Report - go.gkrtmc.com/rd.html?go=slutsaga.com/jpt?pub_id=51935&cid=38_51935_8150

Report Overview

Submitted URL
go.gkrtmc.com/rd.html?go=slutsaga.com/jpt?pub_id=51935&cid=38_51935_8150_081a9afe5e70f667ba238e8a3a9cc3d6&source=
IP
172.255.248.105
ASN
#7979 SERVERS-COM
Submitted
2022-12-24 08:26:19
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
20

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
slutsaga.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	696 kB	104.21.52.132
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	55 kB	34.120.237.76
ocsp2.globalsign.com	1544	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	714 B	3.8 kB	104.18.20.226
fstentr.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	610 B	1.0 kB	163.171.128.172
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	7.1 kB	23.36.76.226
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	476 B	37 kB	216.58.207.227
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	54.148.213.75
bkdwbvx.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	7.2 kB	80 kB	207.120.33.41
js-agent.newrelic.com	378	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.5 kB	30 kB	151.101.66.137
kit.fontawesome.com	1868	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	390 B	642 B	104.18.22.52
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	676 B	1.5 kB	23.36.77.32
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	2.8 kB	142.250.74.131
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.5 kB	93.184.220.29
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	700 B	1.9 kB	54.230.245.39
ajax.aspnetcdn.com	693	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	10 kB	152.199.19.160
ka-p.fontawesome.com	4489	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	62 kB	104.18.22.52
bam.nr-data.net	630	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	911 B	162.247.241.14
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	411 B	746 B	142.250.74.106
go.gkrtmc.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	857 B	876 B	172.255.248.105
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	32 kB	142.250.74.138
geoip.enlistsecureup.com	269993	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	360 B	621 B	163.171.128.172

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-12-24	medium	bkdwbvx.com	Sinkholed
2022-12-24	medium	bkdwbvx.com	Sinkholed
2022-12-24	medium	bkdwbvx.com	Sinkholed
2022-12-24	medium	bkdwbvx.com	Sinkholed
2022-12-24	medium	bkdwbvx.com	Sinkholed
2022-12-24	medium	bkdwbvx.com	Sinkholed
2022-12-24	medium	bkdwbvx.com	Sinkholed
2022-12-24	medium	bkdwbvx.com	Sinkholed
2022-12-24	medium	bkdwbvx.com	Sinkholed
2022-12-24	medium	bkdwbvx.com	Sinkholed

JavaScript (32)

	URL	Size	First Seen	Last Seen
	js-agent.newrelic.com/290.2d6a2503-1220.js	8.6 kB	2023-03-08	2023-04-10
Pretty URL js-agent.newrelic.com/290.2d6a2503-1220.js IP 151.101.66.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 12:39:22 Last Seen2023-04-10 08:37:00 Times Seen3 Hash 13898fbb4d7a1f83fc6722c4c12faf40 4be4e86a3b56733c67c789223989450b6d0ef351 e0a26a1ea9be40cca40ba8fa9085fc9114e14171022777b7e9010638cbde935b Loading...

	js-agent.newrelic.com/0.2d6a2503-1220.js	5.3 kB	2023-03-08	2023-04-10
Pretty URL js-agent.newrelic.com/0.2d6a2503-1220.js IP 151.101.66.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 12:39:22 Last Seen2023-04-10 08:37:00 Times Seen3 Hash cc9b3d207e9ea2c79974f46bf474e6dd 84de7b254584b296d8b3b4538c0991b5f5153f03 556ab4c31631686b7f6f5d716452b07212dea63ed810010d1873b91f4478c683 Loading...

	js-agent.newrelic.com/571.2d6a2503-1220.js	2.5 kB	2023-03-08	2023-04-10
Pretty URL js-agent.newrelic.com/571.2d6a2503-1220.js IP 151.101.66.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 12:39:22 Last Seen2023-04-10 08:37:00 Times Seen3 Hash 04b00905b32fd8d29459545bc125cff6 2cdc0d664bc48a6c9e94022fea181785bc2698a1 f1f76e602d084a84b969d3d0ec2ab7b05fa05202bdf9a32ee21f5a3597698c48 Loading...

	bkdwbvx.com/acct/epc69324/add/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47378-19115.51935.null.null.GIEz122430370.8150&lang=no&f_color=ffffff&epcCID=a4NfX5q9G086P3M4g7Xaf2BeJbQbA8Gey&rtid=81243726913	416 B	2023-03-07	2023-05-29
Pretty URL bkdwbvx.com/acct/epc69324/add/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47378-19115.51935.null.null.GIEz122430370.8150&lang=no&f_color=ffffff&epcCID=a4NfX5q9G086P3M4g7Xaf2BeJbQbA8Gey&rtid=81243726913 IP 207.120.33.41 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:27:52 Last Seen2023-05-29 06:38:11 Times Seen90 Hash 110e947c488e10f7a2c6463d8adb1373 fdf13014bb328e87f25ff81c37555367d457c8fd 1f0514ba5c16d2650ba89dcda2c5bd9ddf310483a69b9c6437a42f78c9cb7615 Loading...

	ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/bootstrap.min.js	37 kB	2023-03-07	2024-05-10
Pretty URL ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/bootstrap.min.js IP 152.199.19.160 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-05-10 19:22:17 Times Seen55709 Hash 5869c96cc8f19086aee625d670d741f9 430a443d74830fe9be26efca431f448c1b3740f9 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef Loading...

	bkdwbvx.com/common_tpls/js/iframeResizer.contentWindow.min.js	13 kB	2023-03-07	2024-05-02
Pretty URL bkdwbvx.com/common_tpls/js/iframeResizer.contentWindow.min.js IP 207.120.33.41 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:13 Last Seen2024-05-02 14:15:06 Times Seen372 Hash 2cf9df789476bc39b9906030f639660d de708b4a0fe32f3d77505675eb119b671327a6b4 7d5f5d0fe842536e512b4ca0cac0b48a66577ea091f3a6840365ff6124be034b Loading...

	bkdwbvx.com/acct/epc69324/add/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47378-19115.51935.null.null.GIEz122430370.8150&lang=no&f_color=ffffff&epcCID=a4NfX5q9G086P3M4g7Xaf2BeJbQbA8Gey&rtid=81243726913	59 B	2023-03-07	2024-02-03
Pretty URL bkdwbvx.com/acct/epc69324/add/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47378-19115.51935.null.null.GIEz122430370.8150&lang=no&f_color=ffffff&epcCID=a4NfX5q9G086P3M4g7Xaf2BeJbQbA8Gey&rtid=81243726913 IP 207.120.33.41 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:58:33 Last Seen2024-02-03 22:04:12 Times Seen92 Hash cffd5e347526410b8d4ea84ff7d98463 9ea138c5d82132b2903dfca2bc6de42e3bb4b2c7 4ac6a08906e572c5a01455e972b35ec841a7e0f63619562b1458dac804e7a246 Loading...

	bkdwbvx.com/acct/epc69324/add/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47378-19115.51935.null.null.GIEz122430370.8150&lang=no&f_color=ffffff&epcCID=a4NfX5q9G086P3M4g7Xaf2BeJbQbA8Gey&rtid=81243726913	62 B	2023-03-12	2023-03-12
Pretty URL bkdwbvx.com/acct/epc69324/add/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47378-19115.51935.null.null.GIEz122430370.8150&lang=no&f_color=ffffff&epcCID=a4NfX5q9G086P3M4g7Xaf2BeJbQbA8Gey&rtid=81243726913 IP 207.120.33.41 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 06:23:00 Last Seen2023-03-12 06:23:00 Times Seen1 Hash 5e07ecbeb5e07119e619a1811c9938a7 8c34d5cc4aa4b1051393b4d83d9e41baf7d01e0e 6e8ed2d92553b39672038195c3daee5c75bad5b1696c4465141c352c97bf57d4 Loading...

	js-agent.newrelic.com/768.2d6a2503-1220.js	5.6 kB	2023-03-08	2023-04-10
Pretty URL js-agent.newrelic.com/768.2d6a2503-1220.js IP 151.101.66.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 12:39:22 Last Seen2023-04-10 08:37:00 Times Seen3 Hash d6cc8b42eda6fd7734014b03b87b5787 c0e66d0f7274bbb6404012b6b57ff74333818a13 2e0409a5c07795fdd2e472e5fc8a723cf7076de849d5050966b5e2cc58741df5 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js	88 kB	2023-03-07	2024-05-10
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js IP 142.250.74.138 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:34 Last Seen2024-05-10 19:47:18 Times Seen97875 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

	bkdwbvx.com/common_tpls/js/validate_form_v2.js?jsv=29	25 kB	2023-03-08	2023-03-12
Pretty URL bkdwbvx.com/common_tpls/js/validate_form_v2.js?jsv=29 IP 207.120.33.41 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:25:49 Last Seen2023-03-12 14:53:22 Times Seen1 Hash 3c08eb2dc8ebcaf8d56a7e616a5c50c9 0b17e9364b41e4d25d0cac17f472f960a5cc82ed 9f1dd7e6654df9384fa10dc39fbadb13e844319400af27c73652362bfbed1e35 Loading...

	slutsaga.com/jpt/?pub_id=51935	434 B	2023-03-10	2023-03-12
Pretty URL slutsaga.com/jpt/?pub_id=51935 IP 104.21.52.132 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 06:28:39 Last Seen2023-03-12 09:43:13 Times Seen1 Hash 52242b72424fe52654e5aceecba88fa2 5e7144205a04c073ee9a003d729ca26c9013783d 93cd317988806935931df121b1333c27eff5b5ce29f5fdefd84e3ae87afe79d0 Loading...

	bkdwbvx.com/acct/epc69324/add/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47378-19115.51935.null.null.GIEz122430370.8150&lang=no&f_color=ffffff&epcCID=a4NfX5q9G086P3M4g7Xaf2BeJbQbA8Gey&rtid=81243726913	166 B	2023-03-07	2024-02-03
Pretty URL bkdwbvx.com/acct/epc69324/add/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47378-19115.51935.null.null.GIEz122430370.8150&lang=no&f_color=ffffff&epcCID=a4NfX5q9G086P3M4g7Xaf2BeJbQbA8Gey&rtid=81243726913 IP 207.120.33.41 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:13 Last Seen2024-02-03 22:04:12 Times Seen152 Hash 30fbeedd3ef42ed4b3c0cedc516b2f71 dff25b928dad51d1d769285bf2a302d2be531927 1a9018c8172241d8aade74fd982307b0171e6b21ce2b4a470342852d92a99ed0 Loading...

	js-agent.newrelic.com/790.2d6a2503-1220.js	18 kB	2023-03-08	2023-03-13
Pretty URL js-agent.newrelic.com/790.2d6a2503-1220.js IP 151.101.66.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 13:03:42 Last Seen2023-03-13 21:42:54 Times Seen1 Hash af8c077a247e90dff929d7af81c94f57 a2d4f470a95bec59e732820e0638cbec3d65e77d 8ce298e325c14e8fbfe8c7bf94be0b3c295e81d127634377bdc0b90002bec29b Loading...

	bam.nr-data.net/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1220.PROD&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=6017&ck=0&s=2ee6ba0d94d228a7&ref=https://bkdwbvx.com/acct/epc69324/add/&ap=88&be=4169&fe=1623&dc=1620&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1671870367449,%22n%22:0,%22f%22:3442,%22dn%22:3444,%22dne%22:3475,%22c%22:3475,%22s%22:3578,%22ce%22:3702,%22rq%22:3703,%22rp%22:4044,%22rpe%22:4044,%22dl%22:4049,%22di%22:5777,%22ds%22:5788,%22de%22:5792,%22dc%22:5792,%22l%22:5792,%22le%22:5796%7D,%22navigation%22:%7B%7D%7D&at=HxVQQAsaG0Q%3D&jsonp=NREUM.setToken	49 B	2023-03-07	2024-03-22
Pretty URL bam.nr-data.net/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1220.PROD&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=6017&ck=0&s=2ee6ba0d94d228a7&ref=https://bkdwbvx.com/acct/epc69324/add/&ap=88&be=4169&fe=1623&dc=1620&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1671870367449,%22n%22:0,%22f%22:3442,%22dn%22:3444,%22dne%22:3475,%22c%22:3475,%22s%22:3578,%22ce%22:3702,%22rq%22:3703,%22rp%22:4044,%22rpe%22:4044,%22dl%22:4049,%22di%22:5777,%22ds%22:5788,%22de%22:5792,%22dc%22:5792,%22l%22:5792,%22le%22:5796%7D,%22navigation%22:%7B%7D%7D&at=HxVQQAsaG0Q%3D&jsonp=NREUM.setToken IP 162.247.241.14 ASN #23467 NEWRELIC-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-03-22 06:11:42 Times Seen2776 Hash ada33e5b8877e743ff658bf4bfa1867c 5a78662243dac43c0ee48bcb7e05a536b84c2e38 dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82 Loading...

	slutsaga.com/jpt/scripts/main.js	13 kB	2023-03-09	2023-03-12
Pretty URL slutsaga.com/jpt/scripts/main.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 03:28:44 Last Seen2023-03-12 09:43:13 Times Seen1 Hash 5b2652970267ddf375aaab80781b6add c3ac2f0ce19677a0d34e778f2841a89ee8e9e9d9 c08e163290aa8dc4b697016164a84d7503e19fadc1038fcc83dca71087bedbae Loading...

	bkdwbvx.com/common_tpls/js/form_support.js?v=1101202201	3.8 kB	2023-03-08	2024-02-03
Pretty URL bkdwbvx.com/common_tpls/js/form_support.js?v=1101202201 IP 207.120.33.41 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:25:49 Last Seen2024-02-03 22:04:12 Times Seen165 Hash 4ffa5d12f2aa2394aa284438d9ab1658 66a6678dc24eae37e35b8ee571e78f6e8af796da a35efd7238a1ef4c6581aadc6d001e8554adf949dc6cde5650c2235483f19bf0 Loading...

	bkdwbvx.com/acct/epc69324/add/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47378-19115.51935.null.null.GIEz122430370.8150&lang=no&f_color=ffffff&epcCID=a4NfX5q9G086P3M4g7Xaf2BeJbQbA8Gey&rtid=81243726913	528 B	2023-03-07	2024-02-03
Pretty URL bkdwbvx.com/acct/epc69324/add/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47378-19115.51935.null.null.GIEz122430370.8150&lang=no&f_color=ffffff&epcCID=a4NfX5q9G086P3M4g7Xaf2BeJbQbA8Gey&rtid=81243726913 IP 207.120.33.41 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:27:52 Last Seen2024-02-03 22:04:12 Times Seen117 Hash 10dd1b2ab36045f6dd30390708c046c8 5ea106d1b689de5bda25b576ae36d26160ed6795 6d5167f39f1f849ab2050bb2429f122ed1e62a41d7bdcf18a9ec09438f087e88 Loading...

	bkdwbvx.com/acct/epc69324/add/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47378-19115.51935.null.null.GIEz122430370.8150&lang=no&f_color=ffffff&epcCID=a4NfX5q9G086P3M4g7Xaf2BeJbQbA8Gey&rtid=81243726913	293 B	2023-03-07	2023-03-26
Pretty URL bkdwbvx.com/acct/epc69324/add/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47378-19115.51935.null.null.GIEz122430370.8150&lang=no&f_color=ffffff&epcCID=a4NfX5q9G086P3M4g7Xaf2BeJbQbA8Gey&rtid=81243726913 IP 207.120.33.41 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:48:40 Last Seen2023-03-26 05:27:41 Times Seen2 Hash c9f248a628cb67a90bbf2793f16dbf65 808ac516da3a2020fabe2f63c54edefad6b0aeca 65365f5f284aa9090b0090db22f49c1fb64336d0925ae2b9aaad48d9a3f6aba2 Loading...

	js-agent.newrelic.com/820.2d6a2503-1220.js	7.5 kB	2023-03-08	2023-04-10
Pretty URL js-agent.newrelic.com/820.2d6a2503-1220.js IP 151.101.66.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 12:39:22 Last Seen2023-04-10 08:37:00 Times Seen3 Hash 897a1a72a47e4f4a24c05aec49af638f 2a98c13878b66a1b8336db6ba3d8a1233c894714 a913b760ef4daa94e27bdb4e4d09659e53f3aaab195ff06ff0e36ed925d17e17 Loading...

	bkdwbvx.com/acct/epc69324/add/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47378-19115.51935.null.null.GIEz122430370.8150&lang=no&f_color=ffffff&epcCID=a4NfX5q9G086P3M4g7Xaf2BeJbQbA8Gey&rtid=81243726913	59 kB	2023-03-08	2023-03-12
Pretty URL bkdwbvx.com/acct/epc69324/add/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47378-19115.51935.null.null.GIEz122430370.8150&lang=no&f_color=ffffff&epcCID=a4NfX5q9G086P3M4g7Xaf2BeJbQbA8Gey&rtid=81243726913 IP 207.120.33.41 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:43:32 Last Seen2023-03-12 21:04:06 Times Seen1 Hash 0a4dbbe406b81a8db658b0444e2264d0 c56c901dfdb2b272ab40d5cae3635868e4335ef8 70722521f30021108e09442b51e9329f19da94fb8d000343d781edfe0fffaee6 Loading...

	kit.fontawesome.com/b314bdf1b3.js	11 kB	2023-03-07	2023-03-29
Pretty URL kit.fontawesome.com/b314bdf1b3.js IP 104.18.22.52 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:27:52 Last Seen2023-03-29 22:57:13 Times Seen11 Hash 6f15d6dbe44fe662d8ef38365779270d 6d288cddd5a672fac15cb84d49d80f194bfaf4ba 4f407eed3de87bf0000c7d0673961f460c2b25348c80dd8fa239bfea6479d39c Loading...

	geoip.enlistsecureup.com/?v=1	369 B	2023-03-07	2024-02-03
Pretty URL geoip.enlistsecureup.com/?v=1 IP 163.171.128.172 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:13 Last Seen2024-02-03 22:04:12 Times Seen4 Hash 9ccec3631b0a10edce932cfb0f0cd957 0b4723e99dd1fd4bee774e9a069e522116660c12 ec55e1812df586723a860e491d69417ae786eee7966dd618005ee126c945fab4 Loading...

	js-agent.newrelic.com/39.2d6a2503-1220.js	7.2 kB	2023-03-08	2023-04-10
Pretty URL js-agent.newrelic.com/39.2d6a2503-1220.js IP 151.101.66.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 12:39:22 Last Seen2023-04-10 08:37:00 Times Seen3 Hash 0448380a8f2cd0426bbdf04dd45b5408 dc0cec5ab6599b9b4bacf195987a17fb352eae70 8eecee666ee54c49c3fa83323e1f0fc76cf8cb28e94bca8f1a74c90b46309416 Loading...

	go.gkrtmc.com/rd.html?go=https://slutsaga.com/jpt?pub_id=51935&cid=38_51935_8150_081a9afe5e70f667ba238e8a3a9cc3d6&source=	214 B	2023-03-07	2023-04-05
Pretty URL go.gkrtmc.com/rd.html?go=https://slutsaga.com/jpt?pub_id=51935&cid=38_51935_8150_081a9afe5e70f667ba238e8a3a9cc3d6&source= IP 172.255.248.105 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:50 Last Seen2023-04-05 01:54:10 Times Seen23 Hash db888f185ef0a5aacd560b2ebdf5801a 62ae899bed1b545b27ef5dbe037581e1fb55c544 0d532a064a29ec58ac0297fe0d64a35aff9bbdeceac63bcc54a914a426491d5e Loading...

	bkdwbvx.com/acct/epc69324/add/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47378-19115.51935.null.null.GIEz122430370.8150&lang=no&f_color=ffffff&epcCID=a4NfX5q9G086P3M4g7Xaf2BeJbQbA8Gey&rtid=81243726913	242 B	2023-03-10	2023-03-12
Pretty URL bkdwbvx.com/acct/epc69324/add/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47378-19115.51935.null.null.GIEz122430370.8150&lang=no&f_color=ffffff&epcCID=a4NfX5q9G086P3M4g7Xaf2BeJbQbA8Gey&rtid=81243726913 IP 207.120.33.41 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 06:28:39 Last Seen2023-03-12 09:43:13 Times Seen1 Hash dfaa87fd42bb26a3ae83833ace948be2 39777b0518a6611c2df1ef2a4968976f85da63a6 3a891075d75e7c36947de677f66f9794dc03fdeab5ab59167146e79d6b9c98ae Loading...

	bkdwbvx.com/acct/epc69324/add/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47378-19115.51935.null.null.GIEz122430370.8150&lang=no&f_color=ffffff&epcCID=a4NfX5q9G086P3M4g7Xaf2BeJbQbA8Gey&rtid=81243726913	2.0 kB	2023-03-07	2023-03-12
Pretty URL bkdwbvx.com/acct/epc69324/add/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47378-19115.51935.null.null.GIEz122430370.8150&lang=no&f_color=ffffff&epcCID=a4NfX5q9G086P3M4g7Xaf2BeJbQbA8Gey&rtid=81243726913 IP 207.120.33.41 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:05:55 Last Seen2023-03-12 09:43:13 Times Seen1 Hash 6ebfad2c7d1ef5c7ed879b339d212531 38e025450be71cf023af4499cc358fcd6b1b5ad6 f42eafae9f254e15e352a7727166645ef137becb28a650e419fbe62642c94c78 Loading...

	js-agent.newrelic.com/552.2d6a2503-1220.js	22 kB	2023-03-08	2023-04-10
Pretty URL js-agent.newrelic.com/552.2d6a2503-1220.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 12:39:22 Last Seen2023-04-10 08:37:00 Times Seen6 Hash 777ac0df4dba632ad1b2955c88dd51ac bd51770555ea92df71f7d5d102dbf8cdc583abf6 2b2f88606e0e67ca512cb458ab89f1c48a1ea9109e28c7be9f925b59e478bafc Loading...

	bkdwbvx.com/acct/epc69324/add/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47378-19115.51935.null.null.GIEz122430370.8150&lang=no&f_color=ffffff&epcCID=a4NfX5q9G086P3M4g7Xaf2BeJbQbA8Gey&rtid=81243726913	127 B	2023-03-07	2023-03-12
Pretty URL bkdwbvx.com/acct/epc69324/add/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47378-19115.51935.null.null.GIEz122430370.8150&lang=no&f_color=ffffff&epcCID=a4NfX5q9G086P3M4g7Xaf2BeJbQbA8Gey&rtid=81243726913 IP 207.120.33.41 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:05:55 Last Seen2023-03-12 18:08:02 Times Seen1 Hash b2ee67b0489d11142d5b7a274dfe87f4 675ccaca192790f2f1ed4dac3707371be049af56 3632c2c13d381145f07d26beead40e290ea3c124e32e1b6c60d52d64efcd7290 Loading...

	js-agent.newrelic.com/368.2d6a2503-1220.js	3.5 kB	2023-03-08	2023-04-10
Pretty URL js-agent.newrelic.com/368.2d6a2503-1220.js IP 151.101.66.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 12:39:22 Last Seen2023-04-10 08:37:00 Times Seen3 Hash 16b4f3676c3859e1378a2ccdebbad675 e08f86ca1dc56c2ed885404d2819f540c7905cae b82a7e3de0f28545976b6ea127ed6d815e1e675322e869f21532184a7244fc56 Loading...

	js-agent.newrelic.com/775.2d6a2503-1220.js	1.2 kB	2023-03-08	2023-04-10
Pretty URL js-agent.newrelic.com/775.2d6a2503-1220.js IP 151.101.66.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 12:39:22 Last Seen2023-04-10 08:37:00 Times Seen3 Hash 1dfdb74c0491489bf04c6deadb56add2 09c28f9e93c01cb3870d7a8083658c594d5ee42b 321caf3b5deae5f4be6261374b509b793eacc09762074aa1ae7471f7ad6369a3 Loading...

	bkdwbvx.com/acct/epc69324/add/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47378-19115.51935.null.null.GIEz122430370.8150&lang=no&f_color=ffffff&epcCID=a4NfX5q9G086P3M4g7Xaf2BeJbQbA8Gey&rtid=81243726913	206 B	2023-03-07	2024-02-03
Pretty URL bkdwbvx.com/acct/epc69324/add/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47378-19115.51935.null.null.GIEz122430370.8150&lang=no&f_color=ffffff&epcCID=a4NfX5q9G086P3M4g7Xaf2BeJbQbA8Gey&rtid=81243726913 IP 207.120.33.41 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:58:33 Last Seen2024-02-03 22:04:12 Times Seen94 Hash 5f165dbb3feea7b4424a23a8756968d4 b2c2d5ac323753364da55be6246ca5d176a2d74d 3f19399992595664c23c41ba7cb1dd94a995b37dc681622aedc956975fb9ddc3 Loading...

HTTP Transactions (69)

URL IP Response Size

go.gkrtmc.com/rd.html?go=https://slutsaga.com/jpt?pub_id=51935&cid=38_51935_8150_081a9afe5e70f667ba238e8a3a9cc3d6&source=

172.255.248.105

200 OK

255 B

URL HTTP/1.1
go.gkrtmc.com/rd.html?go=https://slutsaga.com/jpt?pub_id=51935&cid=38_51935_8150_081a9afe5e70f667ba238e8a3a9cc3d6&source=
IP
172.255.248.105:0
ASN
#7979 SERVERS-COM

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
255 B (255 bytes)
Hash
997bfcab4e7a51023ff8da026ed4374a
35d15ad133e52c1b9dea0b3696a8719521387a9e
070d804ff334e0de872b9ac4c28c1bc578a043771099d2e9556782974ed560a3

HTTP Headers

GET /rd.html?go=https://slutsaga.com/jpt?pub_id=51935&cid=38_51935_8150_081a9afe5e70f667ba238e8a3a9cc3d6&source= HTTP/1.1
Host: go.gkrtmc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 24 Dec 2022 08:26:08 GMT
Content-Type: text/html
Last-Modified: Fri, 13 Aug 2021 14:56:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61168831-149"
Cache-Control: no-store, no-cache
Content-Encoding: gzip

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ede732d48f2c32ad5e3b899bb4348df9
15fa12733818b3ae39f3022a715ed0f431b28242
446c9bf6bc38a43f5758f6f44f89ad76eff44eb8779cf7e62bbfeb002b298dee

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "446C9BF6BC38A43F5758F6F44F89AD76EFF44EB8779CF7E62BBFEB002B298DEE"
Last-Modified: Thu, 22 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3704
Expires: Sat, 24 Dec 2022 09:27:52 GMT
Date: Sat, 24 Dec 2022 08:26:08 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d6a971d765338f107fe9d2c67fa4bbdf
a72bdf191446a37fa0420cc9d7c087aaff757cd6
dc5291c136b0b81621a02679a31f6b7c852e2803429d54c2a9afcc8edf031328

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DC5291C136B0B81621A02679A31F6B7C852E2803429D54C2A9AFCC8EDF031328"
Last-Modified: Thu, 22 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12098
Expires: Sat, 24 Dec 2022 11:47:46 GMT
Date: Sat, 24 Dec 2022 08:26:08 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f7f0ad5c2841a345f98197c2f1e86f4d
84cbfd91934a8715baba4a2da46451f35597c99c
be30540f2e06a3565c9b38bdbb9691f707d692b196bdcef5d671708aa9609795

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE30540F2E06A3565C9B38BDBB9691F707D692B196BDCEF5D671708AA9609795"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12055
Expires: Sat, 24 Dec 2022 11:47:03 GMT
Date: Sat, 24 Dec 2022 08:26:08 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 24 Dec 2022 07:46:14 GMT
content-type: application/json
age: 2394
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 6YT3F4B80L6gL0SlSvDez4LlJ5ROXrwGHhXWVnBQ8DYYqT1CsjY3SqaJSz9FzrCcEtr2AGjbE4U=
x-amz-request-id: ABDQF5HVWY0X1WXY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 24 Dec 2022 07:54:23 GMT
age: 1905
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 08:26:08 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

go.gkrtmc.com/favicon.ico

172.255.248.105

404 Not Found

123 B

URL HTTP/1.1
go.gkrtmc.com/favicon.ico
IP
172.255.248.105:0
ASN
#7979 SERVERS-COM

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
123 B (123 bytes)
Hash
c728bf241d9141b8d3100ae5140e09c5
07f0da1bdfadd0354b090781f1e3264ac22b6c39
34f3447a0b669f7c583609861bd783e8940b379cf642df02901cee86233a355a

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: go.gkrtmc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://go.gkrtmc.com/rd.html?go=https://slutsaga.com/jpt?pub_id=51935&cid=38_51935_8150_081a9afe5e70f667ba238e8a3a9cc3d6&source=

HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 24 Dec 2022 08:26:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
c8710b018cb3fa940248a410fba79d12
34c415480e46ef6d5d0e2d4bfb48ce56e38a6de6
0722083f88e88057ce566596a09504b7cf4e8084115d3fe4660405cbd20b64cd

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "0722083F88E88057CE566596A09504B7CF4E8084115D3FE4660405CBD20B64CD"
Last-Modified: Thu, 22 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11037
Expires: Sat, 24 Dec 2022 11:30:05 GMT
Date: Sat, 24 Dec 2022 08:26:08 GMT
Connection: keep-alive

slutsaga.com/jpt?pub_id=51935

104.21.52.132

301 Moved Permanently

162 B

URL HTTP/2
slutsaga.com/jpt?pub_id=51935
IP
104.21.52.132:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /jpt?pub_id=51935 HTTP/1.1
Host: slutsaga.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://go.gkrtmc.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
date: Sat, 24 Dec 2022 08:26:08 GMT
content-type: text/html
location: http://slutsaga.com/jpt/?pub_id=51935
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=57yxDrScoI1wz8cspHmTOQ63OHt6YQf5Ts9neqQqJdO3Qtbj7StOeJ4Bphzz%2FEkZPygbSLSHP%2BdZ4kLmflmgIYwXVuUNQlGDlaC549nanR0bgS5TpO70atUv9nFowWo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77e7f34d3cde1c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
c8710b018cb3fa940248a410fba79d12
34c415480e46ef6d5d0e2d4bfb48ce56e38a6de6
0722083f88e88057ce566596a09504b7cf4e8084115d3fe4660405cbd20b64cd

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "0722083F88E88057CE566596A09504B7CF4E8084115D3FE4660405CBD20B64CD"
Last-Modified: Thu, 22 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11037
Expires: Sat, 24 Dec 2022 11:30:05 GMT
Date: Sat, 24 Dec 2022 08:26:08 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Alert, ETag, Content-Type, Last-Modified, Cache-Control, Expires, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 24 Dec 2022 08:08:04 GMT
age: 1084
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
dc2725df0fb812e32298bb7faaf0c231
4ce4ac649b05b8eedab5bda51f4baf5f98417689
1a60eb1f9b71718c2061dfeb9de8241bef6fecab5d48adbc8ce3a89d1dddb8f5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 08:26:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
c615c937e6371bda0824b44af0c21c74
b097d69452bcc60085f563d094388185c26f0e7d
9f1194921b5d57dd52a217a47e69ad4cec7c08378c73c8dfccc3817119fcbb41

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2565
Cache-Control: max-age=91403
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 08:26:09 GMT
Etag: "63a56fa7-1d7"
Expires: Sun, 25 Dec 2022 09:49:32 GMT
Last-Modified: Fri, 23 Dec 2022 09:06:47 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
dc2725df0fb812e32298bb7faaf0c231
4ce4ac649b05b8eedab5bda51f4baf5f98417689
1a60eb1f9b71718c2061dfeb9de8241bef6fecab5d48adbc8ce3a89d1dddb8f5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 08:26:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b9643a377daeefa9e867de25d84d90a4
7ab8aade6752606edfa9a6e68248fdbdca76dae8
0265378147b5eaa4ad2c4f570790b2b71b1abe8386e674c565bf0885396c04d0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 08:26:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2

216.58.207.227

200 OK

36 kB

URL HTTP/2
fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 35904, version 1.0\012- data
Size
36 kB (35904 bytes)
Hash
c26b97e7f5bb7a34d190703522d75e16
69d9e5aea0544dbaf9b78c1b65139c03eceece8f
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357

HTTP Headers

GET /s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://slutsaga.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35904
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 Dec 2022 13:33:15 GMT
expires: Sat, 23 Dec 2023 13:33:15 GMT
cache-control: public, max-age=31536000
age: 67974
last-modified: Mon, 18 Jul 2022 19:34:47 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b9643a377daeefa9e867de25d84d90a4
7ab8aade6752606edfa9a6e68248fdbdca76dae8
0265378147b5eaa4ad2c4f570790b2b71b1abe8386e674c565bf0885396c04d0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 08:26:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

slutsaga.com/jpt/assets/audio/bg-sound.mp3

104.21.52.132

206 Partial Content

464 kB

URL HTTP/2
slutsaga.com/jpt/assets/audio/bg-sound.mp3
IP
104.21.52.132:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
464 kB (464285 bytes)
Hash
078d400544e214e3d71d19e1b29603ed
df0d3602868c84d5087da6a9b050da7a4c59889f
6748f8b5bb0f7c65da42772f041edc14bba24a900d805d52dfc054de42a539e3

HTTP Headers

GET /jpt/assets/audio/bg-sound.mp3 HTTP/1.1
Host: slutsaga.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=1213865-
Connection: keep-alive
Referer: https://slutsaga.com/jpt/?pub_id=51935
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 206 Partial Content
date: Sat, 24 Dec 2022 08:26:09 GMT
content-type: audio/mpeg
content-length: 464285
last-modified: Mon, 08 Aug 2022 10:12:14 GMT
etag: "62f0e17e-199b46"
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
content-range: bytes 1213865-1678149/1678150
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xt0vdQgssdOn%2BkxDjHOFYr2xQlV7FMRSUd5u3HrcCDW47e5wKaSCbL%2FCLT4Jat2S1wH4r1aGr8lSYeZ3VndNU0%2FlRhcgSHmeUTHfSRAnu%2BpN2tjvVMbb%2Fgodgdbz2OU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77e7f3512acb0b45-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

push.services.mozilla.com/

54.148.213.75

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.148.213.75:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FFxdxpCfRW2x3dABRkH2MA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: s/HAlTJOqPejooPI9Gxo2VO9KA8=

slutsaga.com/jpt/assets/audio/click.wav

104.21.52.132

206 Partial Content

229 kB

URL HTTP/2
slutsaga.com/jpt/assets/audio/click.wav
IP
104.21.52.132:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
229 kB (228640 bytes)
Hash
9cd96fe6a216360e680829d83bb6ba9d
832cc87b231eda1dc700690f10d29aa4998afdf5
00e18df869752db47171e178b78f4e087f8d2e0a87c77592a743c81fb257539c

HTTP Headers

GET /jpt/assets/audio/click.wav HTTP/1.1
Host: slutsaga.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=14200-
Connection: keep-alive
Referer: https://slutsaga.com/jpt/?pub_id=51935
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/2 206 Partial Content
date: Sat, 24 Dec 2022 08:26:09 GMT
content-type: application/octet-stream
content-length: 228640
last-modified: Mon, 08 Aug 2022 10:12:14 GMT
etag: "62f0e17e-3b498"
content-range: bytes 14200-242839/242840
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VcoKt1PyWs7TnVhSs9TxUriXhKLFym1z%2B%2Fpd9DrTgHMTIPJHWcC8JYtfEzL6Ip0Pw4s%2FrutMNtYexbPp9iEceuJHQofU1S0hm7oTOGIQpVRilIduSzpZcurh57EVnBQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77e7f3512ac90b45-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

54.230.245.39

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.39:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
b159398d9602348629d918923deb26f7
3f0ea4aa4438a408c79923fa46769b30900d191d
3d8ca44b491549305e87aa6f69b2e207c2ecfe0104628e881fccadfb270e9af9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=131349
Date: Sat, 24 Dec 2022 08:26:09 GMT
Etag: "63a615b6-1d7"
Expires: Sun, 25 Dec 2022 20:55:20 GMT
Last-Modified: Fri, 23 Dec 2022 20:55:18 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: degi-D66Oo4FeH1M-0JUrY0VvcdXgAX9qD267inULMeSKQOnrUSGnw==

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6ce699bd0db3ee9d3a4ef6dcf941f9f1
14d813942d74d801024c42e2a4628ecd9306d2ad
060de67922db1f612b7f4c173f11e8714c8329d20fbec45a421bcefe7451f388

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060DE67922DB1F612B7F4C173F11E8714C8329D20FBEC45A421BCEFE7451F388"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14694
Expires: Sat, 24 Dec 2022 12:31:04 GMT
Date: Sat, 24 Dec 2022 08:26:10 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6ce699bd0db3ee9d3a4ef6dcf941f9f1
14d813942d74d801024c42e2a4628ecd9306d2ad
060de67922db1f612b7f4c173f11e8714c8329d20fbec45a421bcefe7451f388

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060DE67922DB1F612B7F4C173F11E8714C8329D20FBEC45A421BCEFE7451F388"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14694
Expires: Sat, 24 Dec 2022 12:31:04 GMT
Date: Sat, 24 Dec 2022 08:26:10 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6ce699bd0db3ee9d3a4ef6dcf941f9f1
14d813942d74d801024c42e2a4628ecd9306d2ad
060de67922db1f612b7f4c173f11e8714c8329d20fbec45a421bcefe7451f388

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060DE67922DB1F612B7F4C173F11E8714C8329D20FBEC45A421BCEFE7451F388"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14694
Expires: Sat, 24 Dec 2022 12:31:04 GMT
Date: Sat, 24 Dec 2022 08:26:10 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6ce699bd0db3ee9d3a4ef6dcf941f9f1
14d813942d74d801024c42e2a4628ecd9306d2ad
060de67922db1f612b7f4c173f11e8714c8329d20fbec45a421bcefe7451f388

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060DE67922DB1F612B7F4C173F11E8714C8329D20FBEC45A421BCEFE7451F388"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14694
Expires: Sat, 24 Dec 2022 12:31:04 GMT
Date: Sat, 24 Dec 2022 08:26:10 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e532075-b8a0-41ff-8f08-8512cbb1b3d4.jpeg

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e532075-b8a0-41ff-8f08-8512cbb1b3d4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10356 bytes)
Hash
3071a834e874a992c3b14f7a3f91b30f
559014c7e6e5019097b7da8b3a820a80a1f55b6c
4f8e29303936b4168f0ad765d8a2773a7247f249396147f68f6f9639b1ad1208

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e532075-b8a0-41ff-8f08-8512cbb1b3d4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10356
x-amzn-requestid: 32dbf731-a18f-4150-b3cd-f30d2ab3c6a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dnoi1GY2oAMFesg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a62145-55a5f14a6ea6e7dc3754a8be;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 21:44:37 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: I-X2fEUZq8ogVCK-SeYSAgdEupzhzeBxgZv0WaVunieB4pgXxjqn2w==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 21:48:16 GMT
age: 38274
etag: "559014c7e6e5019097b7da8b3a820a80a1f55b6c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F521ed1a6-b90d-4f16-ac47-f5778ba57056.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.4 kB (5370 bytes)
Hash
d7ff51ff86770154a8b01b98e6302efa
fdfeff41daa3872042615af9faaea28416d05ee5
d016ff5427d4ec9a0da5858c1c0b2f29f9c10f872d0c90dcd216e99ec8089bb8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F521ed1a6-b90d-4f16-ac47-f5778ba57056.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5370
x-amzn-requestid: bec8ffc7-e6e9-4b4e-aa6c-273e08c7b641
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dlnDjE1rIAMF5Vw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a55216-2e477e1c3a56014b2d137ef7;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 07:00:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cRELFti8oXMQ9ES1ZMolNLJmDY22EZOZQTmWLd4tsiXAK5VAQVUPGg==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Dec 2022 07:16:33 GMT
age: 4177
etag: "fdfeff41daa3872042615af9faaea28416d05ee5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d8a813d-10ee-4216-bb6b-8bcd1d8141e4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.7 kB (7669 bytes)
Hash
6d90b80ebad103c48c3043c8d5e4c3ca
ab36c9309ce13b2a3d075461c2445f76bfc582aa
2287a6db0a6a58c570930c1f94c3b36d7acf383b26cdfa42261eb254598fa7c2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d8a813d-10ee-4216-bb6b-8bcd1d8141e4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7669
x-amzn-requestid: 4b35e79d-21c8-48d7-b11b-44bd820e29d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dnnROG4UoAMFZdA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a61f3a-765739ad7e9063781ccb12b2;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 21:35:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lhQA2yVBNtJ04goTms0KXhX6Q4v86TEe4EUioQs3eJzzMsCxbVmykw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 21:39:58 GMT
age: 38772
etag: "ab36c9309ce13b2a3d075461c2445f76bfc582aa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfcc8c32-c58e-4619-a571-4fe67835fb5a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.9 kB (9903 bytes)
Hash
f05951322bb0251f4d30ee5aa2358247
53c51221619a43a05a613eeac66ed5d63eb7fcb0
f5f17d41c12c5392e1f354e0ed599197d532aeac0c3064e68f9edbdbb1f34891

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfcc8c32-c58e-4619-a571-4fe67835fb5a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9903
x-amzn-requestid: a6333cc9-7adc-4148-bd04-2ebf413ddb9e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dnnPzH5XoAMFc9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a61f31-1104e20a41c9311c37e15c8e;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 21:35:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Wn3EU6Psj3FwUfVQ4sMDYwd22sXL_vAulfjzSuCBTb6BxIVIFANc_A==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 21:39:59 GMT
age: 38771
etag: "53c51221619a43a05a613eeac66ed5d63eb7fcb0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a06f1b4-7136-4077-b835-37444f8dfbc2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.8 kB (8838 bytes)
Hash
88dede3fbbab789a953b46f7abd99bec
fdd5a2c09ec16ffccd33bde9f503171607b65653
a45d65e7e99c7eca94d2ded3741d1823a8ff1358065021e837b65247fd0e96ce

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a06f1b4-7136-4077-b835-37444f8dfbc2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8838
x-amzn-requestid: 0dc7c87e-41a8-4bb9-94d3-fe58274100c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dkUhqFaxoAMFk-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a4ce0a-58fd6c175081eb4b11663189;Sampled=0
x-amzn-remapped-date: Thu, 22 Dec 2022 21:37:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MR3Web-gjVno4ZwuGJu7r9iXOZnGHlaGhVyURdIFvuaavDTjUSU0JA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 22:25:41 GMT
age: 36029
etag: "fdd5a2c09ec16ffccd33bde9f503171607b65653"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ea23fe-7e38-4bc2-9a3c-0348db307737.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.7 kB (6663 bytes)
Hash
7514aea8a6ecc6d2c4c4362719ec1f71
cb1cbae883c69fba75b584248c2ba79663175e66
0233fca45e85ea0fcd83083ce1c32084411067d01df99eb67ce15d00c361a16e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ea23fe-7e38-4bc2-9a3c-0348db307737.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6663
x-amzn-requestid: 7a457075-fb06-4be7-be96-c9d5e176e39a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dnnPzGukIAMF1OA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a61f31-59b7441372a27f0f793c73e7;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 21:35:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8jyYxcwtnu2wp4WRjfajYUxuPcDgqe04Ap6d8ELFbBLblXyM6mL-Hg==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 21:39:51 GMT
age: 38779
etag: "cb1cbae883c69fba75b584248c2ba79663175e66"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

54.230.245.39

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.39:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
f9e138615553e3c0e89d32d864fa3d63
5afffdab24945ccfbaea3ad95fdff95da086aadf
de8fadf430b4bd3c2c938bd5b91b7cab5b79a7647d991206acd2d0fb03f43c86

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Sat, 24 Dec 2022 08:26:10 GMT
Etag: "63a60e7d-1d7"
Server: ECS (dcb/7F5D)
X-Cache: Miss from cloudfront
Via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: TIefP3EsF1gBLAih7t-IZa9KLkp_qnP4BnisuJYWB9W--CWaTvF7tw==

ocsp2.globalsign.com/gsalphasha2g2

104.18.20.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsalphasha2g2
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1423 bytes)
Hash
9a369c9fc7ce184eeb3edc447c6cee75
dfd633063c6493807e1673df73eebae9f24f6232
3fa98cf052caf50382277dcb549b957cb2567f7e142250c884136db1d3f050c2

HTTP Headers

POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 08:26:12 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Wed, 28 Dec 2022 04:47:49 GMT
ETag: "dfd633063c6493807e1673df73eebae9f24f6232"
Last-Modified: Sat, 24 Dec 2022 04:47:50 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1981
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77e7f363ba2ab515-OSL

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
65f3e038e99b959b9db82549ef3ab103
bc4230c86ef7c02bc27b34ce90b561977c09974a
09296c29aee48114bcee28b50efe413bbaa3de8c61eb918d01d8580684b4a296

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "09296C29AEE48114BCEE28B50EFE413BBAA3DE8C61EB918D01D8580684B4A296"
Last-Modified: Thu, 22 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10975
Expires: Sat, 24 Dec 2022 11:29:07 GMT
Date: Sat, 24 Dec 2022 08:26:12 GMT
Connection: keep-alive

ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

142.250.74.138

200 OK

31 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP
142.250.74.138:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (65451)
Size
31 kB (30774 bytes)
Hash
81182f4b684635f6bdcbdd907ee66f25
a1f2f151df72ede41397c8131bd47a3ce85575b3
be40946c98d9a78a3c7c9ad097d379ab12549a195bd7a4766919a1d3fd987396

HTTP Headers

GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bkdwbvx.com
Connection: keep-alive
Referer: https://bkdwbvx.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 18 Dec 2022 17:10:47 GMT
expires: Mon, 18 Dec 2023 17:10:47 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Mon, 13 May 2019 14:37:17 GMT
content-type: text/javascript; charset=UTF-8
age: 486926
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

bkdwbvx.com/acct/epc69324/add/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47378-19115.51935.null.null.GIEz122430370.8150&lang=no&f_color=ffffff&epcCID=a4NfX5q9G086P3M4g7Xaf2BeJbQbA8Gey&rtid=81243726913

207.120.33.41

200 OK

50 kB

URL HTTP/2
bkdwbvx.com/acct/epc69324/add/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47378-19115.51935.null.null.GIEz122430370.8150&lang=no&f_color=ffffff&epcCID=a4NfX5q9G086P3M4g7Xaf2BeJbQbA8Gey&rtid=81243726913
IP
207.120.33.41:0
ASN
#3356 LEVEL3

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (58455)
Size
50 kB (50007 bytes)
Hash
a211a9eb4f9d1422adb4b258c151ecde
e8a1a63035b4e09afd5d6cb9c701c76951741719
5e0d5ff83fb2cfccba7cb665660f5c08efc5f7e9f95f800e36c8f4db6aee1418

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /acct/epc69324/add/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47378-19115.51935.null.null.GIEz122430370.8150&lang=no&f_color=ffffff&epcCID=a4NfX5q9G086P3M4g7Xaf2BeJbQbA8Gey&rtid=81243726913 HTTP/1.1
Host: bkdwbvx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://slutsaga.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 24 Dec 2022 08:26:13 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=f87deb8818ca897e090b40ee61deb995; path=/; secure; SameSite=None
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-encoding: gzip
vary: Accept-Encoding
x-varnish: 81799
age: 0
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Miss
section-io-id: 65170374ff5f881fa781b6e83f045ac8
X-Firefox-Spdy: h2

ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/bootstrap.min.js

152.199.19.160

200 OK

9.8 kB

URL HTTP/2
ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/bootstrap.min.js
IP
152.199.19.160:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (32033)
Size
9.8 kB (9839 bytes)
Hash
432ca07a1a844dbb27f9e0ab0d468be5
7fdaf858d702f84536a515c675b4028ce2eb0cfa
12732099d21835fabf83a93eec52f7cf1847cd64a0572d18917b2e13b06d5cf0

HTTP Headers

GET /ajax/bootstrap/3.3.7/bootstrap.min.js HTTP/1.1
Host: ajax.aspnetcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bkdwbvx.com
Connection: keep-alive
Referer: https://bkdwbvx.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 13502918
cache-control: public,max-age=31536000
content-type: application/javascript
date: Sat, 24 Dec 2022 08:26:13 GMT
etag: "80bdc1e6cb33d21:0"
last-modified: Mon, 31 Oct 2016 23:09:59 GMT
server: ECAcc (ska/F6C5)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 9839
X-Firefox-Spdy: h2

bkdwbvx.com/common_tpls/compactML/css/epcsaga.css

207.120.33.41

200 OK

8.8 kB

URL HTTP/2
bkdwbvx.com/common_tpls/compactML/css/epcsaga.css
IP
207.120.33.41:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (1275)
Size
8.8 kB (8761 bytes)
Hash
a647e09b3974e10f56189e3f800483be
b4cb278e0160090c73beb4d007d9b7bff8dac9b4
f3bcf42f7332103637cf82e30adde5fb753fd67f777dc548609cf2228adde180

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /common_tpls/compactML/css/epcsaga.css HTTP/1.1
Host: bkdwbvx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bkdwbvx.com/acct/epc69324/add/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47378-19115.51935.null.null.GIEz122430370.8150&lang=no&f_color=ffffff&epcCID=a4NfX5q9G086P3M4g7Xaf2BeJbQbA8Gey&rtid=81243726913
Cookie: PHPSESSID=f87deb8818ca897e090b40ee61deb995
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Dec 2022 08:26:13 GMT
content-type: text/css
content-length: 8761
last-modified: Sat, 04 Dec 2021 17:36:33 GMT
etag: W/"61aba721-be1c"
content-encoding: gzip
section-io-cache-id: af6912be07820dfb83f6119ba50e6a54
vary: Accept-Encoding
x-varnish: 81803 478555
age: 13839
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: d7235fbeea3147de5ef9d135a4a5945e
X-Firefox-Spdy: h2

bkdwbvx.com/common_tpls/images/icons/email.png

207.120.33.41

200 OK

1.3 kB

URL HTTP/2
bkdwbvx.com/common_tpls/images/icons/email.png
IP
207.120.33.41:0
ASN
#3356 LEVEL3

File type
PNG image data, 26 x 26, 8-bit/color RGB, non-interlaced\012- data
Size
1.3 kB (1254 bytes)
Hash
a86d99b9176d82a211cfa29b2f0b353f
62947ddfd87e3a21869818885e4bfa4e55ad0c11
f8e82194c97e2a11a8c77fcd55d1ded51a1943b78eefac8475890f665dc620f1

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /common_tpls/images/icons/email.png HTTP/1.1
Host: bkdwbvx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bkdwbvx.com/acct/epc69324/add/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47378-19115.51935.null.null.GIEz122430370.8150&lang=no&f_color=ffffff&epcCID=a4NfX5q9G086P3M4g7Xaf2BeJbQbA8Gey&rtid=81243726913
Cookie: PHPSESSID=f87deb8818ca897e090b40ee61deb995
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Dec 2022 08:26:13 GMT
content-type: image/png
content-length: 1254
last-modified: Mon, 21 Aug 2017 19:32:05 GMT
etag: "599b3535-4e6"
section-io-cache-id: c6947169ddceb3154b2010183aa6d3b9
x-varnish: 15737793 16633875
age: 4205
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: 04eda7db4206164d83537ecc90f38d23
X-Firefox-Spdy: h2

bkdwbvx.com/common_tpls/images/icons/password.png

207.120.33.41

200 OK

1.5 kB

URL HTTP/2
bkdwbvx.com/common_tpls/images/icons/password.png
IP
207.120.33.41:0
ASN
#3356 LEVEL3

File type
PNG image data, 26 x 26, 8-bit/color RGB, non-interlaced\012- data
Size
1.5 kB (1452 bytes)
Hash
6f100f1cdbdce928118ffa4c9293ca5b
6b1a3593e792d4c00187d60560dd03fb42df1156
8c1a6b9e0c63edc7fa86898148dc6493cd56113fabbf85d901f7af4c180fce74

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /common_tpls/images/icons/password.png HTTP/1.1
Host: bkdwbvx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bkdwbvx.com/acct/epc69324/add/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47378-19115.51935.null.null.GIEz122430370.8150&lang=no&f_color=ffffff&epcCID=a4NfX5q9G086P3M4g7Xaf2BeJbQbA8Gey&rtid=81243726913
Cookie: PHPSESSID=f87deb8818ca897e090b40ee61deb995
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Dec 2022 08:26:13 GMT
content-type: image/png
content-length: 1452
last-modified: Tue, 22 Aug 2017 16:34:59 GMT
etag: "599c5d33-5ac"
section-io-cache-id: 4eea770881f516ee487f6065baebc50b
x-varnish: 16880004 16667696
age: 4189
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: 52b18ae1ee0b4567b13827d377c4b30f
X-Firefox-Spdy: h2

bkdwbvx.com/common_tpls/images/icons/address.png

207.120.33.41

200 OK

1.2 kB

URL HTTP/2
bkdwbvx.com/common_tpls/images/icons/address.png
IP
207.120.33.41:0
ASN
#3356 LEVEL3

File type
PNG image data, 26 x 26, 8-bit/color RGB, non-interlaced\012- data
Size
1.2 kB (1167 bytes)
Hash
b579e9868402d708e54e1a980166c444
1c58e2890b934c0b1ab057f3ac28bedd2a082d19
67756f8b542c7823bcdba421219c3b8e1ee472748d8c3463534f667271356dfb

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /common_tpls/images/icons/address.png HTTP/1.1
Host: bkdwbvx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bkdwbvx.com/acct/epc69324/add/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47378-19115.51935.null.null.GIEz122430370.8150&lang=no&f_color=ffffff&epcCID=a4NfX5q9G086P3M4g7Xaf2BeJbQbA8Gey&rtid=81243726913
Cookie: PHPSESSID=f87deb8818ca897e090b40ee61deb995
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Dec 2022 08:26:13 GMT
content-type: image/png
content-length: 1167
last-modified: Mon, 21 Aug 2017 19:32:05 GMT
etag: "599b3535-48f"
section-io-cache-id: 581ee3bff50e4243e83903496c25b84c
x-varnish: 81804 941268
age: 13880
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: 0d4b71e84394ca1e18a2fc1522d19734
X-Firefox-Spdy: h2

bkdwbvx.com/common_tpls/images/icons/fname.png

207.120.33.41

200 OK

1.6 kB

URL HTTP/2
bkdwbvx.com/common_tpls/images/icons/fname.png
IP
207.120.33.41:0
ASN
#3356 LEVEL3

File type
PNG image data, 26 x 26, 8-bit/color RGBA, non-interlaced\012- data
Size
1.6 kB (1649 bytes)
Hash
5c846870756544f39604e671d4111b9d
304938c74246e228fa82d8ca40201c3db6098074
d43abf8c5665519a3fe3f7e90298fc17b62e06d8ada1b90a44ea9985a62abb4d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /common_tpls/images/icons/fname.png HTTP/1.1
Host: bkdwbvx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bkdwbvx.com/acct/epc69324/add/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47378-19115.51935.null.null.GIEz122430370.8150&lang=no&f_color=ffffff&epcCID=a4NfX5q9G086P3M4g7Xaf2BeJbQbA8Gey&rtid=81243726913
Cookie: PHPSESSID=f87deb8818ca897e090b40ee61deb995
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Dec 2022 08:26:13 GMT
content-type: image/png
content-length: 1649
last-modified: Tue, 28 Nov 2017 20:52:02 GMT
etag: "5a1dcc72-671"
section-io-cache-id: 8e6c7939d32239f4f07d5e89c1d57934
x-varnish: 879425 968323
age: 13883
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: 67f500a7cc0f8166f631b94cac88e968
X-Firefox-Spdy: h2

ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=b314bdf1b3

104.18.22.52

200 OK

4.2 kB

URL HTTP/2
ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=b314bdf1b3
IP
104.18.22.52:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (26366)
Size
4.2 kB (4194 bytes)
Hash
7fd743485fa194e25e2a207bff6c258a
97c999d752b95ee1ed6271a29aa58109dc17281e
dd939d69a23f003d49287291f0bcb59df58119d60bc5f14a81cbfd957894f6dc

HTTP Headers

GET /releases/v5.15.4/css/pro-v4-shims.min.css?token=b314bdf1b3 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bkdwbvx.com/
Origin: https://bkdwbvx.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Dec 2022 08:26:14 GMT
content-type: text/css
content-length: 4194
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-1062"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 1949110
accept-ranges: bytes
server: cloudflare
cf-ray: 77e7f36e9a7bb4f3-OSL
X-Firefox-Spdy: h2

ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=b314bdf1b3

104.18.22.52

200 OK

54 kB

URL HTTP/2
ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=b314bdf1b3
IP
104.18.22.52:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65397)
Size
54 kB (54194 bytes)
Hash
dc9270247a97f75913a5d8934c24de03
ed9b0fa01b552571f99d529ed355b2ba91cfc48d
847cc3ab1ea736cbbaac34833596335471fc7a888089b501b3c83a323566f0b8

HTTP Headers

GET /releases/v5.15.4/css/pro.min.css?token=b314bdf1b3 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bkdwbvx.com/
Origin: https://bkdwbvx.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Dec 2022 08:26:14 GMT
content-type: text/css
content-length: 54194
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-d3b2"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 1949110
accept-ranges: bytes
server: cloudflare
cf-ray: 77e7f36e9a78b4f3-OSL
X-Firefox-Spdy: h2

ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-font-face.min.css?token=b314bdf1b3

104.18.22.52

200 OK

2.6 kB

URL HTTP/2
ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-font-face.min.css?token=b314bdf1b3
IP
104.18.22.52:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (27832)
Size
2.6 kB (2603 bytes)
Hash
eaaabd3f60063923cd5333eb1d7a20a1
0da69706105e28896a1f6eeaa91d5bec1b82f7f1
f863309ec0ac675409167610ff9776fa9c7620d6ee3592cc0c19d0b883ff2f70

HTTP Headers

GET /releases/v5.15.4/css/pro-v4-font-face.min.css?token=b314bdf1b3 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bkdwbvx.com/
Origin: https://bkdwbvx.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Dec 2022 08:26:14 GMT
content-type: text/css
content-length: 2603
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-a2b"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 1949110
accept-ranges: bytes
server: cloudflare
cf-ray: 77e7f36e9a7cb4f3-OSL
X-Firefox-Spdy: h2

ocsp2.globalsign.com/gsalphasha2g2

104.18.20.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsalphasha2g2
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1423 bytes)
Hash
107728989d319615fca39f41a4dd34fd
3e9fd64d8cfdba1b7f6dc9a0b1913dc060212a7e
109ee9d22e38c5950b58a84484e8eb4432161335e1c5cfb27ba4ef253c7d8a13

HTTP Headers

POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 08:26:14 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Wed, 28 Dec 2022 05:21:30 GMT
ETag: "3e9fd64d8cfdba1b7f6dc9a0b1913dc060212a7e"
Last-Modified: Sat, 24 Dec 2022 05:21:31 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1980
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77e7f3723d65b515-OSL

bkdwbvx.com/common_tpls/js/iframeResizer.contentWindow.min.js

207.120.33.41

200 OK

11 kB

URL HTTP/2
bkdwbvx.com/common_tpls/js/iframeResizer.contentWindow.min.js
IP
207.120.33.41:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (21423)
Size
11 kB (10895 bytes)
Hash
0ce361c947f7754fcc13ec0829e732ac
2aebab29143e68caddff8d6bf01b37a62afccbe1
2878fc4ea60c356ba7de282d541243b163e1f9b09004fa154c1b4746f895eb57

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /common_tpls/js/iframeResizer.contentWindow.min.js HTTP/1.1
Host: bkdwbvx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bkdwbvx.com/acct/epc69324/add/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47378-19115.51935.null.null.GIEz122430370.8150&lang=no&f_color=ffffff&epcCID=a4NfX5q9G086P3M4g7Xaf2BeJbQbA8Gey&rtid=81243726913
Cookie: PHPSESSID=f87deb8818ca897e090b40ee61deb995
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Dec 2022 08:26:13 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 04 Feb 2016 15:06:03 GMT
etag: W/"56b368db-3445"
section-io-cache-id: 10780eac8e5a2e8381ee9636dc064f62
x-varnish: 879426 941260
age: 13882
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Hit
content-encoding: gzip
section-io-id: 603cffa7a1ae860f46546e9c02941163
X-Firefox-Spdy: h2

js-agent.newrelic.com/290.2d6a2503-1220.js

151.101.66.137

200 OK

3.4 kB

URL HTTP/2
js-agent.newrelic.com/290.2d6a2503-1220.js
IP
151.101.66.137:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (8544)
Size
3.4 kB (3424 bytes)
Hash
b9baa2cb6a3b1a3d0fda03cd7db51631
42d37467e05182e3cab2fcb54577dc462adcf50b
31a8b4d47298cae24c66e37256a51474ae88a745fdfec79f99b2d43608e6d822

HTTP Headers

GET /290.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bkdwbvx.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: fhmr6WetDM+g2i2QlvVMRpxUR5FtkKdG9L63CCQ3CSWsvtR6j++f9vvc73sttpIYqURa2xyYTRk=
x-amz-request-id: VK0ZFWF8T6343F8V
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "13898fbb4d7a1f83fc6722c4c12faf40"
x-amz-version-id: C4hj6k9j4I7xXuTBZvcbX78Bf.Ep8KMk
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sat, 24 Dec 2022 08:26:15 GMT
via: 1.1 varnish
x-served-by: cache-bma1668-BMA
x-cache: HIT
x-cache-hits: 5416
x-timer: S1671870375.209046,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 3424
X-Firefox-Spdy: h2

js-agent.newrelic.com/368.2d6a2503-1220.js

151.101.66.137

200 OK

1.9 kB

URL HTTP/2
js-agent.newrelic.com/368.2d6a2503-1220.js
IP
151.101.66.137:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (3382)
Size
1.9 kB (1911 bytes)
Hash
27d3ec6830f5097af38d4f5632a13409
e7efc0c7c2b9397b3b6a8089ca4ea3a07d932209
f8a2d8473cb4fbd17ea02775eafc9a5a70ebe4cd017cf7724687896b5ac3d903

HTTP Headers

GET /368.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bkdwbvx.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: kwoAxcBtx2IMbi3IHVdur3TxF/StXF2YgQ/J5F/J0LqxQRcevbbS10v8PBtCq89jFlCdbzEZt0Y=
x-amz-request-id: VK0S7FDBAB0EX9VY
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "16b4f3676c3859e1378a2ccdebbad675"
x-amz-version-id: zC.KoTaM7bjdFj.W4KQMilxtjXXSNPks
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sat, 24 Dec 2022 08:26:15 GMT
via: 1.1 varnish
x-served-by: cache-bma1668-BMA
x-cache: HIT
x-cache-hits: 5410
x-timer: S1671870375.209318,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 1443
X-Firefox-Spdy: h2

js-agent.newrelic.com/39.2d6a2503-1220.js

151.101.66.137

200 OK

2.8 kB

URL HTTP/2
js-agent.newrelic.com/39.2d6a2503-1220.js
IP
151.101.66.137:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (7169)
Size
2.8 kB (2755 bytes)
Hash
a0a406e7bdf3e14f047e46bcea27640c
c1fbc88d260f16a092c1b7b0e58e4291401478e8
2309d4e82574d5402ec3454a76051987336fe3b4e4d546f6565a3a443c6d4049

HTTP Headers

GET /39.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bkdwbvx.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: YVIhZ0s+kfqfyw3/OOPaabzaoXb/XwD4VELrgCLiMtI8cGCxgyDD6Y3bdLzWtK9lY7b2Y9dtVwM=
x-amz-request-id: VK0GJZ5NDAT42H61
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "0448380a8f2cd0426bbdf04dd45b5408"
x-amz-version-id: rKoZQfJFmGD6aC9Xn3l7.fk4j9L96MM_
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sat, 24 Dec 2022 08:26:15 GMT
via: 1.1 varnish
x-served-by: cache-bma1668-BMA
x-cache: HIT
x-cache-hits: 2771
x-timer: S1671870375.209919,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2755
X-Firefox-Spdy: h2

js-agent.newrelic.com/775.2d6a2503-1220.js

151.101.66.137

200 OK

632 B

URL HTTP/2
js-agent.newrelic.com/775.2d6a2503-1220.js
IP
151.101.66.137:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (1169)
Size
632 B (632 bytes)
Hash
661520fd0dfebb919d68a69b60ca426f
b85ef80a0e0d95bf4904f9ce4fad56c49ae035be
ecd489671c6255fee8370fc1f8f4e99519ef8d4c4c0ab06640b0c021642e1db7

HTTP Headers

GET /775.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bkdwbvx.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: n5W3M8HU3EdwDhPARC2iiAf1as95kdLfrN2+qdL0W35SMVzIqjIlMR9W7ck8oTAzeIw6lrJi5fM=
x-amz-request-id: VK0MRM6MJ78HXF3Y
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "1dfdb74c0491489bf04c6deadb56add2"
x-amz-version-id: y1AQ2bnjUbwuFOuSS5MP1vew1dGw.1iz
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sat, 24 Dec 2022 08:26:15 GMT
via: 1.1 varnish
x-served-by: cache-bma1668-BMA
x-cache: HIT
x-cache-hits: 5377
x-timer: S1671870375.209794,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 632
X-Firefox-Spdy: h2

js-agent.newrelic.com/768.2d6a2503-1220.js

151.101.66.137

200 OK

2.2 kB

URL HTTP/2
js-agent.newrelic.com/768.2d6a2503-1220.js
IP
151.101.66.137:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (5523)
Size
2.2 kB (2225 bytes)
Hash
98a96a3306b7723c0b8c4bff074cdd9f
e9070da7daa34fa2d8ac2e4ec00e3c499ea37516
a6079d50fa4c72b521fd865e67be080b5b21c336a71dbf7a1800a12ad42384f7

HTTP Headers

GET /768.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bkdwbvx.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: YghQGw//W98CcE+uLEc2bIpyY1zfBy1cvSl3ZbHItGIBbBbjBYrgjjDhKdNnyagoNGaVfLpI2xM=
x-amz-request-id: VK0XNZM280HMN60Q
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "d6cc8b42eda6fd7734014b03b87b5787"
x-amz-version-id: 0CJw6LdyBdZcjhOiVrtC0pLcOFtA3d5G
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sat, 24 Dec 2022 08:26:15 GMT
via: 1.1 varnish
x-served-by: cache-bma1668-BMA
x-cache: HIT
x-cache-hits: 5413
x-timer: S1671870375.209792,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2225
X-Firefox-Spdy: h2

js-agent.newrelic.com/0.2d6a2503-1220.js

151.101.66.137

200 OK

2.3 kB

URL HTTP/2
js-agent.newrelic.com/0.2d6a2503-1220.js
IP
151.101.66.137:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (5198)
Size
2.3 kB (2349 bytes)
Hash
852267b16c136b977ccd94900c6c6308
e013e1b2c6de5b625ebbfe2e7cf3cfb09cee6c16
9bb09a133a1b33e9cecb06aa44e1ea67b3ad4ea74df5c6a89b1580064364cced

HTTP Headers

GET /0.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bkdwbvx.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: yaLgSlI/o1YgPR64REKW7tJGngFFiymXOCq3qvC8FibvMh/NPjIov1s2Y43sA3Nk7dOb/Jeu8n0=
x-amz-request-id: VK0HGZZCMTDZKH5X
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "cc9b3d207e9ea2c79974f46bf474e6dd"
x-amz-version-id: 5C7ygpPS6JvoVHQoGDIm5lCTgaPcqmFc
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sat, 24 Dec 2022 08:26:15 GMT
via: 1.1 varnish
x-served-by: cache-bma1668-BMA
x-cache: HIT
x-cache-hits: 2763
x-timer: S1671870375.210142,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2349
X-Firefox-Spdy: h2

js-agent.newrelic.com/820.2d6a2503-1220.js

151.101.66.137

200 OK

3.0 kB

URL HTTP/2
js-agent.newrelic.com/820.2d6a2503-1220.js
IP
151.101.66.137:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (7460)
Size
3.0 kB (2979 bytes)
Hash
7d1295a839190615b34d5a62acceee4f
eef26f5c6d2ae14cb81b3a9b669da224faceacd0
4d59d58f31b6638fbc3792a0b5fddca6e8eafc19a0c9e9aabadb5ad4d9197198

HTTP Headers

GET /820.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bkdwbvx.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: FgITvf3WklEMWkZwakon8gl0N9aTQ94pdNptn966xzqmGm/5HblQmQGcNcywcu4tvf5sbwoyl9E=
x-amz-request-id: VK0ZG74SYEQQ4TER
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "897a1a72a47e4f4a24c05aec49af638f"
x-amz-version-id: P6j2S.7Iht6lmVHyZ_zkYmp136j6E8IA
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sat, 24 Dec 2022 08:26:15 GMT
via: 1.1 varnish
x-served-by: cache-bma1668-BMA
x-cache: HIT
x-cache-hits: 2751
x-timer: S1671870375.210786,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2979
X-Firefox-Spdy: h2

js-agent.newrelic.com/571.2d6a2503-1220.js

151.101.66.137

200 OK

1.1 kB

URL HTTP/2
js-agent.newrelic.com/571.2d6a2503-1220.js
IP
151.101.66.137:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (2412)
Size
1.1 kB (1108 bytes)
Hash
d392a55faa7a0a2a43781a495891c9aa
1998ba6f85354606c186fa1a29285676f0b596f0
33b4cb21373961aa88430ff72406d46e95ceddf50afc086598ea5bdc3a311815

HTTP Headers

GET /571.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bkdwbvx.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: Yb3onr5wgE7GyebmH4WnkKwnI2MQKfjQMqMso3BN0Y71/Vtt12keZBjkbAuB5UJTI/GRzVXSccI=
x-amz-request-id: VK0WTM9PM29FXD43
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "04b00905b32fd8d29459545bc125cff6"
x-amz-version-id: ySPuP7kOqGri8HjzDqW2TYirQNYv9NMF
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sat, 24 Dec 2022 08:26:15 GMT
via: 1.1 varnish
x-served-by: cache-bma1668-BMA
x-cache: HIT
x-cache-hits: 2757
x-timer: S1671870375.210799,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 1108
X-Firefox-Spdy: h2

js-agent.newrelic.com/790.2d6a2503-1220.js

151.101.66.137

200 OK

6.1 kB

URL HTTP/2
js-agent.newrelic.com/790.2d6a2503-1220.js
IP
151.101.66.137:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (17591)
Size
6.1 kB (6064 bytes)
Hash
b3193d37837e2f200e10db13deff83a9
d8577b8a972583e81cfd8e31436dcd039aa049b2
5ba2e421fa78af3094294f4f8e30ba63225537da3ad68e35fbab63b2d22a0288

HTTP Headers

GET /790.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bkdwbvx.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: veWtlyFq4FXZZ3C91QZ1ydEfJVdBNkWk12lPeQHXsOtJd4oL/94W2O+vIrequr5Q4TsFmN49oJA=
x-amz-request-id: VK0VJC72617ZJQFB
last-modified: Wed, 05 Oct 2022 14:53:43 GMT
etag: "af8c077a247e90dff929d7af81c94f57"
x-amz-version-id: TFyNie.wEelbO4xbna5bJ14MRDIkKCak
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sat, 24 Dec 2022 08:26:15 GMT
via: 1.1 varnish
x-served-by: cache-bma1668-BMA
x-cache: HIT
x-cache-hits: 1915
x-timer: S1671870375.211154,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 6064
X-Firefox-Spdy: h2

bkdwbvx.com/acct/trk/?rtid=81243726913

207.120.33.41

200 OK

21 B

URL HTTP/2
bkdwbvx.com/acct/trk/?rtid=81243726913
IP
207.120.33.41:0
ASN
#3356 LEVEL3

File type
JSON data\012- , ASCII text, with no line terminators
Size
21 B (21 bytes)
Hash
6e3926d2a976e5168f30d94e6a30f321
5b4353cdd215a30b73503ac06adf588e599bed36
fc2fb775bca76034b3f2dc14c78da6791f09233ca6e4b267de6f3358fdffdd31

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /acct/trk/?rtid=81243726913 HTTP/1.1
Host: bkdwbvx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: VwUCVFRWCBAJV1dSDwkPVV0=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMzNTUyNTAiLCJhcCI6IjExMDMwNzg4NDIiLCJpZCI6Ijk1NDM1OTliOWMzZmZiZWIiLCJ0ciI6ImVmZTY3ZTFhMTMxMGYxNzI3YjQwNGJhMjMzOWE0YzUwIiwidGkiOjE2NzE4NzAzNzMyNTd9fQ==
traceparent: 00-efe67e1a1310f1727b404ba2339a4c50-9543599b9c3ffbeb-01
tracestate: 3355250@nr=0-1-3355250-1103078842-9543599b9c3ffbeb----1671870373257
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://bkdwbvx.com/acct/epc69324/add/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47378-19115.51935.null.null.GIEz122430370.8150&lang=no&f_color=ffffff&epcCID=a4NfX5q9G086P3M4g7Xaf2BeJbQbA8Gey&rtid=81243726913
Cookie: PHPSESSID=f87deb8818ca897e090b40ee61deb995
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Dec 2022 08:26:15 GMT
content-type: text/json;charset=UTF-8
content-length: 21
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-varnish: 17042767
age: 0
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Miss
section-io-id: 9d6730e521a02a23c0c021b7d7652068
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
47911644a4045c9c05c561f9226814ef
ee8aaa36e0633b8d1f485a99a72fb4b4eba68708
87ea79a348a6368ec738dfbc004b86911daafe286d45a9ab9ee4e80e87322f9b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6525
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 08:26:15 GMT
Last-Modified: Sat, 24 Dec 2022 06:37:30 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

bam.nr-data.net/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1220.PROD&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=6017&ck=0&s=2ee6ba0d94d228a7&ref=https://bkdwbvx.com/acct/epc69324/add/&ap=88&be=4169&fe=1623&dc=1620&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1671870367449,%22n%22:0,%22f%22:3442,%22dn%22:3444,%22dne%22:3475,%22c%22:3475,%22s%22:3578,%22ce%22:3702,%22rq%22:3703,%22rp%22:4044,%22rpe%22:4044,%22dl%22:4049,%22di%22:5777,%22ds%22:5788,%22de%22:5792,%22dc%22:5792,%22l%22:5792,%22le%22:5796%7D,%22navigation%22:%7B%7D%7D&at=HxVQQAsaG0Q%3D&jsonp=NREUM.setToken

162.247.241.14

200 OK

77 B

URL HTTP/1.1
bam.nr-data.net/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1220.PROD&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=6017&ck=0&s=2ee6ba0d94d228a7&ref=https://bkdwbvx.com/acct/epc69324/add/&ap=88&be=4169&fe=1623&dc=1620&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1671870367449,%22n%22:0,%22f%22:3442,%22dn%22:3444,%22dne%22:3475,%22c%22:3475,%22s%22:3578,%22ce%22:3702,%22rq%22:3703,%22rp%22:4044,%22rpe%22:4044,%22dl%22:4049,%22di%22:5777,%22ds%22:5788,%22de%22:5792,%22dc%22:5792,%22l%22:5792,%22le%22:5796%7D,%22navigation%22:%7B%7D%7D&at=HxVQQAsaG0Q%3D&jsonp=NREUM.setToken
IP
162.247.241.14:0
ASN
#23467 NEWRELIC-AS-1

File type
ASCII text, with no line terminators
Size
77 B (77 bytes)
Hash
f1442f5831dbbe0210da2d7a4180d6b8
2ade23c6c7a001c66f0c0a9a101ec152747b434e
c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef

HTTP Headers

GET /1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1220.PROD&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=6017&ck=0&s=2ee6ba0d94d228a7&ref=https://bkdwbvx.com/acct/epc69324/add/&ap=88&be=4169&fe=1623&dc=1620&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1671870367449,%22n%22:0,%22f%22:3442,%22dn%22:3444,%22dne%22:3475,%22c%22:3475,%22s%22:3578,%22ce%22:3702,%22rq%22:3703,%22rp%22:4044,%22rpe%22:4044,%22dl%22:4049,%22di%22:5777,%22ds%22:5788,%22de%22:5792,%22dc%22:5792,%22l%22:5792,%22le%22:5796%7D,%22navigation%22:%7B%7D%7D&at=HxVQQAsaG0Q%3D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bkdwbvx.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 08:26:15 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 77e7f375be41b512-OSL
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip

bam.nr-data.net/events/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1220.PROD&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=6448&ck=0&s=2ee6ba0d94d228a7&ref=https://bkdwbvx.com/acct/epc69324/add/

162.247.241.14

200 OK

24 B

URL HTTP/1.1
bam.nr-data.net/events/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1220.PROD&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=6448&ck=0&s=2ee6ba0d94d228a7&ref=https://bkdwbvx.com/acct/epc69324/add/
IP
162.247.241.14:0
ASN
#23467 NEWRELIC-AS-1

File type
GIF image data, version 89a, 1 x 1\012- data
Size
24 B (24 bytes)
Hash
bc32ed98d624acb4008f986349a20d26
2d3df8c11d2168ce2c27e0937421d11d85016361
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

HTTP Headers

POST /events/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1220.PROD&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=6448&ck=0&s=2ee6ba0d94d228a7&ref=https://bkdwbvx.com/acct/epc69324/add/ HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 677
Origin: https://bkdwbvx.com
Connection: keep-alive
Referer: https://bkdwbvx.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 08:26:16 GMT
Content-Type: image/gif
Content-Length: 24
Connection: keep-alive
CF-Ray: 77e7f377ffacb512-OSL
Access-Control-Allow-Origin: https://bkdwbvx.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare

fstentr.com/signup/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47378-19115.51935.null.null.GIEz122430370.8150&lang=no&f_color=ffffff

163.171.128.172

302 Found

0 B

URL HTTP/2
fstentr.com/signup/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47378-19115.51935.null.null.GIEz122430370.8150&lang=no&f_color=ffffff
IP
163.171.128.172:0
ASN
#54994 QUANTILNETWORKS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /signup/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47378-19115.51935.null.null.GIEz122430370.8150&lang=no&f_color=ffffff HTTP/1.1
Host: fstentr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://slutsaga.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Sat, 24 Dec 2022 08:26:12 GMT
content-type: text/html; charset=UTF-8
server: PWS/8.3.1.0.8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location: https://bkdwbvx.com/acct/epc69324/add/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47378-19115.51935.null.null.GIEz122430370.8150&lang=no&f_color=ffffff&epcCID=a4NfX5q9G086P3M4g7Xaf2BeJbQbA8Gey&rtid=81243726913
via: 1.1 PSmglsjLAX2hu177:8 (W), 1.1 PSdgflkfFRA1vg90:11 (W)
x-px: ms PSdgflkfFRA1vg90FRA,ms PSmglsjLAX2hu177LAX(origin)
x-ws-request-id: 63a6b7a4_PS-FRA-01lai110_45675-52528
set-cookie: PHPSESSID=9fb45bb8477476a399138a7d0f4bc42b; path=/; secure; SameSite=None
HMF_CI=a06ac6a8677d30dd5d13b36a44f446c70b33c5297b11d7cff6a01a15bf7535378ebf597c351b54c9dee23951d4f2bad2a41eae8b35ae87e8d3ae15b6b04bbf3552; Expires=Mon, 23-Jan-23 08:26:12 GMT; Path=/
X-Firefox-Spdy: h2

geoip.enlistsecureup.com/?v=1

163.171.128.172

200 OK

0 B

URL HTTP/2
geoip.enlistsecureup.com/?v=1
IP
163.171.128.172:0
ASN
#54994 QUANTILNETWORKS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /?v=1 HTTP/1.1
Host: geoip.enlistsecureup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bkdwbvx.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 24 Dec 2022 08:26:14 GMT
content-type: application/javascript
server: waf/4.32.3-0.el6
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
x-via: 1.1 PS-DFW-01gGZ147:2 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1bc200:14 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1je97:15 (Cdn Cache Server V2.0)
x-ws-request-id: 63a6b7a6_PS-FRA-01lai110_46304-6865
set-cookie: HMF_CI=48b135b711c60d2355b6a6d19400f17e3edccaf4f8552d1dda28a4238240bb39fa21f2b95dca0ec8bcd2561bb45e3e4865ee71f6e37bc9fa94e8f94b58e91618a4; Expires=Mon, 23-Jan-23 08:26:14 GMT; Path=/
X-Firefox-Spdy: h2

slutsaga.com/jpt/?pub_id=51935

104.21.52.132

200 OK

0 B

URL HTTP/2
slutsaga.com/jpt/?pub_id=51935
IP
104.21.52.132:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /jpt/?pub_id=51935 HTTP/1.1
Host: slutsaga.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://go.gkrtmc.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Dec 2022 08:26:08 GMT
content-type: text/html
last-modified: Mon, 08 Aug 2022 10:12:23 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cnUGbv7tDOn9GMByCearMO9vOsGG51Mtuypgi7B92c1FNtebA5GpLosS4DBc1u14jpLRN4OntKWL3fxz21lx9w3kL5Aynv5Iim%2Fljk71Ao1B5v6XYBw0ZJKQAcWB7LY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77e7f34ded5c1c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

slutsaga.com/favicon.ico

104.21.52.132

200 OK

0 B

URL HTTP/2
slutsaga.com/favicon.ico
IP
104.21.52.132:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: slutsaga.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slutsaga.com/jpt/?pub_id=51935
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Dec 2022 08:26:09 GMT
content-type: image/x-icon
last-modified: Mon, 08 Aug 2022 10:13:01 GMT
etag: W/"62f0e1ad-45b26"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9mth16EOFrRs2JcOTuz7J0qZimAm0BLO5hoQRtF3b9yB7W%2FqXT5o%2FrrtprGLn07%2FXskaIWyEjWlLbZpwJOVFk6Jnsg16GHwfhsj0DLLz%2FRiBenM7BUq2ChhRJAbn9Ms%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77e7f3521b250b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

bkdwbvx.com/common_tpls/js/form_support.js?v=1101202201

207.120.33.41

200 OK

0 B

URL HTTP/2
bkdwbvx.com/common_tpls/js/form_support.js?v=1101202201
IP
207.120.33.41:0
ASN
#3356 LEVEL3

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /common_tpls/js/form_support.js?v=1101202201 HTTP/1.1
Host: bkdwbvx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bkdwbvx.com/acct/epc69324/add/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47378-19115.51935.null.null.GIEz122430370.8150&lang=no&f_color=ffffff&epcCID=a4NfX5q9G086P3M4g7Xaf2BeJbQbA8Gey&rtid=81243726913
Cookie: PHPSESSID=f87deb8818ca897e090b40ee61deb995
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Dec 2022 08:26:13 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 18 Nov 2022 21:23:38 GMT
etag: W/"6377f7da-ed7"
section-io-cache-id: 9de97fa579f6a42cb7d0d03ab4c45753
x-varnish: 879424 1194897
age: 13893
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Hit
content-encoding: gzip
section-io-id: 0a585578c80cb9f97efbb31675f5658e
X-Firefox-Spdy: h2

bkdwbvx.com/common_tpls/js/validate_form_v2.js?jsv=29

207.120.33.41

200 OK

0 B

URL HTTP/2
bkdwbvx.com/common_tpls/js/validate_form_v2.js?jsv=29
IP
207.120.33.41:0
ASN
#3356 LEVEL3

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /common_tpls/js/validate_form_v2.js?jsv=29 HTTP/1.1
Host: bkdwbvx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bkdwbvx.com/acct/epc69324/add/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47378-19115.51935.null.null.GIEz122430370.8150&lang=no&f_color=ffffff&epcCID=a4NfX5q9G086P3M4g7Xaf2BeJbQbA8Gey&rtid=81243726913
Cookie: PHPSESSID=f87deb8818ca897e090b40ee61deb995
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Dec 2022 08:26:13 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 01 Nov 2022 21:07:07 GMT
etag: W/"63618a7b-614a"
section-io-cache-id: 49e348e98c06179735f4d5d9e20d6e00
x-varnish: 16918292 16400545
age: 4211
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Hit
content-encoding: gzip
section-io-id: 7cc7625306b0a03ef195495ecddf1d28
X-Firefox-Spdy: h2

kit.fontawesome.com/b314bdf1b3.js

104.18.22.52

200 OK

0 B

URL HTTP/2
kit.fontawesome.com/b314bdf1b3.js
IP
104.18.22.52:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /b314bdf1b3.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bkdwbvx.com
Connection: keep-alive
Referer: https://bkdwbvx.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 24 Dec 2022 08:26:14 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: FyzAirxEebdfk--ceVWC
cf-cache-status: HIT
server: cloudflare
cf-ray: 77e7f369de7eb4f3-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Nunito:wght@400;700&display=swap

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Nunito:wght@400;700&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Nunito:wght@400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slutsaga.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 24 Dec 2022 08:26:09 GMT
date: Sat, 24 Dec 2022 08:26:09 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (32)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations