Report - uploadvirus.com/uploads/mejfkdilp.doc

Report Overview

Submitted URL
uploadvirus.com/uploads/mejfkdilp.doc
IP
166.88.62.202
ASN
#18779 EGIHOSTING
Submitted
2022-10-12 22:41:16
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	4.2 kB	142.250.74.3
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	371 B	76 kB	142.250.74.168
use.typekit.net	494	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	364 B	1.3 kB	23.36.76.122
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	471 B	562 B	173.194.73.156
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.6 kB	7.1 kB	23.36.77.32
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.7 kB	58 kB	34.120.237.76
stats.dynadot.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	432 B	64 kB	68.68.98.112
mainstats.dynadot.com	542881	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	70 kB	68.68.98.49
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	795 B	93.184.220.29
uploadvirus.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	356 B	306 B	166.88.62.202
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	468 B	694 B	142.250.74.3
region1.analytics.google.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	865 B	562 B	216.239.32.36
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	54.230.111.35
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	34.160.144.191
p.typekit.net	620	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	454 B	357 B	23.36.76.122
www.dynadot.com	239555	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	18 kB	356 kB	104.18.29.19
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	44.238.202.79

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-10-12	medium	uploadvirus.com	Sinkholed

JavaScript (17)

	URL	Size	First Seen	Last Seen
	www.dynadot.com/tr/lazysizes.min.js	7.9 kB	2023-03-07	2024-04-18
Pretty URL www.dynadot.com/tr/lazysizes.min.js IP 104.18.29.19 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:12 Last Seen2024-04-18 15:33:05 Times Seen775 Hash 96201abb62283557a9d7b97b4cab14ab a72f33d920d0ab863df4cb60edf44ec140304cdb 46112dbceed738f759d03f04b115d5256a7d73660b7795acb382192ad84d9f98 Loading...

	www.dynadot.com/forsale/uploadvirus.com?drefid=2071	147 B	2023-03-07	2024-01-28
Pretty URL www.dynadot.com/forsale/uploadvirus.com?drefid=2071 IP 104.18.29.19 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:22:09 Last Seen2024-01-28 17:32:37 Times Seen56 Hash cd89c941c1f94bd54ddd684b3b8f2a25 b3db1ee61ebdd10c9ea3024afb9adfe28bde0b6f cf7565c859d20c1a2247b5ea8a175c1fcae81136a83e1ad6af68769da1ecf047 Loading...

	www.dynadot.com/1665556828780forsale-buynow-landing-page.js	1.5 kB	2023-03-07	2023-06-20
Pretty URL www.dynadot.com/1665556828780forsale-buynow-landing-page.js IP 104.18.29.19 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:22:09 Last Seen2023-06-20 00:08:32 Times Seen57 Hash 92f53e8e15239f64267d1fd59f66c3b3 ebe872fd66d12fd8f6adac5a93475fcb468a984f da42080d1d66a392257a06f3012040bf35ae49d3310ae2dcab3b54f172329341 Loading...

	www.googletagmanager.com/gtag/js?id=G-S0L3BZSLYB	216 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtag/js?id=G-S0L3BZSLYB IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 13:49:23 Last Seen2023-03-08 13:49:23 Times Seen1 Hash 7001320aa91cf17b3ce438470d19075b 31f6294526f8a1dec444790373b07ce9c765c94d 364cadcd0f115093a894344fd5b0eef60359bab20d4844b4e097643074e724b1 Loading...

	www.dynadot.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=7593574c4a401c16	60 kB	2023-03-08	2023-03-08
Pretty URL www.dynadot.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=7593574c4a401c16 IP 104.18.29.19 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 13:49:23 Last Seen2023-03-08 13:49:23 Times Seen1 Hash b0e4f459d5ac7f142d233ea2273dd3a3 bf65b27ebb73380d6d4ff28096aabf7b169ca3b7 56559411905c7605ae726c8e7f8e0025f87903cf8f39d9eb5d7e3dae903c7e88 Loading...

	www.dynadot.com/hp_script.js	4.3 kB	2023-03-07	2024-04-04
Pretty URL www.dynadot.com/hp_script.js IP 104.18.29.19 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:14 Last Seen2024-04-04 15:35:34 Times Seen190 Hash e3a38f9f90665f041fc2f74a7783d11f 36a00e17f15f30e9bb864d42acf2614f0a6085af 76b055d98452d34162573203254cbdaa9938774e55fae84d7e8a41b912522687 Loading...

	stats.dynadot.com/matomo.js	64 kB	2023-03-07	2024-04-05
Pretty URL stats.dynadot.com/matomo.js IP 68.68.98.112 ASN #18779 EGIHOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:06 Last Seen2024-04-05 20:11:10 Times Seen286 Hash 68e32650fea29cf0fbbfa1df6c13f6f9 143d3250f699f4f9ab3d1890cd791ff0f5d649d9 0ce713b6cef25179719f242dcfa4ed9e985f1443257722299df2768deeb5ab6e Loading...

	mainstats.dynadot.com/matomo.js	69 kB	2023-03-07	2024-03-15
Pretty URL mainstats.dynadot.com/matomo.js IP 68.68.98.49 ASN #18779 EGIHOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:22:09 Last Seen2024-03-15 15:44:41 Times Seen9 Hash fdd9171daeb5d6c28325d5cddebbc786 1af7d60e4e89daca011eedfa97ecb2c963f03e12 ad2c5ecd660a0a5dff000926a75fe4b13cafa7849ad1e85c36676f1a120e013a Loading...

	www.dynadot.com/forsale/uploadvirus.com?drefid=2071	17 B	2023-03-07	2023-04-05
Pretty URL www.dynadot.com/forsale/uploadvirus.com?drefid=2071 IP 104.18.29.19 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:23 Last Seen2023-04-05 02:12:11 Times Seen1946 Hash 8ff8851cc2351b1ece0667fc38808aca 1948720040e391039821b5f1e0ffb994f42af529 39dc54b6b6d6d57f0d76b09b6e775fa9bf57418049cbb68c31fa4176a8b81175 Loading...

	www.dynadot.com/forsale/uploadvirus.com?drefid=2071	521 B	2023-03-08	2023-03-08
Pretty URL www.dynadot.com/forsale/uploadvirus.com?drefid=2071 IP 104.18.29.19 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 13:46:34 Last Seen2023-03-08 13:49:23 Times Seen1 Hash e4d377a219c8b3c4d4580fd9f4721ae9 1d97b9521d1de15d63462e5fd07121f2ebc747d0 50259692546a637899a5cfe4c646991b9ccc930b32f19d60bdf05363962ed43c Loading...

	unknown	0 B	2023-03-07	2024-04-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-20 03:27:48 Times Seen36969332 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.dynadot.com/tr/bootstrap.min.js	36 kB	2023-03-07	2024-01-28
Pretty URL www.dynadot.com/tr/bootstrap.min.js IP 104.18.29.19 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:22:09 Last Seen2024-01-28 17:32:39 Times Seen143 Hash b889d0e0e360373791a7478530bfc61f a45320736b67a1c255dc734b162ee0c67f01393c 0183ef0763e720f30973508786716b02890ed82ec71239b6ec6dee24b9dae7e3 Loading...

	www.dynadot.com/forsale/uploadvirus.com?drefid=2071	436 B	2023-03-07	2023-03-17
Pretty URL www.dynadot.com/forsale/uploadvirus.com?drefid=2071 IP 104.18.29.19 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:22:09 Last Seen2023-03-17 12:35:05 Times Seen1 Hash f00da29468dcf8c60b740a009eb9c61c d9434346e84f83e381e7c33d85ef21ba3526ff88 4cd278e811f35442acd545160899cf70b0518134fd1d65b045e703a0b4977137 Loading...

	www.dynadot.com/forsale/uploadvirus.com?drefid=2071	3.0 kB	2023-03-08	2023-03-08
Pretty URL www.dynadot.com/forsale/uploadvirus.com?drefid=2071 IP 104.18.29.19 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 13:49:23 Last Seen2023-03-08 13:49:23 Times Seen1 Hash 1a79d533daff2100162f7012c3c93f84 1927c88dc6631b775f6d7b8931847a8fa068d685 c34440d4b5ba09d74cfbbf9483d4816f0203de7b509056e96c2d282a0ce67bd4 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 70efa725f660990cc6701727e98c360b	769 kB	2023-03-07	2023-07-11
Pretty Observations First Seen2023-03-07 01:07:04 Last Seen2023-07-11 03:19:46 Times Seen6035 Hash 70efa725f660990cc6701727e98c360b 04f4df4180629c6a1a8648630310794bfdb39eb8 cb2789441eb37a5d5520d68b778e5e1a0743c6d105076aa2e3be07147e0dc752 Loading...

	#2 Eval - 59b3ce43d9fe815a03e0be97a55ec187	591 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 13:49:23 Last Seen2023-03-08 13:49:23 Times Seen1 Hash 59b3ce43d9fe815a03e0be97a55ec187 6b1dc236c0216e165c0346ff89116e8b3cd11a8d d570a632d4c4f121521a8a8a034d02dd79aab2253f124b01592af488e537f8be Loading...

		Size	First Seen	Last Seen
	#1 Write - 467d82ac802ebf5b672ecdb8e02505e6	3.6 kB	2023-03-07	2023-07-11
Pretty Observations First Seen2023-03-07 01:02:24 Last Seen2023-07-11 15:29:01 Times Seen16478 Hash 467d82ac802ebf5b672ecdb8e02505e6 b3df725dd3285fd4618d65c08e83b8f08c8e4798 36d48aeb87174dbf8b0ea333d2042d9e198797bd33c3f849597981eacd619515 Loading...

HTTP Transactions (66)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e0602913f3d432ffbfaa654440972ee1
e5aaf31749e65875fd840091f9a3bba641de413d
5495ad212166703dcd1d17d7aa6ff4d1c40e73dfad703d24f00f60f35bc7d56c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5495AD212166703DCD1D17D7AA6FF4D1C40E73DFAD703D24F00F60F35BC7D56C"
Last-Modified: Tue, 11 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10119
Expires: Thu, 13 Oct 2022 01:29:44 GMT
Date: Wed, 12 Oct 2022 22:41:05 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

54.230.111.35

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
54.230.111.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
3f17af4e8a1739eda4a518039f4892f9
c3feba08ae7e8f57e0fe9bcd2ebedea6bda67cbb
c485b09cad08b5233fe8753682faf59219fe0d18fcc34d90dc88fb0971295f5f

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 12 Oct 2022 21:49:20 GMT
Expires: Wed, 12 Oct 2022 22:33:15 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: dD_oOaDQUkGe7CPDW7kQB7vU54Fm8qIoVrpu6TTtE35Sea7eCcxU0Q==
Age: 3105

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c5afb6d2acaf66af4c3fd458a0b70e17
ae58844d8753fe1b62240067b7c0efba86a858d0
42b37d16055f0f3ec52cbb45b4af4900baac4352e87c662811cdb377eb2d3c3e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "42B37D16055F0F3EC52CBB45B4AF4900BAAC4352E87C662811CDB377EB2D3C3E"
Last-Modified: Wed, 12 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15901
Expires: Thu, 13 Oct 2022 03:06:06 GMT
Date: Wed, 12 Oct 2022 22:41:05 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: n3uLFb75TEvf4q9+f1Swry5SK9vdI3bHwltHerNnGr3TSPwx5NJ4O0Wy+cc9GkTi83Y4NHlEDlw=
x-amz-request-id: FG4YJ6QF2ZRNVDZD
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 12 Oct 2022 22:01:27 GMT
age: 2378
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

uploadvirus.com/uploads/mejfkdilp.doc

166.88.62.202

302 Moved Temporarily

0 B

URL HTTP/1.1
uploadvirus.com/uploads/mejfkdilp.doc
IP
166.88.62.202:0
ASN
#18779 EGIHOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /uploads/mejfkdilp.doc HTTP/1.1
Host: uploadvirus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Moved Temporarily
Date: Wed, 12 Oct 2022 22:41:05 GMT
Connection: Keep-Alive
Content-Length: 0
X-Frame-Options: SAMEORIGIN
Cache-Control: private, no-cache, no-store, max-age=0
Expires: Mon, 01 Jan 1990 0:00:00 GMT
Location: https://www.dynadot.com/forsale/uploadvirus.com?drefid=2071

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 12 Oct 2022 22:41:05 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

www.dynadot.com/favicon.ico

104.18.29.19

200 OK

721 B

URL HTTP/2
www.dynadot.com/favicon.ico
IP
104.18.29.19:0
ASN
#13335 CLOUDFLARENET

File type
MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Size
721 B (721 bytes)
Hash
ab307efbdcdd2e4f671636784ab6f3d2
7fdc7a15cb3ed35515565d44128e7d5b9f30cfeb
4a9b9159917a365827d2ef79e639d70d1d27ff8c6cb489b96f6645c193e06825

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.dynadot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dynadot.com/forsale/uploadvirus.com?drefid=2071
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 22:41:06 GMT
content-type: image/x-icon
content-length: 721
content-encoding: gzip
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000
cache-control: max-age=1209579
expires: Wed, 26 Oct 2022 6:40:57 GMT
etag: 1665556825970
cf-cache-status: HIT
age: 57588
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7593574deb581c16-OSL
X-Firefox-Spdy: h2

www.dynadot.com/cdn-cgi/images/trace/jsch/js/transparent.gif?ray=7593574c4a401c16

104.18.29.19

200 OK

42 B

URL HTTP/2
www.dynadot.com/cdn-cgi/images/trace/jsch/js/transparent.gif?ray=7593574c4a401c16
IP
104.18.29.19:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /cdn-cgi/images/trace/jsch/js/transparent.gif?ray=7593574c4a401c16 HTTP/1.1
Host: www.dynadot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dynadot.com/forsale/uploadvirus.com?drefid=2071
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 22:41:06 GMT
content-type: image/gif
content-length: 42
last-modified: Fri, 07 Oct 2022 16:50:57 GMT
etag: "634058f1-2a"
server: cloudflare
cf-ray: 7593574e3b801c16-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Thu, 13 Oct 2022 00:41:06 GMT
cache-control: max-age=7200, public
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
63604bda613d148120c491e2f095255f
0fc63ecaff8a0f36dc2a82f3fb187725d0064d69
8478a84e8513fb9afb0d1c369b668bd37ca98943a624ac3a3a69165536bd1748

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 62
Cache-Control: max-age=120405
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 22:41:06 GMT
Etag: "63467599-1d7"
Expires: Fri, 14 Oct 2022 08:07:51 GMT
Last-Modified: Wed, 12 Oct 2022 08:06:49 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

54.230.111.35

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
54.230.111.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Wed, 12 Oct 2022 21:45:05 GMT
Expires: Wed, 12 Oct 2022 21:48:13 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: cjAzK2N5hRCyIIZRg2klC3YmqqtEWihmYAAigkBaZdEQHVx9GxeK0A==
Age: 3361

push.services.mozilla.com/

44.238.202.79

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.238.202.79:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: tVH3d0u2xxRXPxC9LROMbg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: TpAufESSRuU6gMVpjDjEW6Cr51Y=

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
372301cc3e0ad3b9318a13a6ec327d30
9d34de85f08bf496e76a3577e0b23af5a2e06548
b5b57c12618c4d45d9b712be3fccaba0debbbf018f82b028bff74e39a077cf03

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5B57C12618C4D45D9B712BE3FCCABA0DEBBBF018F82B028BFF74E39A077CF03"
Last-Modified: Tue, 11 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4518
Expires: Wed, 12 Oct 2022 23:56:26 GMT
Date: Wed, 12 Oct 2022 22:41:08 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
372301cc3e0ad3b9318a13a6ec327d30
9d34de85f08bf496e76a3577e0b23af5a2e06548
b5b57c12618c4d45d9b712be3fccaba0debbbf018f82b028bff74e39a077cf03

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5B57C12618C4D45D9B712BE3FCCABA0DEBBBF018F82B028BFF74E39A077CF03"
Last-Modified: Tue, 11 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4518
Expires: Wed, 12 Oct 2022 23:56:26 GMT
Date: Wed, 12 Oct 2022 22:41:08 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
372301cc3e0ad3b9318a13a6ec327d30
9d34de85f08bf496e76a3577e0b23af5a2e06548
b5b57c12618c4d45d9b712be3fccaba0debbbf018f82b028bff74e39a077cf03

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5B57C12618C4D45D9B712BE3FCCABA0DEBBBF018F82B028BFF74E39A077CF03"
Last-Modified: Tue, 11 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4518
Expires: Wed, 12 Oct 2022 23:56:26 GMT
Date: Wed, 12 Oct 2022 22:41:08 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
372301cc3e0ad3b9318a13a6ec327d30
9d34de85f08bf496e76a3577e0b23af5a2e06548
b5b57c12618c4d45d9b712be3fccaba0debbbf018f82b028bff74e39a077cf03

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5B57C12618C4D45D9B712BE3FCCABA0DEBBBF018F82B028BFF74E39A077CF03"
Last-Modified: Tue, 11 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4518
Expires: Wed, 12 Oct 2022 23:56:26 GMT
Date: Wed, 12 Oct 2022 22:41:08 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F553262ae-b30b-43f9-b6f4-0bb35e7dad9e.jpeg

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F553262ae-b30b-43f9-b6f4-0bb35e7dad9e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11489 bytes)
Hash
4a60aeffcc92c4b0d0860c67a0f9bcf1
192653edcfe273506a3ec6b7c84d5c617b06f273
dc51532afe8089033b252753a2fcf8080840bbf066005fc83779dbbe34146983

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F553262ae-b30b-43f9-b6f4-0bb35e7dad9e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11489
x-amzn-requestid: 6f736cf6-a06e-45f5-9ea7-19e4df12b3ce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaqVBGqToAMFp3w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a8a86-32c61ab13ab4312e3e93513f;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 07:08:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: v-nPLi3VtT48B2d9aHQZOH4iO1LeJbBXIlA0q5gKboX4Q5Z61u4eNQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 12 Oct 2022 21:52:19 GMT
age: 2929
etag: "192653edcfe273506a3ec6b7c84d5c617b06f273"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fc8e71c-ad38-40c0-aa1c-62d0543b412e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.6 kB (3621 bytes)
Hash
d7c910df57ddbb4c965a2368ecd0b7c0
3c43ed5bf8ebd3e103a6b8f4736ccb414353937e
bfe79d8edb1e729797ca5a044b425a50e17402a8e02f7aa46d196c4717940995

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fc8e71c-ad38-40c0-aa1c-62d0543b412e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3621
x-amzn-requestid: 331206f5-c205-42f7-b4ec-33cda2fb63b4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZxutmHYYoAMFW9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6343c4bd-40c2f12833e077be52ca770c;Sampled=0
x-amzn-remapped-date: Mon, 10 Oct 2022 07:07:41 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: m0UA1qs-Ea9UjOtLqAwh7WEhU3OJAwvBKEuyn7iUUweXAHdFDYpjMQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Wed, 12 Oct 2022 07:40:35 GMT
age: 54033
etag: "3c43ed5bf8ebd3e103a6b8f4736ccb414353937e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b96c25d-8376-4904-bba2-502beb880242.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (7955 bytes)
Hash
a85ee0d7001d9527c7abfb333208c9f0
23734a158f7461d0b4ec5544043ff72632a3eecc
24a3a7eecb18969e16bf594a679daa7b4a861d1de2722e6b9d69c779dc87bf67

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b96c25d-8376-4904-bba2-502beb880242.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7955
x-amzn-requestid: 17c19d33-1d7a-4e56-b02c-c2a329088a01
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z6Tu9GWKoAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6347332c-345daca622ed275709163780;Sampled=0
x-amzn-remapped-date: Wed, 12 Oct 2022 21:35:40 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: stVsG5KvEl9D_Ea2ojgLgORCY_uX0t-I0fpu6ZcrIoKlf8cw49fxiA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Wed, 12 Oct 2022 21:43:09 GMT
age: 3479
etag: "23734a158f7461d0b4ec5544043ff72632a3eecc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F681a8280-1225-4c27-9695-8867ab4aa72e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7495 bytes)
Hash
bff9293d8c254aad5dda17678c810234
599fdf812651d53aabac49189064cd078beaad5f
25268aa86bbcf7490a39f2213cc7e76798e098f838be66ba0275c85d0271d9c2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F681a8280-1225-4c27-9695-8867ab4aa72e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7495
x-amzn-requestid: 004c6b82-4813-46f7-a19c-a083099902ec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z6UnaFZ3oAMFvcw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63473495-06fdc2af0c9c45a94820baaa;Sampled=0
x-amzn-remapped-date: Wed, 12 Oct 2022 21:41:41 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: zaEoDpilPuMcbNEVC_ql0pRGtDi8DXKrrWX9Y-g2RjKgHzqVArrkHw==
via: 1.1 4d8620b80ebe37d366388e117039aa8e.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Wed, 12 Oct 2022 21:43:16 GMT
age: 3472
etag: "599fdf812651d53aabac49189064cd078beaad5f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd38e46c-1252-4a62-b18c-fa49d9d76841.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.0 kB (5994 bytes)
Hash
7411df7da53e98c4988663b3338ac449
cd5518eff668619efbf3b821306d651fcb30a712
b87d92eef134e1378d51aac8503545949596c982b53fbda75ccbec71dbff6d7b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd38e46c-1252-4a62-b18c-fa49d9d76841.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5994
x-amzn-requestid: c4d202a5-0dcc-4ece-9200-4f1865d619c5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZhRaIHWfoAMFgGw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633d2f73-07f65d1f633273a6422c4e5c;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 07:17:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jc6QSHFxsZBjkJx66v2m6XvBaImSG43hXrLd-VW7mK-e3R8v1V94ng==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 12 Oct 2022 21:59:14 GMT
age: 2514
etag: "cd5518eff668619efbf3b821306d651fcb30a712"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90eb802a-6bfb-448e-ad5a-1edefe134794.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.1 kB (4059 bytes)
Hash
8d7ed8c0cae86888330444915d9fa933
5586a15e1a1105b2b84ad7a405dce2f4675aab4d
04eaeac6982da90b0f35369bd5292d3a97c0c15bf099b4d4e4918b16124b0dff

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90eb802a-6bfb-448e-ad5a-1edefe134794.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4059
x-amzn-requestid: c0e81bd1-c633-480c-bda0-7890cbff9afa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zn3NIGvpoAMFS2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633fd253-1007b99b703f0b0c31278953;Sampled=0
x-amzn-remapped-date: Fri, 07 Oct 2022 07:16:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Aw2QWKqNNPK-7WGqfrRb7hHlEqPAxx5zphJmMlrieUc9MMcVUYViBQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 12 Oct 2022 21:52:11 GMT
age: 2937
etag: "5586a15e1a1105b2b84ad7a405dce2f4675aab4d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.dynadot.com/tr/bootstrap.min.css

104.18.29.19

200 OK

19 kB

URL HTTP/2
www.dynadot.com/tr/bootstrap.min.css
IP
104.18.29.19:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65371)
Size
19 kB (19364 bytes)
Hash
6c650d25fb12944d8603488c84928e5e
d589d1ee8690bdcc9341966ebd0c5e2fbd59a339
cd74b55a6372344e4a314139b91e59b7cfd4626dee30ac12ee14c393d2ae2361

HTTP Headers

GET /tr/bootstrap.min.css HTTP/1.1
Host: www.dynadot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dynadot.com/forsale/uploadvirus.com?drefid=2071
Cookie: cf_chl_2=17430083a221210; cf_chl_prog=x14; cf_clearance=yBLswzZZgo.rxNShCL14wsNQKKsbIYpkqznJV5KkGV4-1665614467-0-150; session_id=1523089756; new_ref=2071-1665614468289; welcome_page=6J6A8B8Y7q7T7AD7oX8URPD8q6j8m5N6P8m7r6S8w7o7c63618Jg8d7f7g6a6p6y8u7NH8Q
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 22:41:08 GMT
content-type: text/css
content-length: 19364
content-encoding: gzip
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000
cache-control: max-age=1209599
expires: Wed, 26 Oct 2022 6:40:59 GMT
etag: 1665556831769
cf-cache-status: HIT
age: 57601
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7593575d0d1f1c16-OSL
X-Firefox-Spdy: h2

www.dynadot.com/tr/1665556831762main.css

104.18.29.19

200 OK

1.5 kB

URL HTTP/2
www.dynadot.com/tr/1665556831762main.css
IP
104.18.29.19:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
1.5 kB (1494 bytes)
Hash
281acf842e0903af7b015313bcbcdb1b
07e13f2d618454bbcd1f58521cf8a93dab6ef805
688381f4496b4b1d6910295a4a03023cce45f99ae5696bb088bd2a1a032b4fff

HTTP Headers

GET /tr/1665556831762main.css HTTP/1.1
Host: www.dynadot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dynadot.com/forsale/uploadvirus.com?drefid=2071
Cookie: cf_chl_2=17430083a221210; cf_chl_prog=x14; cf_clearance=yBLswzZZgo.rxNShCL14wsNQKKsbIYpkqznJV5KkGV4-1665614467-0-150; session_id=1523089756; new_ref=2071-1665614468289; welcome_page=6J6A8B8Y7q7T7AD7oX8URPD8q6j8m5N6P8m7r6S8w7o7c63618Jg8d7f7g6a6p6y8u7NH8Q
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 22:41:08 GMT
content-type: text/css
content-length: 1494
content-encoding: gzip
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000
cache-control: max-age=1209599
expires: Wed, 26 Oct 2022 6:40:59 GMT
etag: 1665556831762
cf-cache-status: HIT
age: 55470
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7593575d0d211c16-OSL
X-Firefox-Spdy: h2

www.dynadot.com/tr/1665556831763responsive.css

104.18.29.19

200 OK

996 B

URL HTTP/2
www.dynadot.com/tr/1665556831763responsive.css
IP
104.18.29.19:0
ASN
#13335 CLOUDFLARENET

File type
assembler source, ASCII text
Size
996 B (996 bytes)
Hash
379850517f1fec4f2c8773351a3f015c
2fc117ef2fa5d760158086b8102f9f1dcbcd6b75
ad840d27bda3d906257d10d65ea6903d224dafa41d4d7bd9f60d3069cb3467b5

HTTP Headers

GET /tr/1665556831763responsive.css HTTP/1.1
Host: www.dynadot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dynadot.com/forsale/uploadvirus.com?drefid=2071
Cookie: cf_chl_2=17430083a221210; cf_chl_prog=x14; cf_clearance=yBLswzZZgo.rxNShCL14wsNQKKsbIYpkqznJV5KkGV4-1665614467-0-150; session_id=1523089756; new_ref=2071-1665614468289; welcome_page=6J6A8B8Y7q7T7AD7oX8URPD8q6j8m5N6P8m7r6S8w7o7c63618Jg8d7f7g6a6p6y8u7NH8Q
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 22:41:08 GMT
content-type: text/css
content-length: 996
content-encoding: gzip
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000
cache-control: max-age=1209599
expires: Wed, 26 Oct 2022 6:40:59 GMT
etag: 1665556831763
cf-cache-status: HIT
age: 55470
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7593575d0d271c16-OSL
X-Firefox-Spdy: h2

www.dynadot.com/fontawesome6/css/all.min.css

104.18.29.19

200 OK

83 kB

URL HTTP/2
www.dynadot.com/fontawesome6/css/all.min.css
IP
104.18.29.19:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65360)
Size
83 kB (83001 bytes)
Hash
07edf92895ae5461d512465919fac404
7b2de1cbcdf31921bf9ed8ff1d66a0e461b3818f
0a58a9e4d074c95c0aaa50507754f395152827d3d50ed30503db8bdb7fe8ee62

HTTP Headers

GET /fontawesome6/css/all.min.css HTTP/1.1
Host: www.dynadot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dynadot.com/forsale/uploadvirus.com?drefid=2071
Cookie: cf_chl_2=17430083a221210; cf_chl_prog=x14; cf_clearance=yBLswzZZgo.rxNShCL14wsNQKKsbIYpkqznJV5KkGV4-1665614467-0-150; session_id=1523089756; new_ref=2071-1665614468289; welcome_page=6J6A8B8Y7q7T7AD7oX8URPD8q6j8m5N6P8m7r6S8w7o7c63618Jg8d7f7g6a6p6y8u7NH8Q
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 22:41:08 GMT
content-type: text/css
content-length: 83001
content-encoding: gzip
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000
cache-control: max-age=1209599
expires: Wed, 26 Oct 2022 6:40:59 GMT
etag: 1665556825883
cf-cache-status: HIT
age: 8903
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7593575d1d291c16-OSL
X-Firefox-Spdy: h2

www.dynadot.com/forsale/uploadvirus.com?drefid=2071

104.18.29.19

200 OK

7.1 kB

URL HTTP/2
www.dynadot.com/forsale/uploadvirus.com?drefid=2071
IP
104.18.29.19:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (25889)
Size
7.1 kB (7100 bytes)
Hash
296f008d7f85402187683f08fb020e2b
32acb153fb99ed0b5464dcadc9bed9457b94b312
c529f2a819fea78cff5bf17148a6ac1f12c49cfa2ce668eb61a05b5d47f6e127

HTTP Headers

POST /forsale/uploadvirus.com?drefid=2071 HTTP/1.1
Host: www.dynadot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 3016
Origin: https://www.dynadot.com
Connection: keep-alive
Referer: https://www.dynadot.com/forsale/uploadvirus.com?drefid=2071&__cf_chl_tk=l2ZYK6bCpW3L8MBt4kIJRa3w9PKWTtzlMyGIiKS0NM4-1665614465-0-gaNycGzNCBE
Cookie: cf_chl_2=17430083a221210; cf_chl_prog=x14
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 22:41:08 GMT
content-type: text/html; charset=utf-8
set-cookie: cf_chl_2=; path=/; expires=Thu, Jan 01 1970 00:00:00 UTC; domain=.dynadot.com; Secure
cf_chl_prog=; path=/; expires=Thu, Jan 01 1970 00:00:00 UTC; domain=.dynadot.com; Secure
cf_clearance=yBLswzZZgo.rxNShCL14wsNQKKsbIYpkqznJV5KkGV4-1665614467-0-150; path=/; expires=Thu, 12-Oct-23 23:41:07 GMT; domain=.dynadot.com; HttpOnly; Secure; SameSite=None
session_id=1523089756;Path=/;Expires=Wed, 12 Oct 2022 23:11:08 GMT;Secure;HttpOnly
new_ref=2071-1665614468289;Path=/;Expires=Mon, 11 Oct 2027 22:41:08 GMT;Secure;HttpOnly
welcome_page=6J6A8B8Y7q7T7AD7oX8URPD8q6j8m5N6P8m7r6S8w7o7c63618Jg8d7f7g6a6p6y8u7NH8Q;Path=/;Expires=Wed, 07 Dec 2022 22:41:08 GMT;Secure;HttpOnly
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000
cache-control: private, no-cache, no-store, max-age=0
expires: Mon, 01 Jan 1990 0:00:00 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 75935755c8491c16-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.dynadot.com/tr/1665556831769cropper.css

104.18.29.19

200 OK

1.5 kB

URL HTTP/2
www.dynadot.com/tr/1665556831769cropper.css
IP
104.18.29.19:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
1.5 kB (1467 bytes)
Hash
2e0b47108a7bf2c95f22c14c4abf88ab
4020241782f9d973d0fd1ce008baf67d8e103344
7f4ba3f95e629a1b35928aa22737b3b02baae94e225f57c3e95871209e00b1cb

HTTP Headers

GET /tr/1665556831769cropper.css HTTP/1.1
Host: www.dynadot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dynadot.com/forsale/uploadvirus.com?drefid=2071
Cookie: cf_chl_2=17430083a221210; cf_chl_prog=x14; cf_clearance=yBLswzZZgo.rxNShCL14wsNQKKsbIYpkqznJV5KkGV4-1665614467-0-150; session_id=1523089756; new_ref=2071-1665614468289; welcome_page=6J6A8B8Y7q7T7AD7oX8URPD8q6j8m5N6P8m7r6S8w7o7c63618Jg8d7f7g6a6p6y8u7NH8Q
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 22:41:08 GMT
content-type: text/css
content-length: 1467
content-encoding: gzip
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000
cache-control: max-age=1209589
expires: Wed, 26 Oct 2022 6:40:58 GMT
etag: 1665556831769
cf-cache-status: HIT
age: 57600
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7593575d1d301c16-OSL
X-Firefox-Spdy: h2

www.dynadot.com/tr/bootstrap.min.js

104.18.29.19

200 OK

9.5 kB

URL HTTP/2
www.dynadot.com/tr/bootstrap.min.js
IP
104.18.29.19:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (32025)
Size
9.5 kB (9538 bytes)
Hash
e3c8458f792a363c3efdea9db280aabb
5211cbc23a3686bd9d202502f2ea1b0813a4953a
7e13b5a52e07a32e4f991682ac9ca8738e9c29e878d8f60aad0cfb5379e6cee7

HTTP Headers

GET /tr/bootstrap.min.js HTTP/1.1
Host: www.dynadot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dynadot.com/forsale/uploadvirus.com?drefid=2071
Cookie: cf_chl_2=17430083a221210; cf_chl_prog=x14; cf_clearance=yBLswzZZgo.rxNShCL14wsNQKKsbIYpkqznJV5KkGV4-1665614467-0-150; session_id=1523089756; new_ref=2071-1665614468289; welcome_page=6J6A8B8Y7q7T7AD7oX8URPD8q6j8m5N6P8m7r6S8w7o7c63618Jg8d7f7g6a6p6y8u7NH8Q
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 22:41:08 GMT
content-type: application/x-javascript
content-length: 9538
content-encoding: gzip
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000
cache-control: max-age=1209598
expires: Wed, 26 Oct 2022 6:40:58 GMT
etag: 1665556831731
cf-cache-status: HIT
age: 57599
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7593575d1d321c16-OSL
X-Firefox-Spdy: h2

www.dynadot.com/tr/jquery.min.js

104.18.29.19

200 OK

33 kB

URL HTTP/2
www.dynadot.com/tr/jquery.min.js
IP
104.18.29.19:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (32047)
Size
33 kB (33318 bytes)
Hash
3fe8235897b96dd42d36ee5f9ea2882b
1f74c5f4da7440e09e0d1fd9970c77b8d1afecdd
afc71408b0c0b10e70101a7e40766d7b125ef17ded4fd79524fc1d0fe05b0002

HTTP Headers

GET /tr/jquery.min.js HTTP/1.1
Host: www.dynadot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dynadot.com/forsale/uploadvirus.com?drefid=2071
Cookie: cf_chl_2=17430083a221210; cf_chl_prog=x14; cf_clearance=yBLswzZZgo.rxNShCL14wsNQKKsbIYpkqznJV5KkGV4-1665614467-0-150; session_id=1523089756; new_ref=2071-1665614468289; welcome_page=6J6A8B8Y7q7T7AD7oX8URPD8q6j8m5N6P8m7r6S8w7o7c63618Jg8d7f7g6a6p6y8u7NH8Q
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 22:41:08 GMT
content-type: application/x-javascript
content-length: 33318
content-encoding: gzip
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000
cache-control: max-age=1209598
expires: Wed, 26 Oct 2022 6:40:58 GMT
etag: 1665556831728
cf-cache-status: HIT
age: 57599
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7593575d1d311c16-OSL
X-Firefox-Spdy: h2

www.dynadot.com/sr/1665556823835popup.css

104.18.29.19

200 OK

247 B

URL HTTP/2
www.dynadot.com/sr/1665556823835popup.css
IP
104.18.29.19:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
247 B (247 bytes)
Hash
640ffb779bf81a7906a310aa8ee6827a
d339f5c61a9e5f1c04b2664b98a20d4535a86220
31ff8981eaaa7338c1a3da12b471bb0f5844c652a88567585b0bdfb9cce4a966

HTTP Headers

GET /sr/1665556823835popup.css HTTP/1.1
Host: www.dynadot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dynadot.com/forsale/uploadvirus.com?drefid=2071
Cookie: cf_chl_2=17430083a221210; cf_chl_prog=x14; cf_clearance=yBLswzZZgo.rxNShCL14wsNQKKsbIYpkqznJV5KkGV4-1665614467-0-150; session_id=1523089756; new_ref=2071-1665614468289; welcome_page=6J6A8B8Y7q7T7AD7oX8URPD8q6j8m5N6P8m7r6S8w7o7c63618Jg8d7f7g6a6p6y8u7NH8Q
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 22:41:08 GMT
content-type: text/css
content-length: 247
content-encoding: gzip
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000
cache-control: max-age=1209454
expires: Wed, 26 Oct 2022 6:41:05 GMT
etag: 1665556823835
cf-cache-status: HIT
age: 53114
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7593575d2d3b1c16-OSL
X-Firefox-Spdy: h2

www.dynadot.com/tr/lazysizes.min.js

104.18.29.19

200 OK

3.5 kB

URL HTTP/2
www.dynadot.com/tr/lazysizes.min.js
IP
104.18.29.19:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (7862)
Size
3.5 kB (3494 bytes)
Hash
85e998e98b79e1caa4fd12f79c7750ab
21b5559406acba84867b6bec05606469a5e6a9ea
0ac64f32729e19571811f1baa8745389bacaef3accdfe45e6e003e31e7bd4618

HTTP Headers

GET /tr/lazysizes.min.js HTTP/1.1
Host: www.dynadot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dynadot.com/forsale/uploadvirus.com?drefid=2071
Cookie: cf_chl_2=17430083a221210; cf_chl_prog=x14; cf_clearance=yBLswzZZgo.rxNShCL14wsNQKKsbIYpkqznJV5KkGV4-1665614467-0-150; session_id=1523089756; new_ref=2071-1665614468289; welcome_page=6J6A8B8Y7q7T7AD7oX8URPD8q6j8m5N6P8m7r6S8w7o7c63618Jg8d7f7g6a6p6y8u7NH8Q
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 22:41:08 GMT
content-type: application/x-javascript
content-length: 3494
content-encoding: gzip
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000
cache-control: max-age=1209598
expires: Wed, 26 Oct 2022 6:40:58 GMT
etag: 1665556831736
cf-cache-status: HIT
age: 57594
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7593575d2d3a1c16-OSL
X-Firefox-Spdy: h2

www.dynadot.com/1665556828779forsale-buyitnow.css

104.18.29.19

200 OK

941 B

URL HTTP/2
www.dynadot.com/1665556828779forsale-buyitnow.css
IP
104.18.29.19:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
941 B (941 bytes)
Hash
e6a857b5da4b59f2a2fd0b0c999d29b7
fca6139a8d3812fcd29492b837e7021c83b19a01
b0b7d3a802f9b483fb86ef14a560acb573a6a655af4baf9364dea284d7d510e0

HTTP Headers

GET /1665556828779forsale-buyitnow.css HTTP/1.1
Host: www.dynadot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dynadot.com/forsale/uploadvirus.com?drefid=2071
Cookie: cf_chl_2=17430083a221210; cf_chl_prog=x14; cf_clearance=yBLswzZZgo.rxNShCL14wsNQKKsbIYpkqznJV5KkGV4-1665614467-0-150; session_id=1523089756; new_ref=2071-1665614468289; welcome_page=6J6A8B8Y7q7T7AD7oX8URPD8q6j8m5N6P8m7r6S8w7o7c63618Jg8d7f7g6a6p6y8u7NH8Q
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 22:41:08 GMT
content-type: text/css
content-length: 941
content-encoding: gzip
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000
cache-control: max-age=1209454
expires: Wed, 26 Oct 2022 6:41:04 GMT
etag: 1665556828779
cf-cache-status: HIT
age: 52854
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7593575d4d491c16-OSL
X-Firefox-Spdy: h2

www.dynadot.com/1665556828780forsale-buynow-landing-page.js

104.18.29.19

200 OK

527 B

URL HTTP/2
www.dynadot.com/1665556828780forsale-buynow-landing-page.js
IP
104.18.29.19:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
527 B (527 bytes)
Hash
530193bf1f629bfaffb6e63db9ae981b
804508fe2f5ca0ddc6af0aec26fdfc4c458211c0
327f3bc6718eac9fa1174aad6524ff770a35a88cb6258f430ad7e4401843f7c9

HTTP Headers

GET /1665556828780forsale-buynow-landing-page.js HTTP/1.1
Host: www.dynadot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dynadot.com/forsale/uploadvirus.com?drefid=2071
Cookie: cf_chl_2=17430083a221210; cf_chl_prog=x14; cf_clearance=yBLswzZZgo.rxNShCL14wsNQKKsbIYpkqznJV5KkGV4-1665614467-0-150; session_id=1523089756; new_ref=2071-1665614468289; welcome_page=6J6A8B8Y7q7T7AD7oX8URPD8q6j8m5N6P8m7r6S8w7o7c63618Jg8d7f7g6a6p6y8u7NH8Q
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 22:41:08 GMT
content-type: application/x-javascript
content-length: 527
content-encoding: gzip
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000
cache-control: max-age=1209455
expires: Wed, 26 Oct 2022 6:41:05 GMT
etag: 1665556828780
cf-cache-status: HIT
age: 52854
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7593575d4d4a1c16-OSL
X-Firefox-Spdy: h2

www.dynadot.com/hp_script.js

104.18.29.19

200 OK

1.7 kB

URL HTTP/2
www.dynadot.com/hp_script.js
IP
104.18.29.19:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (4289), with no line terminators
Size
1.7 kB (1689 bytes)
Hash
e34449c658b03e8a3c79fd9e1f3c2ceb
2f391d7b60e8ea82736a89540f8644925567c753
b34342bfc8819e0b1097172a192277d88f157543bfac447dd0bfefc76ae22b34

HTTP Headers

GET /hp_script.js HTTP/1.1
Host: www.dynadot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dynadot.com/forsale/uploadvirus.com?drefid=2071
Cookie: cf_chl_2=17430083a221210; cf_chl_prog=x14; cf_clearance=yBLswzZZgo.rxNShCL14wsNQKKsbIYpkqznJV5KkGV4-1665614467-0-150; session_id=1523089756; new_ref=2071-1665614468289; welcome_page=6J6A8B8Y7q7T7AD7oX8URPD8q6j8m5N6P8m7r6S8w7o7c63618Jg8d7f7g6a6p6y8u7NH8Q
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 22:41:08 GMT
content-type: application/x-javascript
content-length: 1689
content-encoding: gzip
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000
cache-control: max-age=1209598
expires: Wed, 26 Oct 2022 6:40:58 GMT
etag: 1665556858117
cf-cache-status: HIT
age: 57597
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7593575d4d4b1c16-OSL
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
befa75dbbe9d5dfa501f9c1f03b7cdfa
73814c47bdcd6bebffc963b71d0a20fb361fad50
76b8f843416709a64e030343fbea3e04b9ee9faf2872ddba29f7c8ea28041e28

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 22:41:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=G-S0L3BZSLYB

142.250.74.168

200 OK

76 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=G-S0L3BZSLYB
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (21373)
Size
76 kB (75503 bytes)
Hash
d4b36525bc6e3b1f82efb3e168e21437
3a88e3dba3e37f5eb131f33e3194552d0adb732f
8e59c6a16e2fe0e047b4f49ffd4db8ca9f83261b0410ca200ffe1951b4ebaa44

HTTP Headers

GET /gtag/js?id=G-S0L3BZSLYB HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dynadot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 12 Oct 2022 22:41:08 GMT
expires: Wed, 12 Oct 2022 22:41:08 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75503
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
befa75dbbe9d5dfa501f9c1f03b7cdfa
73814c47bdcd6bebffc963b71d0a20fb361fad50
76b8f843416709a64e030343fbea3e04b9ee9faf2872ddba29f7c8ea28041e28

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 22:41:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

use.typekit.net/eyi5ire.css

23.36.76.122

200 OK

892 B

URL HTTP/2
use.typekit.net/eyi5ire.css
IP
23.36.76.122:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 text, with very long lines (516)
Size
892 B (892 bytes)
Hash
767d0efc6eab4569b031258a8c470899
3bb592714c1b412af66c20aa71ed4146a837a55a
7e824afd30d06ddb4e0e2bf67c64a73fde6403e66a53d1793687e7c2bae15768

HTTP Headers

GET /eyi5ire.css HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dynadot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-type: text/css;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 892
date: Wed, 12 Oct 2022 22:41:08 GMT
X-Firefox-Spdy: h2

p.typekit.net/p.css?s=1&k=eyi5ire&ht=tk&f=139.140.173.174.175.176.25136.25137&a=699613&app=typekit&e=css

23.36.76.122

200 OK

5 B

URL HTTP/2
p.typekit.net/p.css?s=1&k=eyi5ire&ht=tk&f=139.140.173.174.175.176.25136.25137&a=699613&app=typekit&e=css
IP
23.36.76.122:0
ASN
#20940 Akamai International B.V.

File type
ASCII text
Size
5 B (5 bytes)
Hash
83d24d4b43cc7eef2b61e66c95f3d158
f0cafc285ee23bb6c28c5166f305493c4331c84d
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

HTTP Headers

GET /p.css?s=1&k=eyi5ire&ht=tk&f=139.140.173.174.175.176.25136.25137&a=699613&app=typekit&e=css HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: text/css
cross-origin-resource-policy: cross-origin
etag: "613bee4d-5"
last-modified: Fri, 10 Sep 2021 23:46:21 GMT
server: nginx
content-length: 5
unused62: 8096267
date: Wed, 12 Oct 2022 22:41:08 GMT
X-Firefox-Spdy: h2

www.dynadot.com/for-sale-background.jpg

104.18.29.19

200 OK

50 kB

URL HTTP/2
www.dynadot.com/for-sale-background.jpg
IP
104.18.29.19:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1440x1065, components 3\012- data
Size
50 kB (50022 bytes)
Hash
e5d448729254b2c3e6004c1a032294b3
eff428b054a75ff48de0e1d1540af4d048f13424
d227846f6b1dd0166bed6dbef4f86625f0ca4e28956f3de3c61790e5e6805b21

HTTP Headers

GET /for-sale-background.jpg HTTP/1.1
Host: www.dynadot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dynadot.com/forsale/uploadvirus.com?drefid=2071
Cookie: cf_chl_2=17430083a221210; cf_chl_prog=x14; cf_clearance=yBLswzZZgo.rxNShCL14wsNQKKsbIYpkqznJV5KkGV4-1665614467-0-150; session_id=1523089756; new_ref=2071-1665614468289; welcome_page=6J6A8B8Y7q7T7AD7oX8URPD8q6j8m5N6P8m7r6S8w7o7c63618Jg8d7f7g6a6p6y8u7NH8Q
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 22:41:08 GMT
content-type: image/jpeg
content-length: 50022
cache-control: max-age=1209168
cf-bgj: h2pri
etag: 1665556828778
expires: Wed, 26 Oct 2022 6:41:07 GMT
strict-transport-security: max-age=2592000
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 53113
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7593575efe361c16-OSL
X-Firefox-Spdy: h2

www.dynadot.com/fontawesome6/webfonts/fa-brands-400.woff2

104.18.29.19

200 OK

106 kB

URL HTTP/2
www.dynadot.com/fontawesome6/webfonts/fa-brands-400.woff2
IP
104.18.29.19:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 105768, version 769.768\012- data
Size
106 kB (105768 bytes)
Hash
ea24446014ea86d85129883a9511629f
90fe0513c6a0ff1d8f564ec782fa54b559e7d3f8
3701cbff3acccd80b1f2eede4311050514f7a64c2039eb77a77368fcd6e3de28

HTTP Headers

GET /fontawesome6/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: www.dynadot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.dynadot.com/fontawesome6/css/all.min.css
Cookie: cf_chl_2=17430083a221210; cf_chl_prog=x14; cf_clearance=yBLswzZZgo.rxNShCL14wsNQKKsbIYpkqznJV5KkGV4-1665614467-0-150; session_id=1523089756; new_ref=2071-1665614468289; welcome_page=6J6A8B8Y7q7T7AD7oX8URPD8q6j8m5N6P8m7r6S8w7o7c63618Jg8d7f7g6a6p6y8u7NH8Q
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 22:41:08 GMT
content-type: application/octet-stream
content-length: 105768
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000
cache-control: max-age=1209163
expires: Wed, 26 Oct 2022 6:41:02 GMT
etag: 1665556825606
cf-cache-status: HIT
age: 55237
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7593575f1e491c16-OSL
X-Firefox-Spdy: h2

www.dynadot.com/logo-dark-blue273x90.png

104.18.29.19

200 OK

4.9 kB

URL HTTP/2
www.dynadot.com/logo-dark-blue273x90.png
IP
104.18.29.19:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 273 x 90, 8-bit/color RGBA, non-interlaced\012- data
Size
4.9 kB (4916 bytes)
Hash
8820a24754e94b3e3a2a117635b87416
12ea0b727c8009ffcc78521444adf030e4754f6a
ed91e81f8ec57f6f2e5dce4d58e11d6b8df058ac7b2ae0ed78f81ae99e257822

HTTP Headers

GET /logo-dark-blue273x90.png HTTP/1.1
Host: www.dynadot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dynadot.com/forsale/uploadvirus.com?drefid=2071
Cookie: cf_chl_2=17430083a221210; cf_chl_prog=x14; cf_clearance=yBLswzZZgo.rxNShCL14wsNQKKsbIYpkqznJV5KkGV4-1665614467-0-150; session_id=1523089756; new_ref=2071-1665614468289; welcome_page=6J6A8B8Y7q7T7AD7oX8URPD8q6j8m5N6P8m7r6S8w7o7c63618Jg8d7f7g6a6p6y8u7NH8Q
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 22:41:09 GMT
content-type: image/png
content-length: 4916
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000
cache-control: max-age=1209441
expires: Wed, 26 Oct 2022 6:41:07 GMT
etag: 1665556828778
cf-cache-status: HIT
age: 53114
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7593575fcea51c16-OSL
X-Firefox-Spdy: h2

www.dynadot.com/for-sale-phone.png

104.18.29.19

200 OK

842 B

URL HTTP/2
www.dynadot.com/for-sale-phone.png
IP
104.18.29.19:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 23 x 23, 8-bit/color RGBA, non-interlaced\012- data
Size
842 B (842 bytes)
Hash
1b66d1be100d7036f15a36751cf360fe
7409c644380191e0ebdf16ac20be1745cdc19965
ada12557bc7ad69be093b1ad741f6dbd6d3007f9d6814eb8f5b54a29b115fc8a

HTTP Headers

GET /for-sale-phone.png HTTP/1.1
Host: www.dynadot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dynadot.com/forsale/uploadvirus.com?drefid=2071
Cookie: cf_chl_2=17430083a221210; cf_chl_prog=x14; cf_clearance=yBLswzZZgo.rxNShCL14wsNQKKsbIYpkqznJV5KkGV4-1665614467-0-150; session_id=1523089756; new_ref=2071-1665614468289; welcome_page=6J6A8B8Y7q7T7AD7oX8URPD8q6j8m5N6P8m7r6S8w7o7c63618Jg8d7f7g6a6p6y8u7NH8Q
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 22:41:09 GMT
content-type: image/png
content-length: 842
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000
cache-control: max-age=1209439
expires: Wed, 26 Oct 2022 6:41:07 GMT
etag: 1665556828776
cf-cache-status: HIT
age: 53114
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7593575fceaa1c16-OSL
X-Firefox-Spdy: h2

www.dynadot.com/alipay.png

104.18.29.19

200 OK

8.1 kB

URL HTTP/2
www.dynadot.com/alipay.png
IP
104.18.29.19:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 306 x 306, 8-bit/color RGBA, non-interlaced\012- data
Size
8.1 kB (8117 bytes)
Hash
acb5474212e1ad5d27a2f0d8c571c684
9c258342fa720dcb08287f9eef492cfd907a2a22
aabc8440836955a53bda81631f589ea72aebd930081e2cc818fbde76f1285a42

HTTP Headers

GET /alipay.png HTTP/1.1
Host: www.dynadot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dynadot.com/forsale/uploadvirus.com?drefid=2071
Cookie: cf_chl_2=17430083a221210; cf_chl_prog=x14; cf_clearance=yBLswzZZgo.rxNShCL14wsNQKKsbIYpkqznJV5KkGV4-1665614467-0-150; session_id=1523089756; new_ref=2071-1665614468289; welcome_page=6J6A8B8Y7q7T7AD7oX8URPD8q6j8m5N6P8m7r6S8w7o7c63618Jg8d7f7g6a6p6y8u7NH8Q
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 22:41:09 GMT
content-type: image/png
content-length: 8117
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000
cache-control: max-age=1209439
expires: Wed, 26 Oct 2022 6:41:07 GMT
etag: 1665556828779
cf-cache-status: HIT
age: 53114
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7593575fcea71c16-OSL
X-Firefox-Spdy: h2

www.dynadot.com/for-sale-tag.png

104.18.29.19

200 OK

425 B

URL HTTP/2
www.dynadot.com/for-sale-tag.png
IP
104.18.29.19:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 25 x 25, 8-bit/color RGBA, non-interlaced\012- data
Size
425 B (425 bytes)
Hash
c0b3dc6ef896c486166a4dd442dc5d2a
a8792f88d4036ad8c034c69d345f5bd86a556fff
7ea36112383b54b5b9c65b830221a99498d3fb81bbe4e6b155dbe304648135b7

HTTP Headers

GET /for-sale-tag.png HTTP/1.1
Host: www.dynadot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dynadot.com/forsale/uploadvirus.com?drefid=2071
Cookie: cf_chl_2=17430083a221210; cf_chl_prog=x14; cf_clearance=yBLswzZZgo.rxNShCL14wsNQKKsbIYpkqznJV5KkGV4-1665614467-0-150; session_id=1523089756; new_ref=2071-1665614468289; welcome_page=6J6A8B8Y7q7T7AD7oX8URPD8q6j8m5N6P8m7r6S8w7o7c63618Jg8d7f7g6a6p6y8u7NH8Q
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 22:41:09 GMT
content-type: image/png
content-length: 425
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000
cache-control: max-age=1209439
expires: Wed, 26 Oct 2022 6:41:06 GMT
etag: 1665556828776
cf-cache-status: HIT
age: 53114
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7593575fcea81c16-OSL
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
df2ada3024ecfb341d7265c0cd9ce1b5
1bd4062cb0bee7cf829f6b303ef696c90fcaf322
a2d60f3925390530ce315037f4cdea6068d48249b86ed69d331e5e2735581823

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A2D60F3925390530CE315037F4CDEA6068D48249B86ED69D331E5E2735581823"
Last-Modified: Tue, 11 Oct 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4716
Expires: Wed, 12 Oct 2022 23:59:45 GMT
Date: Wed, 12 Oct 2022 22:41:09 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5d0a0ed90364e0eea045f6e6cbc6521d
f76cac3b64a0310a0f5dc859cd2310802c024426
26caffaa8fc4b28a0fbe229d64d4f14c621178610521c58881b5cc5b39102382

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 22:41:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-S0L3BZSLYB&cid=375901422.1665614469&gtm=2oeaa0&aip=1&z=195246902

142.250.74.3

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-S0L3BZSLYB&cid=375901422.1665614469&gtm=2oeaa0&aip=1&z=195246902
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-S0L3BZSLYB&cid=375901422.1665614469&gtm=2oeaa0&aip=1&z=195246902 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dynadot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 22:41:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5d0a0ed90364e0eea045f6e6cbc6521d
f76cac3b64a0310a0f5dc859cd2310802c024426
26caffaa8fc4b28a0fbe229d64d4f14c621178610521c58881b5cc5b39102382

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 22:41:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9475ff0b134fe05b17663875904734c3
0bbb7fbbbf2ae84146de60639ca456e887bc131e
9cd38dc644901404f14b39ea1ffdf2a70dfc3496f841f1975db7c1a9491a9ff3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9CD38DC644901404F14B39EA1FFDF2A70DFC3496F841F1975DB7C1A9491A9FF3"
Last-Modified: Mon, 10 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12145
Expires: Thu, 13 Oct 2022 02:03:34 GMT
Date: Wed, 12 Oct 2022 22:41:09 GMT
Connection: keep-alive

stats.dynadot.com/matomo.js

68.68.98.112

200 OK

64 kB

URL HTTP/2
stats.dynadot.com/matomo.js
IP
68.68.98.112:0
ASN
#18779 EGIHOSTING

File type
ASCII text, with very long lines (1601)
Size
64 kB (63675 bytes)
Hash
68e32650fea29cf0fbbfa1df6c13f6f9
143d3250f699f4f9ab3d1890cd791ff0f5d649d9
0ce713b6cef25179719f242dcfa4ed9e985f1443257722299df2768deeb5ab6e

HTTP Headers

GET /matomo.js HTTP/1.1
Host: stats.dynadot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dynadot.com/
Cookie: cf_clearance=yBLswzZZgo.rxNShCL14wsNQKKsbIYpkqznJV5KkGV4-1665614467-0-150
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
server: nginx/1.20.1
date: Wed, 12 Oct 2022 22:41:09 GMT
content-type: application/javascript
content-length: 63675
last-modified: Thu, 04 Nov 2021 03:01:34 GMT
etag: "61834d0e-f8bb"
expires: Wed, 12 Oct 2022 23:41:09 GMT
pragma: public
cache-control: max-age=3600, public
accept-ranges: bytes
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-S0L3BZSLYB&gtm=2oeaa0&_p=714262070&_gaz=1&cid=375901422.1665614469&ul=en-us&sr=1280x1024&_s=1&sid=1665614469&sct=1&seg=0&dl=https%3A%2F%2Fwww.dynadot.com%2Fforsale%2Fuploadvirus.com%3Fdrefid%3D2071&dr=https%3A%2F%2Fwww.dynadot.com%2Fforsale%2Fuploadvirus.com%3Fdrefid%3D2071%26__cf_chl_tk%3Dl2ZYK6bCpW3L8MBt4kIJRa3w9PKWTtzlMyGIiKS0NM4-1665614465-0-gaNycGzNCBE&dt=For%20Sale%20Domain%3A%20uploadvirus.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-S0L3BZSLYB&gtm=2oeaa0&_p=714262070&_gaz=1&cid=375901422.1665614469&ul=en-us&sr=1280x1024&_s=1&sid=1665614469&sct=1&seg=0&dl=https%3A%2F%2Fwww.dynadot.com%2Fforsale%2Fuploadvirus.com%3Fdrefid%3D2071&dr=https%3A%2F%2Fwww.dynadot.com%2Fforsale%2Fuploadvirus.com%3Fdrefid%3D2071%26__cf_chl_tk%3Dl2ZYK6bCpW3L8MBt4kIJRa3w9PKWTtzlMyGIiKS0NM4-1665614465-0-gaNycGzNCBE&dt=For%20Sale%20Domain%3A%20uploadvirus.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-S0L3BZSLYB&gtm=2oeaa0&_p=714262070&_gaz=1&cid=375901422.1665614469&ul=en-us&sr=1280x1024&_s=1&sid=1665614469&sct=1&seg=0&dl=https%3A%2F%2Fwww.dynadot.com%2Fforsale%2Fuploadvirus.com%3Fdrefid%3D2071&dr=https%3A%2F%2Fwww.dynadot.com%2Fforsale%2Fuploadvirus.com%3Fdrefid%3D2071%26__cf_chl_tk%3Dl2ZYK6bCpW3L8MBt4kIJRa3w9PKWTtzlMyGIiKS0NM4-1665614465-0-gaNycGzNCBE&dt=For%20Sale%20Domain%3A%20uploadvirus.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dynadot.com
Connection: keep-alive
Referer: https://www.dynadot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://www.dynadot.com
date: Wed, 12 Oct 2022 22:41:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
0bb2377f88725b00f1813824f8af12b7
52b7feb03f8201a7640c77261089f86cd69f233b
8e3603c91a7408abaa1c83d502a01b71d8c0bbcf824d210d5cf9722ee886792f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 22:41:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/g/collect?v=2&tid=G-S0L3BZSLYB&cid=375901422.1665614469&gtm=2oeaa0&aip=1

173.194.73.156

204 No Content

0 B

URL HTTP/2
stats.g.doubleclick.net/g/collect?v=2&tid=G-S0L3BZSLYB&cid=375901422.1665614469&gtm=2oeaa0&aip=1
IP
173.194.73.156:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-S0L3BZSLYB&cid=375901422.1665614469&gtm=2oeaa0&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dynadot.com
Connection: keep-alive
Referer: https://www.dynadot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://www.dynadot.com
date: Wed, 12 Oct 2022 22:41:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b328dd45b340d747021ad1da23ede95d
92811e18e93271b7b7fc75b2e0ff9d3617f0417e
8e3a7c1a63d37d561dc08f9cec0863582709bb8248214c0f08586bbf3040cad2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 22:41:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

mainstats.dynadot.com/matomo.js

68.68.98.49

200 OK

69 kB

URL HTTP/1.1
mainstats.dynadot.com/matomo.js
IP
68.68.98.49:0
ASN
#18779 EGIHOSTING

File type
ASCII text, with very long lines (1892)
Size
69 kB (68947 bytes)
Hash
fdd9171daeb5d6c28325d5cddebbc786
1af7d60e4e89daca011eedfa97ecb2c963f03e12
ad2c5ecd660a0a5dff000926a75fe4b13cafa7849ad1e85c36676f1a120e013a

HTTP Headers

GET /matomo.js HTTP/1.1
Host: mainstats.dynadot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dynadot.com/
Cookie: cf_clearance=yBLswzZZgo.rxNShCL14wsNQKKsbIYpkqznJV5KkGV4-1665614467-0-150
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Date: Wed, 12 Oct 2022 22:41:08 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Sat, 15 Feb 2020 01:34:10 GMT
ETag: "2145e-10d53-59e93519b7d1b"
Accept-Ranges: bytes
Content-Length: 68947
Connection: close
Content-Type: text/javascript

www.dynadot.com/for-sale-recommended.png

104.18.29.19

200 OK

9.2 kB

URL HTTP/2
www.dynadot.com/for-sale-recommended.png
IP
104.18.29.19:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 218 x 35, 8-bit/color RGBA, non-interlaced\012- data
Size
9.2 kB (9223 bytes)
Hash
4980483ab0c4703bfbf244af96d7b76e
ff4f41165eb27ece8bfc89528143c44f40ce3538
319c0d2b0a61f02be5fd72837d87c82fc7cda2e9d67ef10ba96149ffa18b1b04

HTTP Headers

GET /for-sale-recommended.png HTTP/1.1
Host: www.dynadot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dynadot.com/forsale/uploadvirus.com?drefid=2071
Cookie: cf_chl_2=17430083a221210; cf_chl_prog=x14; cf_clearance=yBLswzZZgo.rxNShCL14wsNQKKsbIYpkqznJV5KkGV4-1665614467-0-150; session_id=1523089756; new_ref=2071-1665614468289; welcome_page=6J6A8B8Y7q7T7AD7oX8URPD8q6j8m5N6P8m7r6S8w7o7c63618Jg8d7f7g6a6p6y8u7NH8Q; _ga_S0L3BZSLYB=GS1.1.1665614469.1.0.1665614469.60.0.0; _ga=GA1.1.375901422.1665614469; _pk_id.1.1bae=acf20de025d398de.1665614470.; _pk_ses.1.1bae=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 22:41:10 GMT
content-type: image/png
content-length: 9223
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000
cache-control: max-age=1209456
expires: Wed, 26 Oct 2022 6:41:25 GMT
etag: 1665556828776
cf-cache-status: HIT
age: 53115
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75935765ba8e1c16-OSL
X-Firefox-Spdy: h2

mainstats.dynadot.com/matomo.php?action_name=For%20Sale%20Domain%3A%20uploadvirus.com&idsite=1&rec=1&r=604277&h=22&m=41&s=9&url=https%3A%2F%2Fwww.dynadot.com%2Fforsale%2Fuploadvirus.com%3Fdrefid%3D2071&urlref=https%3A%2F%2Fwww.dynadot.com%2Fforsale%2Fuploadvirus.com%3Fdrefid%3D2071%26__cf_chl_tk%3Dl2ZYK6bCpW3L8MBt4kIJRa3w9PKWTtzlMyGIiKS0NM4-1665614465-0-gaNycGzNCBE&_id=acf20de025d398de&_idn=1&_refts=0&send_image=0&cookie=1&res=1280x1024&dimension1=for-sale&pv_id=gsAIph&pf_net=0&pf_srv=975&pf_tfr=175&pf_dm1=460

68.68.98.49

204 No Response

0 B

URL HTTP/1.1
mainstats.dynadot.com/matomo.php?action_name=For%20Sale%20Domain%3A%20uploadvirus.com&idsite=1&rec=1&r=604277&h=22&m=41&s=9&url=https%3A%2F%2Fwww.dynadot.com%2Fforsale%2Fuploadvirus.com%3Fdrefid%3D2071&urlref=https%3A%2F%2Fwww.dynadot.com%2Fforsale%2Fuploadvirus.com%3Fdrefid%3D2071%26__cf_chl_tk%3Dl2ZYK6bCpW3L8MBt4kIJRa3w9PKWTtzlMyGIiKS0NM4-1665614465-0-gaNycGzNCBE&_id=acf20de025d398de&_idn=1&_refts=0&send_image=0&cookie=1&res=1280x1024&dimension1=for-sale&pv_id=gsAIph&pf_net=0&pf_srv=975&pf_tfr=175&pf_dm1=460
IP
68.68.98.49:0
ASN
#18779 EGIHOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /matomo.php?action_name=For%20Sale%20Domain%3A%20uploadvirus.com&idsite=1&rec=1&r=604277&h=22&m=41&s=9&url=https%3A%2F%2Fwww.dynadot.com%2Fforsale%2Fuploadvirus.com%3Fdrefid%3D2071&urlref=https%3A%2F%2Fwww.dynadot.com%2Fforsale%2Fuploadvirus.com%3Fdrefid%3D2071%26__cf_chl_tk%3Dl2ZYK6bCpW3L8MBt4kIJRa3w9PKWTtzlMyGIiKS0NM4-1665614465-0-gaNycGzNCBE&_id=acf20de025d398de&_idn=1&_refts=0&send_image=0&cookie=1&res=1280x1024&dimension1=for-sale&pv_id=gsAIph&pf_net=0&pf_srv=975&pf_tfr=175&pf_dm1=460 HTTP/1.1
Host: mainstats.dynadot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Content-Length: 0
Origin: https://www.dynadot.com
Connection: keep-alive
Referer: https://www.dynadot.com/
Cookie: cf_clearance=yBLswzZZgo.rxNShCL14wsNQKKsbIYpkqznJV5KkGV4-1665614467-0-150; _ga_S0L3BZSLYB=GS1.1.1665614469.1.0.1665614469.60.0.0; _ga=GA1.1.375901422.1665614469
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 204 No Response
Date: Wed, 12 Oct 2022 22:41:09 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/7.3.13
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.dynadot.com
Connection: close
Content-Type: text/html; charset=UTF-8

mainstats.dynadot.com/matomo.php?action_name=For%20Sale%20Domain%3A%20uploadvirus.com&idsite=1&rec=1&r=756692&h=22&m=41&s=9&url=https%3A%2F%2Fwww.dynadot.com%2Fforsale%2Fuploadvirus.com%3Fdrefid%3D2071&urlref=https%3A%2F%2Fwww.dynadot.com%2Fforsale%2Fuploadvirus.com%3Fdrefid%3D2071%26__cf_chl_tk%3Dl2ZYK6bCpW3L8MBt4kIJRa3w9PKWTtzlMyGIiKS0NM4-1665614465-0-gaNycGzNCBE&_id=acf20de025d398de&_idn=0&_refts=0&send_image=0&cookie=1&res=1280x1024&dimension1=visitor&pv_id=6Udo9U&pf_net=0&pf_srv=975&pf_tfr=175&pf_dm1=460

68.68.98.49

204 No Response

0 B

URL HTTP/1.1
mainstats.dynadot.com/matomo.php?action_name=For%20Sale%20Domain%3A%20uploadvirus.com&idsite=1&rec=1&r=756692&h=22&m=41&s=9&url=https%3A%2F%2Fwww.dynadot.com%2Fforsale%2Fuploadvirus.com%3Fdrefid%3D2071&urlref=https%3A%2F%2Fwww.dynadot.com%2Fforsale%2Fuploadvirus.com%3Fdrefid%3D2071%26__cf_chl_tk%3Dl2ZYK6bCpW3L8MBt4kIJRa3w9PKWTtzlMyGIiKS0NM4-1665614465-0-gaNycGzNCBE&_id=acf20de025d398de&_idn=0&_refts=0&send_image=0&cookie=1&res=1280x1024&dimension1=visitor&pv_id=6Udo9U&pf_net=0&pf_srv=975&pf_tfr=175&pf_dm1=460
IP
68.68.98.49:0
ASN
#18779 EGIHOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /matomo.php?action_name=For%20Sale%20Domain%3A%20uploadvirus.com&idsite=1&rec=1&r=756692&h=22&m=41&s=9&url=https%3A%2F%2Fwww.dynadot.com%2Fforsale%2Fuploadvirus.com%3Fdrefid%3D2071&urlref=https%3A%2F%2Fwww.dynadot.com%2Fforsale%2Fuploadvirus.com%3Fdrefid%3D2071%26__cf_chl_tk%3Dl2ZYK6bCpW3L8MBt4kIJRa3w9PKWTtzlMyGIiKS0NM4-1665614465-0-gaNycGzNCBE&_id=acf20de025d398de&_idn=0&_refts=0&send_image=0&cookie=1&res=1280x1024&dimension1=visitor&pv_id=6Udo9U&pf_net=0&pf_srv=975&pf_tfr=175&pf_dm1=460 HTTP/1.1
Host: mainstats.dynadot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Content-Length: 0
Origin: https://www.dynadot.com
Connection: keep-alive
Referer: https://www.dynadot.com/
Cookie: cf_clearance=yBLswzZZgo.rxNShCL14wsNQKKsbIYpkqznJV5KkGV4-1665614467-0-150; _ga_S0L3BZSLYB=GS1.1.1665614469.1.0.1665614469.60.0.0; _ga=GA1.1.375901422.1665614469
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 204 No Response
Date: Wed, 12 Oct 2022 22:41:10 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/7.3.13
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.dynadot.com
Connection: close
Content-Type: text/html; charset=UTF-8

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb0068dd-34a7-4326-acdd-a3accfc29e78.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10269 bytes)
Hash
f677dc36d6497c337e2f02e3947e5429
df79f2c67dd8269b12de6a21084552ea26918638
61f5120343b965a7b46eb673ec8aa14a85e7758e526ef413989340ea8f8b8443

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb0068dd-34a7-4326-acdd-a3accfc29e78.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 10269
x-amzn-requestid: 6016b2ca-5838-4e12-a607-f55237bc2454
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z6Tu8FsVIAMFcIw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6347332c-678ab7fb47abc36e014af0ab;Sampled=0
x-amzn-remapped-date: Wed, 12 Oct 2022 21:35:40 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: GDwJKOd-1pYeqWi2J0wYOLvgKlqs-LVlkMznTYBGfbfkS2ChcVnNhA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 12 Oct 2022 21:43:09 GMT
age: 3485
etag: "df79f2c67dd8269b12de6a21084552ea26918638"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.dynadot.com/cdn-cgi/challenge-platform/h/g/img/7593574c4a401c16/1665614466453/avV9Z2sstSFhYe6

104.18.29.19

200 OK

0 B

URL HTTP/2
www.dynadot.com/cdn-cgi/challenge-platform/h/g/img/7593574c4a401c16/1665614466453/avV9Z2sstSFhYe6
IP
104.18.29.19:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/img/7593574c4a401c16/1665614466453/avV9Z2sstSFhYe6 HTTP/1.1
Host: www.dynadot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dynadot.com/forsale/uploadvirus.com?drefid=2071
Cookie: cf_chl_2=17430083a221210; cf_chl_prog=e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 22:41:06 GMT
content-type: image/png
server: cloudflare
cf-ray: 7593574fcc731c16-OSL
X-Firefox-Spdy: h2

www.dynadot.com/cdn-cgi/challenge-platform/h/g/pat/7593574c4a401c16/1665614466458/207bc52f6f7fcc4b41af42fe32120da989af4d4dd7e84998ab532edc9a26da7b/4Pp1n72yvFk1lXJ

104.18.29.19

401 Unauthorized

0 B

URL HTTP/2
www.dynadot.com/cdn-cgi/challenge-platform/h/g/pat/7593574c4a401c16/1665614466458/207bc52f6f7fcc4b41af42fe32120da989af4d4dd7e84998ab532edc9a26da7b/4Pp1n72yvFk1lXJ
IP
104.18.29.19:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/pat/7593574c4a401c16/1665614466458/207bc52f6f7fcc4b41af42fe32120da989af4d4dd7e84998ab532edc9a26da7b/4Pp1n72yvFk1lXJ HTTP/1.1
Host: www.dynadot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dynadot.com/forsale/uploadvirus.com?drefid=2071
Connection: keep-alive
Cookie: cf_chl_2=17430083a221210; cf_chl_prog=e
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 401 Unauthorized
date: Wed, 12 Oct 2022 22:41:06 GMT
content-type: text/plain; charset=UTF-8
www-authenticate: PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gIHvFL29_zEtBr0L-MhINqYmvTU3X6EmYq1Mu3Jom2nsAD3d3dy5keW5hZG90LmNvbQ==, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAm4vzxFXZPURjQ1pujQRw5E6oEKd17jQHgtIBysHWdL-kFNwk514xBTb4P23n-MOKJGwpPGxJItC9H2La7sNplYTthBLuFA6lsF7JKXURahl4fgO-yV_7z-ZJbtj2ye9w6U73_O7vlTFCks0AB_gMo-5k0X_Ul7nXE-hMyysiMQGMEIZF2BRmwHirxTUXPkMjQj7QffgzcZr29HW5ZI1zAsYzuOWhytIcxIi5DaxejjZXrnQUeLOBM6jXnyJYojxKFTCwfwOm41XNQfc8SIP9WhsygZ-QitP__h_3h9tzP_upnPZvyAVOwK85NMDxLiBtB8uKOys2PWVEqPVfZx9zzwIDAQAB, max-age=15
server: cloudflare
cf-ray: 759357509d061c16-OSL
X-Firefox-Spdy: h2

www.dynadot.com/forsale/uploadvirus.com?drefid=2071

104.18.29.19

503 Service Unavailable

0 B

URL HTTP/2
www.dynadot.com/forsale/uploadvirus.com?drefid=2071
IP
104.18.29.19:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /forsale/uploadvirus.com?drefid=2071 HTTP/1.1
Host: www.dynadot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 503 Service Unavailable
date: Wed, 12 Oct 2022 22:41:05 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referer-policy: same-origin
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 7593574c4a401c16-OSL
X-Firefox-Spdy: h2

www.dynadot.com/cdn-cgi/styles/challenges.css

104.18.29.19

200 OK

0 B

URL HTTP/2
www.dynadot.com/cdn-cgi/styles/challenges.css
IP
104.18.29.19:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /cdn-cgi/styles/challenges.css HTTP/1.1
Host: www.dynadot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dynadot.com/forsale/uploadvirus.com?drefid=2071
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 22:41:06 GMT
content-type: text/css
last-modified: Fri, 07 Oct 2022 16:50:57 GMT
etag: W/"634058f1-1896"
server: cloudflare
cf-ray: 7593574deb561c16-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Thu, 13 Oct 2022 00:41:06 GMT
cache-control: max-age=7200, public
content-encoding: gzip
X-Firefox-Spdy: h2

www.dynadot.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=7593574c4a401c16

104.18.29.19

200 OK

0 B

URL HTTP/2
www.dynadot.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=7593574c4a401c16
IP
104.18.29.19:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=7593574c4a401c16 HTTP/1.1
Host: www.dynadot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dynadot.com/forsale/uploadvirus.com?drefid=2071&__cf_chl_rt_tk=l2ZYK6bCpW3L8MBt4kIJRa3w9PKWTtzlMyGIiKS0NM4-1665614465-0-gaNycGzNCBE
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 22:41:06 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, must-revalidate
server: cloudflare
cf-ray: 7593574e3b811c16-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.dynadot.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.7113929222728761:1665612274:idBFvppgH0iYizvGV2zJBONkIiyqYdbqrQD6mI53WJQ/7593574c4a401c16/17430083a221210

104.18.29.19

200 OK

0 B

URL HTTP/2
www.dynadot.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.7113929222728761:1665612274:idBFvppgH0iYizvGV2zJBONkIiyqYdbqrQD6mI53WJQ/7593574c4a401c16/17430083a221210
IP
104.18.29.19:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/0.7113929222728761:1665612274:idBFvppgH0iYizvGV2zJBONkIiyqYdbqrQD6mI53WJQ/7593574c4a401c16/17430083a221210 HTTP/1.1
Host: www.dynadot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
CF-Challenge: 17430083a221210
Content-Length: 1693
Origin: https://www.dynadot.com
Connection: keep-alive
Referer: https://www.dynadot.com/forsale/uploadvirus.com?drefid=2071
Cookie: cf_chl_2=17430083a221210; cf_chl_prog=e
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 22:41:06 GMT
content-type: text/plain; charset=UTF-8
set-cookie: cf_chl_seq_17430083a221210=XxfkW2dkKCJuVgj;SameSite=Strict;HttpOnly
cf_chl_gen: HQC8Vh7vbkMeYHYaP/ESJMSU47Ou1b3LZhXtWVOhk3P4sJm6RZ6T6JuuxonfWJ4caVh0jgbFvbHdl7HB6IPGpxiphLcdmgaWBdXRApETh/OFiBdhVeKpJfvUeAwBNqbkTiPtcdMOW2x+bLddE5hEkVaG1pzGNvDA8q3IKw74y/eEE/oBH/4iU4PkgzEQWMblXLO5Jx5FGRAVdxFRj7PDRMWyrUvoByWQT98GZCvFPEhwIYO+rfqn1KXPnh+zhEBwHdDm/g4hL07ALdCi+MVYY0lRFWia59z8TNwo9/Z0GilBw3un/mXB+V/rUKyDtRFzh1MwqSyleq1fcIxgVJ2zf83d5hqlGHdDNvuU3f8RAseOQy7AR+2q0Wgqt1tZKwiG$odw+F74n1yS/xjlLV34W7w==
server: cloudflare
cf-ray: 7593574f4c221c16-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (17)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations