Report - www.selcuksportshd26.xyz/

Report Overview

Submitted URL
www.selcuksportshd26.xyz/
IP
172.67.212.52
ASN
#13335 CLOUDFLARENET
Submitted
2022-09-05 11:03:01
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
12

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
www.selcuksportshd26.xyz	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	786 B	1.5 kB	172.67.212.52
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	3.6 kB	23.36.76.226
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	488 B	1.2 kB	142.251.1.154
www5.cbox.ws	286738	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	495 B	728 B	104.21.1.254
whos.amung.us	12687	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	391 B	309 B	104.22.75.171
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	6.2 kB	23.36.76.226
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.110
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	427 B	1.5 kB	142.250.74.10
cbox.im	193848	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	730 B	1.5 kB	172.67.219.172
static.cbox.ws	161241	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	385 B	801 B	172.67.128.112
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	328 B	964 B	104.18.32.68
region1.google-analytics.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	764 B	572 B	216.239.34.36
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.0 kB	8.4 kB	142.250.74.3
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.36
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	512 B	694 B	142.250.74.3
unpkg.com	11693	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	2.2 kB	104.16.125.175
www.selcuksportshd121.xyz	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	443 B	928 B	104.21.52.212
code.jquery.com	634	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	368 B	31 kB	69.16.175.42
iframeria.strmrdrfrocc.xyz	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	188 kB	104.21.81.174
www.trtspor.com.tr	293306	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	746 B	103 kB	85.111.24.216
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	56 kB	34.120.237.76
istatistik.trthaber.com	372477	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	479 B	207 B	3.120.109.111
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	987 B	1.8 kB	93.184.220.29
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	381 B	75 kB	142.250.74.72
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	44.228.207.167
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.5 kB	56 kB	142.250.74.163
js.rfp.fout.jp	34450	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	361 B	16 kB	23.32.107.182
widgets.amung.us	12623	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	402 B	747 B	104.22.75.171

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-09-05	medium	strmrdrfrocc.xyz	Sinkholed
2022-09-05	medium	strmrdrfrocc.xyz	Sinkholed
2022-09-05	medium	strmrdrfrocc.xyz	Sinkholed
2022-09-05	medium	strmrdrfrocc.xyz	Sinkholed
2022-09-05	medium	strmrdrfrocc.xyz	Sinkholed
2022-09-05	medium	strmrdrfrocc.xyz	Sinkholed

JavaScript (25)

	URL	Size	First Seen	Last Seen
	unknown	0 B	2023-03-07	2024-05-10
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-10 15:18:22 Times Seen37509306 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.selcuksportshd121.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	1.2 kB	2023-03-07	2024-05-10
Pretty URL www.selcuksportshd121.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-05-10 14:56:33 Times Seen56517 Hash 9e8f56e8e1806253ba01a95cfc3d392c a8af90d7482e1e99d03de6bf88fed2315c5dd728 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Loading...

	www.selcuksportshd121.xyz/js/index.js?v=4	4.2 kB	2023-03-07	2024-05-08
Pretty URL www.selcuksportshd121.xyz/js/index.js?v=4 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:28:02 Last Seen2024-05-08 23:20:03 Times Seen56 Hash 289f10ed17876ef7232ebecdddfa6ab3 02cfd800378cd3bf109ab5593ed53c758fc3aa19 8cd7b6a72d014e026397b3abddb35957d642c28eec241191c9dcb2c82414a2d7 Loading...

	iframeria.strmrdrfrocc.xyz/jquery.220afd743d9e9643852e31a135a9f3ae.js	88 kB	2023-03-07	2024-05-10
Pretty URL iframeria.strmrdrfrocc.xyz/jquery.220afd743d9e9643852e31a135a9f3ae.js IP 104.21.81.174 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:34 Last Seen2024-05-10 14:20:13 Times Seen97828 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

	iframeria.strmrdrfrocc.xyz/clappr.10a0c239c01882665a0bd2e1d8ea3493.js	525 kB	2023-03-07	2023-03-10
Pretty URL iframeria.strmrdrfrocc.xyz/clappr.10a0c239c01882665a0bd2e1d8ea3493.js IP 104.21.81.174 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:41:13 Last Seen2023-03-10 22:48:33 Times Seen1 Hash 10a0c239c01882665a0bd2e1d8ea3493 4a33359e3d9cdb1c72953cb135876bfe283ee8e0 15aee3d7a1994abe56af8cba69725fca340f6b0067bfe245fcb5735feb65233c Loading...

	iframeria.strmrdrfrocc.xyz/index.php?id=601#poster=https%3A%2F%2Fwww.selcuksportshd1.xyz%2Fimg%2Fmadrid-wp2.jpg	713 B	2023-03-07	2023-03-10
Pretty URL iframeria.strmrdrfrocc.xyz/index.php?id=601#poster=https%3A%2F%2Fwww.selcuksportshd1.xyz%2Fimg%2Fmadrid-wp2.jpg IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:28:02 Last Seen2023-03-10 10:25:31 Times Seen1 Hash 364d2309128583ee71371599b8310207 eb9b82104b8e074355217736bddf4b0bb8539198 3f545095a21006e01315df726656361b8af86423e4d1dff06c76eecbe77b415c Loading...

	www5.cbox.ws/box/?boxid=921687&boxtag=DX8bvl	3.0 kB	2023-03-07	2023-03-07
Pretty URL www5.cbox.ws/box/?boxid=921687&boxtag=DX8bvl IP 104.21.1.254 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:41:13 Last Seen2023-03-07 12:55:36 Times Seen1 Hash 1fd13226fea6515d0f993cecb7f83ce0 1748709f800259039b0a6efacc23022051153968 51d4e6401a8441fc0954285543384a236fda81bb02af56efffde9135325997f6 Loading...

	www.googletagmanager.com/gtag/js?id=G-CVN78DGZN1	211 kB	2023-03-07	2023-03-07
Pretty URL www.googletagmanager.com/gtag/js?id=G-CVN78DGZN1 IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:55:36 Last Seen2023-03-07 12:55:36 Times Seen1 Hash d2f0ef1a3bf33c398962cadcf919d976 c86acee93c1092ab48eccfdac7151094c531107f e29a0cc1ad19978e5c46705c3e4ccb9e28bb9dc004a87bbf45abde937d759478 Loading...

	ssl.google-analytics.com/ga.js	46 kB	2023-03-07	2024-05-09
Pretty URL ssl.google-analytics.com/ga.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:00 Last Seen2024-05-09 13:01:11 Times Seen3497 Hash e9372f0ebbcf71f851e3d321ef2a8e5a 2c7d19d1af7d97085c977d1b69dcb8b84483d87c 1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f Loading...

	www.selcuksportshd121.xyz/score_table.php	44 B	2023-03-07	2023-11-11
Pretty URL www.selcuksportshd121.xyz/score_table.php IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:28:02 Last Seen2023-11-11 21:37:31 Times Seen33 Hash 9b7ce9620d11927a4b704f33cc9499c1 b6908443a4a80d46ce096435c6bfb46c35fb1f7a 69fd2b75a0f349d3363bd1dddb0a0663cbed080a536756cbcdfb415e9e44c5b0 Loading...

	js.rfp.fout.jp/rfp-infeed.js	55 kB	2023-03-07	2023-04-26
Pretty URL js.rfp.fout.jp/rfp-infeed.js IP 23.32.107.182 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:41:13 Last Seen2023-04-26 20:59:24 Times Seen14 Hash c79747350e311d848933ced8269602a0 a0bd60105cca6d0be757a969b81de64d9dc2c7f0 c9ef9b71a636842dd1bca19028eaefc68e38d9c6cf566dabdbc6252012d9dfb0 Loading...

	iframeria.strmrdrfrocc.xyz/index.php?id=601#poster=https%3A%2F%2Fwww.selcuksportshd1.xyz%2Fimg%2Fmadrid-wp2.jpg	351 B	2023-03-07	2024-05-08
Pretty URL iframeria.strmrdrfrocc.xyz/index.php?id=601#poster=https%3A%2F%2Fwww.selcuksportshd1.xyz%2Fimg%2Fmadrid-wp2.jpg IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:28:02 Last Seen2024-05-08 23:20:02 Times Seen36 Hash 3278ffab81184f4040fce884245bb4a6 4cecfbee2dadddf41f31f6f23b7a7f7e0fadf548 d8052f37f7eac83641c7b45c211ed7484e615867cf9981882ac882647ba89e73 Loading...

	www.trtspor.com.tr/static/js/jquery.js	93 kB	2023-03-07	2024-01-29
Pretty URL www.trtspor.com.tr/static/js/jquery.js IP 85.111.24.216 ASN #9121 Turk Telekom Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:28:02 Last Seen2024-01-29 22:49:15 Times Seen79 Hash 4ec9f95ecc0911c41abb247dfff887b4 022b0ffc6dd4a825ff56d9cfaf69f75c5a7210d4 7200a2f4c45a1c5f9049777223c7361afb33b36945e97858d0ba4e49ea85cf0b Loading...

	www.trtspor.com.tr/static/js/jquery.md5.js	9.6 kB	2023-03-07	2024-05-10
Pretty URL www.trtspor.com.tr/static/js/jquery.md5.js IP 85.111.24.216 ASN #9121 Turk Telekom Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:28:02 Last Seen2024-05-10 02:12:30 Times Seen126 Hash c629663d7fe3432af0760b26d4b546e7 0abc4b9564d71cf8d23b7f5b661552092c8e7d67 41f41aa3f32ea20a820c36488c40e2acb8f022c35d91c69a1d1c75e63edebf54 Loading...

	www.selcuksportshd121.xyz/score_table.php	1.8 kB	2023-03-07	2023-03-07
Pretty URL www.selcuksportshd121.xyz/score_table.php IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:55:36 Last Seen2023-03-07 12:55:36 Times Seen1 Hash 3d97dd6bc3ae4b286435696376f31f4a d5d7c2a52aedbfcfc323d226b1f183e76bf897bf b54908ff6ce29900b5e06bfe5ff2af74334e9c6546063c66fdc38e81b44f6159 Loading...

	www.selcuksportshd121.xyz/score_table.php	118 B	2023-03-07	2023-11-11
Pretty URL www.selcuksportshd121.xyz/score_table.php IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:28:02 Last Seen2023-11-11 21:37:31 Times Seen29 Hash c1a007396cbb4c009724961fb1cb3056 f1d81b84b3f2457fc07db734a9f60af70ef760f9 d5d1fb94e9801601b863470dd032bf887e49490ea56fd4c1c618488cc48d3eb0 Loading...

	www.selcuksportshd121.xyz/score_table.php	668 B	2023-03-07	2023-11-11
Pretty URL www.selcuksportshd121.xyz/score_table.php IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:28:02 Last Seen2023-11-11 21:37:31 Times Seen33 Hash 86ed25cb1d4d4ff8bb15140abdbb9243 37832a89643256ed66fca0bdaa489b9b9d4e72eb a014a425707ff2bb2e4e50c81bf8db1022ffa1cddb182420826744f9e771af0b Loading...

	iframeria.strmrdrfrocc.xyz/levelselector.ee341b104a9c406b73001afe57d16f18.js	28 kB	2023-03-07	2023-03-10
Pretty URL iframeria.strmrdrfrocc.xyz/levelselector.ee341b104a9c406b73001afe57d16f18.js IP 104.21.81.174 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:28:02 Last Seen2023-03-10 22:48:33 Times Seen1 Hash ee341b104a9c406b73001afe57d16f18 e3158ab8724ee86369f58e8c10ea72a6a45d2180 19eadee526ee2f17dc7fcf8c426945cf9258462c489de75d0537637146430c40 Loading...

	iframeria.strmrdrfrocc.xyz/index.php?id=601#poster=https%3A%2F%2Fwww.selcuksportshd1.xyz%2Fimg%2Fmadrid-wp2.jpg	276 B	2023-03-07	2023-03-07
Pretty URL iframeria.strmrdrfrocc.xyz/index.php?id=601#poster=https%3A%2F%2Fwww.selcuksportshd1.xyz%2Fimg%2Fmadrid-wp2.jpg IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:55:36 Last Seen2023-03-07 12:55:36 Times Seen1 Hash 65a7a4d80d2d13d8a4a062e2b325b075 3528961d919fe15ca81f0bbca70d033ddc8bca3d 17bdce6af45d85522482b07584507a03177e3d46ee8e1429a5c2330a3732e4bd Loading...

	iframeria.strmrdrfrocc.xyz/index.php?id=601#poster=https%3A%2F%2Fwww.selcuksportshd1.xyz%2Fimg%2Fmadrid-wp2.jpg	1.1 kB	2023-03-07	2023-03-07
Pretty URL iframeria.strmrdrfrocc.xyz/index.php?id=601#poster=https%3A%2F%2Fwww.selcuksportshd1.xyz%2Fimg%2Fmadrid-wp2.jpg IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:55:36 Last Seen2023-03-07 12:55:36 Times Seen1 Hash 8211a3e0b1c763119eefbaf42b55099e 33fc4e5181df3a0a081a778c207155dd6da9d6fc a53799b37c0ad2f61b0b8bb174424e34824b2ef0bfbb259a5f8926d3c515bff4 Loading...

	www.selcuksportshd121.xyz/	139 B	2023-03-07	2023-11-11
Pretty URL www.selcuksportshd121.xyz/ IP 104.21.52.212 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:28:02 Last Seen2023-11-11 16:54:52 Times Seen30 Hash 9192ef00ea2906eb09a299ca8bd018c8 8508aef23cc21430ec4e99654f12a1af8198ace1 d814e6b0bd9e3d7e6b605040637d409b7f660090922eee154a778abc1d67cddb Loading...

	iframeria.strmrdrfrocc.xyz/index.php?id=601#poster=https%3A%2F%2Fwww.selcuksportshd1.xyz%2Fimg%2Fmadrid-wp2.jpg	522 B	2023-03-07	2023-04-05
Pretty URL iframeria.strmrdrfrocc.xyz/index.php?id=601#poster=https%3A%2F%2Fwww.selcuksportshd1.xyz%2Fimg%2Fmadrid-wp2.jpg IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:28:02 Last Seen2023-04-05 02:00:58 Times Seen4 Hash dacc5f96cbf29799d16f783bcf6d1e90 5345e0d5ce261f9708260689e107ee22eb84e0c4 cc32bcf7343686a50e65db8265d597b4ff2d54df416aa8a172820edaebc0fd5f Loading...

	iframeria.strmrdrfrocc.xyz/keslanorospucocugu.a5be2684363df32e1431b8c920789b3a.js	9.7 kB	2023-03-07	2023-03-07
Pretty URL iframeria.strmrdrfrocc.xyz/keslanorospucocugu.a5be2684363df32e1431b8c920789b3a.js IP 104.21.81.174 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:41:12 Last Seen2023-03-07 12:58:08 Times Seen1 Hash a5be2684363df32e1431b8c920789b3a 9785dad78f454277027bf42f7fa1f45bf796c141 a1fe77322d5e810d67a296a48321f19f5b35e98a4418c9125b4981355a6762f7 Loading...

	static.cbox.ws/jsc/jsc_10_1629383500.js	78 kB	2023-03-07	2023-03-07
Pretty URL static.cbox.ws/jsc/jsc_10_1629383500.js IP 172.67.128.112 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:27:24 Last Seen2023-03-07 14:40:19 Times Seen1 Hash 8401ea78ef4cd71fae513505c5f440dc c3128eb75029f98bc3175f65bf0082f938a10202 a036f72be2af61fa73108715a5b67b29e3a501685488dc67d83154bfd08403b6 Loading...

	code.jquery.com/jquery-3.6.0.min.js	90 kB	2023-03-07	2024-05-10
Pretty URL code.jquery.com/jquery-3.6.0.min.js IP 69.16.175.42 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-05-10 15:14:24 Times Seen269823 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

HTTP Transactions (73)

URL IP Response Size

www.selcuksportshd26.xyz/

172.67.212.52

301 Moved Permanently

0 B

URL HTTP/1.1
www.selcuksportshd26.xyz/
IP
172.67.212.52:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: www.selcuksportshd26.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Mon, 05 Sep 2022 11:02:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 05 Sep 2022 12:02:50 GMT
Location: https://www.selcuksportshd26.xyz/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6WYepvYbsWIsEQWBA3TqmCURtlNno5kCIqXpA6NsmFdUtD7TXsU1SArTY2ApmJ2wdUZrdAmaspL%2FFtmsQtrlc65kbySSGxVaibTkfWYTbaMXXSdptD%2FA4223AllqRt4n5zxbLeg5GQeCYwo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 745e7997f934b506-OSL
alt-svc: h2=":443"; ma=60

firefox.settings.services.mozilla.com/v1/

143.204.55.36

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 05 Sep 2022 10:44:47 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: EGqpDyRfRLqb0srDzC3Jewa-IXQG_00FE6kJfuNom016a6D9Ig9ZGQ==
Age: 1083

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d931e0142ef5ffe9cdb4c4c6bfcb9bc9
d9c4caf525e8926b042a14f38d374cc4033ed768
f610984fb0a75b3a31424faa860cbc8172c7f21804df1dc14fbb685b7c456f29

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F610984FB0A75B3A31424FAA860CBC8172C7F21804DF1DC14FBB685B7C456F29"
Last-Modified: Sat, 03 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3614
Expires: Mon, 05 Sep 2022 12:03:05 GMT
Date: Mon, 05 Sep 2022 11:02:51 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.110

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.110:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 05 Sep 2022 01:15:19 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: TZVLvrJEhDSpI4oqcKTsIeghS4rWllcHFVF6gEmxjwX2ZD9Tt6IzQA==
age: 35254
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 11:02:51 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
b5ec28a3ee4b11e8aca3ce1730fcc68c
c19e9ec819d81e7da9826efa792d833b078b6c60
af9f1b6dffe973502309a36981189d67ae3fcf55c3dd8fe30050377325dea84b

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "AF9F1B6DFFE973502309A36981189D67AE3FCF55C3DD8FE30050377325DEA84B"
Last-Modified: Sat, 03 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21548
Expires: Mon, 05 Sep 2022 17:01:59 GMT
Date: Mon, 05 Sep 2022 11:02:51 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.36

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Mon, 05 Sep 2022 10:38:16 GMT
Expires: Mon, 05 Sep 2022 11:17:41 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: KZQBhG2NvgNBR7g7KQzRwEDOIr9DyPnJK813LutUowycgbAataeBjQ==
Age: 1475

e1.o.lencr.org/

23.36.76.226

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
b5ec28a3ee4b11e8aca3ce1730fcc68c
c19e9ec819d81e7da9826efa792d833b078b6c60
af9f1b6dffe973502309a36981189d67ae3fcf55c3dd8fe30050377325dea84b

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "AF9F1B6DFFE973502309A36981189D67AE3FCF55C3DD8FE30050377325DEA84B"
Last-Modified: Sat, 03 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21548
Expires: Mon, 05 Sep 2022 17:01:59 GMT
Date: Mon, 05 Sep 2022 11:02:51 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
67a96920cc1e0285dd02543de4967eeb
15d87339111a13adbd968ab5eb95476894344c5d
67edb9ae30f9173f79cfa521627c4b4934db025339963db63deef1fe262983bc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3488
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 11:02:51 GMT
Last-Modified: Mon, 05 Sep 2022 10:04:43 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
67a96920cc1e0285dd02543de4967eeb
15d87339111a13adbd968ab5eb95476894344c5d
67edb9ae30f9173f79cfa521627c4b4934db025339963db63deef1fe262983bc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3488
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 11:02:51 GMT
Last-Modified: Mon, 05 Sep 2022 10:04:43 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 279

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
194d72d26ddeaa8a8a266839eb707300
86427a0db92a3b4bd2690ad361109559c7212992
ab77f42ccfa0c649217777139f0d14a6742039596ee37a045c5fe96e7ca32338

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 11:02:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
b57a9dd04797bf34612c80361f1dffb3
56573166d8b9cd9b8dae19fd905e4f3293af306b
b03552109f1e7d1e482aa14614ffb1e38fb53ae4951152aab307b927674dad98

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1253
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 11:02:51 GMT
Last-Modified: Mon, 05 Sep 2022 10:41:58 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

code.jquery.com/jquery-3.6.0.min.js

69.16.175.42

200 OK

31 kB

URL HTTP/2
code.jquery.com/jquery-3.6.0.min.js
IP
69.16.175.42:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (65447)
Size
31 kB (30875 bytes)
Hash
899f0189aaf034bbba5340f724d91dfa
210ea9de03968edb9d839ba4a0ce2d48666a8ab8
949b6597c5ea907a7ef3c8ca6d5ffc73be2352f9df485b78704e5c4dabac5d0f

HTTP Headers

GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.selcuksportshd121.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 05 Sep 2022 11:02:52 GMT
content-encoding: gzip
content-length: 30875
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d9d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1662375772.dop072.sk1.t,1662375772.cds258.sk1.hn,1662375772.cds210.sk1.c
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a73c40e0fed317f31e35a24d5b5e2d0d
fb19e9d403e37956762ebb527260576860161872
4a38f2cc8997dada402e2cce06bbd8776cbad2075b00696d00efa59ad5388644

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 11:02:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=G-CVN78DGZN1

142.250.74.72

200 OK

74 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=G-CVN78DGZN1
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (17899)
Size
74 kB (74484 bytes)
Hash
131e3cf7f1dbfbee6903e0ed754a166d
8f9c8ab37ae05e98bb43fd365c2f106767d0b6f5
f14266c56f6f82e4ccfd651c260b7c1c4e70e4c0c703fb9533fd99980cf3586d

HTTP Headers

GET /gtag/js?id=G-CVN78DGZN1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.selcuksportshd121.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 05 Sep 2022 11:02:52 GMT
expires: Mon, 05 Sep 2022 11:02:52 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74484
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
194d72d26ddeaa8a8a266839eb707300
86427a0db92a3b4bd2690ad361109559c7212992
ab77f42ccfa0c649217777139f0d14a6742039596ee37a045c5fe96e7ca32338

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 11:02:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a73c40e0fed317f31e35a24d5b5e2d0d
fb19e9d403e37956762ebb527260576860161872
4a38f2cc8997dada402e2cce06bbd8776cbad2075b00696d00efa59ad5388644

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 11:02:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

44.228.207.167

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.228.207.167:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: xJmxcbNESkp62gJuXKqQ2Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: vUFrlaelEgOhO0p31kM91ZtowSQ=

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3958546039b436bd448017432b45c949
45aadab2339c0718b57200a1b2849073c04f08f5
903f9b9e0ccec46513fb56991790db64f79dd2548f6240c4905cf9f19bdaa783

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 11:02:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/titilliumweb/v15/NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2

142.250.74.163

200 OK

14 kB

URL HTTP/2
fonts.gstatic.com/s/titilliumweb/v15/NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
14 kB (13841 bytes)
Hash
545d385fcc752e21386ec888be16c5cd
7202d0099057a926f9c606ba8aea579e71b6409e
0cd9f6b4565139d97ff38bf20a1a1f82d3bf2ed1f7a7a63c5c18f93c4dc217d1

HTTP Headers

GET /s/titilliumweb/v15/NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.selcuksportshd121.xyz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12372
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:28:22 GMT
expires: Thu, 31 Aug 2023 19:28:22 GMT
cache-control: public, max-age=31536000
age: 401670
last-modified: Wed, 27 Apr 2022 16:19:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/titilliumweb/v15/NaPDcZTIAOhVxoMyOr9n_E7ffBzCGItzYw.woff2

142.250.74.163

200 OK

12 kB

URL HTTP/2
fonts.gstatic.com/s/titilliumweb/v15/NaPDcZTIAOhVxoMyOr9n_E7ffBzCGItzYw.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 12136, version 1.0\012- data
Size
12 kB (12136 bytes)
Hash
5d7c6bb8fd4fc992c54e596ab7433d5d
35fd6e4c125235cb7f9aa6e297da4b64ae45b06a
dd870101ad4e95d687a2eb734707b0dd7c20808f76d7be77a71a5d13cf99401c

HTTP Headers

GET /s/titilliumweb/v15/NaPDcZTIAOhVxoMyOr9n_E7ffBzCGItzYw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.selcuksportshd121.xyz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12136
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:28:29 GMT
expires: Thu, 31 Aug 2023 19:28:29 GMT
cache-control: public, max-age=31536000
age: 401663
last-modified: Wed, 27 Apr 2022 15:39:24 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/titilliumweb/v15/NaPecZTIAOhVxoMyOr9n_E7fdM3mDbRS.woff2

142.250.74.163

200 OK

6.8 kB

URL HTTP/2
fonts.gstatic.com/s/titilliumweb/v15/NaPecZTIAOhVxoMyOr9n_E7fdM3mDbRS.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 6776, version 1.0\012- data
Size
6.8 kB (6776 bytes)
Hash
ca9745459de645cbea7eb8a9f671cac2
8156e13525f20c77e0d52e1850dac48bc0dffc7c
05e415164465aa7031a976c10aeb71e4fa19bb4958104c769e32c47f9f05c1a1

HTTP Headers

GET /s/titilliumweb/v15/NaPecZTIAOhVxoMyOr9n_E7fdM3mDbRS.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.selcuksportshd121.xyz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 6776
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 23:45:22 GMT
expires: Thu, 31 Aug 2023 23:45:22 GMT
cache-control: public, max-age=31536000
age: 386250
last-modified: Wed, 27 Apr 2022 16:14:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/titilliumweb/v15/NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2

142.250.74.163

200 OK

12 kB

URL HTTP/2
fonts.gstatic.com/s/titilliumweb/v15/NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 11796, version 1.0\012- data
Size
12 kB (11796 bytes)
Hash
8d4079c3aa4f01e6d9bbd4f1bbcdf114
52ab47c062d0bfdbd34dbd31784008bd0e4c4227
d5c1172f24f4f49f780c65cf5be897527fd08f3662a2ba8db0cfe0057d92e367

HTTP Headers

GET /s/titilliumweb/v15/NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.selcuksportshd121.xyz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11796
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:28:32 GMT
expires: Thu, 31 Aug 2023 19:28:32 GMT
cache-control: public, max-age=31536000
age: 401660
last-modified: Wed, 27 Apr 2022 15:47:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/titilliumweb/v15/NaPDcZTIAOhVxoMyOr9n_E7ffHjDGIVzY4SY.woff2

142.250.74.163

200 OK

6.7 kB

URL HTTP/2
fonts.gstatic.com/s/titilliumweb/v15/NaPDcZTIAOhVxoMyOr9n_E7ffHjDGIVzY4SY.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 6660, version 1.0\012- data
Size
6.7 kB (6660 bytes)
Hash
5a3e69c4263292b8d1608b0a0265b447
fc59e4f20fa9620636f53b30f4f993af679399ea
8f8ebc7e5d94244c2499c5f4c10c4d28639ce2d6126e52de3e9842ce64977391

HTTP Headers

GET /s/titilliumweb/v15/NaPDcZTIAOhVxoMyOr9n_E7ffHjDGIVzY4SY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.selcuksportshd121.xyz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 6660
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Sep 2022 00:00:25 GMT
expires: Fri, 01 Sep 2023 00:00:25 GMT
cache-control: public, max-age=31536000
age: 385347
last-modified: Wed, 27 Apr 2022 15:44:43 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3958546039b436bd448017432b45c949
45aadab2339c0718b57200a1b2849073c04f08f5
903f9b9e0ccec46513fb56991790db64f79dd2548f6240c4905cf9f19bdaa783

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 11:02:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

e1.o.lencr.org/

23.36.76.226

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
8c6b98064d31e80ffb30ba5c946ca2ac
00fc21c6d2d38387551cd67abcc1752b0d1ea423
f240c74dde182d7e80018105bc33a4a903e1fa8a5c54c61aa96a408a9414b996

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "F240C74DDE182D7E80018105BC33A4A903E1FA8A5C54C61AA96A408A9414B996"
Last-Modified: Sat, 03 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4842
Expires: Mon, 05 Sep 2022 12:23:34 GMT
Date: Mon, 05 Sep 2022 11:02:52 GMT
Connection: keep-alive

js.rfp.fout.jp/rfp-infeed.js

23.32.107.182

200 OK

15 kB

URL HTTP/2
js.rfp.fout.jp/rfp-infeed.js
IP
23.32.107.182:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (54214)
Size
15 kB (14823 bytes)
Hash
a2a27174d303ab04fb5b1e166d0b054f
8fe315b365e69ca138eed86d86ca4795319d1b64
caed7a1742ccc02bf163bcdc499154e30d92bb555ee7d343e1d60e0b8cc10b97

HTTP Headers

GET /rfp-infeed.js HTTP/1.1
Host: js.rfp.fout.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.selcuksportshd121.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-guploader-uploadid: ADPycdtLfaO18vBHFGVOTELsLYxwbSDnpmY8nJZx3pj6DGCwNguDMBQuj_YINW4ReKbMzbeeNDJbH_OzVEgKteAumTMc0A
last-modified: Mon, 05 Sep 2022 02:06:28 GMT
etag: "a2a27174d303ab04fb5b1e166d0b054f"
x-goog-generation: 1662343588239694
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 14823
content-type: application/javascript
content-encoding: gzip
x-goog-hash: crc32c=1JnjJg==, md5=oqJxdNMDqwT7Wx4WbQsFTw==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 14823
server: UploadServer
cache-control: public, max-age=1800
expires: Mon, 05 Sep 2022 11:32:52 GMT
date: Mon, 05 Sep 2022 11:02:52 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
a029cb23b59fb3d5e198af6236aabfb4
7922881667c32104523eab7eaaf5379fbab8728c
b45a3b88a6d61fdd5b92ec129595b33de1daf4a21a7e3100cb7fa3e3b9593cac

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "B45A3B88A6D61FDD5B92EC129595B33DE1DAF4A21A7E3100CB7FA3E3B9593CAC"
Last-Modified: Sun, 04 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21577
Expires: Mon, 05 Sep 2022 17:02:29 GMT
Date: Mon, 05 Sep 2022 11:02:52 GMT
Connection: keep-alive

iframeria.strmrdrfrocc.xyz/clappr.10a0c239c01882665a0bd2e1d8ea3493.js

104.21.81.174

200 OK

142 kB

URL HTTP/2
iframeria.strmrdrfrocc.xyz/clappr.10a0c239c01882665a0bd2e1d8ea3493.js
IP
104.21.81.174:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
142 kB (141983 bytes)
Hash
aa6c93b67c7722d79762978655ea9172
e1e86d169dd1cd135bb509edf2c6814ffdb9d67a
c31526cc6f634fe749cbf6d0f53e82ff367eb651fde03ff57fb1a5a108fe778c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /clappr.10a0c239c01882665a0bd2e1d8ea3493.js HTTP/1.1
Host: iframeria.strmrdrfrocc.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iframeria.strmrdrfrocc.xyz/index.php?id=601
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Sep 2022 11:02:52 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sun, 28 Nov 2021 15:52:12 GMT
vary: Accept-Encoding
expires: Mon, 04 Sep 2023 12:47:34 GMT
cache-control: max-age=31536000
x-robots-tag: none
cf-cache-status: HIT
age: 80118
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1lW8ZV0rmRL7afizLIHtDBUtsLE1uXgsgzGU%2FQXMoB0Ixiwf25eAhu7kVfe6JaJL8xKrZiaTNi4jAQTp%2F3%2BdVRZsdRpBUQb%2FRABs50C37fWFNoeBnifaJyND%2F8XM51XTZxAZDyTb6rSoyTdSGg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 745e79a219d7b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

iframeria.strmrdrfrocc.xyz/jquery.220afd743d9e9643852e31a135a9f3ae.js

104.21.81.174

200 OK

32 kB

URL HTTP/2
iframeria.strmrdrfrocc.xyz/jquery.220afd743d9e9643852e31a135a9f3ae.js
IP
104.21.81.174:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65451)
Size
32 kB (32051 bytes)
Hash
82281547b8e9032e39a4d89d241f6a8a
da33a913c43655be50f85b5bbc67c3aa1f10fdd8
132e349a82f34b7c3f356c5736adf57e1b958cadedccdac0111e5a5d6ef68340

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /jquery.220afd743d9e9643852e31a135a9f3ae.js HTTP/1.1
Host: iframeria.strmrdrfrocc.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iframeria.strmrdrfrocc.xyz/index.php?id=601
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Sep 2022 11:02:52 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sun, 27 Sep 2020 13:19:40 GMT
vary: Accept-Encoding
expires: Mon, 04 Sep 2023 12:47:34 GMT
cache-control: max-age=31536000
x-robots-tag: none
cf-cache-status: HIT
age: 80118
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=psuV%2FBD29MKmqHtzmbZLB6eZ4s%2FcCZl5WIdwXV7QttWILRvo1KAjHAtWe6t5LmOVdtDlfK1tD3KMTacR4MMoqP7x0pBo6wS0PdY0hCrBx4lu2x0cHNGl2a8R4zOQ%2BIr1y2BZ59Iipumd44SngQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 745e79a219d6b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d8180745088eed8c8db95fd461211773
29b621b4ac7a5c16c5b04af241059e0926af8b2e
f12fa85dc588dcdf3da8d6d653e9e7e7f8c777c8cca419d2745d20ac3b1740dd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F12FA85DC588DCDF3DA8D6D653E9E7E7F8C777C8CCA419D2745D20AC3B1740DD"
Last-Modified: Sun, 04 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15771
Expires: Mon, 05 Sep 2022 15:25:43 GMT
Date: Mon, 05 Sep 2022 11:02:52 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d8180745088eed8c8db95fd461211773
29b621b4ac7a5c16c5b04af241059e0926af8b2e
f12fa85dc588dcdf3da8d6d653e9e7e7f8c777c8cca419d2745d20ac3b1740dd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F12FA85DC588DCDF3DA8D6D653E9E7E7F8C777C8CCA419D2745D20AC3B1740DD"
Last-Modified: Sun, 04 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19809
Expires: Mon, 05 Sep 2022 16:33:01 GMT
Date: Mon, 05 Sep 2022 11:02:52 GMT
Connection: keep-alive

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
2bfbef8555699b4afb49e22932438808
500146afa7d0da1b248b0b43e7153d170e3e308f
01c6dd36e118d7dde132bf49e878faae664efc82c982933ce809ad2b3eba3553

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 11:02:52 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 03 Sep 2022 05:29:15 GMT
Expires: Sat, 10 Sep 2022 05:29:14 GMT
Etag: "500146afa7d0da1b248b0b43e7153d170e3e308f"
Cache-Control: max-age=411381,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 745e79a48d6d0b31-OSL

www.trtspor.com.tr/static/js/jquery.js

85.111.24.216

200 OK

93 kB

URL HTTP/2
www.trtspor.com.tr/static/js/jquery.js
IP
85.111.24.216:0
ASN
#9121 Turk Telekom

File type
Unicode text, UTF-8 text, with very long lines (65479)
Size
93 kB (92794 bytes)
Hash
4ec9f95ecc0911c41abb247dfff887b4
022b0ffc6dd4a825ff56d9cfaf69f75c5a7210d4
7200a2f4c45a1c5f9049777223c7361afb33b36945e97858d0ba4e49ea85cf0b

HTTP Headers

GET /static/js/jquery.js HTTP/1.1
Host: www.trtspor.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.selcuksportshd121.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 11:02:52 GMT
content-type: application/javascript
content-length: 92794
last-modified: Sat, 12 Oct 2013 15:24:23 GMT
etag: "525969a7-16a7a"
expires: Mon, 05 Sep 2022 11:32:52 GMT
cache-control: max-age=1800
x-node: script
x-worker: 7566
accept-ranges: bytes
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
bd434647f1a542b37dc97470cb71303c
ba8182aa13ce7b17d6a513acd55ac1f2462d896a
705ec6993fcebd2a4643f78e375badbee40433a1bf6c14ced1af039623661a8e

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "705EC6993FCEBD2A4643F78E375BADBEE40433A1BF6C14CED1AF039623661A8E"
Last-Modified: Sun, 04 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21506
Expires: Mon, 05 Sep 2022 17:01:19 GMT
Date: Mon, 05 Sep 2022 11:02:53 GMT
Connection: keep-alive

www.trtspor.com.tr/static/js/jquery.md5.js

85.111.24.216

200 OK

9.6 kB

URL HTTP/2
www.trtspor.com.tr/static/js/jquery.md5.js
IP
85.111.24.216:0
ASN
#9121 Turk Telekom

File type
ASCII text
Size
9.6 kB (9606 bytes)
Hash
c629663d7fe3432af0760b26d4b546e7
0abc4b9564d71cf8d23b7f5b661552092c8e7d67
41f41aa3f32ea20a820c36488c40e2acb8f022c35d91c69a1d1c75e63edebf54

HTTP Headers

GET /static/js/jquery.md5.js HTTP/1.1
Host: www.trtspor.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.selcuksportshd121.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 11:02:52 GMT
content-type: application/javascript
content-length: 9606
last-modified: Mon, 16 Sep 2019 09:15:34 GMT
etag: "5d7f52b6-2586"
expires: Mon, 05 Sep 2022 11:32:52 GMT
cache-control: max-age=1800
x-node: script
x-worker: 7566
accept-ranges: bytes
X-Firefox-Spdy: h2

region1.google-analytics.com/g/collect?v=2&tid=G-CVN78DGZN1&gtm=2oe8v0&_p=1166604269&cid=1349153718.1662375768&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1662375768&sct=1&seg=0&dl=https%3A%2F%2Fwww.selcuksportshd121.xyz%2F&dt=SelcukSportsHD%20%7C%20Ma%C3%A7%20Yay%C4%B1nlar%C4%B1%2C%20Belgesel%2C%20Sinema%20ve%20Daha%20Fazlas%C4%B1&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1

216.239.34.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-CVN78DGZN1&gtm=2oe8v0&_p=1166604269&cid=1349153718.1662375768&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1662375768&sct=1&seg=0&dl=https%3A%2F%2Fwww.selcuksportshd121.xyz%2F&dt=SelcukSportsHD%20%7C%20Ma%C3%A7%20Yay%C4%B1nlar%C4%B1%2C%20Belgesel%2C%20Sinema%20ve%20Daha%20Fazlas%C4%B1&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP
216.239.34.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-CVN78DGZN1&gtm=2oe8v0&_p=1166604269&cid=1349153718.1662375768&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1662375768&sct=1&seg=0&dl=https%3A%2F%2Fwww.selcuksportshd121.xyz%2F&dt=SelcukSportsHD%20%7C%20Ma%C3%A7%20Yay%C4%B1nlar%C4%B1%2C%20Belgesel%2C%20Sinema%20ve%20Daha%20Fazlas%C4%B1&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.selcuksportshd121.xyz
Connection: keep-alive
Referer: https://www.selcuksportshd121.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://www.selcuksportshd121.xyz
date: Mon, 05 Sep 2022 11:02:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

widgets.amung.us/small/01/196.png

104.22.75.171

200 OK

326 B

URL HTTP/2
widgets.amung.us/small/01/196.png
IP
104.22.75.171:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 80 x 15, 8-bit colormap, non-interlaced\012- data
Size
326 B (326 bytes)
Hash
385290db2c54d3990354b30753cde07f
03a2b94351cd15418ce71276d8e4e8a8b4750fa2
b6b61310475dc9a0284c698ff72a3a75e1662abdbb3795cd3e161faaeae6b0f7

HTTP Headers

GET /small/01/196.png HTTP/1.1
Host: widgets.amung.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iframeria.strmrdrfrocc.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Sep 2022 11:02:53 GMT
content-type: image/png
content-length: 326
last-modified: Sun, 13 Jun 2010 09:48:29 GMT
etag: "4c14a96d-146"
expires: Sun, 14 Aug 2022 12:05:24 GMT
cache-control: max-age=2678400
access-control-allow-origin: *
cf-cache-status: HIT
age: 1983449
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 745e79a6ac8f95df-ARN
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
1931a32d83e4feb5268887bcb07fcc1e
6fb75c21ced29544dd6d7c3b0ef79adf65718a39
d794fae0b82097a2e97af2f21b6c243832081f88036a2a56bbeeabb08790d88d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 11:02:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-26291030-6&cid=1349153718.1662375768&jid=1774429137&_v=5.7.2&z=1737141214

142.251.1.154

302 Found

369 B

URL HTTP/2
stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-26291030-6&cid=1349153718.1662375768&jid=1774429137&_v=5.7.2&z=1737141214
IP
142.251.1.154:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
369 B (369 bytes)
Hash
51d4bca11103e0f26765b3c85dd24fd4
d230f454c12c9a0f082f51718949ffdaa33d3945
4ffcbca972b3c7a8124ee069e046a81c9a081de3f0461547e17a9f83f995fead

HTTP Headers

GET /r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-26291030-6&cid=1349153718.1662375768&jid=1774429137&_v=5.7.2&z=1737141214 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.selcuksportshd121.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
location: https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-26291030-6&cid=1349153718.1662375768&jid=1774429137&_v=5.7.2&z=1737141214
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 05 Sep 2022 11:02:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: Golfe2
content-length: 369
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Titillium+Web:wght@300;400;600;700&display=swap

142.250.74.10

200 OK

786 B

URL HTTP/2
fonts.googleapis.com/css2?family=Titillium+Web:wght@300;400;600;700&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
786 B (786 bytes)
Hash
5cf681deba5437642fafa66674b4f4fe
5efded83a58fe19a9cd99225a166d36567a345d8
ea9702d8cad9c57ed80821c6b5851fda6c223807c6971828cfd9269f282c2c6c

HTTP Headers

GET /css2?family=Titillium+Web:wght@300;400;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.selcuksportshd121.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 05 Sep 2022 11:02:52 GMT
date: Mon, 05 Sep 2022 11:02:52 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e55281415ad2c89f8e871f59400c8dc1
bc7ca4131f13d89604161eb0641352670c28c033
1e9c57dbee44db8c9aab44449f9f0cb502a6d9f6473de439daf26414d0d2517a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 11:02:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
1931a32d83e4feb5268887bcb07fcc1e
6fb75c21ced29544dd6d7c3b0ef79adf65718a39
d794fae0b82097a2e97af2f21b6c243832081f88036a2a56bbeeabb08790d88d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 11:02:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8393
Expires: Mon, 05 Sep 2022 13:22:46 GMT
Date: Mon, 05 Sep 2022 11:02:53 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8393
Expires: Mon, 05 Sep 2022 13:22:46 GMT
Date: Mon, 05 Sep 2022 11:02:53 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8393
Expires: Mon, 05 Sep 2022 13:22:46 GMT
Date: Mon, 05 Sep 2022 11:02:53 GMT
Connection: keep-alive

iframeria.strmrdrfrocc.xyz/streamradarking.1787e6ac6ef4f3cafdae068c5b321b1a.css

104.21.81.174

200 OK

8.1 kB

URL HTTP/2
iframeria.strmrdrfrocc.xyz/streamradarking.1787e6ac6ef4f3cafdae068c5b321b1a.css
IP
104.21.81.174:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (5810)
Size
8.1 kB (8060 bytes)
Hash
2e66188f31240160a259e1efac1d88b7
cd9df8605dd3a09c2a0f63367bbe8b171b9cf5c0
a67d1a9fa0218fb78a37fede81cd93ace95fb3db2c938b0090a0192d540167f6

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /streamradarking.1787e6ac6ef4f3cafdae068c5b321b1a.css HTTP/1.1
Host: iframeria.strmrdrfrocc.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iframeria.strmrdrfrocc.xyz/index.php?id=601
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Sep 2022 11:02:52 GMT
content-type: text/css; charset=utf-8
last-modified: Fri, 22 Jan 2021 03:58:15 GMT
vary: Accept-Encoding
expires: Mon, 04 Sep 2023 12:47:34 GMT
cache-control: max-age=31536000
x-robots-tag: none
cf-cache-status: HIT
age: 80118
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t7SASYVv8qVVz5y8xBjdWMbAV5TFQkCVd0KZzJ1t1pWWO752BJkEe5w19ktTA65fSvNdyin8qP0eFk9lRm5zIXMGIzbeaxExXtcEF966ofUOTZBMhPNiAFPWjp2AMj1%2BfUjZUisTYmAPe671MA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 745e79a219d3b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bd909ca-6c46-4b8b-a2f5-4d5470335397.jpeg

34.120.237.76

200 OK

7.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bd909ca-6c46-4b8b-a2f5-4d5470335397.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.4 kB (7358 bytes)
Hash
e4d6973685c96423469bad0cdf87aef3
9c00f2f5c3677908c2bdd8c1272d50d113672a88
f0fccb7a9c7bd00777e74b67ef248b1d9596ccaeb40b24c3451f4a65d0079968

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bd909ca-6c46-4b8b-a2f5-4d5470335397.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7358
x-amzn-requestid: d925ec69-0baa-4dc0-912c-ab4d0e86ffac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X9Ey3GRfIAMFmyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63151b45-041f82c20184278e2bfaad12;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: FjgrWe3PbQeEjqtBdrv4qZYxS-dsxh3ia9K5cxPxLq8pImfznoXFpQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 21:56:00 GMT
age: 47213
etag: "9c00f2f5c3677908c2bdd8c1272d50d113672a88"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfc2d378-c53c-424f-a82f-55ed32313f68.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8678 bytes)
Hash
f66d31b81d9fc88126f29d021a4e9274
27a8f7e44f69ad5feeec7ce6c64e9b2d552c2fe7
5769765bb634ce5e9f6c40bfb85e09b61ac6fe6d0e20c249e4f88e6fce6034f6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfc2d378-c53c-424f-a82f-55ed32313f68.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8678
x-amzn-requestid: 309a861d-31c1-4782-be91-aa3956e72c5c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X9Ey3HujIAMFybQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63151b45-0d21ac553e964f31183018e7;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CLDQW6hpGXAJlTk8AEBZyAwJ0msoRFnDszGTBqM-tyWnvqHwKrsCqQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 21:46:20 GMT
age: 47793
etag: "27a8f7e44f69ad5feeec7ce6c64e9b2d552c2fe7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69b1e092-41e6-4f1e-b330-193f7dd11afc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.8 kB (7830 bytes)
Hash
290f6551c5ac539ea60810b135750f17
3633391a8dd87ef10fcb0d04d7b309738affc4a7
d94d133faaf232cf15b5c3f38f5b45d87d70bce0668d607b5c66a8d3f836540f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69b1e092-41e6-4f1e-b330-193f7dd11afc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7830
x-amzn-requestid: c56af3b5-2c48-4243-b220-d56a9be47990
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X9Ey3H4JoAMFiMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63151b45-23ec24d867e3e5906fffa1a6;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: fpKQlxOtyRwaZk2FUf11J62jlqcAvXgOQT-ipFQm6qW-dMHyXaEnNg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 21:49:31 GMT
age: 47602
etag: "3633391a8dd87ef10fcb0d04d7b309738affc4a7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b72072c-e8d1-4d87-8b3d-88a344002b6a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9632 bytes)
Hash
3fa914e288ca54908967c65ae6000607
b470ee66546236df6932247b8de7982a081e3170
04dc2796377fdd129e03e1a1902207ba57f23933f4296908794097353f2de13f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b72072c-e8d1-4d87-8b3d-88a344002b6a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9632
x-amzn-requestid: aee8c394-86b7-4b7e-8a1b-134b4de8454f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XnTxZF0rIAMFodg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630c666f-2f2a9e20556d8899447fc662;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 07:10:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 77bXbuBtQ1AUHqlplB8HwTfSd83WZTTsmHsN2hZiTk83XvP5Bdpfhg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 14:24:28 GMT
age: 74305
etag: "b470ee66546236df6932247b8de7982a081e3170"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1be72d8-944d-4a7e-9b1e-ad82d49d9cf3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11654 bytes)
Hash
236f57d73839def5d9ddd1b993394bac
a32ddb91fce6c75ee39530117afcf31d6c6eea94
5c4eab322f6c6a7462a4350dde8d32fc321e6d026e72c0bdb282a56da72c9664

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1be72d8-944d-4a7e-9b1e-ad82d49d9cf3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11654
x-amzn-requestid: 7dec27e0-0959-435b-b155-6afeb503dac9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XxJUJGf-oAMFZNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631055b3-15838b603291931a4d236ff2;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 06:48:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: xeYGWeNQ32oY9qWzxAEr3PhixxBQJBKUEFOpSS9mKqJqqGtHltVVIQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 22:39:33 GMT
age: 44600
etag: "a32ddb91fce6c75ee39530117afcf31d6c6eea94"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.4 kB (4426 bytes)
Hash
c81f3df885bdee8cac46ea9495e6b63b
fc766bca874a352a4acb569577d4cf6527f4f074
e21473f88c613ca33ba6bbe1e0cab338274a06744cdcb088f14873c972445b36

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4426
x-amzn-requestid: b5b68557-e46d-41cd-9b11-d996aabc0de7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzfYTHHFIAMFjFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631145ce-1d3504367cf6ef724a345564;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 23:52:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: GSRJIWisH465dPqbKyPj1iZk1jAu3RGrgwj1CX3X8A397zv9Nt0cHA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 21:47:54 GMT
age: 47699
etag: "fc766bca874a352a4acb569577d4cf6527f4f074"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
420a6ffc72857f7132a9065de7c844a9
dee617384561d0790b72f096336b73ade7950579
c98bdc53f1f22291c4b954e9bd5f6432cfe3d5b24e3680b4ada3fc3a696e79d7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 11:02:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
eebb383a38a8f985b59a62820595689b
4d7bbcdeaa48e211743257c973ae2559b404d561
c8cf6bfc6865d4b25e7ef0df77478f47c4043b639aed462a2c6a0ba5439c3522

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 11:02:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-26291030-6&cid=1349153718.1662375768&jid=1774429137&_v=5.7.2&z=1737141214&slf_rd=1&random=4255395634

142.250.74.3

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-26291030-6&cid=1349153718.1662375768&jid=1774429137&_v=5.7.2&z=1737141214&slf_rd=1&random=4255395634
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-26291030-6&cid=1349153718.1662375768&jid=1774429137&_v=5.7.2&z=1737141214&slf_rd=1&random=4255395634 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.selcuksportshd121.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Sep 2022 11:02:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
eebb383a38a8f985b59a62820595689b
4d7bbcdeaa48e211743257c973ae2559b404d561
c8cf6bfc6865d4b25e7ef0df77478f47c4043b639aed462a2c6a0ba5439c3522

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 11:02:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
383a27719cbce6d9a40199c6d73e83d5
39fd6f19ddd6e8f6f8d4536f507ca10d6f46d975
d22aa1637e419173c9ad9953dfafd9caafbe5d148e3c39a41149c42d9c06aa70

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D22AA1637E419173C9AD9953DFAFD9CAAFBE5D148E3C39A41149C42D9C06AA70"
Last-Modified: Sun, 04 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4722
Expires: Mon, 05 Sep 2022 12:21:35 GMT
Date: Mon, 05 Sep 2022 11:02:53 GMT
Connection: keep-alive

istatistik.trthaber.com/service/api/stats/all

3.120.109.111

200 OK

15 B

URL HTTP/1.1
istatistik.trthaber.com/service/api/stats/all
IP
3.120.109.111:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
15 B (15 bytes)
Hash
0c776997933eb60833b37beaf43814c8
bff63526eb02853c6b414ccfb4d00ac9ca283930
3d23d39a30bb7323f8ccfd64c52cf286138fba4f83e78f7edcf66703b7c23aaa

HTTP Headers

POST /service/api/stats/all HTTP/1.1
Host: istatistik.trthaber.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 134
Origin: https://www.selcuksportshd121.xyz
Connection: keep-alive
Referer: https://www.selcuksportshd121.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Sep 2022 11:02:53 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 15
Connection: keep-alive
Access-Control-Allow-Origin: *

www5.cbox.ws/box/?boxid=921687&boxtag=DX8bvl

104.21.1.254

200 OK

0 B

URL HTTP/2
www5.cbox.ws/box/?boxid=921687&boxtag=DX8bvl
IP
104.21.1.254:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /box/?boxid=921687&boxtag=DX8bvl HTTP/1.1
Host: www5.cbox.ws
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.selcuksportsuygulama11.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 05 Sep 2022 11:02:52 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR NID CURa OUR NOR"
cache-control: public, max-age=60
last-modified: Thu, 31 Mar 2022 15:31:42 GMT
x-cache: HIT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zm9GT3fxEFsYS6%2Ff%2BdP%2Bv2WfYncNsHaKXoCSB%2B0TIuRBeZhFEf1ozIa38S7LcnD0nkuRP53%2FV1L4oF2kPZwubweLnkXm7CZbPQPYW%2BYdzDyoeJ9RoOXag0HAjr%2Bt8Os%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 745e79a34cc9b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

unpkg.com/swiper@8.3.2/swiper-bundle.min.js

104.16.125.175

200 OK

0 B

URL HTTP/2
unpkg.com/swiper@8.3.2/swiper-bundle.min.js
IP
104.16.125.175:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /swiper@8.3.2/swiper-bundle.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.selcuksportshd121.xyz/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Sep 2022 11:02:52 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"22fb1-KGtkeSGy9PWRWjtO2CswTE1NohY"
via: 1.1 fly.io
fly-request-id: 01G8X3FXCWJSYDYDFG651VPA6X-ams
cf-cache-status: HIT
age: 3541641
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 745e799faa90b500-OSL
content-encoding: br
X-Firefox-Spdy: h2

whos.amung.us/swidget/uu19fwdxlo.png

104.22.75.171

307 Temporary Redirect

0 B

URL HTTP/2
whos.amung.us/swidget/uu19fwdxlo.png
IP
104.22.75.171:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /swidget/uu19fwdxlo.png HTTP/1.1
Host: whos.amung.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iframeria.strmrdrfrocc.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 307 Temporary Redirect
date: Mon, 05 Sep 2022 11:02:53 GMT
content-type: text/html; charset=UTF-8
location: https://widgets.amung.us/small/01/196.png
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 745e79a52a6695df-ARN
X-Firefox-Spdy: h2

www.selcuksportshd26.xyz/

104.21.69.191

301 Moved Permanently

0 B

URL HTTP/2
www.selcuksportshd26.xyz/
IP
104.21.69.191:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET / HTTP/1.1
Host: www.selcuksportshd26.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 301 Moved Permanently
date: Mon, 05 Sep 2022 11:02:51 GMT
content-type: text/html
location: https://www.selcuksportshd121.xyz/
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OUM0ivpvl7atJRUVDrnUR91IaeW1G9ur53TzhABKBVot3XQBz0UoXjnAxL%2FLWw4u4OwCKXVjRQNBeYEcYBVfig3oHFpFCehDG3PBQInWklDW0veRiYw74Gep%2FBC6Tc6VcF%2FtMysqO03MTKA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 745e7999ccab0b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

iframeria.strmrdrfrocc.xyz/index.php?id=601

104.21.81.174

200 OK

0 B

URL HTTP/2
iframeria.strmrdrfrocc.xyz/index.php?id=601
IP
104.21.81.174:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index.php?id=601 HTTP/1.1
Host: iframeria.strmrdrfrocc.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.selcuksportshd121.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 05 Sep 2022 11:02:52 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-store
access-control-allow-origin: *
link: </streamradarking.1787e6ac6ef4f3cafdae068c5b321b1a.css>; rel=preload; as=style, </jquery.220afd743d9e9643852e31a135a9f3ae.js>; rel=preload; rel=preload; as=script, </clappr.10a0c239c01882665a0bd2e1d8ea3493.js>; rel=preload; as=script, </levelselector.ee341b104a9c406b73001afe57d16f18.js>; rel=preload; as=script, </keslanorospucocugu.a5be2684363df32e1431b8c920789b3a.js>; rel=preload; as=script
x-htz-md: Md eq fullversion
x-htz-rs: Rs eq slck
x-htz-rx: Rx eq https://www.selcuksportshd121.xyz
x-htz-st: St eq MISS
x-htz-ky: Ky eq Rh https://www.selcuksportshd121.xyz Md fullversion Rs slck Rm GET Hs iframeria.strmrdrfrocc.xyz Hts iframeria.strmrdrfrocc.xyz Ur /index.php Ru /index.php?id=601 Qs id=601 rruri /index.php
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ooX32a7sh8z0jZNCRkcne4VE1YNH9rRaKjKjFX74tIT0LTtlBVY506WIw1DlxCRKzkcR5%2Fickm06kU1K9DrNvE%2FIGY6Tkf86HAbPRIJNgbX5InaQMIdn7DgrAP92XZ%2FMtDpDJhqh74zz0kwOmw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 745e79a1b95cb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-h2-pushed: </streamradarking.1787e6ac6ef4f3cafdae068c5b321b1a.css>,</jquery.220afd743d9e9643852e31a135a9f3ae.js>,</clappr.10a0c239c01882665a0bd2e1d8ea3493.js>,</levelselector.ee341b104a9c406b73001afe57d16f18.js>,</keslanorospucocugu.a5be2684363df32e1431b8c920789b3a.js>
X-Firefox-Spdy: h2

iframeria.strmrdrfrocc.xyz/levelselector.ee341b104a9c406b73001afe57d16f18.js

104.21.81.174

200 OK

0 B

URL HTTP/2
iframeria.strmrdrfrocc.xyz/levelselector.ee341b104a9c406b73001afe57d16f18.js
IP
104.21.81.174:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /levelselector.ee341b104a9c406b73001afe57d16f18.js HTTP/1.1
Host: iframeria.strmrdrfrocc.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iframeria.strmrdrfrocc.xyz/index.php?id=601
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Sep 2022 11:02:52 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sun, 28 Nov 2021 15:49:55 GMT
vary: Accept-Encoding
expires: Mon, 04 Sep 2023 12:47:34 GMT
cache-control: max-age=31536000
x-robots-tag: none
cf-cache-status: HIT
age: 80118
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XuxTJdqC2n9CycZzqK0Z9%2BmLx6M1eZJviyAPLuV102mRVrUYSb7tgDOTylprKjrPUd6XgyInHGnaCPJQXMnCpEwsXwKOfmxg0K8zrJITocieoAQwoOMpBuIOpDHp5tEur67jzqPe3aXjiq65LA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 745e79a219d8b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cbox.im/i/4UrBC.c100.jpg

172.67.219.172

200 OK

0 B

URL HTTP/2
cbox.im/i/4UrBC.c100.jpg
IP
172.67.219.172:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /i/4UrBC.c100.jpg HTTP/1.1
Host: cbox.im
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www5.cbox.ws/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 05 Sep 2022 11:02:52 GMT
content-type: image/jpg
x-cached: 1
expires: Sat, 17 Sep 2022 17:17:24 GMT
cache-control: public, max-age=2592000
pragma: public
access-control-allow-origin: *
cf-cache-status: HIT
age: 1532728
last-modified: Thu, 18 Aug 2022 17:17:24 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jvFS%2BJ1S7RaG6CwK6kQ%2Bk8tIO5c16jrbZswhku%2B6LvHZAtNzbqoQ0uKXOCLP07r8LmV1UOxksV%2B%2FHjlHw%2FqH71onVSqLGl%2Fr8tAhcYyoO6u6XzHgEapJU%2FMq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 745e79a42d9eb50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.cbox.ws/jsc/jsc_10_1629383500.js

172.67.128.112

200 OK

0 B

URL HTTP/2
static.cbox.ws/jsc/jsc_10_1629383500.js
IP
172.67.128.112:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /jsc/jsc_10_1629383500.js HTTP/1.1
Host: static.cbox.ws
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www5.cbox.ws/
Origin: https://www5.cbox.ws
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Mon, 05 Sep 2022 11:02:52 GMT
content-type: application/x-javascript
last-modified: Thu, 19 Aug 2021 14:31:45 GMT
etag: W/"611e6b51-64a8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 7818917
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vHaOl6m7jaFNtf%2BEL%2FIrkCRtynIyV6SYtaRVg2L1pg00lTzbYTSPuKTX4EDMcaGA8aiyVzQEGEC2pp2BNgX8yLIKBTB3sq0xFK%2Fwpuw4k7lNR8WMyTFt55jjoTvPOLUNBg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 745e79a51cda0b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.selcuksportshd121.xyz/

104.21.52.212

200 OK

0 B

URL HTTP/2
www.selcuksportshd121.xyz/
IP
104.21.52.212:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET / HTTP/1.1
Host: www.selcuksportshd121.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Mon, 05 Sep 2022 11:02:51 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=600
x-frame-options: sameorigin
link: <./css/index.css>; as=style; rel=preload, <./js/index.js>; as=script; rel=preload
cf-cache-status: EXPIRED
last-modified: Mon, 05 Sep 2022 10:42:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0FJBW288bvoTl9LBrTCqB4yRTGWC8foxo7RMbmbR%2FwZlTAYmnko0oV7EHMCG3ZGHnf4%2FWORLYXqjAsYnMMj3M5TYcYPdKWWGw26MIoSsb9yXSFAmfwcUcjss%2BjBIeUMCJT4Wm4bRB0P56s38"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 745e799c981bb4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

unpkg.com/swiper/swiper-bundle.min.css

104.16.125.175

302 Found

0 B

URL HTTP/2
unpkg.com/swiper/swiper-bundle.min.css
IP
104.16.125.175:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /swiper/swiper-bundle.min.css HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.selcuksportshd121.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Mon, 05 Sep 2022 11:02:52 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /swiper@8.3.2/swiper-bundle.min.css
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GC6N2462DJN5J474B330ZKA0-ams
cf-cache-status: HIT
age: 12
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 745e799f39e3b500-OSL
X-Firefox-Spdy: h2

unpkg.com/swiper/swiper-bundle.min.js

104.16.125.175

302 Found

0 B

URL HTTP/2
unpkg.com/swiper/swiper-bundle.min.js
IP
104.16.125.175:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /swiper/swiper-bundle.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.selcuksportshd121.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Mon, 05 Sep 2022 11:02:52 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /swiper@8.3.2/swiper-bundle.min.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GC6MPB7VXGX37KDG6P4GGDYM-ams
cf-cache-status: HIT
age: 398
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 745e799f4a1eb500-OSL
X-Firefox-Spdy: h2

unpkg.com/swiper@8.3.2/swiper-bundle.min.css

104.16.125.175

200 OK

0 B

URL HTTP/2
unpkg.com/swiper@8.3.2/swiper-bundle.min.css
IP
104.16.125.175:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /swiper@8.3.2/swiper-bundle.min.css HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.selcuksportshd121.xyz/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Sep 2022 11:02:52 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"4052-dxUYZpo3DZFa3w0gfyoiCSp2jNE"
via: 1.1 fly.io
fly-request-id: 01G8X3P78MQ1FBRE6H3BCG1FRB-ams
cf-cache-status: HIT
age: 3541428
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 745e799f8a63b500-OSL
content-encoding: br
X-Firefox-Spdy: h2

iframeria.strmrdrfrocc.xyz/keslanorospucocugu.a5be2684363df32e1431b8c920789b3a.js

104.21.81.174

200 OK

0 B

URL HTTP/2
iframeria.strmrdrfrocc.xyz/keslanorospucocugu.a5be2684363df32e1431b8c920789b3a.js
IP
104.21.81.174:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /keslanorospucocugu.a5be2684363df32e1431b8c920789b3a.js HTTP/1.1
Host: iframeria.strmrdrfrocc.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iframeria.strmrdrfrocc.xyz/index.php?id=601
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Sep 2022 11:02:52 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sun, 04 Sep 2022 19:44:17 GMT
vary: Accept-Encoding
expires: Mon, 04 Sep 2023 19:44:30 GMT
cache-control: max-age=31536000
x-robots-tag: none
cf-cache-status: HIT
age: 55102
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2BOVoiSRNqh1e9tX7JIz4l5eNxNdJOIRyvwUxWbrH3IbxeJz8%2FEczT4XVEvK2Vl9WDdb5bTLTfEUSGsu9%2FzQ0RZj3GOzgwVMHo8pYSwaAyuNagQ77%2F42Y9KzHkabmvKM07lQtFf2BpL7inA45A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 745e79a219d9b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cbox.im/i/JqIX7.c100.png

172.67.219.172

200 OK

0 B

URL HTTP/2
cbox.im/i/JqIX7.c100.png
IP
172.67.219.172:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /i/JqIX7.c100.png HTTP/1.1
Host: cbox.im
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www5.cbox.ws/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 05 Sep 2022 11:02:52 GMT
content-type: image/jpg
x-cached: 1
expires: Mon, 03 Oct 2022 04:51:51 GMT
cache-control: public, max-age=2592000
pragma: public
access-control-allow-origin: *
cf-cache-status: HIT
age: 195061
last-modified: Sat, 03 Sep 2022 04:51:51 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2FEQj2q1iWR6aZUHoY7N2wZpwzojqIKGH9KhaHlj6B5vc%2FKVrRB%2FK7IWvaRClxToY7tTSomlG0slWoy4A8%2F3pKq1%2F3MN97MNjK9d5YAA2u%2Bd%2BZ2KDi4iXU41"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 745e79a43da6b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (25)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP