Report - stfly.cc/5KbX1

Report Overview

Submitted URL
stfly.cc/5KbX1
IP
188.114.96.1
ASN
#13335 CLOUDFLARENET
Submitted
2023-06-01 03:51:17
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
2
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
nanouwho.com	unknown	2022-07-09	2022-07-09	2023-05-31	393 B	624 B	139.45.197.242
unpkg.com	11693	2016-01-06	2016-01-08	2023-05-31	851 B	6.3 kB	104.16.125.175
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2023-05-31	426 B	3.5 kB	142.250.74.106
stfly.cc	unknown	2022-08-14	2022-08-14	2023-05-31	472 B	16 kB	188.114.96.1
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2023-06-01	554 B	20 kB	142.250.74.35
www.google.no	25607	2001-02-26	2016-04-05	2023-06-01	517 B	578 B	216.58.207.227
region1.analytics.google.com	unknown	1997-09-15	2022-03-17	2023-05-31	618 B	439 B	216.239.32.36
betotodilea.com	52465	2021-08-09	2021-08-17	2023-06-01	396 B	514 B	139.45.197.237
my.rtmark.net	9054	2014-10-29	2015-02-04	2023-05-31	451 B	737 B	139.45.195.8
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2023-05-31	426 B	29 kB	104.17.25.14
stfly.me	208120	2020-06-19	2020-06-19	2023-05-30	902 B	13 kB	172.67.192.47
gh.centrerauriga.com	unknown	2023-05-21	2023-05-21	2023-05-30	401 B	1.2 kB	172.255.6.34
tignuget.net	unknown	2023-05-22	2023-05-23	2023-05-29	1.4 kB	69 kB	139.45.197.244
ocsp.pki.goog	175	2016-06-13	2018-07-01	2023-05-31	2.3 kB	4.9 kB	142.250.74.3
stackpath.bootstrapcdn.com	2467	2012-05-25	2018-06-15	2023-05-31	447 B	26 kB	104.18.11.207
www.googletagmanager.com	75	2011-11-11	2013-05-22	2023-05-31	867 B	152 kB	142.250.74.72

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-06-01 03:50:59	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-06-01 03:50:59	medium	Client IP	Internal IP	ET DNS Query for .cc TLD

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (11)

	URL	Size	First Seen	Last Seen
	stfly.cc/5KbX1	155 B	2023-03-07	2024-03-16
Pretty URL stfly.cc/5KbX1 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 15:18:16 Last Seen2024-03-16 08:53:59 Times Seen122 Hash 59ebe0b9de3964823af9e47ca93a4955 f8bc090309fd3f812825b06ac082ea98cd27a8f7 fcb5a666860ca97d0ad3ed1a21203060b8fc1ac42a73b4cf628f8044698d8a2a Loading...

	stfly.cc/5KbX1	2.4 kB	2023-03-08	2024-03-16
Pretty URL stfly.cc/5KbX1 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 14:35:33 Last Seen2024-03-16 08:54:00 Times Seen122 Hash a1704fd491a577a58e2d012ac00ef92b be2f0459eaa4565828d125bf90a13b69d4e7b437 62d2ea0f5f0040686256ce7936143e9a6233f336f7d1efbd7dca27fd73e90b12 Loading...

	www.googletagmanager.com/gtag/js?id=UA-108199505-1	177 kB	2023-06-01	2023-06-01
Pretty URL www.googletagmanager.com/gtag/js?id=UA-108199505-1 IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-01 05:51:20 Last Seen2023-06-01 05:51:20 Times Seen2 Hash 2476b3a94c9f5baa26bfc22d38ddf0a0 a9d6f40f7fb2dfe0712df1fd3e0e71da20e33774 8a5212eb0c4dd9ee84234802f9c921ed8ff4529e692d192e10d077126fa60c8d Loading...

	tignuget.net/5/3381289	65 kB	2023-06-01	2023-06-01
Pretty URL tignuget.net/5/3381289 IP 139.45.197.244 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-01 05:51:20 Last Seen2023-06-01 05:51:21 Times Seen2 Hash 7dd94dadbf5f538e0de04af985d2b168 6bcc7ebe5073fd3cb0d6f7450d51f452696cb965 89faae727e040955cb559cc628f17750d383b81e9249f33181acdaf3d66a0050 Loading...

	unpkg.com/just-detect-adblock@latest/dist/bundle.umd.js	2.6 kB	2023-03-07	2024-03-16
Pretty URL unpkg.com/just-detect-adblock@latest/dist/bundle.umd.js IP 104.16.125.175 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:06:05 Last Seen2024-03-16 08:54:00 Times Seen152 Hash 09f554e0361d2bb83c02eca48ec2a0ee e80452ce6ee60b10f8edd2c134db6566effbd0eb 6ea0709e076a8dd6569a1d148aabce6669d3bb30087be54fd8368ac1293bd771 Loading...

	stfly.cc/sandbox%20eval%20code	147 B	2023-04-11	2024-04-26
Pretty URL stfly.cc/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-04-26 08:10:08 Times Seen342329 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	stfly.cc/5KbX1	886 B	2023-06-01	2023-06-01
Pretty URL stfly.cc/5KbX1 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-01 05:51:20 Last Seen2023-06-01 05:51:20 Times Seen1 Hash 5d56dd1e771275fca240fb7a0f425bb8 c1a2aeea715bb2c7ab8e252d2fb74c3a15349be8 c3fe22674efbe3d78f6b308d4a30dc5dd0b118f5df5df77198360d12dcb63739 Loading...

	gh.centrerauriga.com/1clkn/55315	6 B	2023-03-07	2024-04-26
Pretty URL gh.centrerauriga.com/1clkn/55315 IP 172.255.6.34 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:04 Last Seen2024-04-26 08:27:09 Times Seen13625 Hash 9082dc37e5e8046929da411544ad071a 41e0e3963ed94e59e8a2f115994c382712411537 b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550 Loading...

	www.googletagmanager.com/gtag/js?id=G-PDV6XHL2ZF&l=dataLayer&cx=c	253 kB	2023-06-01	2023-06-01
Pretty URL www.googletagmanager.com/gtag/js?id=G-PDV6XHL2ZF&l=dataLayer&cx=c IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-01 05:51:20 Last Seen2023-06-01 05:51:20 Times Seen2 Hash 919762a880358cd6665e6db5e6eafd40 5f0319a3d634e7dd107a729aabe421c98d75119c 739504d6bf02e05f1ab073c020a1d58ef608f130836ba81c170352089ef3e75b Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-04-26
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-04-26 08:10:08 Times Seen341830 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js	90 kB	2023-03-07	2024-04-26
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-04-26 08:34:11 Times Seen261607 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

HTTP Transactions (26)

	URL	IP	Response	Size
	cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js	104.17.25.14	200 OK	28 kB
URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js IP 104.17.25.14:443 ASN #13335 CLOUDFLARENET Requested by https://stfly.cc/5KbX1 Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT File type ASCII text, with very long lines (65447) Size 28 kB (27938 bytes) Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e HTTP Headers `GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1 Host: cdnjs.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://stfly.cc/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Thu, 01 Jun 2023 03:51:01 GMT content-type: application/javascript; charset=utf-8 content-length: 27938 access-control-allow-origin: * cache-control: public, max-age=30672000 content-encoding: br etag: "603e8adc-15d9d" last-modified: Tue, 02 Mar 2021 18:58:36 GMT cf-cdnjs-via: cfworker/kv cross-origin-resource-policy: cross-origin timing-allow-origin: * x-content-type-options: nosniff vary: Accept-Encoding cf-cache-status: HIT age: 5992685 expires: Tue, 21 May 2024 03:51:01 GMT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=msEVYM7EDGQy2fQGv0vTjbWWkGo5qnFhcQcLZ%2FaCOL5Dlb8sHeYfMRWGQwkUapoCiqq%2FZGviFo0ol5eN79X5GvHWGljmQgHby48NhzmtZOfQgNyWcs%2F08zjZen29fKRP4TKss%2BiO"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=15780000 server: cloudflare cf-ray: 7d047ee8c99e0afa-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	stfly.me/wp-content/uploads/2022/12/logo-wp.png	172.67.192.47	200 OK	11 kB
URL GET HTTP/2 stfly.me/wp-content/uploads/2022/12/logo-wp.png IP 172.67.192.47:443 ASN #13335 CLOUDFLARENET Requested by https://stfly.cc/5KbX1 Certificate IssuerGoogle Trust Services LLC Subjectstfly.me FingerprintD0:26:B8:12:FB:B0:05:A6:93:D9:1A:10:4E:3B:F1:22:DA:34:F1:C5 ValidityWed, 17 May 2023 01:56:27 GMT - Tue, 15 Aug 2023 01:56:26 GMT File type PNG image data, 684 x 251, 8-bit colormap, non-interlaced\012- data Size 11 kB (10590 bytes) Hash 94130f636ea5a1676c65189017652bd1 f29c40a9146876dfd0b18a8babe6de2958d970ec 20d03dbd1aefea543ffa2e04625f3466936a9b6c0b90449941490aaa7b080a6d HTTP Headers `GET /wp-content/uploads/2022/12/logo-wp.png HTTP/1.1 Host: stfly.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://stfly.cc/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Thu, 01 Jun 2023 03:51:01 GMT content-type: image/png content-length: 10590 last-modified: Thu, 15 Dec 2022 13:16:27 GMT etag: "639b1e2b-295e" expires: Sat, 03 Jun 2023 15:46:46 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000 cf-cache-status: HIT age: 2376255 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4HSesrXWXUgQEnPeMJEednW5qgd3Bs9%2BJY1pN9mgukfIJbRpZ5DsuSk%2B9fCMsCa8I3BqBpo1h6ZNKAsLgsu5ypVrcU%2BAbsaLaCO12Odlg%2Bqxg5AECfZn7fF5WA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d047ee8ea73069b-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.3		472 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.3:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 5b53f2fcda25e30bbbf202b507fac96c 1d1cfb1765f42aba83c3b3e89417b228ed9f0b22 6971f9675ef64b91754cc952302f0a4e9d93b0435625536165dde4c7fe71b235 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 01 Jun 2023 03:51:01 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css	104.18.11.207	200 OK	25 kB
URL GET HTTP/2 stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css IP 104.18.11.207:443 ASN #13335 CLOUDFLARENET Requested by https://stfly.cc/5KbX1 Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT File type ASCII text, with very long lines (65324) Size 25 kB (24895 bytes) Hash a15c2ac3234aa8f6064ef9c1f7383c37 6e10354828454898fda80f55f3decb347fd9ed21 60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36 HTTP Headers `GET /bootstrap/4.3.1/css/bootstrap.min.css HTTP/1.1 Host: stackpath.bootstrapcdn.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://stfly.cc/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Thu, 01 Jun 2023 03:51:01 GMT content-type: text/css; charset=utf-8 vary: Accept-Encoding cdn-pullzone: 252412 cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestcountrycode: DE access-control-allow-origin: * cache-control: public, max-age=31919000 last-modified: Mon, 25 Jan 2021 22:04:08 GMT cdn-cachedat: 12/27/2021 07:28:05 cdn-edgestorageid: 756 cdn-requestpullcode: 200 cdn-requestpullsuccess: True timing-allow-origin: * cross-origin-resource-policy: cross-origin x-content-type-options: nosniff cdn-status: 200 cdn-proxyver: 1.02 cdn-requestid: 5a4f218ff2cc791bfca3e2943b0791a7 cdn-cache: HIT cf-cache-status: HIT age: 31038085 strict-transport-security: max-age=31536000; includeSubDomains; preload server: cloudflare cf-ray: 7d047ee8c9d2b51e-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	www.googletagmanager.com/gtag/js?id=UA-108199505-1	142.250.74.72	200 OK	64 kB
URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=UA-108199505-1 IP 142.250.74.72:443 ASN #15169 GOOGLE Requested by https://stfly.cc/5KbX1 Certificate IssuerGoogle Trust Services LLC Subject.google-analytics.com FingerprintEB:A2:AF:B3:20:F1:B1:77:23:0B:85:D2:B1:16:33:A7:97:49:EE:51 ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT File type ASCII text, with very long lines (4372) Size 64 kB (64332 bytes) Hash 2476b3a94c9f5baa26bfc22d38ddf0a0 a9d6f40f7fb2dfe0712df1fd3e0e71da20e33774 8a5212eb0c4dd9ee84234802f9c921ed8ff4529e692d192e10d077126fa60c8d HTTP Headers `GET /gtag/js?id=UA-108199505-1 HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://stfly.cc/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Thu, 01 Jun 2023 03:51:01 GMT expires: Thu, 01 Jun 2023 03:51:01 GMT cache-control: private, max-age=900 strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 64332 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	gh.centrerauriga.com/1clkn/55315	172.255.6.34	200 OK	26 B
URL GET HTTP/1.1 gh.centrerauriga.com/1clkn/55315 IP 172.255.6.34:443 ASN #7979 SERVERS-COM Requested by https://stfly.cc/5KbX1 Certificate IssuerLet's Encrypt Subjectgh.centrerauriga.com FingerprintB4:33:D1:47:8D:DD:3A:52:C8:0F:F5:D3:33:12:63:B5:23:68:8E:3B ValiditySun, 21 May 2023 18:32:49 GMT - Sat, 19 Aug 2023 18:32:48 GMT File type ASCII text, with no line terminators Size 26 B (26 bytes) Hash 9082dc37e5e8046929da411544ad071a 41e0e3963ed94e59e8a2f115994c382712411537 b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550 HTTP Headers `GET /1clkn/55315 HTTP/1.1 Host: gh.centrerauriga.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://stfly.cc/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Server: nginx Date: Thu, 01 Jun 2023 03:51:01 GMT Content-Type: application/javascript; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=20 Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version Set-Cookie: GL_UI4=eJw9jU1Sg0AQhSH8RQ1oV3EAj8AQMcnSTVbegZphGhwD06lmQuLtHa3S3fteffVeEASr8hHCJY0husgGnl8aXe97Ve31tsZq34vda9UoIbp6u1PycIA7M7dOqhFdDOt5kuxat8SwGdAim67tSGMOT976a06WrjaGRLG0Oodk8saYQ6aYrjNyGUFs5YSQHQ1jTzdvyE9iiIQQPhvrc1jBiuYyKu4heTf2cis2aVAUaQAP51G6nnhqjfaYDCw1QvgG6046HIi%2FINM4nxydAWjU7b%2F%2Fe5qMP2uQalxM55HcB%2FI3ouZOdQ%3D%3D; expires=Fri, 02-Jun-2023 03:51:01 GMT; Max-Age=86400; path=/; secure; SameSite=None GL_GI10=eJw9i8sKwjAURGuUYNVWBvwAf8D6QBdu1aXUhbgOtd6WYM0tTXzUr%2FcFruYwc8bzPDEIIXSJ3nIaLSfRfBZNF3M0c2KIeIdeylfjqlqZ5EKQMVf3pIasKNdsAnR%2FoFI%2BETrxbnQwZ8N38x8%2BtwCtVLs6gP%2BJrxu20dS2RLgq9GO45%2BLq3raFb8gpWxKd4K%2BTY0HjzX6L8N9%2Bz7KBtraqrPhRv7nv9IWebEhxlllyUqBxk%2BIFsdRBIw%3D%3D; expires=Fri, 02-Jun-2023 03:51:01 GMT; Max-Age=86400; path=/; secure; SameSite=None Content-Encoding: gzip Vary: Accept-Encoding Strict-Transport-Security: max-age=1 X-Content-Type-Options: nosniff

	ocsp.pki.goog/gts1c3	142.250.74.3		472 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.3:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 582908ff8bc13bc9b5422491129d8b0e 8deb8d1987e09761ca90108160cc262f1ee8dffa daa1cabdc684ac8d98c86cd6aa983b52bb982052a8a7b6632f565a606c85a8b2 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 01 Jun 2023 03:51:01 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.3		472 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.3:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 5b53f2fcda25e30bbbf202b507fac96c 1d1cfb1765f42aba83c3b3e89417b228ed9f0b22 6971f9675ef64b91754cc952302f0a4e9d93b0435625536165dde4c7fe71b235 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 01 Jun 2023 03:51:01 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.googletagmanager.com/gtag/js?id=G-PDV6XHL2ZF&l=dataLayer&cx=c	142.250.74.72	200 OK	86 kB
URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=G-PDV6XHL2ZF&l=dataLayer&cx=c IP 142.250.74.72:443 ASN #15169 GOOGLE Requested by https://stfly.cc/5KbX1 Certificate IssuerGoogle Trust Services LLC Subject.google-analytics.com FingerprintEB:A2:AF:B3:20:F1:B1:77:23:0B:85:D2:B1:16:33:A7:97:49:EE:51 ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT File type ASCII text, with very long lines (4537) Size 86 kB (86310 bytes) Hash 919762a880358cd6665e6db5e6eafd40 5f0319a3d634e7dd107a729aabe421c98d75119c 739504d6bf02e05f1ab073c020a1d58ef608f130836ba81c170352089ef3e75b HTTP Headers `GET /gtag/js?id=G-PDV6XHL2ZF&l=dataLayer&cx=c HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://stfly.cc/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Thu, 01 Jun 2023 03:51:01 GMT expires: Thu, 01 Jun 2023 03:51:01 GMT cache-control: private, max-age=900 strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 86310 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	ocsp.pki.goog/gts1c3	142.250.74.3		472 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.3:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash fd0c5fcd552e140b1496b4697b18a3a4 264e38a9d130f40f54539a52cba317d16aea03ef a7ed4a9f0a8b37cf7bcf3a12317f70c607fa56aac6a980a6fda121b2c30d5151 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 01 Jun 2023 03:51:01 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	fonts.gstatic.com/s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2	142.250.74.35	200 OK	19 kB
URL GET HTTP/2 fonts.gstatic.com/s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 IP 142.250.74.35:443 ASN #15169 GOOGLE Requested by https://stfly.cc/5KbX1 Certificate IssuerGoogle Trust Services LLC Subject.gstatic.com FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6 ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT File type Web Open Font Format (Version 2), TrueType, length 18664, version 1.0\012- data Size 19 kB (18664 bytes) Hash 8d1c44b2bf75a4e6f1bd141f9a965f4f 1e5dfdb7ca5ee8e823f9f5787f84b18fbdc38434 441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709 HTTP Headers GET /s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://stfly.cc DNT: 1 Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 18664 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 25 May 2023 07:49:32 GMT expires: Fri, 24 May 2024 07:49:32 GMT cache-control: public, max-age=31536000 age: 590489 last-modified: Tue, 02 May 2023 15:19:23 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.3		472 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.3:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash fd0c5fcd552e140b1496b4697b18a3a4 264e38a9d130f40f54539a52cba317d16aea03ef a7ed4a9f0a8b37cf7bcf3a12317f70c607fa56aac6a980a6fda121b2c30d5151 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 01 Jun 2023 03:51:01 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	betotodilea.com/400/4495548	139.45.197.237	403 Forbidden	22 B
URL GET HTTP/2 betotodilea.com/400/4495548 IP 139.45.197.237:443 ASN #9002 RETN Limited Requested by https://stfly.cc/5KbX1 Certificate IssuerLet's Encrypt Subjectbetotodilea.com FingerprintC9:DD:16:90:AA:F5:63:38:44:6E:FD:CC:C1:67:99:9F:22:F6:67:66 ValidityWed, 05 Apr 2023 04:47:01 GMT - Tue, 04 Jul 2023 04:47:00 GMT File type ASCII text, with no line terminators Size 22 B (22 bytes) Hash b5e50d07b6b24e1e105e6e4fceb97bf6 95d7e8119b8befc7153b44b4c7be59f26bd6ad33 61c3148fba3befcce5b4636c4209a440913a136138bf62005df97386827f2ae2 HTTP Headers `GET /400/4495548 HTTP/1.1 Host: betotodilea.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://stfly.cc/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 403 Forbidden server: nginx date: Thu, 01 Jun 2023 03:51:01 GMT content-type: text/plain; charset=utf-8 content-length: 22 x-trace-id: ce7cd9e076e0b00bc42e79ac82d0fbe7 expires: Tue, 11 Jan 1994 10:00:00 GMT cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0 pragma: no-cache timing-allow-origin: * vary: Origin access-control-allow-origin: * access-control-expose-headers: Link access-control-allow-credentials: true X-Firefox-Spdy: h2`

	nanouwho.com/1?z=3968308	139.45.197.242	404 Not Found	7 B
URL GET HTTP/2 nanouwho.com/1?z=3968308 IP 139.45.197.242:443 ASN #9002 RETN Limited Requested by https://stfly.cc/5KbX1 Certificate IssuerLet's Encrypt Subjectnanouwho.com Fingerprint17:8A:69:ED:47:86:DA:AC:CF:48:90:92:79:0C:F0:AC:0C:E8:8C:84 ValidityThu, 25 May 2023 04:38:28 GMT - Wed, 23 Aug 2023 04:38:27 GMT File type ASCII text, with no line terminators Size 7 B (7 bytes) Hash 3b66fb7a307f3ca29bd59b2f354055bd d6ae6ccb37eb272d94d4a5191fa50372f4d06bba de68e8f959bc131328db7581860711517d6ae1eb03aa047043dc7f826906e5a4 HTTP Headers `GET /1?z=3968308 HTTP/1.1 Host: nanouwho.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://stfly.cc/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 404 Not Found server: nginx date: Thu, 01 Jun 2023 03:51:02 GMT content-type: text/plain; charset=utf-8 content-length: 7 access-control-allow-credentials: true access-control-allow-origin: access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID x-trace-id: 45475945e3eb43fb8d45582675308cba access-control-expose-headers: X-Sc x-sc: 4KdnrdofxFOHMlcU set-cookie: scm=1; expires=Fri, 31 May 2024 03:51:02 GMT; secure; SameSite=None X-Firefox-Spdy: h2

	my.rtmark.net/gid.js?userId=17115a9d9d3245e28c3e7a40976e8333	139.45.195.8	200 OK	65 B
URL GET HTTP/2 my.rtmark.net/gid.js?userId=17115a9d9d3245e28c3e7a40976e8333 IP 139.45.195.8:443 ASN #9002 RETN Limited Requested by https://stfly.cc/5KbX1 Certificate IssuerLet's Encrypt Subjectrtmark.net Fingerprint84:56:36:C3:24:DE:FB:F0:E7:EB:EB:9D:C8:B6:28:31:B5:3C:8B:80 ValiditySat, 06 May 2023 08:48:01 GMT - Fri, 04 Aug 2023 08:48:00 GMT File type JSON data\012- , ASCII text Size 65 B (65 bytes) Hash 73aff6825ca352b3c787536f2fe7e61c 0ea0d9e22909f10642e828d264fb64d01968616b 38b7cdefa826749ed33ea9827261d2c08b002fd665c16e12d19a411fd3ba6d2e HTTP Headers `GET /gid.js?userId=17115a9d9d3245e28c3e7a40976e8333 HTTP/1.1 Host: my.rtmark.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://stfly.cc DNT: 1 Connection: keep-alive Referer: https://stfly.cc/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: nginx date: Thu, 01 Jun 2023 03:51:02 GMT content-type: application/json; charset=utf-8 content-length: 65 access-control-allow-origin: https://stfly.cc access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token access-control-expose-headers: Authorization access-control-allow-credentials: true set-cookie: ID=17115a9d9d3245e28c3e7a40976e8333; expires=Fri, 31 May 2024 03:51:02 GMT; secure; SameSite=None strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , X-Firefox-Spdy: h2

	stfly.me/wp-content/uploads/2022/12/favicon.png	172.67.192.47	200 OK	1.3 kB
URL GET HTTP/3 stfly.me/wp-content/uploads/2022/12/favicon.png IP 172.67.192.47:443 ASN #13335 CLOUDFLARENET Requested by https://stfly.cc/5KbX1 Certificate IssuerGoogle Trust Services LLC Subjectstfly.me FingerprintD0:26:B8:12:FB:B0:05:A6:93:D9:1A:10:4E:3B:F1:22:DA:34:F1:C5 ValidityWed, 17 May 2023 01:56:27 GMT - Tue, 15 Aug 2023 01:56:26 GMT File type PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data Size 1.3 kB (1273 bytes) Hash 77004a5b31f1c5ab30755cad675630cb 9ff49298b2f92e7895b7d47a115b2473fe3d35e1 f75a1c9fe89949bcaa5941eb8f583e9df82b4b07da88162fdb552660b7909b60 HTTP Headers `GET /wp-content/uploads/2022/12/favicon.png HTTP/1.1 Host: stfly.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://stfly.cc/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Thu, 01 Jun 2023 03:51:02 GMT content-type: image/png content-length: 1273 last-modified: Thu, 15 Dec 2022 13:18:03 GMT etag: "639b1e8b-4f9" expires: Mon, 12 Jun 2023 07:18:11 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000 cf-cache-status: HIT age: 1629171 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hCP2a0PNFpZ%2FZJaTN1O7E2jor5EcOF5kulQev%2BmTP6XXM7n4XQCt7eMsdUxWfkidYTljdlQyTSmEZE0qQBAhaQmthlq4MBYcIPjuobXFqLJZOH%2B3r4obcspeyg%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d047eee2995b529-OSL alt-svc: h3=":443"; ma=86400

	ocsp.pki.goog/gts1c3	142.250.74.3		472 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.3:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash ec1458576ada616603980e927aecc7e2 99e65899f1a132d05d7077216a57c11d3870fa8d af449ad4f469ca46bd50bc1260655a9cd55e14719682e461b41796d6bf8e7cb7 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 01 Jun 2023 03:51:02 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-PDV6XHL2ZF&cid=1960415018.1685591462&gtm=45je35v0&aip=1&z=843381456	216.58.207.227	200 OK	42 B
URL GET HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-PDV6XHL2ZF&cid=1960415018.1685591462&gtm=45je35v0&aip=1&z=843381456 IP 216.58.207.227:443 ASN #15169 GOOGLE Requested by https://stfly.cc/5KbX1 Certificate IssuerGoogle Trust Services LLC Subject.google.no FingerprintB6:72:A5:B7:45:AC:AA:AB:11:6F:E9:5D:A6:4D:03:19:3A:00:31:45 ValidityMon, 08 May 2023 08:26:53 GMT - Mon, 31 Jul 2023 08:26:52 GMT File type GIF image data, version 89a, 1 x 1\012- data Size 42 B (42 bytes) Hash d89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 HTTP Headers GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-PDV6XHL2ZF&cid=1960415018.1685591462&gtm=45je35v0&aip=1&z=843381456 HTTP/1.1 Host: www.google.no User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://stfly.cc/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin: * cross-origin-resource-policy: cross-origin date: Thu, 01 Jun 2023 03:51:02 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate content-type: image/gif x-content-type-options: nosniff server: cafe content-length: 42 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.3		472 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.3:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash ec1458576ada616603980e927aecc7e2 99e65899f1a132d05d7077216a57c11d3870fa8d af449ad4f469ca46bd50bc1260655a9cd55e14719682e461b41796d6bf8e7cb7 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 01 Jun 2023 03:51:02 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	region1.analytics.google.com/g/collect?v=2&tid=G-PDV6XHL2ZF&gtm=45je35v0&_p=166705541&_gaz=1&cid=1960415018.1685591462&ul=en-us&sr=1280x1024&_s=1&sid=1685591461&sct=1&seg=0&dl=https%3A%2F%2Fstfly.cc%2F5KbX1&dt=Stfly&en=page_view&_fv=1&_nsi=1&_ss=1	216.239.32.36	204 No Content	0 B
URL POST HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-PDV6XHL2ZF&gtm=45je35v0&_p=166705541&_gaz=1&cid=1960415018.1685591462&ul=en-us&sr=1280x1024&_s=1&sid=1685591461&sct=1&seg=0&dl=https%3A%2F%2Fstfly.cc%2F5KbX1&dt=Stfly&en=page_view&_fv=1&_nsi=1&_ss=1 IP 216.239.32.36:443 ASN #15169 GOOGLE Requested by https://stfly.cc/5KbX1 Certificate IssuerGoogle Trust Services LLC Subject.google-analytics.com FingerprintEB:A2:AF:B3:20:F1:B1:77:23:0B:85:D2:B1:16:33:A7:97:49:EE:51 ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /g/collect?v=2&tid=G-PDV6XHL2ZF&gtm=45je35v0&_p=166705541&_gaz=1&cid=1960415018.1685591462&ul=en-us&sr=1280x1024&_s=1&sid=1685591461&sct=1&seg=0&dl=https%3A%2F%2Fstfly.cc%2F5KbX1&dt=Stfly&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1 Host: region1.analytics.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://stfly.cc DNT: 1 Connection: keep-alive Referer: https://stfly.cc/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Content-Length: 0 `HTTP/2 204 No Content access-control-allow-origin: https://stfly.cc date: Thu, 01 Jun 2023 03:51:02 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate access-control-allow-credentials: true content-type: text/plain cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2`

	tignuget.net/?rb=oy4dHEnyvVVbzLKuhQBciPVC8TxeVF76me8IkyerrxKjCoaOfXwIdtrgJFrdueW26sBGidGYuHFMRy0qOWt8ZfOj0JxgOKQgluJcjIEcBahYKtAa-RV6DXMZcgzVhAeJw440kZRzaDqAL24aYnkIvS_6ZrZJcBUI69Rtggw9D8zET60X7ab3fIjgsTMFSL-hlyFQRWxoBM5J_rdLfQaiHw%3D%3D&request_ab2=0&zoneid=3381289&js_build=iclick-v1.550.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=0&pl=https%3A%2F%2Fstfly.cc%2F5KbX1&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.550.0&bs=2ac3aa24-34cb-4b6a-8363-33a86fbe4817&userId=17115a9d9d3245e28c3e7a40976e8333&m=link	139.45.197.244	200 OK	2.2 kB
URL GET HTTP/2 tignuget.net/?rb=oy4dHEnyvVVbzLKuhQBciPVC8TxeVF76me8IkyerrxKjCoaOfXwIdtrgJFrdueW26sBGidGYuHFMRy0qOWt8ZfOj0JxgOKQgluJcjIEcBahYKtAa-RV6DXMZcgzVhAeJw440kZRzaDqAL24aYnkIvS_6ZrZJcBUI69Rtggw9D8zET60X7ab3fIjgsTMFSL-hlyFQRWxoBM5J_rdLfQaiHw%3D%3D&request_ab2=0&zoneid=3381289&js_build=iclick-v1.550.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=0&pl=https%3A%2F%2Fstfly.cc%2F5KbX1&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.550.0&bs=2ac3aa24-34cb-4b6a-8363-33a86fbe4817&userId=17115a9d9d3245e28c3e7a40976e8333&m=link IP 139.45.197.244:443 ASN #9002 RETN Limited Requested by https://stfly.cc/5KbX1 Certificate IssuerLet's Encrypt Subjecttignuget.net FingerprintC0:94:6B:9D:1C:F2:5D:88:4B:30:56:66:CC:7B:24:71:64:C4:AC:94 ValidityMon, 22 May 2023 07:39:44 GMT - Sun, 20 Aug 2023 07:39:43 GMT File type troff or preprocessor input, ASCII text, with very long lines (2220), with no line terminators Size 2.2 kB (2190 bytes) Hash ba43e08601ce6da61a5bf71900762675 8f2ca4156e4b0406826546735ce789e61c456cb9 83bd9053ea246e088b1521363a99fbd58e896f6050f0b74f8fd9c7ab5acdadbf HTTP Headers GET /?rb=oy4dHEnyvVVbzLKuhQBciPVC8TxeVF76me8IkyerrxKjCoaOfXwIdtrgJFrdueW26sBGidGYuHFMRy0qOWt8ZfOj0JxgOKQgluJcjIEcBahYKtAa-RV6DXMZcgzVhAeJw440kZRzaDqAL24aYnkIvS_6ZrZJcBUI69Rtggw9D8zET60X7ab3fIjgsTMFSL-hlyFQRWxoBM5J_rdLfQaiHw%3D%3D&request_ab2=0&zoneid=3381289&js_build=iclick-v1.550.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=0&pl=https%3A%2F%2Fstfly.cc%2F5KbX1&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.550.0&bs=2ac3aa24-34cb-4b6a-8363-33a86fbe4817&userId=17115a9d9d3245e28c3e7a40976e8333&m=link HTTP/1.1 Host: tignuget.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://stfly.cc/ Origin: https://stfly.cc DNT: 1 Connection: keep-alive Cookie: OAID=17115a9d9d3245e28c3e7a40976e8333; oaidts=1685591461 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK server: nginx date: Thu, 01 Jun 2023 03:51:02 GMT content-type: application/json x-trace-id: 0d6fe11597cf87762d265f9e8b34a637 access-control-allow-origin: https://stfly.cc access-control-allow-credentials: true access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace access-control-max-age: 86400 pragma: no-cache cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0 expires: Tue, 11 Jan 1994 10:00:00 GMT set-cookie: OAID=17115a9d9d3245e28c3e7a40976e8333; expires=Fri, 31 May 2024 03:51:02 GMT; path=/; secure; SameSite=None oaidts=1685591462; expires=Fri, 31 May 2024 03:51:02 GMT; path=/; secure; SameSite=None syncedCookie=true; expires=Thu, 08 Jun 2023 03:51:02 GMT; path=/; secure; SameSite=None strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , content-encoding: gzip X-Firefox-Spdy: h2

	stfly.cc/5KbX1	188.114.96.1	200 OK	15 kB
URL User Request GET HTTP/2 stfly.cc/5KbX1 IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint35:DA:9C:BA:3B:97:74:70:98:BE:3A:1C:91:20:35:8C:26:23:54:86 ValidityTue, 07 Feb 2023 00:00:00 GMT - Tue, 06 Feb 2024 23:59:59 GMT File type Size 15 kB (15446 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /5KbX1 HTTP/1.1 Host: stfly.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Thu, 01 Jun 2023 03:51:00 GMT content-type: text/html; charset=UTF-8 vary: Accept-Encoding expires: Wed, 11 Jan 1984 05:00:00 GMT cache-control: no-cache, must-revalidate, max-age=0 set-cookie: 41aa1508f19a280102fb82482a8e486f=zMmKfIe2tjTSuARbCLbjXV8wPbU4VzmbWYJTAz2DuiqNXaATcguby-tY-UhUGmIfXgs_o1wReFqGWFn59iM0IQ; expires=Fri, 02-Jun-2023 03:51:00 GMT; Max-Age=86400; path=/; domain=stfly.cc; HttpOnly; SameSite=Lax strict-transport-security: max-age=31536000 cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xOqRkG8KzfeTi62Y5sUEQexJuzE%2Fvmd7rdsSgsciRQK15g%2FKPp2%2FDee8uq22vcZlsN2oiVI4L5fLqY5IYY1J0MuKUQAIdJPiB5GZ7ujfMS5v5RyTqMl3qbt76Q%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d047ee19853b505-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	unpkg.com/just-detect-adblock@latest/dist/bundle.umd.js	104.16.125.175	302 Found	2.6 kB
URL GET HTTP/2 unpkg.com/just-detect-adblock@latest/dist/bundle.umd.js IP 104.16.125.175:443 ASN #13335 CLOUDFLARENET Requested by https://stfly.cc/5KbX1 Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT File type Size 2.6 kB (2580 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /just-detect-adblock@latest/dist/bundle.umd.js HTTP/1.1 Host: unpkg.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://stfly.cc/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 302 Found date: Thu, 01 Jun 2023 03:51:01 GMT content-type: text/plain; charset=utf-8 access-control-allow-origin: * cache-control: public, s-maxage=600, max-age=60 location: /just-detect-adblock@1.1.0/dist/bundle.umd.js vary: Accept, Accept-Encoding via: 1.1 fly.io fly-request-id: 01H1TGSV8CS7PECJYY9SWECQP5-arn cf-cache-status: HIT age: 500 strict-transport-security: max-age=31536000; includeSubDomains; preload x-content-type-options: nosniff server: cloudflare cf-ray: 7d047eec1e70b527-OSL X-Firefox-Spdy: h2

	unpkg.com/just-detect-adblock@1.1.0/dist/bundle.umd.js	104.16.125.175	200 OK	2.6 kB
URL GET HTTP/2 unpkg.com/just-detect-adblock@1.1.0/dist/bundle.umd.js IP 104.16.125.175:443 ASN #13335 CLOUDFLARENET Requested by https://stfly.cc/5KbX1 Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT File type ASCII text, with very long lines (2626), with no line terminators Size 2.6 kB (2580 bytes) Hash a1d5f898e1926ddaa05309ce7402b971 0c51e4e561392e80ce68ac23eaf08bec6e49f953 c05c50665ef2ef7e5d44e924303500e3d41b2424626a9c2e226e3e4486fefc24 HTTP Headers `GET /just-detect-adblock@1.1.0/dist/bundle.umd.js HTTP/1.1 Host: unpkg.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://stfly.cc/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Thu, 01 Jun 2023 03:51:01 GMT content-type: application/javascript; charset=utf-8 access-control-allow-origin: * cache-control: public, max-age=31536000 last-modified: Sat, 26 Oct 1985 08:15:00 GMT etag: W/"a14-6ARSzm7mCxD47dLBNNtlZu/70Os" via: 1.1 fly.io fly-request-id: 01GXDN55X68ZQDDPH54B4M1K1X-ams cf-cache-status: HIT age: 4727109 vary: Accept-Encoding strict-transport-security: max-age=31536000; includeSubDomains; preload x-content-type-options: nosniff server: cloudflare cf-ray: 7d047eec9ebdb527-OSL content-encoding: br X-Firefox-Spdy: h2

	fonts.googleapis.com/css?family=Open+Sans	142.250.74.106	200 OK	2.9 kB
URL GET HTTP/2 fonts.googleapis.com/css?family=Open+Sans IP 142.250.74.106:443 ASN #15169 GOOGLE Requested by https://stfly.cc/5KbX1 Certificate IssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint5F:AC:74:E6:97:66:CD:D0:F1:EA:0D:01:37:89:65:2E:98:22:84:6C ValidityMon, 08 May 2023 08:24:50 GMT - Mon, 31 Jul 2023 08:24:49 GMT File type ASCII text, with very long lines (2967), with no line terminators Size 2.9 kB (2895 bytes) Hash 943667d1776ef7de00d3b96830f3369c dda878ceaa309afae1df46f142fe271fce34a474 fd773a1fa9b41a9f137a141646e33d40093df650cb94b739268d83fc6f5cc852 HTTP Headers `GET /css?family=Open+Sans HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://stfly.cc/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Thu, 01 Jun 2023 03:51:01 GMT date: Thu, 01 Jun 2023 03:51:01 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	tignuget.net/5/3381289	139.45.197.244	200 OK	65 kB
URL GET HTTP/2 tignuget.net/5/3381289 IP 139.45.197.244:443 ASN #9002 RETN Limited Requested by https://stfly.cc/5KbX1 Certificate IssuerLet's Encrypt Subjecttignuget.net FingerprintC0:94:6B:9D:1C:F2:5D:88:4B:30:56:66:CC:7B:24:71:64:C4:AC:94 ValidityMon, 22 May 2023 07:39:44 GMT - Sun, 20 Aug 2023 07:39:43 GMT File type ASCII text, with very long lines (64745), with no line terminators Size 65 kB (64745 bytes) Hash 7dd94dadbf5f538e0de04af985d2b168 6bcc7ebe5073fd3cb0d6f7450d51f452696cb965 89faae727e040955cb559cc628f17750d383b81e9249f33181acdaf3d66a0050 HTTP Headers `GET /5/3381289 HTTP/1.1 Host: tignuget.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://stfly.cc/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: nginx date: Thu, 01 Jun 2023 03:51:01 GMT content-type: application/javascript x-trace-id: 00853667494fe431fd60431f4dd7208b link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://xobr219pa.com>; rel="preconnect dns-prefetch" access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace access-control-max-age: 86400 timing-allow-origin: * set-cookie: OAID=17115a9d9d3245e28c3e7a40976e8333; expires=Fri, 31 May 2024 03:51:01 GMT; path=/; secure; SameSite=None oaidts=1685591461; expires=Fri, 31 May 2024 03:51:01 GMT; path=/; secure; SameSite=None syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT pragma: no-cache, no-cache cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0 expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT content-encoding: gzip X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (11)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML