Report - ckk.ai/DDqyXJdt

Report Overview

Submitted URL
ckk.ai/DDqyXJdt
IP
104.21.83.50
ASN
#13335 CLOUDFLARENET
Submitted
2022-09-11 05:26:08
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
24

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
bedrapiona.com	34930	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	389 B	2.4 kB	139.45.197.234
belickitungchan.com	813914	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.4 kB	26 kB	139.45.197.239
offerimage.com	304078	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	808 B	117 kB	104.22.33.172
www.recaptcha.net	2060	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	395 B	1.2 kB	142.250.74.131
forfrogadiertor.com	179003	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	2.1 kB	139.45.197.239
tzegilo.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	336 B	832 B	104.21.22.169
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.110
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
cdn.itskiddoan.club	24539	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	792 B	62 kB	139.45.197.236
my.rtmark.net	9054	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	354 B	735 B	139.45.195.8
cdn.uponelectabuzzor.club	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	351 B	593 B	139.45.197.239
punoocke.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	69 kB	139.45.197.236
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	377 B	32 kB	172.217.21.170
upgulpinon.com	83187	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	7.0 kB	138 kB	139.45.197.242
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	492 B	18 kB	142.250.74.163
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	364 B	43 kB	142.250.74.72
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	984 B	2.9 kB	104.18.32.68
mediasama.com	166244	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.7 kB	4.2 MB	144.217.67.42
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	61 kB	34.120.237.76
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.27
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
trustbummler.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	348 B	1.4 kB	142.91.159.133
iclickcdn.com	45415	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	338 B	108 kB	104.26.12.118
ckk.ai	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	766 B	112 kB	172.67.214.204
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	54.187.160.31
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	420 B	746 B	142.250.74.10
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.6 kB	12 kB	23.33.119.27
www.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	411 B	158 kB	142.250.74.163
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	92 kB	142.250.74.3
onmarshtompor.com	24517	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	901 B	970 B	139.45.197.243

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-11	medium	upgulpinon.com/27/55dfd372293146a7ca113106d0d608dd	Malware
2022-09-11	medium	upgulpinon.com/1?z=5324394	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-09-11	medium	trustbummler.com	Sinkholed
2022-09-10	medium	belickitungchan.com	Sinkholed
2022-09-11	medium	punoocke.com	Sinkholed
2022-09-11	medium	punoocke.com	Sinkholed
2022-09-10	medium	belickitungchan.com	Sinkholed
2022-09-10	medium	belickitungchan.com	Sinkholed
2022-09-10	medium	belickitungchan.com	Sinkholed
2022-09-10	medium	belickitungchan.com	Sinkholed
2022-09-11	medium	punoocke.com	Sinkholed
2022-09-11	medium	punoocke.com	Sinkholed

JavaScript (27)

	URL	Size	First Seen	Last Seen
	ckk.ai/DDqyXJdt	1.2 kB	2023-03-07	2023-03-17
Pretty URL ckk.ai/DDqyXJdt IP 172.67.214.204 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:47 Last Seen2023-03-17 12:36:20 Times Seen1 Hash 92c358816771fe2cbc6dc872e02be3db 17f4171dfb499bf1b519144967d1c1228548833d 491ae380377ae74daab4070ef62775689cb0c6dd6010f0e04dfab7372bb4905e Loading...

	ckk.ai/DDqyXJdt	155 B	2023-03-07	2023-03-26
Pretty URL ckk.ai/DDqyXJdt IP 172.67.214.204 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:47 Last Seen2023-03-26 04:26:44 Times Seen6 Hash c6a6fe70fe2719213ad5d26dedb4f43f 20a55f2ea4452e31e80cc2622b56b6f9aa25b8e1 875080c3fe702e15c616187d65a7c18501c850340859ac6c4b8447aa735234a4 Loading...

	cdn.itskiddoan.club/apu.php?zoneid=5225632	76 kB	2023-03-07	2023-03-07
Pretty URL cdn.itskiddoan.club/apu.php?zoneid=5225632 IP 139.45.197.236 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:37:38 Last Seen2023-03-07 14:37:38 Times Seen1 Hash 182ed160c557d63d215e1b13ad102142 0fb804b5113b91d042086caa741f14d4bd4ef41e 57d2f1c45ff7c383dd8da6755141856566cf6dee4a7e918951884c749cb20e9b Loading...

	mediasama.com/starharem/01/s/js/main.js	1.3 kB	2023-03-07	2024-03-04
Pretty URL mediasama.com/starharem/01/s/js/main.js IP 144.217.67.42 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:04 Last Seen2024-03-04 05:36:19 Times Seen58 Hash dee042800157426b09099ecf3eb7d004 f0a082059f6f9174869ce1f52b7ee6423a311641 4bad52d0b87da525c7eefbc4bb92656abb89bb6bbec58c54848523ec7ae09587 Loading...

	ckk.ai/main/wp-content/themes/Newspaper/js/tagdiv_theme.min.js	209 kB	2023-03-07	2024-04-07
Pretty URL ckk.ai/main/wp-content/themes/Newspaper/js/tagdiv_theme.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:19 Last Seen2024-04-07 15:27:51 Times Seen314 Hash 0aec173e27fe2509b282ebca08fc9173 7ddf608375d5abd1b0ee126ae4c58aa4f40ec908 c19c9186e84024b69f2b855f6c24fd9f44f68618dd00839a2da55e1dd614fb42 Loading...

	ckk.ai/DDqyXJdt	193 B	2023-03-07	2023-03-26
Pretty URL ckk.ai/DDqyXJdt IP 172.67.214.204 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:19 Last Seen2023-03-26 04:26:44 Times Seen6 Hash 02a6a83c864c4ad0b3cf04227c0a4d3f c1989a61041ef47a143ffe1e9ce3bdba0d9269e7 20a199a756d01a8ef05b4b3dbf84c4f022b4fc84ce2c1a9b6f0d491942a81f12 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-07	2024-05-09
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-05-09 09:39:13 Times Seen854 Hash d40531c5e99a6f84e42535859476fe35 a901817d77b2fe5259c298c91bc65c54d7f8a1a9 a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Loading...

	www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit	921 B	2023-03-07	2023-03-07
Pretty URL www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit IP 142.250.74.131 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:26:57 Last Seen2023-03-07 16:02:54 Times Seen1 Hash d805d31a3089c02545b7ac7a854ee37c 929c18a7e4a5ad9d82d0d6e7cf913fce05e22476 a9160534191016d99812666737f8e38dc60eb8e4ebb3de403247765c7e3eb282 Loading...

	mediasama.com/starharem/01/s/index_rt.html	1.5 kB	2023-03-07	2023-04-05
Pretty URL mediasama.com/starharem/01/s/index_rt.html IP 144.217.67.42 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:04 Last Seen2023-04-05 01:59:44 Times Seen2 Hash 4d9b111ab737a0a624f183fabc53f9e0 8f00b34fb084ab6d382adf2eaf39ce63d6c0a485 69e434a040e615971563c02e2d45d52b362510ba6131141e72f60f9208564a51 Loading...

	mediasama.com/starharem/01/s/index_rt.html	66 B	2023-03-07	2023-04-05
Pretty URL mediasama.com/starharem/01/s/index_rt.html IP 144.217.67.42 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:04 Last Seen2023-04-05 01:59:44 Times Seen2 Hash a34c74f5a0f4c82a893bd20da6a62f14 8a062e7b3d648e5a4bd24d63c34fb6d77bf8853a f8ad5d8fad94dc20cfc2d172435b5556d3ca13289566d16bb8a3f84ecaa11ef1 Loading...

	www.googletagmanager.com/gtag/js?id=UA-113561579-8	108 kB	2023-03-07	2023-03-07
Pretty URL www.googletagmanager.com/gtag/js?id=UA-113561579-8 IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:37:38 Last Seen2023-03-07 14:37:38 Times Seen1 Hash 9a07e6439cf5759d6c1b545dcbf26c19 8adcc48508fdd74c510fee66b71d52faf6fa8624 5af373b52ddab3c277e023a4f3ac948c9c1c62142f9a78c242b5c304fbdbe866 Loading...

	belickitungchan.com/400/5292343	80 kB	2023-03-07	2023-03-07
Pretty URL belickitungchan.com/400/5292343 IP 139.45.197.239 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:37:38 Last Seen2023-03-07 15:01:36 Times Seen1 Hash e8492e33c458a963775190df9e59632d a51d55ad2b9539fc161a90b8a2a414e50d6b28a5 9b1efb1f07f794af7c4343b9bf8d52367607d4a4d987fa8733533661b65035f1 Loading...

	forfrogadiertor.com/400/3487732	82 kB	2023-03-07	2023-03-07
Pretty URL forfrogadiertor.com/400/3487732 IP 139.45.197.239 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:37:38 Last Seen2023-03-07 15:01:36 Times Seen1 Hash 8afbd7bf04000577a779ae456c016d5f 4fc441814a69542e5dbbdfdf824747247dcb5cf3 ae5d99ec9e03967ae5726ed1b153e7373cfaee8711437eccaf697506fdd5fe99 Loading...

	upgulpinon.com/42/38?z=5324394	0 B	2023-03-07	2024-05-11
Pretty URL upgulpinon.com/42/38?z=5324394 IP 139.45.197.242 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-11 03:22:08 Times Seen37534259 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	upgulpinon.com/27/55dfd372293146a7ca113106d0d608dd	407 kB	2023-03-07	2023-03-17
Pretty URL upgulpinon.com/27/55dfd372293146a7ca113106d0d608dd IP 139.45.197.242 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:21:35 Last Seen2023-03-17 11:41:59 Times Seen1 Hash a15d23895013cd64c6054c8b0314689e 37f20d7ed84d124ef96051ed2b81ae1a33301af0 486b616ccd0babad56e248fd916494ff1d054fe42284ad1c749b6d786a1e9066 Loading...

	cdn.itskiddoan.club/apu.php?zoneid=5225632	76 kB	2023-03-07	2023-03-07
Pretty URL cdn.itskiddoan.club/apu.php?zoneid=5225632 IP 139.45.197.236 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:37:38 Last Seen2023-03-07 14:37:38 Times Seen1 Hash e6ae731d09484bbcf5c04489f173dca4 584a71c9765cfe6b2c9bd2398b2d8442526f450f 2f0dd711e1c568dedeec449fd4ef443f36bd41a4242a6374895d37006fe373e3 Loading...

	www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__en.js	397 kB	2023-03-07	2023-03-17
Pretty URL www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__en.js IP 142.250.74.163 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:14:20 Last Seen2023-03-17 11:41:52 Times Seen1 Hash 09705f2d215ade77e21cd6743f3d2c0c b4838ce510bc55c3a5bd5dca82e29f4de4536e81 52995c7482cb8361e6abfee05a9ec892a3d85679cdcf995e7f2fe711c6ba0150 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js	87 kB	2023-03-07	2024-05-11
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js IP 172.217.21.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-05-11 02:59:54 Times Seen110614 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	ckk.ai/cloud_theme/build/js/script.min.js?ver=6.5.3	226 kB	2023-03-07	2024-03-03
Pretty URL ckk.ai/cloud_theme/build/js/script.min.js?ver=6.5.3 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:07 Last Seen2024-03-03 16:42:45 Times Seen139 Hash 17af4dfc5379f1318c2500cec6d557ef 2b096b20b8c1c5ec0c5208cce95eda627491912d 63f77a19278bb4839222a13521b55fde34d5633a73cc82260d33b65aab5ec822 Loading...

	ckk.ai/DDqyXJdt	94 B	2023-03-07	2024-05-10
Pretty URL ckk.ai/DDqyXJdt IP 172.67.214.204 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:08 Last Seen2024-05-10 18:59:25 Times Seen1054 Hash 0e82f1e9f9f11642f57928c133254d46 8081b6d8caac03e0cb9baa3b47a533ef15bbe4a1 bd445588497980e8d05916507c7c4df59d0233242a35887c2a6dc8deeff2606c Loading...

	ckk.ai/DDqyXJdt	198 B	2023-03-07	2024-04-07
Pretty URL ckk.ai/DDqyXJdt IP 172.67.214.204 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:19 Last Seen2024-04-07 15:27:50 Times Seen161 Hash 63766cfc13da10bbb548c0304d52b1f1 9a8c6c72606382f008eaa7ad3b9be3977599a58a ca9330eed6a6b98a1dd3b2558c68a78ea867c2862c72b8415f772cba0963c88d Loading...

	iclickcdn.com/tag.min.js	72 kB	2023-03-07	2023-03-17
Pretty URL iclickcdn.com/tag.min.js IP 104.26.12.118 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:57:38 Last Seen2023-03-17 11:38:33 Times Seen1 Hash 21a1afe9f67e62b483549dfe9b574640 9173a4c7be79c3b25a975779c74053eb9d623a70 8abfd720f7d8cc630d1cd56f4a41cf9a4dded524f4cb648b8a6c2fe8a0f6353f Loading...

	tzegilo.com/stattag.js	33 kB	2023-03-07	2023-03-17
Pretty URL tzegilo.com/stattag.js IP 104.21.22.169 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:13:21 Last Seen2023-03-17 12:47:57 Times Seen1 Hash df875929410d71d763e9fa10b830bb2a b0711a8d2bf6ad4ffa4640534588b423f2ef7fec 0be796b658c6cee0d55aa164994d0d83f9ec7aa7ecf1eb41c1ddf208bba9e3b1 Loading...

	ckk.ai/DDqyXJdt	177 B	2023-03-07	2023-03-17
Pretty URL ckk.ai/DDqyXJdt IP 172.67.214.204 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:19 Last Seen2023-03-17 12:36:20 Times Seen1 Hash 33b5cbd2aba5808412eb60a0496c2514 850a307dc6f20e47ba24154429f19c41747f534c 977162de90b3409c24586f48708f5f8011f2a91229658f4adbfef54393e94323 Loading...

	upgulpinon.com/1?z=5324394	8.7 kB	2023-03-07	2023-03-07
Pretty URL upgulpinon.com/1?z=5324394 IP 139.45.197.242 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:37:38 Last Seen2023-03-07 14:37:38 Times Seen1 Hash 6219e3ce319b0dc7e18253c9306a88be 7fdfcf9b44617a4468f6e8ce8f80e219f52fcb7a 85f28c41dbd665a0da9faf42f8b611850c6e7f0c99428528765acc2efb6350a6 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 73497a37c3561adbd8ce84e4f017b368	9 B	2023-03-07	2024-05-11
Pretty Observations First Seen2023-03-07 01:03:23 Last Seen2024-05-11 02:12:51 Times Seen2373 Hash 73497a37c3561adbd8ce84e4f017b368 9193ae73cb3dd2833be8c942714d5544bfb628c9 9312a1adbbf0a4c05fc296d158ec3bd39acfe50e9e98ff02688139aad6fc3351 Loading...

		Size	First Seen	Last Seen
	#1 Write - 763f7f1aec350cd1a46238d1d5c3c229	7 B	2023-03-07	2024-05-11
Pretty Observations First Seen2023-03-07 01:03:11 Last Seen2024-05-11 01:49:59 Times Seen1260 Hash 763f7f1aec350cd1a46238d1d5c3c229 b4ee6522335b033249255b4cc1d572993282aafb 2f26233595d165e6868c5bb9e5e835506039e72c61a36a1bafb0827abfe746a5 Loading...

HTTP Transactions (89)

URL IP Response Size

ckk.ai/DDqyXJdt

172.67.214.204

301 Moved Permanently

0 B

URL HTTP/1.1
ckk.ai/DDqyXJdt
IP
172.67.214.204:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /DDqyXJdt HTTP/1.1
Host: ckk.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Sun, 11 Sep 2022 05:25:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 11 Sep 2022 06:25:56 GMT
Location: https://ckk.ai/DDqyXJdt
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0HZqIBxbvin4I%2FwI%2BpPf19A0cCWVITX4CgP7tQM81c3TzvGDeXVgppHTYH%2FGYtyyER0Py73LEEBmo0BwKVYztDh4P%2FuoZadiogexsWVOLEmE%2BI0djXrtc74%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748dfc51f9a80b39-OSL
alt-svc: h2=":443"; ma=60

firefox.settings.services.mozilla.com/v1/

143.204.55.27

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 11 Sep 2022 05:07:18 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: DTexTQsECbnVCgqszdAueh0jenBhNKuHXXdwyCLs0km3wxH_h5WmXA==
Age: 1118

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
76d5eb597558e3dee0d99719d17e71e0
f3a0f3932fa8059f27dc9422d523b938fa9a7d09
d16de6cc9eb0e1297f53dc1137bb764bf5c21a7727be32ad05afebd1fe9501ed

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20016
Expires: Sun, 11 Sep 2022 10:59:32 GMT
Date: Sun, 11 Sep 2022 05:25:56 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.110

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.110:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 10 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: HJcShnm0QkBpA_wl6bk1H--mwBaJRhV8jvaTthaQKlSJbLFqJ7F-EQ==
age: 79724
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 05:25:56 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.27

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sun, 11 Sep 2022 04:56:07 GMT
Expires: Sun, 11 Sep 2022 05:04:20 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: D_6mLkUYIjDtwo5hE0N9tdC_5UyvLyrWvqb9g1O64jsqoqLbCRljKw==
Age: 1789

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
36fe04277220227ba5ecfe7d2ff1d9d9
2eb9f6560336248cc45c1cd66d87505b5ebdf5d4
94f8f2f8f3b67db18825ea48740ff0ce218d7156fe851d6b023ef43b6bee4f7f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3600
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 05:25:57 GMT
Last-Modified: Sun, 11 Sep 2022 04:25:57 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

ckk.ai/DDqyXJdt

104.21.83.50

200 OK

110 kB

URL HTTP/2
ckk.ai/DDqyXJdt
IP
104.21.83.50:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63089), with CRLF, LF line terminators
Size
110 kB (109558 bytes)
Hash
8ebf87ab3d9f3faca451a2b50e20ced7
9f5136f09a08680e59075f6df5e11530146ae4f0
a8f9e4ec1903a81df1eb44189ecfe4ae95eccdaeb1d5ac4ede1fb0ecf949722d

HTTP Headers

GET /DDqyXJdt HTTP/1.1
Host: ckk.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Sun, 11 Sep 2022 05:25:57 GMT
content-type: text/html; charset=UTF-8
set-cookie: AppSession=e5a67b0a13cf2591a24385bb46f20902; path=/; HttpOnly; secure
refDDqyXJdt=OWQ3ZDA5NDgzMWIyM2FhMGY4NThhMGVjNmMyMDM4OTA5YTliODdlMjY0ZWQ2OTQyNDU1NzZkOTEwZDBlNDg3OYDPkKjmyK0bfgIeZlkKetNuY2L6fbpswq59jNEE%2F%2BRw; expires=Sun, 11-Sep-2022 05:30:55 GMT; Max-Age=300; path=/; HttpOnly; secure
csrfToken=bca83b9d25bce6e7c046f48a949f43a1561affa3814d37ba4ad9c31e639274de14c613defec235c8a41d942ef7fda25370d59925b3153f32f18188afea7f16af; path=/; HttpOnly; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN,SAMEORIGIN
x-robots-tag: noindex, nofollow
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rkYDp9PW6AdtTQBkQEsht8K4ZV8D15ruNsFwizq%2B1YOmpvONq2cgOI3IvFOGMZZH%2BxiFMNX2yYa8tXd2nmGgnxui2xKhD8c2oaEnHWGCd%2FOezDZm8TetULA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 748dfc539b9dfac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

37 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
37 kB (36644 bytes)
Hash
19461ebd69804c2d7f38c0a2af7c9789
52eb37c3654541f05c83db8bd574590a5ad8baaf
3af368c40d6048a1cef5c7d8c56bf31c70ad173eaece10d93e2769a2833bb3b5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 05:25:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9146c293d1e3c1197618b4cb8eec4821
6bbc5d7328d375ff3265c9ff4e948e8be2f45388
59cc43a489f1c22b36df11777b04ceb226fa8aa4b2263954950b01b5fc0b1503

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "59CC43A489F1C22B36DF11777B04CEB226FA8AA4B2263954950B01B5FC0B1503"
Last-Modified: Sat, 10 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15550
Expires: Sun, 11 Sep 2022 09:45:07 GMT
Date: Sun, 11 Sep 2022 05:25:57 GMT
Connection: keep-alive

www.googletagmanager.com/gtag/js?id=UA-113561579-8

142.250.74.72

200 OK

42 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-113561579-8
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1615)
Size
42 kB (41924 bytes)
Hash
dba1862b4652fc785a36e48e132d7c22
96bde660828c016ba26fdaa92817209d9d34e702
e80505efafcca0bc17f3d89708287f3a08af45d17bc4e9629a229a10671bc90e

HTTP Headers

GET /gtag/js?id=UA-113561579-8 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 11 Sep 2022 05:25:57 GMT
expires: Sun, 11 Sep 2022 05:25:57 GMT
cache-control: private, max-age=900
last-modified: Sun, 11 Sep 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41924
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

51 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
51 kB (51038 bytes)
Hash
dc83a74a95e69bc12439d3ea5c262249
95d8c75104ab8cdbe9d644b9c2b6ef461942e72d
0115395c82f7ffd8611ba98d119a3ac4087a24c877cdfe9b80e8fd900d2aa8ca

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 05:25:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d023a4d8868914eeee659863fd58edc4
2bb44f9bf9ad0a54db0eb4377fb32a0a7b428d61
1191d0af8a76e1867837fc51bd40521ad9337140a4f59d412adc5440661d5a63

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1191D0AF8A76E1867837FC51BD40521AD9337140A4F59D412ADC5440661D5A63"
Last-Modified: Sat, 10 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18055
Expires: Sun, 11 Sep 2022 10:26:52 GMT
Date: Sun, 11 Sep 2022 05:25:57 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ee8068c5f0a85ede985419bce9b89532
d824e19ea53b6d608f2cdb6678e051d566bee49c
c150471bd3f1816159de8479a12a4be74d1c35acd275ae30916f186af7395bd4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C150471BD3F1816159DE8479A12A4BE74D1C35ACD275AE30916F186AF7395BD4"
Last-Modified: Sat, 10 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15532
Expires: Sun, 11 Sep 2022 09:44:49 GMT
Date: Sun, 11 Sep 2022 05:25:57 GMT
Connection: keep-alive

push.services.mozilla.com/

54.187.160.31

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.187.160.31:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: iTinB+eWB2uXwlA3ACjmQQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: /sF9gD3QYq5Pjk/jvRsRq2MsPNE=

trustbummler.com/tSXyF1oQpqC/14504

142.91.159.133

200 OK

25 B

URL HTTP/1.1
trustbummler.com/tSXyF1oQpqC/14504
IP
142.91.159.133:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with no line terminators
Size
25 B (25 bytes)
Hash
d488addc5df5fc9b9ff4135bb4e3a823
6ce56f48e851df4d562b43d3bc1269a504ae83fc
d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /tSXyF1oQpqC/14504 HTTP/1.1
Host: trustbummler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 11 Sep 2022 05:25:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://ckk.ai
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; expires=Mon, 12-Sep-2022 05:25:57 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW; expires=Mon, 12-Sep-2022 05:25:57 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

upgulpinon.com/42/38?z=5324394

139.45.197.242

200 OK

0 B

URL HTTP/2
upgulpinon.com/42/38?z=5324394
IP
139.45.197.242:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /42/38?z=5324394 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: scm=1; OAID=f3fc1d952e0d4a548c306c87804c84fb; oaidts=1662873957
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 05:25:57 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 12aa16b0babc766299a6e30c0d53215f
access-control-expose-headers: X-Sc
set-cookie: OAID=f3fc1d952e0d4a548c306c87804c84fb; expires=Mon, 11 Sep 2023 05:25:57 GMT; secure; SameSite=None
oaidts=1662873957; expires=Mon, 11 Sep 2023 05:25:57 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
baef0fa614bc20db5a714f7fbbb9f92e
d48d82e119e533b74d79286b5324ea5c4fdb1d78
c26f4b84732df6359f7caa0227f99100edaaf5ffa0f2a4a267d5931aaf7c2b9f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C26F4B84732DF6359F7CAA0227F99100EDAAF5FFA0F2A4A267D5931AAF7C2B9F"
Last-Modified: Sat, 10 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3069
Expires: Sun, 11 Sep 2022 06:17:06 GMT
Date: Sun, 11 Sep 2022 05:25:57 GMT
Connection: keep-alive

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
5b36f6508bf779a395d4b559b41d267d
a653f55ef7e337bd259cd76d14fe2adc91c11603
91e3696c53649e8d76b738dca29ed03b8b935f9fc230c735d2fd729428742605

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 05:25:57 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 08 Sep 2022 18:25:21 GMT
Expires: Thu, 15 Sep 2022 18:25:20 GMT
Etag: "a653f55ef7e337bd259cd76d14fe2adc91c11603"
Cache-Control: max-age=391762,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 748dfc5bcd890b45-OSL

my.rtmark.net/gid.js

139.45.195.8

200 OK

65 B

URL HTTP/2
my.rtmark.net/gid.js
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
88a9ee0f50e7de91372b218e112b4404
37961630d79b78754b8523689c99a6d22eac8d96
52a24f7935b8a0a0f4bf417e1f784f320d6722e6f65b94eb64a0c28f0316d985

HTTP Headers

GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 05:25:57 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://ckk.ai
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=269f7bf030b74658a67bff176b2ef6a3; expires=Mon, 11 Sep 2023 05:25:57 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
d514c8b8af1847f46b54a19a985a451d
7e3edc42b5335cdc558d694b3fd5a610532fa66d
e6daa05399233401ad98785d4b9e59a1c7c95ba27f74ef0898aef377f474af48

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 05:25:57 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 09 Sep 2022 03:02:17 GMT
Expires: Fri, 16 Sep 2022 03:02:16 GMT
Etag: "7e3edc42b5335cdc558d694b3fd5a610532fa66d"
Cache-Control: max-age=422778,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 748dfc5b19dc1bfe-OSL

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ffff34c63921d13aa54cd91e3ec4e8c1
0c97e2456815735a69f5ba388e74f7f693aaee0d
7141212b147e753b73ed80dde317941bd35ef26637700918bc36ce22e08109ff

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7141212B147E753B73ED80DDE317941BD35EF26637700918BC36CE22E08109FF"
Last-Modified: Fri, 09 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3089
Expires: Sun, 11 Sep 2022 06:17:26 GMT
Date: Sun, 11 Sep 2022 05:25:57 GMT
Connection: keep-alive

upgulpinon.com/9?z=5324394&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FDDqyXJdt&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=269f7bf030b74658a67bff176b2ef6a3

139.45.197.242

204 No Content

0 B

URL HTTP/2
upgulpinon.com/9?z=5324394&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FDDqyXJdt&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=269f7bf030b74658a67bff176b2ef6a3
IP
139.45.197.242:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /9?z=5324394&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FDDqyXJdt&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=269f7bf030b74658a67bff176b2ef6a3 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://ckk.ai/
Origin: https://ckk.ai
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Sun, 11 Sep 2022 05:25:57 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://ckk.ai
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
44fd5b6572a48c8b5e562d24480ea7c6
fe0dc02fe65504012b90bea294d5082ba44904cf
19dfd3bd4746b5e6e431d257a3450730a066efdc64eef4387cfaf425df6e9a78

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "19DFD3BD4746B5E6E431D257A3450730A066EFDC64EEF4387CFAF425DF6E9A78"
Last-Modified: Fri, 09 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10143
Expires: Sun, 11 Sep 2022 08:15:01 GMT
Date: Sun, 11 Sep 2022 05:25:58 GMT
Connection: keep-alive

cdn.uponelectabuzzor.club/1?z=5251403

139.45.197.239

404 Not Found

7 B

URL HTTP/2
cdn.uponelectabuzzor.club/1?z=5251403
IP
139.45.197.239:0
ASN
#9002 RETN Limited

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
3b66fb7a307f3ca29bd59b2f354055bd
d6ae6ccb37eb272d94d4a5191fa50372f4d06bba
de68e8f959bc131328db7581860711517d6ae1eb03aa047043dc7f826906e5a4

HTTP Headers

GET /1?z=5251403 HTTP/1.1
Host: cdn.uponelectabuzzor.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 404 Not Found
server: nginx
date: Sun, 11 Sep 2022 05:25:58 GMT
content-type: text/plain; charset=utf-8
content-length: 7
access-control-allow-credentials: true
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: a81f391f4226c788a6c09e8f8de224cd
access-control-expose-headers: X-Sc
x-sc: 4KdnrdofxFOHMlcU
set-cookie: scm=1; expires=Mon, 11 Sep 2023 05:25:58 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5a2f01d03371a1410f6b680f20d00d3d
8eda1298a77947f6b18a48e4c591b9f86a9ecca3
1cce2cce3f4a823b6572c28b329e30e3ce1184de5e42275924e94fc42c1302d8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1CCE2CCE3F4A823B6572C28B329E30E3CE1184DE5E42275924E94FC42C1302D8"
Last-Modified: Sat, 10 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19952
Expires: Sun, 11 Sep 2022 10:58:30 GMT
Date: Sun, 11 Sep 2022 05:25:58 GMT
Connection: keep-alive

upgulpinon.com/27/55dfd372293146a7ca113106d0d608dd

139.45.197.242

200 OK

132 kB

URL HTTP/2
upgulpinon.com/27/55dfd372293146a7ca113106d0d608dd
IP
139.45.197.242:0
ASN
#9002 RETN Limited

File type
data
Size
132 kB (131662 bytes)
Hash
f7a54a982ae80ac6c12003a14d78a5a0
8764bcf437ff925fae9178c23222ac160f48148c
927dce498fbf78cf3648042fae2784d98a3275213f6fc302579fb904c0611461

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /27/55dfd372293146a7ca113106d0d608dd HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: scm=1; OAID=f3fc1d952e0d4a548c306c87804c84fb; oaidts=1662873957
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 05:25:57 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
cache-control: max-age:290304000, public
last-modified: Wed, 07 Sep 2022 05:02:06 GMT
expires: Wed, 07 Oct 2082 05:02:06 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

bedrapiona.com/5/3491150/?oo=1&js_build=iclick-v1.425.0

139.45.197.234

200 OK

1.3 kB

URL HTTP/2
bedrapiona.com/5/3491150/?oo=1&js_build=iclick-v1.425.0
IP
139.45.197.234:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text, with very long lines (2742), with no line terminators
Size
1.3 kB (1304 bytes)
Hash
0858c8d880fdaf0e6abcf8b3786610a7
622fdd86edabc5f4bebd3c0cb49feada0ebfcfa5
0998e04a8bc162320e36bb7f4067a037ffab0a25170d71748ed7c0235bdc1180

HTTP Headers

GET /5/3491150/?oo=1&js_build=iclick-v1.425.0 HTTP/1.1
Host: bedrapiona.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 05:25:57 GMT
content-type: application/json
x-trace-id: 015a39c4a9f206451f606d104ecbefcf
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://ckk.ai
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=468bcbcac9614948b0cb094dbbb9dba5; expires=Mon, 11 Sep 2023 05:25:57 GMT; path=/; secure; SameSite=None
oaidts=1662873957; expires=Mon, 11 Sep 2023 05:25:57 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

upgulpinon.com/11?rnd=2731121218&z=5324394&b=14170811&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=TdMFOclU7K9cAt6MwM0PVrS21LsVJQ1LRNLM0j89E1Z1Gx_0UeaAMEUetucwdnnUZYIXO5JRJNavdU-Neny-k5XDY1gCmBFpReWZNzLQiI3lQoS1-_AK48NgnwMrw7-fZv-Qo1Gmdl3rE-_kJGrIdTXTIFFi5ZmuCF6-qrIXZoLzZw6UG9vzeyAxvFQE5N61CS7LkizlG3iWqq2SP904eiFFgD6HssEQAd1Bx2ALW0G4vIYnzmM2TC1n9slZLdZBLuGMy2Nh2XFIpb-h4eN20FzgTVnSAdk3ONXpisvgrLnco_-9O_whSrTJREmgGTOEVtjmJ2swNMDQKI-TPFFyx3_Q5NrTN1MrSYN6ftDq4cXvgis_1UPT-YHQArnmfo32qWm1C75Cx2fm_-GWMVEaqxMRi950Rx0fmBTzUDsdRTUONaCWRtNV1iABFz2_cAixPdg7GSNpazAXDieiJnLSokK3lq5kcGQiuD8CsilwWQKcLUebWGZe2Ed4ZO3MJV_kERfCLap7GDMfkJrvFuhdBkfVXJcIIeeaToVY0thcBV6-jwFRn_PXxhB5it89fUafasXqQA-8EmoJ_hqHxLRxuEsK58ur3HggB7eUcDVbzPLlQZ5Zuo-6t8GPHT97O78cVUzoW9br6CnJQ56E70fsduvZ3FlLz0ABrvc2OA5ERFsqHlJrzhoxQ7ObkJa_kiwHpk3q1NAVHwXcQIFs&ruid=310f9611-11ee-4418-b905-1ce6b367bc3c&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FDDqyXJdt&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=315

139.45.197.242

200 OK

0 B

URL HTTP/2
upgulpinon.com/11?rnd=2731121218&z=5324394&b=14170811&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=TdMFOclU7K9cAt6MwM0PVrS21LsVJQ1LRNLM0j89E1Z1Gx_0UeaAMEUetucwdnnUZYIXO5JRJNavdU-Neny-k5XDY1gCmBFpReWZNzLQiI3lQoS1-_AK48NgnwMrw7-fZv-Qo1Gmdl3rE-_kJGrIdTXTIFFi5ZmuCF6-qrIXZoLzZw6UG9vzeyAxvFQE5N61CS7LkizlG3iWqq2SP904eiFFgD6HssEQAd1Bx2ALW0G4vIYnzmM2TC1n9slZLdZBLuGMy2Nh2XFIpb-h4eN20FzgTVnSAdk3ONXpisvgrLnco_-9O_whSrTJREmgGTOEVtjmJ2swNMDQKI-TPFFyx3_Q5NrTN1MrSYN6ftDq4cXvgis_1UPT-YHQArnmfo32qWm1C75Cx2fm_-GWMVEaqxMRi950Rx0fmBTzUDsdRTUONaCWRtNV1iABFz2_cAixPdg7GSNpazAXDieiJnLSokK3lq5kcGQiuD8CsilwWQKcLUebWGZe2Ed4ZO3MJV_kERfCLap7GDMfkJrvFuhdBkfVXJcIIeeaToVY0thcBV6-jwFRn_PXxhB5it89fUafasXqQA-8EmoJ_hqHxLRxuEsK58ur3HggB7eUcDVbzPLlQZ5Zuo-6t8GPHT97O78cVUzoW9br6CnJQ56E70fsduvZ3FlLz0ABrvc2OA5ERFsqHlJrzhoxQ7ObkJa_kiwHpk3q1NAVHwXcQIFs&ruid=310f9611-11ee-4418-b905-1ce6b367bc3c&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FDDqyXJdt&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=315
IP
139.45.197.242:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /11?rnd=2731121218&z=5324394&b=14170811&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=TdMFOclU7K9cAt6MwM0PVrS21LsVJQ1LRNLM0j89E1Z1Gx_0UeaAMEUetucwdnnUZYIXO5JRJNavdU-Neny-k5XDY1gCmBFpReWZNzLQiI3lQoS1-_AK48NgnwMrw7-fZv-Qo1Gmdl3rE-_kJGrIdTXTIFFi5ZmuCF6-qrIXZoLzZw6UG9vzeyAxvFQE5N61CS7LkizlG3iWqq2SP904eiFFgD6HssEQAd1Bx2ALW0G4vIYnzmM2TC1n9slZLdZBLuGMy2Nh2XFIpb-h4eN20FzgTVnSAdk3ONXpisvgrLnco_-9O_whSrTJREmgGTOEVtjmJ2swNMDQKI-TPFFyx3_Q5NrTN1MrSYN6ftDq4cXvgis_1UPT-YHQArnmfo32qWm1C75Cx2fm_-GWMVEaqxMRi950Rx0fmBTzUDsdRTUONaCWRtNV1iABFz2_cAixPdg7GSNpazAXDieiJnLSokK3lq5kcGQiuD8CsilwWQKcLUebWGZe2Ed4ZO3MJV_kERfCLap7GDMfkJrvFuhdBkfVXJcIIeeaToVY0thcBV6-jwFRn_PXxhB5it89fUafasXqQA-8EmoJ_hqHxLRxuEsK58ur3HggB7eUcDVbzPLlQZ5Zuo-6t8GPHT97O78cVUzoW9br6CnJQ56E70fsduvZ3FlLz0ABrvc2OA5ERFsqHlJrzhoxQ7ObkJa_kiwHpk3q1NAVHwXcQIFs&ruid=310f9611-11ee-4418-b905-1ce6b367bc3c&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FDDqyXJdt&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=315 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: scm=1; OAID=269f7bf030b74658a67bff176b2ef6a3; oaidts=1662873957
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 05:25:58 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://ckk.ai
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 13b27a718acead461b6129fb10aeedbc
access-control-expose-headers: X-Sc
set-cookie: OAID=269f7bf030b74658a67bff176b2ef6a3; expires=Mon, 11 Sep 2023 05:25:58 GMT; secure; SameSite=None
oaidts=1662873957; expires=Mon, 11 Sep 2023 05:25:58 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

upgulpinon.com/121?rnd=103024011&z=5324394&b=14170811&c=5908031&var=&d=https%3A%2F%2Fmediasama.com%2Fstarharem%2F01%2Fs%2Findex_rt.html&cln={CELL_NUMBER}&btp=7&rb=TdMFOclU7K9cAt6MwM0PVrS21LsVJQ1LRNLM0j89E1Z1Gx_0UeaAMEUetucwdnnUZYIXO5JRJNavdU-Neny-k5XDY1gCmBFpReWZNzLQiI3lQoS1-_AK48NgnwMrw7-fZv-Qo1Gmdl3rE-_kJGrIdTXTIFFi5ZmuCF6-qrIXZoLzZw6UG9vzeyAxvFQE5N61CS7LkizlG3iWqq2SP904eiFFgD6HssEQAd1Bx2ALW0G4vIYnzmM2TC1n9slZLdZBLuGMy2Nh2XFIpb-h4eN20FzgTVnSAdk3ONXpisvgrLnco_-9O_whSrTJREmgGTOEVtjmJ2swNMDQKI-TPFFyx3_Q5NrTN1MrSYN6ftDq4cXvgis_1UPT-YHQArnmfo32qWm1C75Cx2fm_-GWMVEaqxMRi950Rx0fmBTzUDsdRTUONaCWRtNV1iABFz2_cAixPdg7GSNpazAXDieiJnLSokK3lq5kcGQiuD8CsilwWQKcLUebWGZe2Ed4ZO3MJV_kERfCLap7GDMfkJrvFuhdBkfVXJcIIeeaToVY0thcBV6-jwFRn_PXxhB5it89fUafasXqQA-8EmoJ_hqHxLRxuEsK58ur3HggB7eUcDVbzPLlQZ5Zuo-6t8GPHT97O78cVUzoW9br6CnJQ56E70fsduvZ3FlLz0ABrvc2OA5ERFsqHlJrzhoxQ7ObkJa_kiwHpk3q1NAVHwXcQIFs&bag=YpQguAWl53i6aOlyjZ6GNFFcjsDW3IgL&ruid=310f9611-11ee-4418-b905-1ce6b367bc3c

139.45.197.242

302 Found

0 B

URL HTTP/2
upgulpinon.com/121?rnd=103024011&z=5324394&b=14170811&c=5908031&var=&d=https%3A%2F%2Fmediasama.com%2Fstarharem%2F01%2Fs%2Findex_rt.html&cln={CELL_NUMBER}&btp=7&rb=TdMFOclU7K9cAt6MwM0PVrS21LsVJQ1LRNLM0j89E1Z1Gx_0UeaAMEUetucwdnnUZYIXO5JRJNavdU-Neny-k5XDY1gCmBFpReWZNzLQiI3lQoS1-_AK48NgnwMrw7-fZv-Qo1Gmdl3rE-_kJGrIdTXTIFFi5ZmuCF6-qrIXZoLzZw6UG9vzeyAxvFQE5N61CS7LkizlG3iWqq2SP904eiFFgD6HssEQAd1Bx2ALW0G4vIYnzmM2TC1n9slZLdZBLuGMy2Nh2XFIpb-h4eN20FzgTVnSAdk3ONXpisvgrLnco_-9O_whSrTJREmgGTOEVtjmJ2swNMDQKI-TPFFyx3_Q5NrTN1MrSYN6ftDq4cXvgis_1UPT-YHQArnmfo32qWm1C75Cx2fm_-GWMVEaqxMRi950Rx0fmBTzUDsdRTUONaCWRtNV1iABFz2_cAixPdg7GSNpazAXDieiJnLSokK3lq5kcGQiuD8CsilwWQKcLUebWGZe2Ed4ZO3MJV_kERfCLap7GDMfkJrvFuhdBkfVXJcIIeeaToVY0thcBV6-jwFRn_PXxhB5it89fUafasXqQA-8EmoJ_hqHxLRxuEsK58ur3HggB7eUcDVbzPLlQZ5Zuo-6t8GPHT97O78cVUzoW9br6CnJQ56E70fsduvZ3FlLz0ABrvc2OA5ERFsqHlJrzhoxQ7ObkJa_kiwHpk3q1NAVHwXcQIFs&bag=YpQguAWl53i6aOlyjZ6GNFFcjsDW3IgL&ruid=310f9611-11ee-4418-b905-1ce6b367bc3c
IP
139.45.197.242:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /121?rnd=103024011&z=5324394&b=14170811&c=5908031&var=&d=https%3A%2F%2Fmediasama.com%2Fstarharem%2F01%2Fs%2Findex_rt.html&cln={CELL_NUMBER}&btp=7&rb=TdMFOclU7K9cAt6MwM0PVrS21LsVJQ1LRNLM0j89E1Z1Gx_0UeaAMEUetucwdnnUZYIXO5JRJNavdU-Neny-k5XDY1gCmBFpReWZNzLQiI3lQoS1-_AK48NgnwMrw7-fZv-Qo1Gmdl3rE-_kJGrIdTXTIFFi5ZmuCF6-qrIXZoLzZw6UG9vzeyAxvFQE5N61CS7LkizlG3iWqq2SP904eiFFgD6HssEQAd1Bx2ALW0G4vIYnzmM2TC1n9slZLdZBLuGMy2Nh2XFIpb-h4eN20FzgTVnSAdk3ONXpisvgrLnco_-9O_whSrTJREmgGTOEVtjmJ2swNMDQKI-TPFFyx3_Q5NrTN1MrSYN6ftDq4cXvgis_1UPT-YHQArnmfo32qWm1C75Cx2fm_-GWMVEaqxMRi950Rx0fmBTzUDsdRTUONaCWRtNV1iABFz2_cAixPdg7GSNpazAXDieiJnLSokK3lq5kcGQiuD8CsilwWQKcLUebWGZe2Ed4ZO3MJV_kERfCLap7GDMfkJrvFuhdBkfVXJcIIeeaToVY0thcBV6-jwFRn_PXxhB5it89fUafasXqQA-8EmoJ_hqHxLRxuEsK58ur3HggB7eUcDVbzPLlQZ5Zuo-6t8GPHT97O78cVUzoW9br6CnJQ56E70fsduvZ3FlLz0ABrvc2OA5ERFsqHlJrzhoxQ7ObkJa_kiwHpk3q1NAVHwXcQIFs&bag=YpQguAWl53i6aOlyjZ6GNFFcjsDW3IgL&ruid=310f9611-11ee-4418-b905-1ce6b367bc3c HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: scm=1; OAID=269f7bf030b74658a67bff176b2ef6a3; oaidts=1662873957
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
server: nginx
date: Sun, 11 Sep 2022 05:25:58 GMT
content-length: 0
location: https://mediasama.com/starharem/01/s/index_rt.html
access-control-allow-credentials: true
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: a4fd91986609cb33be32b13a8d80c048
access-control-expose-headers: X-Sc
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7ce4c4d3d211bbc964c31da26900cfae
945ba77bef04789a283c81b251f4a11d5c9aa191
276ba4ce07448c372b9a831507c754dd93a04c61ddcc7d327cc3a49651769f1f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "276BA4CE07448C372B9A831507C754DD93A04C61DDCC7D327CC3A49651769F1F"
Last-Modified: Thu, 08 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18697
Expires: Sun, 11 Sep 2022 10:37:35 GMT
Date: Sun, 11 Sep 2022 05:25:58 GMT
Connection: keep-alive

upgulpinon.com/11?rnd=2731121218&z=5324394&b=14170811&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=TdMFOclU7K9cAt6MwM0PVrS21LsVJQ1LRNLM0j89E1Z1Gx_0UeaAMEUetucwdnnUZYIXO5JRJNavdU-Neny-k5XDY1gCmBFpReWZNzLQiI3lQoS1-_AK48NgnwMrw7-fZv-Qo1Gmdl3rE-_kJGrIdTXTIFFi5ZmuCF6-qrIXZoLzZw6UG9vzeyAxvFQE5N61CS7LkizlG3iWqq2SP904eiFFgD6HssEQAd1Bx2ALW0G4vIYnzmM2TC1n9slZLdZBLuGMy2Nh2XFIpb-h4eN20FzgTVnSAdk3ONXpisvgrLnco_-9O_whSrTJREmgGTOEVtjmJ2swNMDQKI-TPFFyx3_Q5NrTN1MrSYN6ftDq4cXvgis_1UPT-YHQArnmfo32qWm1C75Cx2fm_-GWMVEaqxMRi950Rx0fmBTzUDsdRTUONaCWRtNV1iABFz2_cAixPdg7GSNpazAXDieiJnLSokK3lq5kcGQiuD8CsilwWQKcLUebWGZe2Ed4ZO3MJV_kERfCLap7GDMfkJrvFuhdBkfVXJcIIeeaToVY0thcBV6-jwFRn_PXxhB5it89fUafasXqQA-8EmoJ_hqHxLRxuEsK58ur3HggB7eUcDVbzPLlQZ5Zuo-6t8GPHT97O78cVUzoW9br6CnJQ56E70fsduvZ3FlLz0ABrvc2OA5ERFsqHlJrzhoxQ7ObkJa_kiwHpk3q1NAVHwXcQIFs&ruid=310f9611-11ee-4418-b905-1ce6b367bc3c&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FDDqyXJdt&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1

139.45.197.242

200 OK

0 B

URL HTTP/2
upgulpinon.com/11?rnd=2731121218&z=5324394&b=14170811&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=TdMFOclU7K9cAt6MwM0PVrS21LsVJQ1LRNLM0j89E1Z1Gx_0UeaAMEUetucwdnnUZYIXO5JRJNavdU-Neny-k5XDY1gCmBFpReWZNzLQiI3lQoS1-_AK48NgnwMrw7-fZv-Qo1Gmdl3rE-_kJGrIdTXTIFFi5ZmuCF6-qrIXZoLzZw6UG9vzeyAxvFQE5N61CS7LkizlG3iWqq2SP904eiFFgD6HssEQAd1Bx2ALW0G4vIYnzmM2TC1n9slZLdZBLuGMy2Nh2XFIpb-h4eN20FzgTVnSAdk3ONXpisvgrLnco_-9O_whSrTJREmgGTOEVtjmJ2swNMDQKI-TPFFyx3_Q5NrTN1MrSYN6ftDq4cXvgis_1UPT-YHQArnmfo32qWm1C75Cx2fm_-GWMVEaqxMRi950Rx0fmBTzUDsdRTUONaCWRtNV1iABFz2_cAixPdg7GSNpazAXDieiJnLSokK3lq5kcGQiuD8CsilwWQKcLUebWGZe2Ed4ZO3MJV_kERfCLap7GDMfkJrvFuhdBkfVXJcIIeeaToVY0thcBV6-jwFRn_PXxhB5it89fUafasXqQA-8EmoJ_hqHxLRxuEsK58ur3HggB7eUcDVbzPLlQZ5Zuo-6t8GPHT97O78cVUzoW9br6CnJQ56E70fsduvZ3FlLz0ABrvc2OA5ERFsqHlJrzhoxQ7ObkJa_kiwHpk3q1NAVHwXcQIFs&ruid=310f9611-11ee-4418-b905-1ce6b367bc3c&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FDDqyXJdt&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
IP
139.45.197.242:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /11?rnd=2731121218&z=5324394&b=14170811&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=TdMFOclU7K9cAt6MwM0PVrS21LsVJQ1LRNLM0j89E1Z1Gx_0UeaAMEUetucwdnnUZYIXO5JRJNavdU-Neny-k5XDY1gCmBFpReWZNzLQiI3lQoS1-_AK48NgnwMrw7-fZv-Qo1Gmdl3rE-_kJGrIdTXTIFFi5ZmuCF6-qrIXZoLzZw6UG9vzeyAxvFQE5N61CS7LkizlG3iWqq2SP904eiFFgD6HssEQAd1Bx2ALW0G4vIYnzmM2TC1n9slZLdZBLuGMy2Nh2XFIpb-h4eN20FzgTVnSAdk3ONXpisvgrLnco_-9O_whSrTJREmgGTOEVtjmJ2swNMDQKI-TPFFyx3_Q5NrTN1MrSYN6ftDq4cXvgis_1UPT-YHQArnmfo32qWm1C75Cx2fm_-GWMVEaqxMRi950Rx0fmBTzUDsdRTUONaCWRtNV1iABFz2_cAixPdg7GSNpazAXDieiJnLSokK3lq5kcGQiuD8CsilwWQKcLUebWGZe2Ed4ZO3MJV_kERfCLap7GDMfkJrvFuhdBkfVXJcIIeeaToVY0thcBV6-jwFRn_PXxhB5it89fUafasXqQA-8EmoJ_hqHxLRxuEsK58ur3HggB7eUcDVbzPLlQZ5Zuo-6t8GPHT97O78cVUzoW9br6CnJQ56E70fsduvZ3FlLz0ABrvc2OA5ERFsqHlJrzhoxQ7ObkJa_kiwHpk3q1NAVHwXcQIFs&ruid=310f9611-11ee-4418-b905-1ce6b367bc3c&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FDDqyXJdt&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: scm=1; OAID=269f7bf030b74658a67bff176b2ef6a3; oaidts=1662873957
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 05:25:58 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://ckk.ai
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 12dfede90b5874e86449a3a0cd295977
access-control-expose-headers: X-Sc
set-cookie: OAID=269f7bf030b74658a67bff176b2ef6a3; expires=Mon, 11 Sep 2023 05:25:58 GMT; secure; SameSite=None
oaidts=1662873957; expires=Mon, 11 Sep 2023 05:25:58 GMT; secure; SameSite=None
oaidvc=1; expires=Mon, 11 Sep 2023 05:25:58 GMT; secure; SameSite=None
CNT=1_v1_uzrYAAEAAAAuS_8A; expires=Sun, 11 Sep 2022 06:25:58 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
431bccffdaad5a26e75e6dd4f8b1abaa
e4b0ac57e7c2d6d00e508cd99231b0f8d58942af
d2b9c8db43c744d36bc73630962238d7fb9017730f8ef8df9b6af1913b08cf35

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 05:25:58 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 08 Sep 2022 12:52:23 GMT
Expires: Thu, 15 Sep 2022 12:52:22 GMT
Etag: "e4b0ac57e7c2d6d00e508cd99231b0f8d58942af"
Cache-Control: max-age=371783,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 748dfc5f5c0f1bfe-OSL

cdn.itskiddoan.club/apu.php?zoneid=5225632

139.45.197.236

200 OK

31 kB

URL HTTP/2
cdn.itskiddoan.club/apu.php?zoneid=5225632
IP
139.45.197.236:0
ASN
#9002 RETN Limited

File type
data
Size
31 kB (30615 bytes)
Hash
94a980773b952660d3c90c083543b473
fb0fda0264e57788d891b642033cc829370aa4b7
eae52059099002b216103d980ad46819ae2f07624bc981ca9cbc8797a5b13e51

HTTP Headers

GET /apu.php?zoneid=5225632 HTTP/1.1
Host: cdn.itskiddoan.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 05:25:57 GMT
content-type: application/javascript
x-trace-id: f10b9664afb539cd2d10fb3afb6a753c
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=9ab7dddda8f34ed8b34cbb855ee220b8; expires=Mon, 11 Sep 2023 05:25:57 GMT; path=/; secure; SameSite=None
oaidts=1662873957; expires=Mon, 11 Sep 2023 05:25:57 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

belickitungchan.com/401/5292343?oo=1&oaid=269f7bf030b74658a67bff176b2ef6a3

139.45.197.239

200 OK

1.1 kB

URL HTTP/2
belickitungchan.com/401/5292343?oo=1&oaid=269f7bf030b74658a67bff176b2ef6a3
IP
139.45.197.239:0
ASN
#9002 RETN Limited

File type
data
Size
1.1 kB (1067 bytes)
Hash
fb4fd92fa85ddfaeb02fe780f5586b25
a97b497c562e6fdd36fd71609dd446f2e6ff8b85
edc80132e2062dcd04324be7da51116043dcaee561f3341a89216a58312258bf

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /401/5292343?oo=1&oaid=269f7bf030b74658a67bff176b2ef6a3 HTTP/1.1
Host: belickitungchan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: OAID=5aade69874ba43c2957e09b92340edbd
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 05:25:58 GMT
content-type: application/json
x-trace-id: 605a39a84908a2e69066a520d88914ba
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://ckk.ai
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=269f7bf030b74658a67bff176b2ef6a3; expires=Mon, 11 Sep 2023 05:25:58 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

offerimage.com/www/images/e737027d1376f9277c99e68048d441cc.png

104.22.33.172

200 OK

50 kB

URL HTTP/2
offerimage.com/www/images/e737027d1376f9277c99e68048d441cc.png
IP
104.22.33.172:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
50 kB (49738 bytes)
Hash
e737027d1376f9277c99e68048d441cc
d102eda710502202134c74eaa576c6e8a76a23a3
a83162955bfc853f1d09d18a704fbe8400169a71e6f2e212b65c146d766bf6bc

HTTP Headers

GET /www/images/e737027d1376f9277c99e68048d441cc.png HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 11 Sep 2022 05:25:58 GMT
content-type: image/png
content-length: 49738
last-modified: Thu, 10 Dec 2020 12:34:30 GMT
etag: "5fd215d6-c24a"
expires: Sun, 11 Sep 2022 07:06:09 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 80389
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 748dfc602b7d9938-ARN
X-Firefox-Spdy: h2

punoocke.com/401/5292343

139.45.197.236

200 OK

45 kB

URL HTTP/2
punoocke.com/401/5292343
IP
139.45.197.236:0
ASN
#9002 RETN Limited

File type
data
Size
45 kB (45357 bytes)
Hash
bfe6ef5533f490f49e527f12dc953b6c
887e5003a5552a9294db50ce002ccc54452b9990
1849fa518e3e4c086e7248409d9673fdf6b0c4ca72679f9c09c9060aa8e5abc1

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /401/5292343 HTTP/1.1
Host: punoocke.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 05:25:58 GMT
content-type: application/javascript
x-trace-id: 06e6ecf49285c7a3d1a608e70f271e2c
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=70a84b62e490493eba73ac985334e547; expires=Mon, 11 Sep 2023 05:25:58 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

punoocke.com/401/5292343?oo=1&oaid=269f7bf030b74658a67bff176b2ef6a3

139.45.197.236

200 OK

21 kB

URL HTTP/2
punoocke.com/401/5292343?oo=1&oaid=269f7bf030b74658a67bff176b2ef6a3
IP
139.45.197.236:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text, with very long lines (2052)
Size
21 kB (20787 bytes)
Hash
61540a7fa58afd74979b70ca92ca2adb
34b920505e508172065f826bd829db13c8a54914
37df61685e5fae6a3bf5d27d1a9cebb68cd582d9d56e46d87cdfeb752a92eff6

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /401/5292343?oo=1&oaid=269f7bf030b74658a67bff176b2ef6a3 HTTP/1.1
Host: punoocke.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: OAID=70a84b62e490493eba73ac985334e547
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 05:25:58 GMT
content-type: application/json
x-trace-id: dd1a6611be5870625f56bd2f4cbe359e
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://ckk.ai
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=269f7bf030b74658a67bff176b2ef6a3; expires=Mon, 11 Sep 2023 05:25:58 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d55e39a9f645ff9b436312d4fb072c24
31d9649dc7df5243e323b56b16863743b676b629
d42d9b4fc378a26e6c97a5ae4fdfcbef36ae47fc1cae56c6bea5fa07f7148698

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 05:25:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit

142.250.74.131

200 OK

589 B

URL HTTP/2
www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (921), with no line terminators
Size
589 B (589 bytes)
Hash
ccc21d0d49199fd4bd9459478d13cb73
133ae31908d06b58ddd61e1db51c277fd4cba47a
208faf9933968aa2e7d8ef5b5080d54e87d06c08c70824487213b0785fc8e0b6

HTTP Headers

GET /recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit HTTP/1.1
Host: www.recaptcha.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
expires: Sun, 11 Sep 2022 05:25:58 GMT
date: Sun, 11 Sep 2022 05:25:58 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 589
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
51ac63e78394a2aee62bfebab43a1173
31d610f11b9608fccee7796817122e5aafe732ec
72091528600d4a22313af10af5adc9b58f612f12232f7d83f905021eab0a05ff

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "72091528600D4A22313AF10AF5ADC9B58F612F12232F7D83F905021EAB0A05FF"
Last-Modified: Fri, 09 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=920
Expires: Sun, 11 Sep 2022 05:41:18 GMT
Date: Sun, 11 Sep 2022 05:25:58 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d55e39a9f645ff9b436312d4fb072c24
31d9649dc7df5243e323b56b16863743b676b629
d42d9b4fc378a26e6c97a5ae4fdfcbef36ae47fc1cae56c6bea5fa07f7148698

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 05:25:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
43e44f5fe147594a8dd7e263eabca2ae
99a970746a212194f339b3fdc7df516af9f2ffdf
f716e38cbb8632487d1ce62a37e0662ef8611fbe0449a82b9301118b68c7548d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 05:25:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__en.js

142.250.74.163

200 OK

157 kB

URL HTTP/2
www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__en.js
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (539)
Size
157 kB (157166 bytes)
Hash
026df0dfed2314af108e700900288961
51c2a55bca7d65c549ef138d1294cac2aa98dd96
24eefc59f5d298ce40bdd33c8157ad14631984159fca8e5980037366c44c2b34

HTTP Headers

GET /recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 157166
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 17:23:20 GMT
expires: Wed, 06 Sep 2023 17:23:20 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 06 Sep 2022 00:04:24 GMT
content-type: text/javascript
age: 388958
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

cdn.itskiddoan.club/apu.php?zoneid=5225632

139.45.197.236

200 OK

29 kB

URL HTTP/2
cdn.itskiddoan.club/apu.php?zoneid=5225632
IP
139.45.197.236:0
ASN
#9002 RETN Limited

File type
data
Size
29 kB (29356 bytes)
Hash
36273dc9bad88244f15c3407acc6c1da
62a06e6d89cd4e9694b6bc20d4c96f00487376db
2b8d15c7e6e672e5e937b1aacfa2e843b10f16681a84972663ff927de8f27481

HTTP Headers

GET /apu.php?zoneid=5225632 HTTP/1.1
Host: cdn.itskiddoan.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: OAID=9ab7dddda8f34ed8b34cbb855ee220b8; oaidts=1662873957
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 05:25:58 GMT
content-type: application/javascript
x-trace-id: 5e4fc36887e2225755ce06871f774047
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=9ab7dddda8f34ed8b34cbb855ee220b8; expires=Mon, 11 Sep 2023 05:25:58 GMT; path=/; secure; SameSite=None
oaidts=1662873957; expires=Mon, 11 Sep 2023 05:25:58 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

mediasama.com/starharem/01/s/index_rt.html

144.217.67.42

200 OK

1.5 kB

URL HTTP/1.1
mediasama.com/starharem/01/s/index_rt.html
IP
144.217.67.42:0
ASN
#16276 OVH SAS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.5 kB (1525 bytes)
Hash
30597b59f3cb1eadf603fcfb21952340
baca3a552764959edd4fc56947acc9a4f33822de
6ac92da5b37d94c53f231a18bb88be006ae20f1724a63151a97ed918d86cb25d

HTTP Headers

GET /starharem/01/s/index_rt.html HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 05:25:58 GMT
Server: Apache
Last-Modified: Wed, 20 Jul 2022 09:11:51 GMT
ETag: "17a0-5e438fdce23c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1525
Content-Type: text/html

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
65deebab57142db522e6c874673bdd9f
bfd022181afaec5035f868ccd05fac58113f81dc
7470143c8bd79f00190a3766ebaa9c632d0aa47693fc4c146f097873865da327

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 05:25:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

172.217.21.170

200 OK

30 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP
172.217.21.170:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (65451)
Size
30 kB (30399 bytes)
Hash
0f83cadc148d2ad7e53c91f6c4ee05bb
90035c5fffedf4b0f099465f6b929a030b46c92b
3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae

HTTP Headers

GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Sep 2022 05:04:26 GMT
expires: Sat, 09 Sep 2023 05:04:26 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 174092
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17296
Expires: Sun, 11 Sep 2022 10:14:14 GMT
Date: Sun, 11 Sep 2022 05:25:58 GMT
Connection: keep-alive

belickitungchan.com/500/5292343?excludes=&oaid=269f7bf030b74658a67bff176b2ef6a3&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fckk.ai%2FDDqyXJdt&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

139.45.197.239

200 OK

0 B

URL HTTP/2
belickitungchan.com/500/5292343?excludes=&oaid=269f7bf030b74658a67bff176b2ef6a3&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fckk.ai%2FDDqyXJdt&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.239:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

OPTIONS /500/5292343?excludes=&oaid=269f7bf030b74658a67bff176b2ef6a3&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fckk.ai%2FDDqyXJdt&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: belickitungchan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://ckk.ai/
Origin: https://ckk.ai
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 05:25:58 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://ckk.ai
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17296
Expires: Sun, 11 Sep 2022 10:14:14 GMT
Date: Sun, 11 Sep 2022 05:25:58 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17296
Expires: Sun, 11 Sep 2022 10:14:14 GMT
Date: Sun, 11 Sep 2022 05:25:58 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17296
Expires: Sun, 11 Sep 2022 10:14:14 GMT
Date: Sun, 11 Sep 2022 05:25:58 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e82f3ab-3fe6-43bc-932c-936ec582e5cf.jpeg

34.120.237.76

200 OK

7.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e82f3ab-3fe6-43bc-932c-936ec582e5cf.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.0 kB (7017 bytes)
Hash
fea5dfc4a6a5093fd81899ee4a79d446
c893d7475856809a59486e0bcebd6d662d1fc56f
915fb97690be97d97cb298fc60ceb4cf7c3ed8fb437836beb2d590a8e238363c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e82f3ab-3fe6-43bc-932c-936ec582e5cf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7017
x-amzn-requestid: df5e57d7-e54c-4b5a-aa1b-a9aee889842e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ1k_Et0oAMFSjQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d02ec-50d15bba03579a935342e22f;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:34:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: LsqH-LbjMGWrhYB93Qkvq2qVhqNs-3MWgrrOFzC8qPcY3fF5ujSD_g==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:54:44 GMT
age: 27074
etag: "c893d7475856809a59486e0bcebd6d662d1fc56f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

mediasama.com/starharem/01/s/styles.css

144.217.67.42

200 OK

2.4 kB

URL HTTP/1.1
mediasama.com/starharem/01/s/styles.css
IP
144.217.67.42:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (420)
Size
2.4 kB (2406 bytes)
Hash
8e7117f5f47cb6cde0a8e8eb38b16dbb
617fd3f0d3f420ee1967a20fb0b0af4ac34eca03
794f8aa66b6afcf9b7d9bfe5952860436dcfee6bf82e4368af6bc838ce89be98

HTTP Headers

GET /starharem/01/s/styles.css HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 05:25:58 GMT
Server: Apache
Last-Modified: Thu, 07 Apr 2022 08:02:29 GMT
ETag: "2638-5dc0be6400e82-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2406
Content-Type: text/css

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc91b46a1-040b-46aa-a7a1-af67f0058b83.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7519 bytes)
Hash
bb1a86dcf94db0a29a6ebe21866766d4
b3491a6f12c97c8e1848a206a185fae29213c1e5
d05619e519fed6c0b6c0616cf540908006a68f127b25e38fb9d041dfe2546df4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc91b46a1-040b-46aa-a7a1-af67f0058b83.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7519
x-amzn-requestid: 8d8a8df6-abf5-45dd-8d78-de5ae715a9d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YE_UNEoWoAMFRLw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631845b4-0101ca7a09e432f305aa7066;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 07:18:12 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: Z0Z4IozbbythqWA7mNaqtO4NWbLi1zL2G6HmMGP0c9VqIzMugvVh_Q==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 e77661e211afe9242e85e573f12d5534.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 00:00:49 GMT
age: 19509
etag: "b3491a6f12c97c8e1848a206a185fae29213c1e5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0dd9e47f-6214-4e20-b9ff-3e738ad551e3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.3 kB (6269 bytes)
Hash
47ae5cf125ce99bad80c283de8a85cec
0c0c1f84d8693d0c150c97faed21204622d48132
95f5b8cddbfcdb2b6105ed5a0d5ff0dd86390839e5df7416d4f879d69fcf20c1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0dd9e47f-6214-4e20-b9ff-3e738ad551e3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6269
x-amzn-requestid: 8f3cabdd-78c3-47d2-841b-02b674a79123
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ1k_FSCoAMFywQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d02ec-4b44c935456026ba700a5759;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:34:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: cde3-P7vxpXDy-IwW-FDBju-dTmUGqfBlf5mRVDGg3yOCofj-Cxq7A==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:53:39 GMT
age: 27139
etag: "0c0c1f84d8693d0c150c97faed21204622d48132"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8092dc3d-1f2d-4e22-b40a-bf1c53ea42e6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10298 bytes)
Hash
99bd16c51d8e4853d6ee542d2ec9fb22
a9f77626875d68e1aea2516f78d491eba9969e37
b360c3c9fa12dc4f57fdbfc88fe820ecee1c049f2d43f44cd38b740513d8e9f8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8092dc3d-1f2d-4e22-b40a-bf1c53ea42e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10298
x-amzn-requestid: f2e2d57b-1f6f-401a-bf0d-ca5c05dd5e59
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YE-nmHBKIAMFrZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63184496-52d1369463143fc94894e347;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 07:13:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: PRnDEhi5jnNROYiVXzfn4b_vf-OHnwO5RD38I1bLV8JEJb2gDYrqvg==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:40:34 GMT
age: 27924
etag: "a9f77626875d68e1aea2516f78d491eba9969e37"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66c0f84d-aba2-4ce6-9e03-ee51e1c347be.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.9 kB (6889 bytes)
Hash
57d797a1c3f6589746a1135bdb19f54f
7aa14fcd982a5cee38d58fc3c89edc4a8daf4c97
ff8855ca951f53ed5f3886cc81a7f28384d41288edeca4fdc621250e4d01c6fe

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66c0f84d-aba2-4ce6-9e03-ee51e1c347be.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6889
x-amzn-requestid: c82ac543-90cd-4aeb-a65b-7e1bbbacc407
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ2UEE-3IAMFYBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d0419-427a29067c9c92ec0db6567f;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:39:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: mNvNO0HJjZ1zwPKcjfqiVOnCL0CYXc8BPDSFbV6MXVW71IVt-2K3mQ==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:46:54 GMT
age: 27544
etag: "7aa14fcd982a5cee38d58fc3c89edc4a8daf4c97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

17 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7a9494e-0e8b-451b-806d-72da68860cab.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
17 kB (16983 bytes)
Hash
4c65d6ae04a64d9d01439fb4fca3f017
5ce0bc5b075b97639453d67d4f3cea61289b7698
eb48687a5974542d11882f854a86ff083528957b0fbc61c797167d8f04e0ffa9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7a9494e-0e8b-451b-806d-72da68860cab.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 16983
x-amzn-requestid: adf7a560-2f6c-41ba-97b2-860515511e5c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YH-CxFp-oAMF9yg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631976de-5f4efe0a705012957cf8bbd4;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 05:00:14 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: uoEqiA2HIn5Nbw3RBIqKrCguG-0mLFNBtkB-r3RMitCoJE3fX6wq4w==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 d2575afea3774df33dcf5e5ff475025e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 05:31:56 GMT
age: 86042
etag: "5ce0bc5b075b97639453d67d4f3cea61289b7698"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
65deebab57142db522e6c874673bdd9f
bfd022181afaec5035f868ccd05fac58113f81dc
7470143c8bd79f00190a3766ebaa9c632d0aa47693fc4c146f097873865da327

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 05:25:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

offerimage.com/www/images/3d08aacb36c7474e0d13b60f8f4adc14.png

104.22.33.172

200 OK

66 kB

URL HTTP/2
offerimage.com/www/images/3d08aacb36c7474e0d13b60f8f4adc14.png
IP
104.22.33.172:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
66 kB (66121 bytes)
Hash
3d08aacb36c7474e0d13b60f8f4adc14
e4af2de372b5e3a2211579a5973ef7ed160e7be4
54b0569cf052e12dd373e86031009d0a54a893275a21c2ef863277a9a978ab1c

HTTP Headers

GET /www/images/3d08aacb36c7474e0d13b60f8f4adc14.png HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 11 Sep 2022 05:25:59 GMT
content-type: image/png
content-length: 66121
last-modified: Mon, 12 Oct 2020 05:50:58 GMT
etag: "5f83eec2-10249"
expires: Sun, 11 Sep 2022 12:30:54 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 60905
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 748dfc63de889938-ARN
X-Firefox-Spdy: h2

mediasama.com/starharem/01/s/js/main.js

144.217.67.42

200 OK

549 B

URL HTTP/1.1
mediasama.com/starharem/01/s/js/main.js
IP
144.217.67.42:0
ASN
#16276 OVH SAS

File type
ASCII text
Size
549 B (549 bytes)
Hash
d8fa8e233a4db9fbce0c20d9a57a06fe
2366b2969771aa164bfdca6b5baf916806f6758a
f496e19ead804367daa801860cd95a7ec6854965a7c5cf2c49dda71532c19932

HTTP Headers

GET /starharem/01/s/js/main.js HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 05:25:59 GMT
Server: Apache
Last-Modified: Thu, 07 Apr 2022 08:02:50 GMT
ETag: "516-5dc0be78000b5-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 549
Content-Type: application/javascript

fonts.gstatic.com/s/luckiestguy/v18/_gP_1RrxsjcxVyin9l9n_j2hTd52.woff2

142.250.74.163

200 OK

17 kB

URL HTTP/2
fonts.gstatic.com/s/luckiestguy/v18/_gP_1RrxsjcxVyin9l9n_j2hTd52.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 17360, version 1.0\012- data
Size
17 kB (17360 bytes)
Hash
70322c317b1f4e2e17dbc6b672f95f5f
f3dff7c50e1aea33814c6aeeca177ae3ff900bfc
3877b522181765adf66ba89bd68d288ecb9f2483b441baab3424646b0c7aaa0a

HTTP Headers

GET /s/luckiestguy/v18/_gP_1RrxsjcxVyin9l9n_j2hTd52.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mediasama.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17360
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Sep 2022 07:02:10 GMT
expires: Fri, 08 Sep 2023 07:02:10 GMT
cache-control: public, max-age=31536000
age: 253429
last-modified: Tue, 19 Apr 2022 18:58:03 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

iclickcdn.com/tag.min.js

104.26.12.118

200 OK

107 kB

URL HTTP/2
iclickcdn.com/tag.min.js
IP
104.26.12.118:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (32065)
Size
107 kB (106676 bytes)
Hash
bc7377859f7cb8e50a150eacc4cb07af
d890cf551feeb3ec5a6e0c3f16af120de2bb3972
be8d72f513adfc1c71e6138b92d8b49f905f96074541e6cd367f8ae1bac5572b

HTTP Headers

GET /tag.min.js HTTP/1.1
Host: iclickcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 11 Sep 2022 05:25:57 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: 2dfb7a2813045b5f3695c0481b6b899b
cache-control: max-age=86400
last-modified: Thu, 08 Sep 2022 14:32:55 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Mon, 12 Sep 2022 00:09:06 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 19011
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v8vg4235IyKuZXv0BY2QS082P%2B3HPIFCTkSk1KTeOOwLOniGnnO975cKeno6P6S6tE1%2B51C%2BBNYVd0pcfiNJEVPkRW5M6CoFNbOi2ZaHr9XR1yWzH9pUVPHGOI45Dy4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748dfc59ec84b4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2

139.45.197.239

200 OK

22 kB

URL HTTP/2
belickitungchan.com/500/5292343?excludes=&oaid=269f7bf030b74658a67bff176b2ef6a3&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fckk.ai%2FDDqyXJdt&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.239:0
ASN
#9002 RETN Limited

File type
data
Size
22 kB (21462 bytes)
Hash
e42d29cd99a02ca3275af4c37331be43
7896cb6b2d0ae9811e403f6d45d5b77db313677e
a74aa789138eaa2b5a473c1f0bf23c2e360917fe67014f0843cdb79541456815

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /500/5292343?excludes=&oaid=269f7bf030b74658a67bff176b2ef6a3&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fckk.ai%2FDDqyXJdt&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: belickitungchan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: OAID=269f7bf030b74658a67bff176b2ef6a3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 05:25:58 GMT
content-type: application/javascript
x-trace-id: 08ed3da4fddc1306b37b88896b93dce3
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://ckk.ai
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=269f7bf030b74658a67bff176b2ef6a3; expires=Mon, 11 Sep 2023 05:25:58 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

mediasama.com/starharem/01/s/img/1.jpg

144.217.67.42

200 OK

397 kB

URL HTTP/1.1
mediasama.com/starharem/01/s/img/1.jpg
IP
144.217.67.42:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3\012- data
Size
397 kB (397097 bytes)
Hash
43c140ec16ce96d582782ea93eeaa4fe
3390bf8e8708620fc0a851455e4729cb4f0248a2
3e176a04debe08dd522e7f0fbc9f7530880a92fb9845afd7391bbaa764a4ad55

HTTP Headers

GET /starharem/01/s/img/1.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 05:25:59 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:39 GMT
ETag: "60f29-5dc622dfac0e8"
Accept-Ranges: bytes
Content-Length: 397097
Content-Type: image/jpeg

mediasama.com/starharem/01/s/img/2.jpg

144.217.67.42

200 OK

369 kB

URL HTTP/1.1
mediasama.com/starharem/01/s/img/2.jpg
IP
144.217.67.42:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3\012- data
Size
369 kB (369239 bytes)
Hash
b7d3bd4ae3d5f8477e040e6410517866
2b255c9583c47e5da4069d9c055d3430a0c1e03a
7bb68d5a9a92a500956397e156beb117a0ef605b6747800cacf9c9440b6fc7e4

HTTP Headers

GET /starharem/01/s/img/2.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 05:25:59 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:41 GMT
ETag: "5a257-5dc622e1424eb"
Accept-Ranges: bytes
Content-Length: 369239
Content-Type: image/jpeg

mediasama.com/starharem/01/s/img/7.jpg

144.217.67.42

200 OK

327 kB

URL HTTP/1.1
mediasama.com/starharem/01/s/img/7.jpg
IP
144.217.67.42:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3\012- data
Size
327 kB (326553 bytes)
Hash
c67c9fb0268eea7d188c4c9bc54a0bf4
216b83374ba6f011041b31dd381f22e99ea7a8c1
95ae6eba3fad2ff05cadc95b27fc79a198a9e873371ab5fb7bb97c1661cd4654

HTTP Headers

GET /starharem/01/s/img/7.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 05:25:59 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:45 GMT
ETag: "4fb99-5dc622e5033f2"
Accept-Ranges: bytes
Content-Length: 326553
Content-Type: image/jpeg

mediasama.com/starharem/01/s/img/9.jpg

144.217.67.42

200 OK

342 kB

URL HTTP/1.1
mediasama.com/starharem/01/s/img/9.jpg
IP
144.217.67.42:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3\012- data
Size
342 kB (341673 bytes)
Hash
a3a888cf217de9be2aa727dd1cc64757
b7bd361dfdceecfc5775d0ed32e5798abd271d5e
2fd4025336ad8a5edd704651a216cf6b9739089ad1c204bd1ea8e114d11770b9

HTTP Headers

GET /starharem/01/s/img/9.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 05:25:59 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:47 GMT
ETag: "536a9-5dc622e6fb276"
Accept-Ranges: bytes
Content-Length: 341673
Content-Type: image/jpeg

mediasama.com/starharem/01/s/img/8.jpg

144.217.67.42

200 OK

682 kB

URL HTTP/1.1
mediasama.com/starharem/01/s/img/8.jpg
IP
144.217.67.42:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 0-3584, spot sensor temperature 0.000000, unit celsius, color scheme 0, calibration: offset 0.000000, slope 211035008.000000\012- data
Size
682 kB (682050 bytes)
Hash
cedcd46e956dee6a28f87198962b0477
7b38f1de654971e436983fb6a34a71540ba526c9
08c08ef6f1ed9da65259719bbcc97e9aec700d3b486a9f0a741cb5800be34db5

HTTP Headers

GET /starharem/01/s/img/8.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 05:25:59 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:47 GMT
ETag: "a6842-5dc622e757ed6"
Accept-Ranges: bytes
Content-Length: 682050
Content-Type: image/jpeg

mediasama.com/starharem/01/s/img/6.jpg

144.217.67.42

200 OK

261 kB

URL HTTP/1.1
mediasama.com/starharem/01/s/img/6.jpg
IP
144.217.67.42:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3\012- data
Size
261 kB (261364 bytes)
Hash
4b7cf78d93f3f009f850bedb6829d7f6
cc55cad898df47a2f089946aee9398fea7fa2ae6
44d0a6f8e7f7fe0354c05417445137070431686d671c51e9f3d3869867f2448f

HTTP Headers

GET /starharem/01/s/img/6.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 05:25:59 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:44 GMT
ETag: "3fcf4-5dc622e471bd1"
Accept-Ranges: bytes
Content-Length: 261364
Content-Type: image/jpeg

mediasama.com/starharem/01/s/img/3.jpg

144.217.67.42

200 OK

375 kB

URL HTTP/1.1
mediasama.com/starharem/01/s/img/3.jpg
IP
144.217.67.42:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3\012- data
Size
375 kB (375159 bytes)
Hash
84c5f704120f28ad7bcde2ebab7442a0
fd2745300ba7ad59ff8044c7e9f76b1326ddd120
6227de9cf2198a85639d3808c134b85dc1e6a5ee5ee5709189c5e58d1b91b7c2

HTTP Headers

GET /starharem/01/s/img/3.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 05:25:59 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:41 GMT
ETag: "5b977-5dc622e17edac"
Accept-Ranges: bytes
Content-Length: 375159
Content-Type: image/jpeg

mediasama.com/starharem/01/s/img/4.jpg

144.217.67.42

200 OK

325 kB

URL HTTP/1.1
mediasama.com/starharem/01/s/img/4.jpg
IP
144.217.67.42:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3\012- data
Size
325 kB (325446 bytes)
Hash
ec18d276822ab5772f3458da7dbedfbc
f7a38f944aaba3e6b848f496bf4b8fee50b58161
da6b7082767f0ddffbec031c7f84b859c7a1f20624445bb26aa93895b75d7c09

HTTP Headers

GET /starharem/01/s/img/4.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 05:25:59 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:43 GMT
ETag: "4f746-5dc622e2da82e"
Accept-Ranges: bytes
Content-Length: 325446
Content-Type: image/jpeg

mediasama.com/starharem/01/s/img/10.jpg

144.217.67.42

200 OK

237 kB

URL HTTP/1.1
mediasama.com/starharem/01/s/img/10.jpg
IP
144.217.67.42:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3\012- data
Size
237 kB (236974 bytes)
Hash
e0046cc1f34ff0701ec4874a0a8c5d43
c6a46db14dfc50d67307a9855f4dd2688d576a01
8589d73053f4bb258d888488403564bdcc94fb2d87c7388f943bf06fb85865a1

HTTP Headers

GET /starharem/01/s/img/10.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 05:25:59 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:39 GMT
ETag: "39dae-5dc622df755e8"
Accept-Ranges: bytes
Content-Length: 236974
Content-Type: image/jpeg

mediasama.com/starharem/01/s/img/5.jpg

144.217.67.42

200 OK

461 kB

URL HTTP/1.1
mediasama.com/starharem/01/s/img/5.jpg
IP
144.217.67.42:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3\012- data
Size
461 kB (461412 bytes)
Hash
42ad3cffde2e4081df94ded8a30a1dc5
7b064f0fcb96e5b5c498c0c03bcbb9ab15e999b0
be788428faee6157125228734e5510d4f49212766eff23a1a1b178e456f153d1

HTTP Headers

GET /starharem/01/s/img/5.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 05:25:59 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:43 GMT
ETag: "70a64-5dc622e35f52f"
Accept-Ranges: bytes
Content-Length: 461412
Content-Type: image/jpeg

mediasama.com/starharem/01/s/img/11.jpg

144.217.67.42

200 OK

403 kB

URL HTTP/1.1
mediasama.com/starharem/01/s/img/11.jpg
IP
144.217.67.42:0
ASN
#16276 OVH SAS

File type
JPEG image data, baseline, precision 8, 1920x1080, components 3\012- data
Size
403 kB (402740 bytes)
Hash
c10654a068f849e614885c983ac9ab02
8d69da78045560f1c2de7bafc47b2c8a12e86424
3a864743d27da3ef1cea10d293532f84f9d564a98b34afef2a8f4b380472dfc2

HTTP Headers

GET /starharem/01/s/img/11.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 05:26:00 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 09:18:06 GMT
ETag: "62534-5dc5d6c134c3d"
Accept-Ranges: bytes
Content-Length: 402740
Content-Type: image/jpeg

belickitungchan.com/impression/eS_FVFVCxxkEf_qGkUfWigiTrJT2djHw0BNgFfCupjOC9suaUwiQjAi6enihrcWpfJ4cAUy8B3Uiyq1T0ZUXKjgXpUTkr2Rk5XctZBnaBFNe1b74L54JovNF1sRtpemzoK-3yE66f9RSFrTqGZe7P2IX6hUG0vf-fXWQVfWKAsO2u2Tm38A5Iy-y-tf0VT1TI-iMQi6ISS26OOzWTZWUYEaZbqkXEhXaCRThq9lHK9O0Wnet6seAEBOObjzSJR0ToMJOu-FCllqmxL59z4v0yqr1OooI7mZ8i0EXfSguISu7ojUcihXjGHcVDZyxzfQT5B9mS10luTdYyWl3tPazoNStae5X7DQjsSLE8G-znsNfITQ65MiP_tZ4RHzhiP-3O8QfeLl0wqZIMmTM7WSu8OC-u3g8mkqVAQIf7uik0pLP56q73LdHw4i58VkFIA3t4LfJCRUwvGL25TDhoCB-mCe_lqlj7-4sJZs0MwlI9mGya1lnkBFPDiNcjnNZuUaXFhfBqlBDqVbGhBcPYqyZeLKWWtmWQ8FBU8QsnyzNJzKsJfanOodzzSzxsvfahiDUk4QjPT3Pkccyx8KlFEnkFw==?_z=5292343&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fckk.ai%2FDDqyXJdt&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

139.45.197.239

200 OK

43 B

URL HTTP/2
belickitungchan.com/impression/eS_FVFVCxxkEf_qGkUfWigiTrJT2djHw0BNgFfCupjOC9suaUwiQjAi6enihrcWpfJ4cAUy8B3Uiyq1T0ZUXKjgXpUTkr2Rk5XctZBnaBFNe1b74L54JovNF1sRtpemzoK-3yE66f9RSFrTqGZe7P2IX6hUG0vf-fXWQVfWKAsO2u2Tm38A5Iy-y-tf0VT1TI-iMQi6ISS26OOzWTZWUYEaZbqkXEhXaCRThq9lHK9O0Wnet6seAEBOObjzSJR0ToMJOu-FCllqmxL59z4v0yqr1OooI7mZ8i0EXfSguISu7ojUcihXjGHcVDZyxzfQT5B9mS10luTdYyWl3tPazoNStae5X7DQjsSLE8G-znsNfITQ65MiP_tZ4RHzhiP-3O8QfeLl0wqZIMmTM7WSu8OC-u3g8mkqVAQIf7uik0pLP56q73LdHw4i58VkFIA3t4LfJCRUwvGL25TDhoCB-mCe_lqlj7-4sJZs0MwlI9mGya1lnkBFPDiNcjnNZuUaXFhfBqlBDqVbGhBcPYqyZeLKWWtmWQ8FBU8QsnyzNJzKsJfanOodzzSzxsvfahiDUk4QjPT3Pkccyx8KlFEnkFw==?_z=5292343&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fckk.ai%2FDDqyXJdt&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.239:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /impression/eS_FVFVCxxkEf_qGkUfWigiTrJT2djHw0BNgFfCupjOC9suaUwiQjAi6enihrcWpfJ4cAUy8B3Uiyq1T0ZUXKjgXpUTkr2Rk5XctZBnaBFNe1b74L54JovNF1sRtpemzoK-3yE66f9RSFrTqGZe7P2IX6hUG0vf-fXWQVfWKAsO2u2Tm38A5Iy-y-tf0VT1TI-iMQi6ISS26OOzWTZWUYEaZbqkXEhXaCRThq9lHK9O0Wnet6seAEBOObjzSJR0ToMJOu-FCllqmxL59z4v0yqr1OooI7mZ8i0EXfSguISu7ojUcihXjGHcVDZyxzfQT5B9mS10luTdYyWl3tPazoNStae5X7DQjsSLE8G-znsNfITQ65MiP_tZ4RHzhiP-3O8QfeLl0wqZIMmTM7WSu8OC-u3g8mkqVAQIf7uik0pLP56q73LdHw4i58VkFIA3t4LfJCRUwvGL25TDhoCB-mCe_lqlj7-4sJZs0MwlI9mGya1lnkBFPDiNcjnNZuUaXFhfBqlBDqVbGhBcPYqyZeLKWWtmWQ8FBU8QsnyzNJzKsJfanOodzzSzxsvfahiDUk4QjPT3Pkccyx8KlFEnkFw==?_z=5292343&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fckk.ai%2FDDqyXJdt&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: belickitungchan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: OAID=269f7bf030b74658a67bff176b2ef6a3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 05:26:02 GMT
content-type: image/gif
content-length: 43
x-trace-id: f5895045d1cb7bc9c413c6f226251e19
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

forfrogadiertor.com/400/3487732

139.45.197.239

200 OK

0 B

URL HTTP/2
forfrogadiertor.com/400/3487732
IP
139.45.197.239:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /400/3487732 HTTP/1.1
Host: forfrogadiertor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 05:25:57 GMT
content-type: application/javascript
x-trace-id: 91601a1f0704e3fd0538c3018b183159
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=60e74caf956a45b89ad2b32abd92d99d; expires=Mon, 11 Sep 2023 05:25:57 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

belickitungchan.com/400/5292343

139.45.197.239

200 OK

0 B

URL HTTP/2
belickitungchan.com/400/5292343
IP
139.45.197.239:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /400/5292343 HTTP/1.1
Host: belickitungchan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 05:25:58 GMT
content-type: application/javascript
x-trace-id: 83ef19f2b7ff388b3e8e133c1ae3ee39
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=5aade69874ba43c2957e09b92340edbd; expires=Mon, 11 Sep 2023 05:25:58 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

139.45.197.242

200 OK

0 B

URL HTTP/2
upgulpinon.com/9?z=5324394&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FDDqyXJdt&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=269f7bf030b74658a67bff176b2ef6a3
IP
139.45.197.242:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /9?z=5324394&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FDDqyXJdt&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=269f7bf030b74658a67bff176b2ef6a3 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 52
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: scm=1; OAID=f3fc1d952e0d4a548c306c87804c84fb; oaidts=1662873957
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 05:25:58 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://ckk.ai
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: eb3e082cfc33d642e0fb13823bf87263
access-control-expose-headers: X-Sc
set-cookie: OAID=269f7bf030b74658a67bff176b2ef6a3; expires=Mon, 11 Sep 2023 05:25:58 GMT; secure; SameSite=None
oaidts=1662873957; expires=Mon, 11 Sep 2023 05:25:58 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

onmarshtompor.com/?rb=ccX6IA78ab2UIeqjbFH1SxYSETJKMdewuVUMiOh0XNwTQn9ZXLZ_7nEg6bpGyIxVaWH8-Pezpzs6OJJuSX2aj7CUw3HPWBI4HZAivdwRhT7NCSaO6sZigQp36MBdK7abX6lYHZxfo7d2-oBAvdCAl7PTPp-Vxdfg_qOfBnpRPkSAenfQ7wdxLRWrD33K3bOqlUfc2luKGyBrUudL&request_ab2=0&zoneid=3491150&js_build=iclick-v1.425.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fckk.ai%2FDDqyXJdt&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.425.0&bs=679ab493-2852-48d5-baf3-9597fd7e2ddd&userId=269f7bf030b74658a67bff176b2ef6a3&m=link

139.45.197.243

200 OK

0 B

URL HTTP/2
onmarshtompor.com/?rb=ccX6IA78ab2UIeqjbFH1SxYSETJKMdewuVUMiOh0XNwTQn9ZXLZ_7nEg6bpGyIxVaWH8-Pezpzs6OJJuSX2aj7CUw3HPWBI4HZAivdwRhT7NCSaO6sZigQp36MBdK7abX6lYHZxfo7d2-oBAvdCAl7PTPp-Vxdfg_qOfBnpRPkSAenfQ7wdxLRWrD33K3bOqlUfc2luKGyBrUudL&request_ab2=0&zoneid=3491150&js_build=iclick-v1.425.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fckk.ai%2FDDqyXJdt&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.425.0&bs=679ab493-2852-48d5-baf3-9597fd7e2ddd&userId=269f7bf030b74658a67bff176b2ef6a3&m=link
IP
139.45.197.243:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /?rb=ccX6IA78ab2UIeqjbFH1SxYSETJKMdewuVUMiOh0XNwTQn9ZXLZ_7nEg6bpGyIxVaWH8-Pezpzs6OJJuSX2aj7CUw3HPWBI4HZAivdwRhT7NCSaO6sZigQp36MBdK7abX6lYHZxfo7d2-oBAvdCAl7PTPp-Vxdfg_qOfBnpRPkSAenfQ7wdxLRWrD33K3bOqlUfc2luKGyBrUudL&request_ab2=0&zoneid=3491150&js_build=iclick-v1.425.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fckk.ai%2FDDqyXJdt&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.425.0&bs=679ab493-2852-48d5-baf3-9597fd7e2ddd&userId=269f7bf030b74658a67bff176b2ef6a3&m=link HTTP/1.1
Host: onmarshtompor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ckk.ai/
Origin: https://ckk.ai
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 05:25:58 GMT
content-type: application/json
x-trace-id: 5e2b64153472f99fe94253cb4c324625
access-control-allow-origin: https://ckk.ai
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=269f7bf030b74658a67bff176b2ef6a3; expires=Mon, 11 Sep 2023 05:25:58 GMT; path=/; secure; SameSite=None
oaidts=1662873958; expires=Mon, 11 Sep 2023 05:25:58 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sun, 18 Sep 2022 05:25:58 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

forfrogadiertor.com/500/3487732?excludes=&oaid=269f7bf030b74658a67bff176b2ef6a3&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fckk.ai%2FDDqyXJdt&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

139.45.197.239

200 OK

0 B

URL HTTP/2
forfrogadiertor.com/500/3487732?excludes=&oaid=269f7bf030b74658a67bff176b2ef6a3&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fckk.ai%2FDDqyXJdt&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.239:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /500/3487732?excludes=&oaid=269f7bf030b74658a67bff176b2ef6a3&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fckk.ai%2FDDqyXJdt&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: forfrogadiertor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: OAID=269f7bf030b74658a67bff176b2ef6a3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 05:25:58 GMT
content-type: application/javascript
x-trace-id: efdb03e5b547b3b997bd1271460c1e53
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://ckk.ai
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=269f7bf030b74658a67bff176b2ef6a3; expires=Mon, 11 Sep 2023 05:25:58 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

tzegilo.com/stattag.js

104.21.22.169

200 OK

0 B

URL HTTP/2
tzegilo.com/stattag.js
IP
104.21.22.169:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 11 Sep 2022 05:25:58 GMT
content-type: application/javascript
last-modified: Thu, 04 Aug 2022 15:18:11 GMT
etag: W/"62ebe333-8007"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 2245
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BX2YWDgLJDk071bYKMZmzboDJ%2B3faR6lUVvHMyoOg6sViQpuWIv%2FHHYkgTS0tw5aDV%2Fs8sWyg6SJtGUWS%2BfeMRFLWtz2EID%2F9vdbQp1RwCCgvuVatWAL6bmIkYKsQg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748dfc5d8920b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

punoocke.com/401/5292343

139.45.197.236

200 OK

0 B

URL HTTP/2
punoocke.com/401/5292343
IP
139.45.197.236:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /401/5292343 HTTP/1.1
Host: punoocke.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 05:25:58 GMT
content-type: application/javascript
x-trace-id: dd697ca28f1859fd7704a182c7bccdee
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=046b5b18d106484ca9a26f0ec2876905; expires=Mon, 11 Sep 2023 05:25:58 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

upgulpinon.com/1?z=5324394

139.45.197.242

200 OK

0 B

URL HTTP/2
upgulpinon.com/1?z=5324394
IP
139.45.197.242:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /1?z=5324394 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 05:25:57 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: ea30c73a2ff4d49acd7ba732449babcf
access-control-expose-headers: X-Sc
x-sc: NpjWc_Zlp4vwN79polhL7HksvRzYPFk0y2qhfJnJon9x6EMwoMMgBz7PLbJ7tp-ENgIMY_OZ2-9ZlrLk4rMJJTjlTNw=
set-cookie: scm=1; expires=Mon, 11 Sep 2023 05:25:57 GMT; secure; SameSite=None
OAID=f3fc1d952e0d4a548c306c87804c84fb; expires=Mon, 11 Sep 2023 05:25:57 GMT; secure; SameSite=None
oaidts=1662873957; expires=Mon, 11 Sep 2023 05:25:57 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

punoocke.com/401/5292343?oo=1&oaid=269f7bf030b74658a67bff176b2ef6a3

139.45.197.236

200 OK

0 B

URL HTTP/2
punoocke.com/401/5292343?oo=1&oaid=269f7bf030b74658a67bff176b2ef6a3
IP
139.45.197.236:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /401/5292343?oo=1&oaid=269f7bf030b74658a67bff176b2ef6a3 HTTP/1.1
Host: punoocke.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: OAID=046b5b18d106484ca9a26f0ec2876905
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 05:25:58 GMT
content-type: application/json
x-trace-id: 07559b65bd99b46868a7270392594d83
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://ckk.ai
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=269f7bf030b74658a67bff176b2ef6a3; expires=Mon, 11 Sep 2023 05:25:58 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Luckiest+Guy&family=Roboto:wght@400;700&display=swap

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Luckiest+Guy&family=Roboto:wght@400;700&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Luckiest+Guy&family=Roboto:wght@400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 11 Sep 2022 05:25:58 GMT
date: Sun, 11 Sep 2022 05:25:58 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

forfrogadiertor.com/400/3487732?oo=1&oaid=269f7bf030b74658a67bff176b2ef6a3

139.45.197.239

200 OK

0 B

URL HTTP/2
forfrogadiertor.com/400/3487732?oo=1&oaid=269f7bf030b74658a67bff176b2ef6a3
IP
139.45.197.239:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /400/3487732?oo=1&oaid=269f7bf030b74658a67bff176b2ef6a3 HTTP/1.1
Host: forfrogadiertor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: OAID=60e74caf956a45b89ad2b32abd92d99d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 05:25:57 GMT
content-type: application/json
x-trace-id: db9d52433b1448c362a0c7ece439ac6b
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: https://ckk.ai
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=269f7bf030b74658a67bff176b2ef6a3; expires=Mon, 11 Sep 2023 05:25:57 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (27)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations