
4ca117d824297f8627604548c9d438474d2ad521
59f841c99d54e4e5a885ec34749ef549d2b0189664e43f28d4a5f9e83c821fee

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 11:38:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

54.148.242.254

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.148.242.254:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: NNIIylkx26Im3Lhzvm9TsQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: TsPuybDH273o9+lYac2o3DTSAiM=

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8f240a1bede030f10216bc47bb22f304
9adeb6c0847eb3744f82011e850d2cb6f962db24
8145e60b081de707bf1bd7bad4d402c487db164f149a1367f70545178122efac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8145E60B081DE707BF1BD7BAD4D402C487DB164F149A1367F70545178122EFAC"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6377
Expires: Tue, 07 Feb 2023 13:24:52 GMT
Date: Tue, 07 Feb 2023 11:38:35 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
631de395082d52350e47d9e5eb467764
b652f39c52e55cb0e4393a526bd7e3ca991cd1cd
ede554562550bbea2207d5a1d9683baa7c9dd249b439dd832b33da36031ad19e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EDE554562550BBEA2207D5A1D9683BAA7C9DD249B439DD832B33DA36031AD19E"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5201
Expires: Tue, 07 Feb 2023 13:05:16 GMT
Date: Tue, 07 Feb 2023 11:38:35 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
34072381f00331627ae4d88459500c55
bfbb4cef684883c451e37eed2e9580aaf15d2173
7fd22243bff0cda740b3a6d43e91d8f31f90ea746b869db05c5f4a58784ddec9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7FD22243BFF0CDA740B3A6D43E91D8F31F90EA746B869DB05C5F4A58784DDEC9"
Last-Modified: Sun, 05 Feb 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8989
Expires: Tue, 07 Feb 2023 14:08:24 GMT
Date: Tue, 07 Feb 2023 11:38:35 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bf556fc03acce7c3a83964aece47c58e
09a6fccecf129a53fba9ec5a196d72f53b1a9f02
de1dd79ebd522bae0e2846e07b869f2567bc2d267482a6b218a60847dea32cc8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE1DD79EBD522BAE0E2846E07B869F2567BC2D267482A6B218A60847DEA32CC8"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16536
Expires: Tue, 07 Feb 2023 16:14:11 GMT
Date: Tue, 07 Feb 2023 11:38:35 GMT
Connection: keep-alive

trustbummler.com/tSXyF1oQpqC/14504

142.91.159.133

200 OK

25 B

URL HTTP/1.1
trustbummler.com/tSXyF1oQpqC/14504
IP
142.91.159.133:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with no line terminators
Size
25 B (25 bytes)
Hash
d488addc5df5fc9b9ff4135bb4e3a823
6ce56f48e851df4d562b43d3bc1269a504ae83fc
d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /tSXyF1oQpqC/14504 HTTP/1.1
Host: trustbummler.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 11:38:35 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://ckk.ai
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Wed, 08-Feb-2023 11:38:35 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJw9i7sOgkAURAENEQXMJH6APyA%2BgoWtWhoojPUG8Wo2wl7Crg%2F8elETq5mcOWNZljMK4cgK%2FmoerWZRvIjmyxidCzGcJIWf802ZuhEqKwluwvUja%2BDWdJGsAgx%2BReR8IvSTdHJQV8UP9R8%2BtwDdXJomgPeJrxv20JG6Qrgu5HO85%2BJmWlvDU2SErohO8DbZsaDpdr9D%2BKffs2ujJ7Woan42bR8aWdKLFQk%2BnzWZFtl313kDsc5BIg%3D%3D; expires=Wed, 08-Feb-2023 11:38:35 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ba3d899907172e4aeae10c88b291d291
6d4c1b35bb51da4d6ac0e742d2de61e4d858ba7b
37abe5054b2db14ed0f7e62bbc90a4e9cf1655f112976c41800009fb4d27589e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "37ABE5054B2DB14ED0F7E62BBC90A4E9CF1655F112976C41800009FB4D27589E"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10969
Expires: Tue, 07 Feb 2023 14:41:24 GMT
Date: Tue, 07 Feb 2023 11:38:35 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0dd0fe8c1faf77f6de9d1ad186d7af9a
4b053279b2d67cd22db5864c34cf4a5d48d97709
221ba1d721e50671967b5596a54a2983a88de9efa10beefa5d2c91e2dbb1f410

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "221BA1D721E50671967B5596A54A2983A88DE9EFA10BEEFA5D2C91E2DBB1F410"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12304
Expires: Tue, 07 Feb 2023 15:03:39 GMT
Date: Tue, 07 Feb 2023 11:38:35 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6f5ab3bdbb5ebcebf9a163e0c85ab467
43f1c3de55e528c5be75895eb08b64840a0c8b95
d7c6e6ba9986867972fbc47f35dc823e3c78db46acf5292b6933e0f5760e47be

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D7C6E6BA9986867972FBC47F35DC823E3C78DB46ACF5292B6933E0F5760E47BE"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5171
Expires: Tue, 07 Feb 2023 13:04:46 GMT
Date: Tue, 07 Feb 2023 11:38:35 GMT
Connection: keep-alive

bedrapiona.com/5/3491150/?oo=1&js_build=iclick-v1.482.0

139.45.197.234

200 OK

1.4 kB

URL HTTP/2
bedrapiona.com/5/3491150/?oo=1&js_build=iclick-v1.482.0
IP
139.45.197.234:0
ASN
#9002 RETN Limited

File type
data
Size
1.4 kB (1403 bytes)
Hash
e60424ed19721a25c8b2e6d1bdc296f0
a7ced73403f92d613c150d6b8465b8d226cd3cf7
98144451feffb5bc854469047c38709f524301f8717e4a299eca7136eb5375f3

HTTP Headers

GET /5/3491150/?oo=1&js_build=iclick-v1.482.0 HTTP/1.1
Host: bedrapiona.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 07 Feb 2023 11:38:35 GMT
content-type: application/json
x-trace-id: d24a918d62b9ba1ee200afb75c548f66
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://ckk.ai
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=6b5f4dffe20d4c2ea43528aac3097ae5; expires=Wed, 07 Feb 2024 11:38:35 GMT; path=/; secure; SameSite=None
oaidts=1675769915; expires=Wed, 07 Feb 2024 11:38:35 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

upgulpinon.com/9?z=5324394&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FJ8Wtg7Mv&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=eb089183193b4b57a40f56888f5ab519

139.45.197.242

204 No Content

0 B

URL HTTP/2
upgulpinon.com/9?z=5324394&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FJ8Wtg7Mv&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=eb089183193b4b57a40f56888f5ab519
IP
139.45.197.242:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /9?z=5324394&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FJ8Wtg7Mv&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=eb089183193b4b57a40f56888f5ab519 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://ckk.ai/
Origin: https://ckk.ai
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Tue, 07 Feb 2023 11:38:35 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://ckk.ai
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

forfrogadiertor.com/500/5533285?excludes=&oaid=eb089183193b4b57a40f56888f5ab519&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fckk.ai%2FJ8Wtg7Mv&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

139.45.197.239

200 OK

0 B

URL HTTP/2
forfrogadiertor.com/500/5533285?excludes=&oaid=eb089183193b4b57a40f56888f5ab519&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fckk.ai%2FJ8Wtg7Mv&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.239:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

OPTIONS /500/5533285?excludes=&oaid=eb089183193b4b57a40f56888f5ab519&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fckk.ai%2FJ8Wtg7Mv&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: forfrogadiertor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://ckk.ai/
Origin: https://ckk.ai
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 07 Feb 2023 11:38:35 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://ckk.ai
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

upgulpinon.com/11?rnd=2289518280&z=5324394&b=16466421&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=kbg6EjQApIDDu4MSfJmp1foTEoOWZAEyA3UlbJJdo7NGOamE5pS6mbg0vLOXqnU8B_iGi82xegJLyym3_pWdmIv2yhhl1hyN53PBKaLzoBGwKodgXOhkRafG1fnckesq43KgWn0SEhYjuVlcRbTgnnTxPZMFmwV7x3zWi5WAsgVaFhdt0mfFPZUKimOQCIszqnJgH2BH5EFroxsDo2qLH9eYWHFd4zC8k68yVq41On1SCk5GuMJmLvknbNgzFa-RdVaVSUAJlioO6ochwgpwF8US0SiQ1f8aBOOcGTmMalKVWKw_YdsdohJ3S_7Nr9TpUBusPgCk2ZHPepPETUC-Tabln-JUucK_1oWBHXRJh3ENwN5NYYcEmmzNeiD_fdLqtHbFY4TDIzffg9KJjkYLUWw-ooebXoR2LqWFmK3BalU_B5hoZrkenjkNB13D32Wi9WlCs2GELfwUZLSd2Kha0Yi06suaytW37_xACn93Lmn7Vtm5p7AALZmclPRNhYB4dxRecWtoAWid0ut4R8xB-Rw4Y_lfZ2N7JFMZSgkK_cXN8yL2-wp3Y1CzgX-6vmHU5ZguivUchqKLN06LwxzXl4tt7wjlOJbwQQss-nL-_-YSKT7beUzxdLx1AwG17Sg6nyTuEwGWHFCDLbOqt_UttzE17ck1WS0cJF_pBg_0nsjlsSiu7kDW40LBx4Je7p306DdQsU91cOTHmcCHWufXBJ2xSD-7MhBDQv6eTzOd2D2wle3rCOoNNQ==&ruid=c03f5554-9555-4046-a1b7-f5702689fd89&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FJ8Wtg7Mv&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=140

139.45.197.242

200 OK

0 B

URL HTTP/2
upgulpinon.com/11?rnd=2289518280&z=5324394&b=16466421&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=kbg6EjQApIDDu4MSfJmp1foTEoOWZAEyA3UlbJJdo7NGOamE5pS6mbg0vLOXqnU8B_iGi82xegJLyym3_pWdmIv2yhhl1hyN53PBKaLzoBGwKodgXOhkRafG1fnckesq43KgWn0SEhYjuVlcRbTgnnTxPZMFmwV7x3zWi5WAsgVaFhdt0mfFPZUKimOQCIszqnJgH2BH5EFroxsDo2qLH9eYWHFd4zC8k68yVq41On1SCk5GuMJmLvknbNgzFa-RdVaVSUAJlioO6ochwgpwF8US0SiQ1f8aBOOcGTmMalKVWKw_YdsdohJ3S_7Nr9TpUBusPgCk2ZHPepPETUC-Tabln-JUucK_1oWBHXRJh3ENwN5NYYcEmmzNeiD_fdLqtHbFY4TDIzffg9KJjkYLUWw-ooebXoR2LqWFmK3BalU_B5hoZrkenjkNB13D32Wi9WlCs2GELfwUZLSd2Kha0Yi06suaytW37_xACn93Lmn7Vtm5p7AALZmclPRNhYB4dxRecWtoAWid0ut4R8xB-Rw4Y_lfZ2N7JFMZSgkK_cXN8yL2-wp3Y1CzgX-6vmHU5ZguivUchqKLN06LwxzXl4tt7wjlOJbwQQss-nL-_-YSKT7beUzxdLx1AwG17Sg6nyTuEwGWHFCDLbOqt_UttzE17ck1WS0cJF_pBg_0nsjlsSiu7kDW40LBx4Je7p306DdQsU91cOTHmcCHWufXBJ2xSD-7MhBDQv6eTzOd2D2wle3rCOoNNQ==&ruid=c03f5554-9555-4046-a1b7-f5702689fd89&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FJ8Wtg7Mv&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=140
IP
139.45.197.242:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /11?rnd=2289518280&z=5324394&b=16466421&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=kbg6EjQApIDDu4MSfJmp1foTEoOWZAEyA3UlbJJdo7NGOamE5pS6mbg0vLOXqnU8B_iGi82xegJLyym3_pWdmIv2yhhl1hyN53PBKaLzoBGwKodgXOhkRafG1fnckesq43KgWn0SEhYjuVlcRbTgnnTxPZMFmwV7x3zWi5WAsgVaFhdt0mfFPZUKimOQCIszqnJgH2BH5EFroxsDo2qLH9eYWHFd4zC8k68yVq41On1SCk5GuMJmLvknbNgzFa-RdVaVSUAJlioO6ochwgpwF8US0SiQ1f8aBOOcGTmMalKVWKw_YdsdohJ3S_7Nr9TpUBusPgCk2ZHPepPETUC-Tabln-JUucK_1oWBHXRJh3ENwN5NYYcEmmzNeiD_fdLqtHbFY4TDIzffg9KJjkYLUWw-ooebXoR2LqWFmK3BalU_B5hoZrkenjkNB13D32Wi9WlCs2GELfwUZLSd2Kha0Yi06suaytW37_xACn93Lmn7Vtm5p7AALZmclPRNhYB4dxRecWtoAWid0ut4R8xB-Rw4Y_lfZ2N7JFMZSgkK_cXN8yL2-wp3Y1CzgX-6vmHU5ZguivUchqKLN06LwxzXl4tt7wjlOJbwQQss-nL-_-YSKT7beUzxdLx1AwG17Sg6nyTuEwGWHFCDLbOqt_UttzE17ck1WS0cJF_pBg_0nsjlsSiu7kDW40LBx4Je7p306DdQsU91cOTHmcCHWufXBJ2xSD-7MhBDQv6eTzOd2D2wle3rCOoNNQ==&ruid=c03f5554-9555-4046-a1b7-f5702689fd89&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FJ8Wtg7Mv&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=140 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: scm=1; OAID=eb089183193b4b57a40f56888f5ab519; oaidts=1675769914
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 Feb 2023 11:38:35 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://ckk.ai
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: 870dbfb56676b434a74dee9a1822c32d
access-control-expose-headers: X-Sc
set-cookie: OAID=eb089183193b4b57a40f56888f5ab519; expires=Wed, 07 Feb 2024 11:38:35 GMT; secure; SameSite=None
oaidts=1675769914; expires=Wed, 07 Feb 2024 11:38:35 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

upgulpinon.com/121?rnd=1166449996&z=5324394&b=16466421&c=6538593&var=&d=https%3A%2F%2Fmediasama.com%2Fstarharem%2F01%2Fs%2Findex_rt.html&cln={CELL_NUMBER}&btp=7&rb=kbg6EjQApIDDu4MSfJmp1foTEoOWZAEyA3UlbJJdo7NGOamE5pS6mbg0vLOXqnU8B_iGi82xegJLyym3_pWdmIv2yhhl1hyN53PBKaLzoBGwKodgXOhkRafG1fnckesq43KgWn0SEhYjuVlcRbTgnnTxPZMFmwV7x3zWi5WAsgVaFhdt0mfFPZUKimOQCIszqnJgH2BH5EFroxsDo2qLH9eYWHFd4zC8k68yVq41On1SCk5GuMJmLvknbNgzFa-RdVaVSUAJlioO6ochwgpwF8US0SiQ1f8aBOOcGTmMalKVWKw_YdsdohJ3S_7Nr9TpUBusPgCk2ZHPepPETUC-Tabln-JUucK_1oWBHXRJh3ENwN5NYYcEmmzNeiD_fdLqtHbFY4TDIzffg9KJjkYLUWw-ooebXoR2LqWFmK3BalU_B5hoZrkenjkNB13D32Wi9WlCs2GELfwUZLSd2Kha0Yi06suaytW37_xACn93Lmn7Vtm5p7AALZmclPRNhYB4dxRecWtoAWid0ut4R8xB-Rw4Y_lfZ2N7JFMZSgkK_cXN8yL2-wp3Y1CzgX-6vmHU5ZguivUchqKLN06LwxzXl4tt7wjlOJbwQQss-nL-_-YSKT7beUzxdLx1AwG17Sg6nyTuEwGWHFCDLbOqt_UttzE17ck1WS0cJF_pBg_0nsjlsSiu7kDW40LBx4Je7p306DdQsU91cOTHmcCHWufXBJ2xSD-7MhBDQv6eTzOd2D2wle3rCOoNNQ==&bag=Lbvu3yzg1mIDxn7RiZB4m_UHYxuDGbvd&ruid=c03f5554-9555-4046-a1b7-f5702689fd89

139.45.197.242

302 Found

0 B

URL HTTP/2
upgulpinon.com/121?rnd=1166449996&z=5324394&b=16466421&c=6538593&var=&d=https%3A%2F%2Fmediasama.com%2Fstarharem%2F01%2Fs%2Findex_rt.html&cln={CELL_NUMBER}&btp=7&rb=kbg6EjQApIDDu4MSfJmp1foTEoOWZAEyA3UlbJJdo7NGOamE5pS6mbg0vLOXqnU8B_iGi82xegJLyym3_pWdmIv2yhhl1hyN53PBKaLzoBGwKodgXOhkRafG1fnckesq43KgWn0SEhYjuVlcRbTgnnTxPZMFmwV7x3zWi5WAsgVaFhdt0mfFPZUKimOQCIszqnJgH2BH5EFroxsDo2qLH9eYWHFd4zC8k68yVq41On1SCk5GuMJmLvknbNgzFa-RdVaVSUAJlioO6ochwgpwF8US0SiQ1f8aBOOcGTmMalKVWKw_YdsdohJ3S_7Nr9TpUBusPgCk2ZHPepPETUC-Tabln-JUucK_1oWBHXRJh3ENwN5NYYcEmmzNeiD_fdLqtHbFY4TDIzffg9KJjkYLUWw-ooebXoR2LqWFmK3BalU_B5hoZrkenjkNB13D32Wi9WlCs2GELfwUZLSd2Kha0Yi06suaytW37_xACn93Lmn7Vtm5p7AALZmclPRNhYB4dxRecWtoAWid0ut4R8xB-Rw4Y_lfZ2N7JFMZSgkK_cXN8yL2-wp3Y1CzgX-6vmHU5ZguivUchqKLN06LwxzXl4tt7wjlOJbwQQss-nL-_-YSKT7beUzxdLx1AwG17Sg6nyTuEwGWHFCDLbOqt_UttzE17ck1WS0cJF_pBg_0nsjlsSiu7kDW40LBx4Je7p306DdQsU91cOTHmcCHWufXBJ2xSD-7MhBDQv6eTzOd2D2wle3rCOoNNQ==&bag=Lbvu3yzg1mIDxn7RiZB4m_UHYxuDGbvd&ruid=c03f5554-9555-4046-a1b7-f5702689fd89
IP
139.45.197.242:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /121?rnd=1166449996&z=5324394&b=16466421&c=6538593&var=&d=https%3A%2F%2Fmediasama.com%2Fstarharem%2F01%2Fs%2Findex_rt.html&cln={CELL_NUMBER}&btp=7&rb=kbg6EjQApIDDu4MSfJmp1foTEoOWZAEyA3UlbJJdo7NGOamE5pS6mbg0vLOXqnU8B_iGi82xegJLyym3_pWdmIv2yhhl1hyN53PBKaLzoBGwKodgXOhkRafG1fnckesq43KgWn0SEhYjuVlcRbTgnnTxPZMFmwV7x3zWi5WAsgVaFhdt0mfFPZUKimOQCIszqnJgH2BH5EFroxsDo2qLH9eYWHFd4zC8k68yVq41On1SCk5GuMJmLvknbNgzFa-RdVaVSUAJlioO6ochwgpwF8US0SiQ1f8aBOOcGTmMalKVWKw_YdsdohJ3S_7Nr9TpUBusPgCk2ZHPepPETUC-Tabln-JUucK_1oWBHXRJh3ENwN5NYYcEmmzNeiD_fdLqtHbFY4TDIzffg9KJjkYLUWw-ooebXoR2LqWFmK3BalU_B5hoZrkenjkNB13D32Wi9WlCs2GELfwUZLSd2Kha0Yi06suaytW37_xACn93Lmn7Vtm5p7AALZmclPRNhYB4dxRecWtoAWid0ut4R8xB-Rw4Y_lfZ2N7JFMZSgkK_cXN8yL2-wp3Y1CzgX-6vmHU5ZguivUchqKLN06LwxzXl4tt7wjlOJbwQQss-nL-_-YSKT7beUzxdLx1AwG17Sg6nyTuEwGWHFCDLbOqt_UttzE17ck1WS0cJF_pBg_0nsjlsSiu7kDW40LBx4Je7p306DdQsU91cOTHmcCHWufXBJ2xSD-7MhBDQv6eTzOd2D2wle3rCOoNNQ==&bag=Lbvu3yzg1mIDxn7RiZB4m_UHYxuDGbvd&ruid=c03f5554-9555-4046-a1b7-f5702689fd89 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: scm=1; OAID=eb089183193b4b57a40f56888f5ab519; oaidts=1675769914
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
server: nginx
date: Tue, 07 Feb 2023 11:38:36 GMT
content-length: 0
location: https://mediasama.com/starharem/01/s/index_rt.html
access-control-allow-credentials: true
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: a49cff34535bed4804ebcc1b01dad6fc
access-control-expose-headers: X-Sc
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

upgulpinon.com/11?rnd=2289518280&z=5324394&b=16466421&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=kbg6EjQApIDDu4MSfJmp1foTEoOWZAEyA3UlbJJdo7NGOamE5pS6mbg0vLOXqnU8B_iGi82xegJLyym3_pWdmIv2yhhl1hyN53PBKaLzoBGwKodgXOhkRafG1fnckesq43KgWn0SEhYjuVlcRbTgnnTxPZMFmwV7x3zWi5WAsgVaFhdt0mfFPZUKimOQCIszqnJgH2BH5EFroxsDo2qLH9eYWHFd4zC8k68yVq41On1SCk5GuMJmLvknbNgzFa-RdVaVSUAJlioO6ochwgpwF8US0SiQ1f8aBOOcGTmMalKVWKw_YdsdohJ3S_7Nr9TpUBusPgCk2ZHPepPETUC-Tabln-JUucK_1oWBHXRJh3ENwN5NYYcEmmzNeiD_fdLqtHbFY4TDIzffg9KJjkYLUWw-ooebXoR2LqWFmK3BalU_B5hoZrkenjkNB13D32Wi9WlCs2GELfwUZLSd2Kha0Yi06suaytW37_xACn93Lmn7Vtm5p7AALZmclPRNhYB4dxRecWtoAWid0ut4R8xB-Rw4Y_lfZ2N7JFMZSgkK_cXN8yL2-wp3Y1CzgX-6vmHU5ZguivUchqKLN06LwxzXl4tt7wjlOJbwQQss-nL-_-YSKT7beUzxdLx1AwG17Sg6nyTuEwGWHFCDLbOqt_UttzE17ck1WS0cJF_pBg_0nsjlsSiu7kDW40LBx4Je7p306DdQsU91cOTHmcCHWufXBJ2xSD-7MhBDQv6eTzOd2D2wle3rCOoNNQ==&ruid=c03f5554-9555-4046-a1b7-f5702689fd89&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FJ8Wtg7Mv&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1

139.45.197.242

200 OK

0 B

URL HTTP/2
upgulpinon.com/11?rnd=2289518280&z=5324394&b=16466421&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=kbg6EjQApIDDu4MSfJmp1foTEoOWZAEyA3UlbJJdo7NGOamE5pS6mbg0vLOXqnU8B_iGi82xegJLyym3_pWdmIv2yhhl1hyN53PBKaLzoBGwKodgXOhkRafG1fnckesq43KgWn0SEhYjuVlcRbTgnnTxPZMFmwV7x3zWi5WAsgVaFhdt0mfFPZUKimOQCIszqnJgH2BH5EFroxsDo2qLH9eYWHFd4zC8k68yVq41On1SCk5GuMJmLvknbNgzFa-RdVaVSUAJlioO6ochwgpwF8US0SiQ1f8aBOOcGTmMalKVWKw_YdsdohJ3S_7Nr9TpUBusPgCk2ZHPepPETUC-Tabln-JUucK_1oWBHXRJh3ENwN5NYYcEmmzNeiD_fdLqtHbFY4TDIzffg9KJjkYLUWw-ooebXoR2LqWFmK3BalU_B5hoZrkenjkNB13D32Wi9WlCs2GELfwUZLSd2Kha0Yi06suaytW37_xACn93Lmn7Vtm5p7AALZmclPRNhYB4dxRecWtoAWid0ut4R8xB-Rw4Y_lfZ2N7JFMZSgkK_cXN8yL2-wp3Y1CzgX-6vmHU5ZguivUchqKLN06LwxzXl4tt7wjlOJbwQQss-nL-_-YSKT7beUzxdLx1AwG17Sg6nyTuEwGWHFCDLbOqt_UttzE17ck1WS0cJF_pBg_0nsjlsSiu7kDW40LBx4Je7p306DdQsU91cOTHmcCHWufXBJ2xSD-7MhBDQv6eTzOd2D2wle3rCOoNNQ==&ruid=c03f5554-9555-4046-a1b7-f5702689fd89&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FJ8Wtg7Mv&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
IP
139.45.197.242:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /11?rnd=2289518280&z=5324394&b=16466421&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=kbg6EjQApIDDu4MSfJmp1foTEoOWZAEyA3UlbJJdo7NGOamE5pS6mbg0vLOXqnU8B_iGi82xegJLyym3_pWdmIv2yhhl1hyN53PBKaLzoBGwKodgXOhkRafG1fnckesq43KgWn0SEhYjuVlcRbTgnnTxPZMFmwV7x3zWi5WAsgVaFhdt0mfFPZUKimOQCIszqnJgH2BH5EFroxsDo2qLH9eYWHFd4zC8k68yVq41On1SCk5GuMJmLvknbNgzFa-RdVaVSUAJlioO6ochwgpwF8US0SiQ1f8aBOOcGTmMalKVWKw_YdsdohJ3S_7Nr9TpUBusPgCk2ZHPepPETUC-Tabln-JUucK_1oWBHXRJh3ENwN5NYYcEmmzNeiD_fdLqtHbFY4TDIzffg9KJjkYLUWw-ooebXoR2LqWFmK3BalU_B5hoZrkenjkNB13D32Wi9WlCs2GELfwUZLSd2Kha0Yi06suaytW37_xACn93Lmn7Vtm5p7AALZmclPRNhYB4dxRecWtoAWid0ut4R8xB-Rw4Y_lfZ2N7JFMZSgkK_cXN8yL2-wp3Y1CzgX-6vmHU5ZguivUchqKLN06LwxzXl4tt7wjlOJbwQQss-nL-_-YSKT7beUzxdLx1AwG17Sg6nyTuEwGWHFCDLbOqt_UttzE17ck1WS0cJF_pBg_0nsjlsSiu7kDW40LBx4Je7p306DdQsU91cOTHmcCHWufXBJ2xSD-7MhBDQv6eTzOd2D2wle3rCOoNNQ==&ruid=c03f5554-9555-4046-a1b7-f5702689fd89&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FJ8Wtg7Mv&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: scm=1; OAID=eb089183193b4b57a40f56888f5ab519; oaidts=1675769914
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 Feb 2023 11:38:36 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://ckk.ai
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: c54d050cf39dea1d47a92bab8cb45435
access-control-expose-headers: X-Sc
set-cookie: OAID=eb089183193b4b57a40f56888f5ab519; expires=Wed, 07 Feb 2024 11:38:36 GMT; secure; SameSite=None
oaidts=1675769914; expires=Wed, 07 Feb 2024 11:38:36 GMT; secure; SameSite=None
oaidvc=1; expires=Wed, 07 Feb 2024 11:38:36 GMT; secure; SameSite=None
CNT=1_v1_9UH7AAEAAADDS2lk; expires=Tue, 07 Feb 2023 12:38:36 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

cdn.itskiddien.club/?rb=Dsb4u6FmfvoXGdrihVgb8qinqG6v0Drm3XBbqEGUSOUktRwJze8okyBEjb3DGmzW9bVp3o6uEjPe1N9hHjFm0ylTN21xPYRzgfrq9LFTmCAPlZNVIu3SewTnDwHNwzmP_xu2qoFYkm_6RVJ6kxL4lYe-NURcHzXz-kFusbzJ1pr7Jfhuksj9kCweOKxHjWC74ExbbkpsVTyOQ9hEjrGT4P-sVkP-M0ex&request_ab2=0&zoneid=5535659&js_build=iclick-v1.482.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fckk.ai%2FJ8Wtg7Mv&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.482.0&bs=856f39e8-7c35-4514-ae7e-88cfd86b71a1&userId=eb089183193b4b57a40f56888f5ab519&m=link

139.45.197.236

200 OK

1.3 kB

URL HTTP/2
cdn.itskiddien.club/?rb=Dsb4u6FmfvoXGdrihVgb8qinqG6v0Drm3XBbqEGUSOUktRwJze8okyBEjb3DGmzW9bVp3o6uEjPe1N9hHjFm0ylTN21xPYRzgfrq9LFTmCAPlZNVIu3SewTnDwHNwzmP_xu2qoFYkm_6RVJ6kxL4lYe-NURcHzXz-kFusbzJ1pr7Jfhuksj9kCweOKxHjWC74ExbbkpsVTyOQ9hEjrGT4P-sVkP-M0ex&request_ab2=0&zoneid=5535659&js_build=iclick-v1.482.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fckk.ai%2FJ8Wtg7Mv&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.482.0&bs=856f39e8-7c35-4514-ae7e-88cfd86b71a1&userId=eb089183193b4b57a40f56888f5ab519&m=link
IP
139.45.197.236:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text, with very long lines (1599), with no line terminators
Size
1.3 kB (1285 bytes)
Hash
8a3992501f1bad368b75296392bb5197
8dc29b1b0cf33c7ad832950352b4517d3c0538df
1f84202a26d99daf9938dc59c51a5067529bada218df21434c614bf068194c8b

HTTP Headers

GET /?rb=Dsb4u6FmfvoXGdrihVgb8qinqG6v0Drm3XBbqEGUSOUktRwJze8okyBEjb3DGmzW9bVp3o6uEjPe1N9hHjFm0ylTN21xPYRzgfrq9LFTmCAPlZNVIu3SewTnDwHNwzmP_xu2qoFYkm_6RVJ6kxL4lYe-NURcHzXz-kFusbzJ1pr7Jfhuksj9kCweOKxHjWC74ExbbkpsVTyOQ9hEjrGT4P-sVkP-M0ex&request_ab2=0&zoneid=5535659&js_build=iclick-v1.482.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fckk.ai%2FJ8Wtg7Mv&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.482.0&bs=856f39e8-7c35-4514-ae7e-88cfd86b71a1&userId=eb089183193b4b57a40f56888f5ab519&m=link HTTP/1.1
Host: cdn.itskiddien.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ckk.ai/
Origin: https://ckk.ai
Connection: keep-alive
Cookie: OAID=fdf45f1bf29340a2b56259ed670e7dcc; oaidts=1675769915
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 Feb 2023 11:38:35 GMT
content-type: application/json
x-trace-id: a70c278803f3dbe568bbc10c28ce83a7
access-control-allow-origin: https://ckk.ai
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=eb089183193b4b57a40f56888f5ab519; expires=Wed, 07 Feb 2024 11:38:35 GMT; path=/; secure; SameSite=None
oaidts=1675769915; expires=Wed, 07 Feb 2024 11:38:35 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Tue, 14 Feb 2023 11:38:35 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b105a0b0c24dce447cd93c1266342440
ecb8b73620242decb0a0985f6873eba8e81f58a9
cbb1df75003c59a01c693cc7c868067932c8f5114835ea8889535de35767a6a4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CBB1DF75003C59A01C693CC7C868067932C8F5114835EA8889535DE35767A6A4"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2507
Expires: Tue, 07 Feb 2023 12:20:23 GMT
Date: Tue, 07 Feb 2023 11:38:36 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
400583fdae15ee316199944c841c8f25
9623a17c261235c4a34b247a6a7549658546eb8d
da9e1d76b35abb17de36510b5ceb2fc1161e605822dcc644fb7c0bcd860c73f8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 895
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 11:38:36 GMT
Last-Modified: Tue, 07 Feb 2023 11:23:41 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 280

139.45.197.239

200 OK

21 kB

URL HTTP/2
forfrogadiertor.com/500/5533285?excludes=&oaid=eb089183193b4b57a40f56888f5ab519&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fckk.ai%2FJ8Wtg7Mv&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.239:0
ASN
#9002 RETN Limited

File type
data
Size
21 kB (21205 bytes)
Hash
8a8c37dd1df5d676295b29bb4417ccde
af11cbde5578cdf209092f164d25d81a8c5fb26c
6ea810686d21c33ca38bf70857545c47a86162ded2712dc107c2d49d97320078

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /500/5533285?excludes=&oaid=eb089183193b4b57a40f56888f5ab519&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fckk.ai%2FJ8Wtg7Mv&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: forfrogadiertor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: OAID=eada859457664593bffdbc0e0ecec906
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 Feb 2023 11:38:36 GMT
content-type: application/javascript
x-trace-id: 6b1bdc9c9c3f00b7e9a7e5fa85672623
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: https://ckk.ai
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=eb089183193b4b57a40f56888f5ab519; expires=Wed, 07 Feb 2024 11:38:35 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6168
Expires: Tue, 07 Feb 2023 13:21:24 GMT
Date: Tue, 07 Feb 2023 11:38:36 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6168
Expires: Tue, 07 Feb 2023 13:21:24 GMT
Date: Tue, 07 Feb 2023 11:38:36 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6168
Expires: Tue, 07 Feb 2023 13:21:24 GMT
Date: Tue, 07 Feb 2023 11:38:36 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6168
Expires: Tue, 07 Feb 2023 13:21:24 GMT
Date: Tue, 07 Feb 2023 11:38:36 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ada2635-3335-4f49-9e7f-22d2ae016030.jpeg

34.120.237.76

200 OK

4.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ada2635-3335-4f49-9e7f-22d2ae016030.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.2 kB (4227 bytes)
Hash
eedb4de12585c70ddb5b8f94fe6a59e2
83c9437e71a0a03b3e8ff652155a85eafa76cdda
d4493a30f62e9ad224b3595ba3af8a322e2d4a3d9238a1847973f962bdcc0c82

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ada2635-3335-4f49-9e7f-22d2ae016030.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4227
x-amzn-requestid: b45f2ab7-0102-4542-9514-54fb93a0e27f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f77sTH4jIAMFnsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e1731b-4a24bcb1102e58543cd81343;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 21:37:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: V_4NzIAVBOZMjf_YIM3bowFdlP1y4peI5JI-jO105s3NVjmyYnC0Tg==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 21:48:48 GMT
age: 49788
etag: "83c9437e71a0a03b3e8ff652155a85eafa76cdda"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bbda930-ccb5-4a8a-b679-2389a710fc6f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6787 bytes)
Hash
d057038cd3164c40413a88f9b5c2af92
afbcb6617c7277ea42068c2aa1c8dcba02549873
ae03b42f1a5c3774e3ea569a886707a8a31da05a45bd971b829cf579be0ea6c7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bbda930-ccb5-4a8a-b679-2389a710fc6f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6787
x-amzn-requestid: 15924d6a-68a3-414b-9e23-68d37291d4a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fvyxSEjXIAMFT3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc9808-22daff920f5fe1201328ccee;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 05:13:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AOnXbzTBcVZ3quJx3NoNQC08Gk5_phyp8UiWCm6Dk4GPxl8FCaIC4w==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 04:57:41 GMT
age: 24055
etag: "afbcb6617c7277ea42068c2aa1c8dcba02549873"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a62e65-5d07-4259-aa47-d2491847eee9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10788 bytes)
Hash
d29e7077f69b88a0108efeb7a2efe7e9
1958f83edeb8c6b68f17cead3fb5714f44e619eb
371f02a5b36ac3e52cc6c4e78f0980107a0f92105e79ee53278089ae5ff6de93

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a62e65-5d07-4259-aa47-d2491847eee9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10788
x-amzn-requestid: 8e1c8026-1eea-4eb0-810e-7ea43ed11f87
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyymWEsSoAMFykg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ddcaf5-20fc23b535fa86f56a34fbae;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 03:03:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -OEG4deGxPaXCxA16sr4s2uAcDTWyzDoXgCkUdwluUiYL-z55VQKwA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 06:11:48 GMT
age: 19608
etag: "1958f83edeb8c6b68f17cead3fb5714f44e619eb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3c48c35-4645-41c0-a6fa-b700208324c7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (13390 bytes)
Hash
75b0935816ca54d5d20a9fffa5531e0d
bd8374980c16b7d5a28e55b8bef2215713b1ebb2
4ab6f49d22d029681754b617001f93467d63035acdaf12905c2314cab77991af

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3c48c35-4645-41c0-a6fa-b700208324c7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13390
x-amzn-requestid: 0664e077-13a4-4a97-afc2-3969cee56958
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f2pu6Fb7oAMF_0g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63df565f-057ee8fa26aa83d21f875d73;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 07:10:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cAwOWu-_JYTMa0l-1A07FxgOGtG7P59D7XlovXByRA9dQxfsS2An7w==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 18:44:40 GMT
age: 60836
etag: "bd8374980c16b7d5a28e55b8bef2215713b1ebb2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (13160 bytes)
Hash
003fc35e140a75a12b7795c3986426ec
da002b22e2a01f48a545b369d4403eabb17a10d5
bb0754411aa7d0a5036b86b282d0e93d13227765ca9ccaf3a34e8e486cb413d1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13160
x-amzn-requestid: 34aa6dfe-7f14-48d0-89b2-90548621be79
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzVxSHh7IAMFjAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63de033b-49587fff75aebe96136137be;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 07:03:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qwSN-ztVJgRfu3bFIjYaVYV8Cnx77j1ugkRjqhRtRXdPju7AhEMg-A==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 07:15:46 GMT
age: 15770
etag: "da002b22e2a01f48a545b369d4403eabb17a10d5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6154ab9-bb20-4d77-a86e-15f604bb237a.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.1 kB (8110 bytes)
Hash
4dd67c975f1c1f91ca92f37c9e098231
b9096efb56b6e196b13722e767a9d2762737cbb9
39f21e5db4089d6cf94646b76cd9032e9831ed03f7c2f0d980fac09c893a52db

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6154ab9-bb20-4d77-a86e-15f604bb237a.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8110
x-amzn-requestid: fdfa4af0-a6e4-4664-a86b-48fd6f374d96
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f77JCFyzoAMFtyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e17239-205cdd9d70f23cb358c65222;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 21:33:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zHo_IPM2j3t4prd4ZuLR7c-GPrWHxSxqSUprBxrT9n_DG8ySpkpb8g==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 21:46:30 GMT
age: 49926
etag: "b9096efb56b6e196b13722e767a9d2762737cbb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.14

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.14:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1490)
Size
20 kB (20085 bytes)
Hash
ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Tue, 07 Feb 2023 09:45:20 GMT
expires: Tue, 07 Feb 2023 11:45:20 GMT
cache-control: public, max-age=7200
age: 6796
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ef0e91cb2992a38ada7e5ff51f809c5d
baae714f42b3a4f5d304d54965bb7dac75381c17
32966a42274107e0277845376e30f7c035d25874904d8e067cc3306fbca65162

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 11:38:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit

142.250.74.3

200 OK

584 B

URL HTTP/2
www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (921), with no line terminators
Size
584 B (584 bytes)
Hash
1c85a36998a092d37c3b8ce77bfe8f0e
ed157ea89b61501303c4cab5078676be9ecaa2f9
693af892a5ec0e0c91ecb568effdace49dac9fe828242cce46776dbeb8270967

HTTP Headers

GET /recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit HTTP/1.1
Host: www.recaptcha.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
expires: Tue, 07 Feb 2023 11:38:36 GMT
date: Tue, 07 Feb 2023 11:38:36 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 584
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

mediasama.com/starharem/01/s/index_rt.html

149.56.38.113

200 OK

1.5 kB

URL HTTP/1.1
mediasama.com/starharem/01/s/index_rt.html
IP
149.56.38.113:0
ASN
#16276 OVH SAS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.5 kB (1525 bytes)
Hash
30597b59f3cb1eadf603fcfb21952340
baca3a552764959edd4fc56947acc9a4f33822de
6ac92da5b37d94c53f231a18bb88be006ae20f1724a63151a97ed918d86cb25d

HTTP Headers

GET /starharem/01/s/index_rt.html HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 11:38:36 GMT
Server: Apache
Last-Modified: Wed, 20 Jul 2022 09:11:51 GMT
ETag: "17a0-5e438fdce23c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1525
Content-Type: text/html

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ef0e91cb2992a38ada7e5ff51f809c5d
baae714f42b3a4f5d304d54965bb7dac75381c17
32966a42274107e0277845376e30f7c035d25874904d8e067cc3306fbca65162

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 11:38:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

mediasama.com/starharem/01/s/styles.css

149.56.38.113

200 OK

2.4 kB

URL HTTP/1.1
mediasama.com/starharem/01/s/styles.css
IP
149.56.38.113:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (420)
Size
2.4 kB (2406 bytes)
Hash
8e7117f5f47cb6cde0a8e8eb38b16dbb
617fd3f0d3f420ee1967a20fb0b0af4ac34eca03
794f8aa66b6afcf9b7d9bfe5952860436dcfee6bf82e4368af6bc838ce89be98

HTTP Headers

GET /starharem/01/s/styles.css HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 11:38:36 GMT
Server: Apache
Last-Modified: Thu, 07 Apr 2022 08:02:29 GMT
ETag: "2638-5dc0be6400e82-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2406
Content-Type: text/css

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ad2d72821808ee5f77c0598fed0f8bd1
adcd92881d1c5ac3cca4687dc6347369240f4726
c7ce86611bf0b0063c0bcb2c6a6a4b85fe6be2d89e382b8907e8bbb2e1e5962d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 11:38:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0a8ea253ef61b5c330b3285f9a94e6ae
0cf9a1c66c83f505c7195774996b107c145f5884
8b6bca0cd9c9adcb16bba03349e8fcbfcd645719c82c95f0111095b731842402

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 11:38:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

142.250.74.74

200 OK

30 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (65451)
Size
30 kB (30399 bytes)
Hash
0f83cadc148d2ad7e53c91f6c4ee05bb
90035c5fffedf4b0f099465f6b929a030b46c92b
3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae

HTTP Headers

GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 Feb 2023 17:18:19 GMT
expires: Tue, 06 Feb 2024 17:18:19 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 66017
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js

216.58.211.3

200 OK

164 kB

URL HTTP/2
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (633)
Size
164 kB (163841 bytes)
Hash
fe98364486b3206867b17008f995646f
35a5e9aa210970f7abd718d99e629c6982a3cc02
1fd703cb16e3f6f3f7192109d19c69d6e5ac1cfa0feb5b105a86564b7970d28a

HTTP Headers

GET /recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163841
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 Feb 2023 08:53:11 GMT
expires: Wed, 07 Feb 2024 08:53:11 GMT
cache-control: public, max-age=31536000
age: 9925
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ad2d72821808ee5f77c0598fed0f8bd1
adcd92881d1c5ac3cca4687dc6347369240f4726
c7ce86611bf0b0063c0bcb2c6a6a4b85fe6be2d89e382b8907e8bbb2e1e5962d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 11:38:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0a8ea253ef61b5c330b3285f9a94e6ae
0cf9a1c66c83f505c7195774996b107c145f5884
8b6bca0cd9c9adcb16bba03349e8fcbfcd645719c82c95f0111095b731842402

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 11:38:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f

139.45.195.254

200 OK

12 B

URL HTTP/1.1
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP
139.45.195.254:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1168
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Tue, 07 Feb 2023 11:38:41 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://ckk.ai
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
0042362c056c66d88e82782ad9b26669
84ff2f895a759e9be60cad8ff69c9d59b2e739d9
13f2260996b04204fe0457ca7fd88d701bac7d8194574014b2263ef45e1b41ed

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 11:38:36 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 05 Feb 2023 03:49:37 GMT
Expires: Sun, 12 Feb 2023 03:49:36 GMT
Etag: "84ff2f895a759e9be60cad8ff69c9d59b2e739d9"
Cache-Control: max-age=403259,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 795bd714fa211c0a-OSL

mediasama.com/starharem/01/s/js/main.js

149.56.38.113

200 OK

549 B

URL HTTP/1.1
mediasama.com/starharem/01/s/js/main.js
IP
149.56.38.113:0
ASN
#16276 OVH SAS

File type
ASCII text
Size
549 B (549 bytes)
Hash
d8fa8e233a4db9fbce0c20d9a57a06fe
2366b2969771aa164bfdca6b5baf916806f6758a
f496e19ead804367daa801860cd95a7ec6854965a7c5cf2c49dda71532c19932

HTTP Headers

GET /starharem/01/s/js/main.js HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 11:38:36 GMT
Server: Apache
Last-Modified: Thu, 07 Apr 2022 08:02:50 GMT
ETag: "516-5dc0be78000b5-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 549
Content-Type: application/javascript

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mediasama.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 13:09:06 GMT
expires: Wed, 31 Jan 2024 13:09:06 GMT
cache-control: public, max-age=31536000
age: 599370
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/luckiestguy/v18/_gP_1RrxsjcxVyin9l9n_j2hTd52.woff2

216.58.207.227

200 OK

17 kB

URL HTTP/2
fonts.gstatic.com/s/luckiestguy/v18/_gP_1RrxsjcxVyin9l9n_j2hTd52.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 17360, version 1.0\012- data
Size
17 kB (17360 bytes)
Hash
70322c317b1f4e2e17dbc6b672f95f5f
f3dff7c50e1aea33814c6aeeca177ae3ff900bfc
3877b522181765adf66ba89bd68d288ecb9f2483b441baab3424646b0c7aaa0a

HTTP Headers

GET /s/luckiestguy/v18/_gP_1RrxsjcxVyin9l9n_j2hTd52.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mediasama.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17360
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 01:14:36 GMT
expires: Thu, 01 Feb 2024 01:14:36 GMT
cache-control: public, max-age=31536000
age: 555840
last-modified: Tue, 19 Apr 2022 18:58:03 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

mediasama.com/starharem/01/s/audio/btn_1.mp3

149.56.38.113

206 Partial Content

20 kB

URL HTTP/1.1
mediasama.com/starharem/01/s/audio/btn_1.mp3
IP
149.56.38.113:0
ASN
#16276 OVH SAS

File type
Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 192 kbps, 44.1 kHz, JntStereo\012- data
Size
20 kB (20321 bytes)
Hash
d857acaef2cdf5ec88ea6128c1ceb7b3
5f67419243f34232a4da8cb1a1eaecfc192ff1a7
df83bc888086ae84b5d532a39023b0db17e8f3ccd3ffdcd6f35c8d4f39558d24

HTTP Headers

GET /starharem/01/s/audio/btn_1.mp3 HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 206 Partial Content
Date: Tue, 07 Feb 2023 11:38:37 GMT
Server: Apache
Last-Modified: Thu, 07 Apr 2022 08:02:31 GMT
ETag: "4f61-5dc0be65fcb81"
Accept-Ranges: bytes
Content-Length: 20321
Content-Range: bytes 0-20320/20321
Content-Type: audio/mpeg

mediasama.com/starharem/01/s/img/1.jpg

149.56.38.113

200 OK

397 kB

URL HTTP/1.1
mediasama.com/starharem/01/s/img/1.jpg
IP
149.56.38.113:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3\012- data
Size
397 kB (397097 bytes)
Hash
43c140ec16ce96d582782ea93eeaa4fe
3390bf8e8708620fc0a851455e4729cb4f0248a2
3e176a04debe08dd522e7f0fbc9f7530880a92fb9845afd7391bbaa764a4ad55

HTTP Headers

GET /starharem/01/s/img/1.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 11:38:36 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:39 GMT
ETag: "60f29-5dc622dfac0e8"
Accept-Ranges: bytes
Content-Length: 397097
Content-Type: image/jpeg

mediasama.com/starharem/01/s/img/2.jpg

149.56.38.113

200 OK

369 kB

URL HTTP/1.1
mediasama.com/starharem/01/s/img/2.jpg
IP
149.56.38.113:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3\012- data
Size
369 kB (369239 bytes)
Hash
b7d3bd4ae3d5f8477e040e6410517866
2b255c9583c47e5da4069d9c055d3430a0c1e03a
7bb68d5a9a92a500956397e156beb117a0ef605b6747800cacf9c9440b6fc7e4

HTTP Headers

GET /starharem/01/s/img/2.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 11:38:36 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:41 GMT
ETag: "5a257-5dc622e1424eb"
Accept-Ranges: bytes
Content-Length: 369239
Content-Type: image/jpeg

mediasama.com/starharem/01/s/img/7.jpg

149.56.38.113

200 OK

327 kB

URL HTTP/1.1
mediasama.com/starharem/01/s/img/7.jpg
IP
149.56.38.113:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3\012- data
Size
327 kB (326553 bytes)
Hash
c67c9fb0268eea7d188c4c9bc54a0bf4
216b83374ba6f011041b31dd381f22e99ea7a8c1
95ae6eba3fad2ff05cadc95b27fc79a198a9e873371ab5fb7bb97c1661cd4654

HTTP Headers

GET /starharem/01/s/img/7.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 11:38:37 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:45 GMT
ETag: "4fb99-5dc622e5033f2"
Accept-Ranges: bytes
Content-Length: 326553
Content-Type: image/jpeg

mediasama.com/starharem/01/s/img/3.jpg

149.56.38.113

200 OK

375 kB

URL HTTP/1.1
mediasama.com/starharem/01/s/img/3.jpg
IP
149.56.38.113:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3\012- data
Size
375 kB (375159 bytes)
Hash
84c5f704120f28ad7bcde2ebab7442a0
fd2745300ba7ad59ff8044c7e9f76b1326ddd120
6227de9cf2198a85639d3808c134b85dc1e6a5ee5ee5709189c5e58d1b91b7c2

HTTP Headers

GET /starharem/01/s/img/3.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 11:38:37 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:41 GMT
ETag: "5b977-5dc622e17edac"
Accept-Ranges: bytes
Content-Length: 375159
Content-Type: image/jpeg

mediasama.com/starharem/01/s/img/4.jpg

149.56.38.113

200 OK

325 kB

URL HTTP/1.1
mediasama.com/starharem/01/s/img/4.jpg
IP
149.56.38.113:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3\012- data
Size
325 kB (325446 bytes)
Hash
ec18d276822ab5772f3458da7dbedfbc
f7a38f944aaba3e6b848f496bf4b8fee50b58161
da6b7082767f0ddffbec031c7f84b859c7a1f20624445bb26aa93895b75d7c09

HTTP Headers

GET /starharem/01/s/img/4.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 11:38:37 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:43 GMT
ETag: "4f746-5dc622e2da82e"
Accept-Ranges: bytes
Content-Length: 325446
Content-Type: image/jpeg

mediasama.com/starharem/01/s/img/8.jpg

149.56.38.113

200 OK

682 kB

URL HTTP/1.1
mediasama.com/starharem/01/s/img/8.jpg
IP
149.56.38.113:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 0-3584, spot sensor temperature 0.000000, unit celsius, color scheme 0, calibration: offset 0.000000, slope 211035008.000000\012- data
Size
682 kB (682050 bytes)
Hash
cedcd46e956dee6a28f87198962b0477
7b38f1de654971e436983fb6a34a71540ba526c9
08c08ef6f1ed9da65259719bbcc97e9aec700d3b486a9f0a741cb5800be34db5

HTTP Headers

GET /starharem/01/s/img/8.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 11:38:37 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:47 GMT
ETag: "a6842-5dc622e757ed6"
Accept-Ranges: bytes
Content-Length: 682050
Content-Type: image/jpeg

mediasama.com/starharem/01/s/img/6.jpg

149.56.38.113

200 OK

261 kB

URL HTTP/1.1
mediasama.com/starharem/01/s/img/6.jpg
IP
149.56.38.113:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3\012- data
Size
261 kB (261364 bytes)
Hash
4b7cf78d93f3f009f850bedb6829d7f6
cc55cad898df47a2f089946aee9398fea7fa2ae6
44d0a6f8e7f7fe0354c05417445137070431686d671c51e9f3d3869867f2448f

HTTP Headers

GET /starharem/01/s/img/6.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 11:38:37 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:44 GMT
ETag: "3fcf4-5dc622e471bd1"
Accept-Ranges: bytes
Content-Length: 261364
Content-Type: image/jpeg

mediasama.com/starharem/01/s/img/10.jpg

149.56.38.113

200 OK

237 kB

URL HTTP/1.1
mediasama.com/starharem/01/s/img/10.jpg
IP
149.56.38.113:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3\012- data
Size
237 kB (236974 bytes)
Hash
e0046cc1f34ff0701ec4874a0a8c5d43
c6a46db14dfc50d67307a9855f4dd2688d576a01
8589d73053f4bb258d888488403564bdcc94fb2d87c7388f943bf06fb85865a1

HTTP Headers

GET /starharem/01/s/img/10.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 11:38:37 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:39 GMT
ETag: "39dae-5dc622df755e8"
Accept-Ranges: bytes
Content-Length: 236974
Content-Type: image/jpeg

mediasama.com/starharem/01/s/img/5.jpg

149.56.38.113

200 OK

461 kB

URL HTTP/1.1
mediasama.com/starharem/01/s/img/5.jpg
IP
149.56.38.113:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3\012- data
Size
461 kB (461412 bytes)
Hash
42ad3cffde2e4081df94ded8a30a1dc5
7b064f0fcb96e5b5c498c0c03bcbb9ab15e999b0
be788428faee6157125228734e5510d4f49212766eff23a1a1b178e456f153d1

HTTP Headers

GET /starharem/01/s/img/5.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 11:38:37 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:43 GMT
ETag: "70a64-5dc622e35f52f"
Accept-Ranges: bytes
Content-Length: 461412
Content-Type: image/jpeg

mediasama.com/starharem/01/s/img/9.jpg

149.56.38.113

200 OK

342 kB

URL HTTP/1.1
mediasama.com/starharem/01/s/img/9.jpg
IP
149.56.38.113:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3\012- data
Size
342 kB (341673 bytes)
Hash
a3a888cf217de9be2aa727dd1cc64757
b7bd361dfdceecfc5775d0ed32e5798abd271d5e
2fd4025336ad8a5edd704651a216cf6b9739089ad1c204bd1ea8e114d11770b9

HTTP Headers

GET /starharem/01/s/img/9.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 11:38:37 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:47 GMT
ETag: "536a9-5dc622e6fb276"
Accept-Ranges: bytes
Content-Length: 341673
Content-Type: image/jpeg

mediasama.com/starharem/01/s/img/11.jpg

149.56.38.113

200 OK

403 kB

URL HTTP/1.1
mediasama.com/starharem/01/s/img/11.jpg
IP
149.56.38.113:0
ASN
#16276 OVH SAS

File type
JPEG image data, baseline, precision 8, 1920x1080, components 3\012- data
Size
403 kB (402740 bytes)
Hash
c10654a068f849e614885c983ac9ab02
8d69da78045560f1c2de7bafc47b2c8a12e86424
3a864743d27da3ef1cea10d293532f84f9d564a98b34afef2a8f4b380472dfc2

HTTP Headers

GET /starharem/01/s/img/11.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 11:38:37 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 09:18:06 GMT
ETag: "62534-5dc5d6c134c3d"
Accept-Ranges: bytes
Content-Length: 402740
Content-Type: image/jpeg

oaphoace.net/impression/OAKEQhhMU7YJph8sF4yZGOuUWeeXXI_UkuizpJiPY1UnlNhRgDZafXyASkV99_TwByGz9CR9oVY4cwc3iw68NPua-l_g7cHwPURXdJ8zBEr_HPp32Ym2TEXSkMUzzluZupPJIFqk7QGSYzk9i5Ty18EFid6pIvqi8PQQYZkLfMM2Hmhmtijajfz4T7-8CymP3cReh1MEcMN_OzqziKY1fgce7xDV4Wn8ay2i4Q6OQoSFxNAyo9w4WwkgQdG_uMynwDjWln_h7msFiNYy3s1x3a5UNzjcWIK0FNJN7_1HWNrAXUQhWieXJNZTX-jUYCMx3aql9sImOcGObdo2XGNXPHZ6IfhEO_nizch4qUPYGlaH7odDx1es_8LUDoKaocBi8-WjMURg_bRVyPmhv7ab4081_hmxm_vWFqy5IBctMHuvrhFrwy5hHy45ZX0b1lotcQRVIpYV6KBdW9hZACUkCfKrKpN02vNkBg_wvpImsGb-skh7qp3Ofxgg9oYnBNFc_N8cwX_twkjIMdHnUX7DBpAZtywiVQOEMgg1YPBQl34kWBRMbth_2lyhAxrr1iJxPOIy7yVXOt6iQYCo7w2PPA6m5IU=?_z=5292343&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fckk.ai%2FJ8Wtg7Mv&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

139.45.197.239

200 OK

43 B

URL HTTP/2
oaphoace.net/impression/OAKEQhhMU7YJph8sF4yZGOuUWeeXXI_UkuizpJiPY1UnlNhRgDZafXyASkV99_TwByGz9CR9oVY4cwc3iw68NPua-l_g7cHwPURXdJ8zBEr_HPp32Ym2TEXSkMUzzluZupPJIFqk7QGSYzk9i5Ty18EFid6pIvqi8PQQYZkLfMM2Hmhmtijajfz4T7-8CymP3cReh1MEcMN_OzqziKY1fgce7xDV4Wn8ay2i4Q6OQoSFxNAyo9w4WwkgQdG_uMynwDjWln_h7msFiNYy3s1x3a5UNzjcWIK0FNJN7_1HWNrAXUQhWieXJNZTX-jUYCMx3aql9sImOcGObdo2XGNXPHZ6IfhEO_nizch4qUPYGlaH7odDx1es_8LUDoKaocBi8-WjMURg_bRVyPmhv7ab4081_hmxm_vWFqy5IBctMHuvrhFrwy5hHy45ZX0b1lotcQRVIpYV6KBdW9hZACUkCfKrKpN02vNkBg_wvpImsGb-skh7qp3Ofxgg9oYnBNFc_N8cwX_twkjIMdHnUX7DBpAZtywiVQOEMgg1YPBQl34kWBRMbth_2lyhAxrr1iJxPOIy7yVXOt6iQYCo7w2PPA6m5IU=?_z=5292343&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fckk.ai%2FJ8Wtg7Mv&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.239:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /impression/OAKEQhhMU7YJph8sF4yZGOuUWeeXXI_UkuizpJiPY1UnlNhRgDZafXyASkV99_TwByGz9CR9oVY4cwc3iw68NPua-l_g7cHwPURXdJ8zBEr_HPp32Ym2TEXSkMUzzluZupPJIFqk7QGSYzk9i5Ty18EFid6pIvqi8PQQYZkLfMM2Hmhmtijajfz4T7-8CymP3cReh1MEcMN_OzqziKY1fgce7xDV4Wn8ay2i4Q6OQoSFxNAyo9w4WwkgQdG_uMynwDjWln_h7msFiNYy3s1x3a5UNzjcWIK0FNJN7_1HWNrAXUQhWieXJNZTX-jUYCMx3aql9sImOcGObdo2XGNXPHZ6IfhEO_nizch4qUPYGlaH7odDx1es_8LUDoKaocBi8-WjMURg_bRVyPmhv7ab4081_hmxm_vWFqy5IBctMHuvrhFrwy5hHy45ZX0b1lotcQRVIpYV6KBdW9hZACUkCfKrKpN02vNkBg_wvpImsGb-skh7qp3Ofxgg9oYnBNFc_N8cwX_twkjIMdHnUX7DBpAZtywiVQOEMgg1YPBQl34kWBRMbth_2lyhAxrr1iJxPOIy7yVXOt6iQYCo7w2PPA6m5IU=?_z=5292343&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fckk.ai%2FJ8Wtg7Mv&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: oaphoace.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: OAID=eb089183193b4b57a40f56888f5ab519
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 Feb 2023 11:38:40 GMT
content-type: image/gif
content-length: 43
x-trace-id: cf3d78f6a96b6f175bbc97071dc156b3
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F028c7ce9-e4c6-4453-bc20-0c0fefbadfec.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11630 bytes)
Hash
b08a4dc42d2e08b2b18c9545ce9a2fdb
b688557ebba4b3c987275761e9a1f5993ad3d8a5
641402fb9282208b33877e4812cb9392b035dba85fcb3a344a2a1072d5a69f28

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F028c7ce9-e4c6-4453-bc20-0c0fefbadfec.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 11630
x-amzn-requestid: 3912e3f9-44a5-405c-9edb-d8409faa0b04
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4pkUHUoIAMFzcg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e022e8-03e547e96b085d9e29a1852b;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:43:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: sxF0lRh0Jc9km7inuPEIo5I0hx-TW8Mjz5C3oDcBGtfxtJTnBssPVw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 07:08:35 GMT
age: 16208
etag: "b688557ebba4b3c987275761e9a1f5993ad3d8a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

upgulpinon.com/27/843a9f1226eda0484b879504742bc6d9

139.45.197.242

200 OK

0 B

URL HTTP/2
upgulpinon.com/27/843a9f1226eda0484b879504742bc6d9
IP
139.45.197.242:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /27/843a9f1226eda0484b879504742bc6d9 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: scm=1; OAID=913072a800a049fc982e35e6ddaa70e8; oaidts=1675769914
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 Feb 2023 11:38:35 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
cache-control: max-age:290304000, public
last-modified: Fri, 03 Feb 2023 06:00:36 GMT
expires: Fri, 05 Mar 2083 06:00:36 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

cdn.itskiddien.club/apu.php?zoneid=5535659

139.45.197.236

200 OK

0 B

URL HTTP/2
cdn.itskiddien.club/apu.php?zoneid=5535659
IP
139.45.197.236:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /apu.php?zoneid=5535659 HTTP/1.1
Host: cdn.itskiddien.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 07 Feb 2023 11:38:35 GMT
content-type: application/javascript
x-trace-id: 08d3925923ed4826be2a44eb8aa4e45b
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=fdf45f1bf29340a2b56259ed670e7dcc; expires=Wed, 07 Feb 2024 11:38:35 GMT; path=/; secure; SameSite=None
oaidts=1675769915; expires=Wed, 07 Feb 2024 11:38:35 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

139.45.197.242

200 OK

0 B

URL HTTP/2
upgulpinon.com/9?z=5324394&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FJ8Wtg7Mv&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=eb089183193b4b57a40f56888f5ab519
IP
139.45.197.242:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /9?z=5324394&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FJ8Wtg7Mv&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=eb089183193b4b57a40f56888f5ab519 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 52
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: scm=1; OAID=913072a800a049fc982e35e6ddaa70e8; oaidts=1675769914
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 Feb 2023 11:38:35 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://ckk.ai
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: 097a7d278e455474fa25d12402ed2f99
access-control-expose-headers: X-Sc
set-cookie: OAID=eb089183193b4b57a40f56888f5ab519; expires=Wed, 07 Feb 2024 11:38:35 GMT; secure; SameSite=None
oaidts=1675769914; expires=Wed, 07 Feb 2024 11:38:35 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

ckk.ai/J8Wtg7Mv

188.114.96.1

200 OK

0 B

URL HTTP/2
ckk.ai/J8Wtg7Mv
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /J8Wtg7Mv HTTP/1.1
Host: ckk.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Tue, 07 Feb 2023 11:38:34 GMT
content-type: text/html; charset=UTF-8
set-cookie: AppSession=9524558a20829bee66ea342716ea3f5d; path=/; HttpOnly; secure
refJ8Wtg7Mv=ZDhmNjU4YTAwZjkxNTg1MmJjZDNmNDE2ZGM2YWFkMTM5YTczNWRmMWUyYzExZWMzNjE3OTFhZGYyMDc4N2YzMMggkT1E5ARZBMrr8W5XWjRF27%2ByMxt7PhJtDwXr9uFF; expires=Tue, 07-Feb-2023 11:43:32 GMT; Max-Age=300; path=/; HttpOnly; secure
csrfToken=389080dec692996810259234496b774eabdf2a1040a0181b27a0e7e4f573f6119594d4b62f7643e193bd087be552b7eb609a0059c95a0ebf767cd3943def725a; path=/; HttpOnly; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN,SAMEORIGIN
x-robots-tag: noindex, nofollow
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AI5Xa%2F7zM%2F2swGTHYwiPJgcvwIUi12bXMFHGJ%2BtU4eEzol5nKVXT%2FM2rnJAvNd542CGTkX02RAcQ6wSTvA4vS2Z7zWqXEVbuja%2BMFEVipO1f%2BiabRLqLfWg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 795bd70a99d9b4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2

forfrogadiertor.com/400/5533285

139.45.197.239

200 OK

0 B

URL HTTP/2
forfrogadiertor.com/400/5533285
IP
139.45.197.239:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /400/5533285 HTTP/1.1
Host: forfrogadiertor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 07 Feb 2023 11:38:35 GMT
content-type: application/javascript
x-trace-id: 2ab28e915e0f6db67551c69ee5f2b061
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=eada859457664593bffdbc0e0ecec906; expires=Wed, 07 Feb 2024 11:38:35 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

iclickcdn.com/tag.min.js

104.26.13.118

200 OK

0 B

URL HTTP/2
iclickcdn.com/tag.min.js
IP
104.26.13.118:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /tag.min.js HTTP/1.1
Host: iclickcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 07 Feb 2023 11:38:34 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: cd61c43ccf16de15500243aebd8ac464
cache-control: max-age=86400
last-modified: Mon, 06 Feb 2023 12:50:14 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Wed, 08 Feb 2023 07:13:36 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 15898
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=83wTkMm3Nsi4jeKuqOVg2Caktvdggnkv5ayK10QhIDHfMBtmTPglYtfBxSh8yF4igP5lauJobDoj4HI2hRH85uXhAt06AqCznoeABbw%2FrwBDy3%2Ftp0jh7XfZLrOe80Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 795bd71088feb503-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn.itskiddoan.club/?rb=S1GLzAUBdqGNW38ELnZHGj9BhT6BzHa7dfVOm8_3QnZN4XgvB-oKdQvZpTn8M_p4g_NKJO2FKMI8eszACQ3ZGnrLuE4Mm0xouXUCAmw4l8wTe8hKsvXKQB8w3YmbTbfiyPXWhpBngYTtvrIuYimdaVbewl06APD9uA2NlheMmXQmmdgKkAjTLES6yWx2TocA1qLZSpAW0Xpb50q3YDyd0dl7lCWDrB2v&request_ab2=0&zoneid=5225632&js_build=iclick-v1.482.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fckk.ai%2FJ8Wtg7Mv&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.482.0&bs=e8cb03e8-2c61-47d7-aa79-6b4fbd68fc73&userId=eb089183193b4b57a40f56888f5ab519&m=link

139.45.197.236

200 OK

0 B

URL HTTP/2
cdn.itskiddoan.club/?rb=S1GLzAUBdqGNW38ELnZHGj9BhT6BzHa7dfVOm8_3QnZN4XgvB-oKdQvZpTn8M_p4g_NKJO2FKMI8eszACQ3ZGnrLuE4Mm0xouXUCAmw4l8wTe8hKsvXKQB8w3YmbTbfiyPXWhpBngYTtvrIuYimdaVbewl06APD9uA2NlheMmXQmmdgKkAjTLES6yWx2TocA1qLZSpAW0Xpb50q3YDyd0dl7lCWDrB2v&request_ab2=0&zoneid=5225632&js_build=iclick-v1.482.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fckk.ai%2FJ8Wtg7Mv&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.482.0&bs=e8cb03e8-2c61-47d7-aa79-6b4fbd68fc73&userId=eb089183193b4b57a40f56888f5ab519&m=link
IP
139.45.197.236:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /?rb=S1GLzAUBdqGNW38ELnZHGj9BhT6BzHa7dfVOm8_3QnZN4XgvB-oKdQvZpTn8M_p4g_NKJO2FKMI8eszACQ3ZGnrLuE4Mm0xouXUCAmw4l8wTe8hKsvXKQB8w3YmbTbfiyPXWhpBngYTtvrIuYimdaVbewl06APD9uA2NlheMmXQmmdgKkAjTLES6yWx2TocA1qLZSpAW0Xpb50q3YDyd0dl7lCWDrB2v&request_ab2=0&zoneid=5225632&js_build=iclick-v1.482.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fckk.ai%2FJ8Wtg7Mv&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.482.0&bs=e8cb03e8-2c61-47d7-aa79-6b4fbd68fc73&userId=eb089183193b4b57a40f56888f5ab519&m=link HTTP/1.1
Host: cdn.itskiddoan.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ckk.ai/
Origin: https://ckk.ai
Connection: keep-alive
Cookie: OAID=f874f9ba84c0420a8787744112882391; oaidts=1675769915
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 Feb 2023 11:38:35 GMT
content-type: application/json
x-trace-id: 1e1e339c4e0f286357bcdca18eae8dca
access-control-allow-origin: https://ckk.ai
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=eb089183193b4b57a40f56888f5ab519; expires=Wed, 07 Feb 2024 11:38:35 GMT; path=/; secure; SameSite=None
oaidts=1675769915; expires=Wed, 07 Feb 2024 11:38:35 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Tue, 14 Feb 2023 11:38:35 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

cdn.itskiddoan.club/apu.php?zoneid=5225632

139.45.197.236

200 OK

0 B

URL HTTP/2
cdn.itskiddoan.club/apu.php?zoneid=5225632
IP
139.45.197.236:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /apu.php?zoneid=5225632 HTTP/1.1
Host: cdn.itskiddoan.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 07 Feb 2023 11:38:35 GMT
content-type: application/javascript
x-trace-id: b38a67502e8d73d2ff1a03bfbd6c0abe
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=f874f9ba84c0420a8787744112882391; expires=Wed, 07 Feb 2024 11:38:35 GMT; path=/; secure; SameSite=None
oaidts=1675769915; expires=Wed, 07 Feb 2024 11:38:35 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

tzegilo.com/stattag.js

172.67.141.224

200 OK

0 B

URL HTTP/2
tzegilo.com/stattag.js
IP
172.67.141.224:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 07 Feb 2023 11:38:35 GMT
content-type: application/javascript
last-modified: Fri, 03 Feb 2023 16:30:52 GMT
etag: W/"63dd36bc-43b7"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 3603
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xFpJcQvAI8ZObiTMlJamSS6zLmSfnBYPzsRNVHvYpI29MN1m0El1gIaRQRB%2FPqVNOAKqlZMzpT0i%2FYOMtOjNUjIp%2BJUvcmYm9XV2SiD12BWuZ%2BCnqjkLkardf%2BmttQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 795bd713feee0b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

oaphoace.net/401/5292343

139.45.197.239

200 OK

0 B

URL HTTP/2
oaphoace.net/401/5292343
IP
139.45.197.239:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /401/5292343 HTTP/1.1
Host: oaphoace.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 07 Feb 2023 11:38:35 GMT
content-type: application/javascript
x-trace-id: ac0ab41c17d6e151f58c5d8311c3eff8
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=bff52c51a911410c8ae9dcf2fa1f48a3; expires=Wed, 07 Feb 2024 11:38:35 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

upgulpinon.com/1?z=5324394

139.45.197.242

200 OK

0 B

URL HTTP/2
upgulpinon.com/1?z=5324394
IP
139.45.197.242:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /1?z=5324394 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 07 Feb 2023 11:38:34 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: 219271cdae8e21977d4bd1093b8dbf1a
access-control-expose-headers: X-Sc
x-sc: _hLylB6r3_bxfK6ARPeHwk2CpDMLdCfgxdQHYMEXWaoypFQQNhLUJHVURJ4XfIs2vPjWy1Dvf4p6SAkKT5jiPETg61I=
set-cookie: scm=1; expires=Wed, 07 Feb 2024 11:38:34 GMT; secure; SameSite=None
OAID=913072a800a049fc982e35e6ddaa70e8; expires=Wed, 07 Feb 2024 11:38:34 GMT; secure; SameSite=None
oaidts=1675769914; expires=Wed, 07 Feb 2024 11:38:34 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

oaphoace.net/500/5292343?excludes=&oaid=eb089183193b4b57a40f56888f5ab519&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fckk.ai%2FJ8Wtg7Mv&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

139.45.197.239

200 OK

0 B

URL HTTP/2
oaphoace.net/500/5292343?excludes=&oaid=eb089183193b4b57a40f56888f5ab519&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fckk.ai%2FJ8Wtg7Mv&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.239:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /500/5292343?excludes=&oaid=eb089183193b4b57a40f56888f5ab519&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fckk.ai%2FJ8Wtg7Mv&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: oaphoace.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: OAID=bff52c51a911410c8ae9dcf2fa1f48a3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 Feb 2023 11:38:36 GMT
content-type: application/javascript
x-trace-id: e9b31b31921750147c9587f2b4f0eeb4
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://ckk.ai
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=eb089183193b4b57a40f56888f5ab519; expires=Wed, 07 Feb 2024 11:38:36 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Luckiest+Guy&family=Roboto:wght@400;700&display=swap

142.250.74.74

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Luckiest+Guy&family=Roboto:wght@400;700&display=swap
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Luckiest+Guy&family=Roboto:wght@400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 Feb 2023 11:38:36 GMT
date: Tue, 07 Feb 2023 11:38:36 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (26)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML