Report - goone.pro/download?id=MTk4NjI=&typesub=Gogoanime-SUB&title=Initial+D:+First+Stage+Episode+1

Report Overview

Visited public
2023-12-06 22:34:54
Tags
URL
goone.pro/download?id=MTk4NjI=&typesub=Gogoanime-SUB&title=Initial+D:+First+Stage+Episode+1
Finishing URL
goone.pro/download?id=MTk4NjI=&typesub=Gogoanime-SUB&title=Initial+D:+First+Stage+Episode+1
IP / ASN
172.67.72.91
#13335 CLOUDFLARENET
Title
Initial D: First Stage Episode 1

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.google.com	7	1997-09-15	2015-05-10 13:11:19	2023-11-19 18:48:38	4.8 kB	180 kB	142.250.74.100
platform.bidgear.com	30367	2011-08-30	2016-07-27 13:51:48	2023-12-06 19:37:15	444 B	1.6 kB	104.26.3.107
gishejuy.com	unknown	2023-10-25	2023-10-25 15:14:32	2023-12-03 23:36:59	2.7 kB	84 kB	139.45.197.242
my.rtmark.net	9054	2014-10-29	2015-02-04 10:54:57	2023-12-06 13:13:13	463 B	738 B	139.45.195.8
offerimage.com	304078	2019-06-10	2019-06-10 13:11:53	2023-12-06 16:02:14	463 B	13 kB	172.67.22.216
imp9.bidgear.com	34078	2011-08-30	2021-03-15 12:09:09	2023-12-06 12:45:33	514 B	1.1 kB	104.26.3.107
goone.pro	unknown	2023-08-18	2023-08-18 23:29:06	2023-11-26 06:42:36	6.6 kB	602 kB	172.67.72.91
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-12-06 07:40:41	428 B	94 kB	142.250.74.168
roastoup.com	unknown	2023-10-23	2023-10-23 21:25:57	2023-11-25 19:58:30	402 B	29 kB	139.45.197.242
gq.broggerneven.com	unknown	2023-09-21	2023-09-21 14:22:33	2023-11-18 04:31:38	423 B	1.4 kB	172.255.6.150
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-12-06 07:50:48	1.6 kB	49 kB	216.58.211.3
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17 22:46:33	2023-12-06 06:59:18	437 B	29 kB	104.17.24.14
ssl.p.jwpcdn.com	2512	2012-08-07	2017-01-30 06:00:14	2023-12-06 18:12:53	868 B	153 kB	151.101.194.114
www.gstatic.com	unknown	2008-02-11	2016-07-26 11:37:06	2023-12-06 07:25:37	4.9 kB	1.2 MB	142.250.74.35
keewoach.net	unknown	2023-06-06	2023-06-06 13:12:27	2023-12-03 19:39:20	414 B	2.1 kB	139.45.197.245

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-12-06	medium	roastoup.com	Sinkholed
2023-12-06	medium	gishejuy.com	Sinkholed
2023-12-06	medium	gishejuy.com	Sinkholed
2023-12-06	medium	gishejuy.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (27)

	URL	From	Size	First Seen	Last Seen
	www.google.com/recaptcha/api.js?render=6LealdkbAAAAAHbox4XlHS8ZMQ6lkcx96WV62UfO	ScriptElement	884 B	2023-11-18	2024-08-20
Pretty URL www.google.com/recaptcha/api.js?render=6LealdkbAAAAAHbox4XlHS8ZMQ6lkcx96WV62UfO IP 142.250.74.100 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-18 04:32 Last Seen2024-08-20 18:59 Times Seen5 Hash b1dee7603962cd8819b0110e91bee8c5 faf428b860ed51f6bb58906b0ba745605bef6cdf 26a3213dbd1cc2109d8b25d0d2eea95ef1108592deb005bfde07fb0b5a60cf1d Loading...

	ssl.p.jwpcdn.com/player/v/8.21.1/jwpsrv.js	ScriptElement	58 kB	2023-03-07	2025-04-17
Pretty URL ssl.p.jwpcdn.com/player/v/8.21.1/jwpsrv.js IP 151.101.194.114 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-04-17 20:05 Times Seen283 Hash 2d642e2770c705fe7a30a5a3a28396ea 1517b2df995bbb9f184a8f9d6ea6bcf46b464ee1 59582c75d6c2b9e2b4bbf226db778d7211d60de3343c83c809ad5a59a322fc15 Loading...

	goone.pro/download?id=MTk4NjI=&typesub=Gogoanime-SUB&title=Initial+D:+First+Stage+Episode+1	ScriptElement	0 B	0001-01-01	2025-05-09
Pretty URL goone.pro/download?id=MTk4NjI=&typesub=Gogoanime-SUB&title=Initial+D:+First+Stage+Episode+1 IP 172.67.72.91 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-09 10:00 Times Seen4635202 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	ssl.p.jwpcdn.com/player/v/8.21.1/jwplayer.core.controls.html5.js	ScriptElement	352 kB	2023-03-07	2025-02-01
Pretty URL ssl.p.jwpcdn.com/player/v/8.21.1/jwplayer.core.controls.html5.js IP 151.101.194.114 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-02-01 17:45 Times Seen59 Hash 00defed8cdc2155ad316d0543fdd07d8 0ae19cd3531bcc4892d6b24bbf7702931f8d0cd3 68ab3c487b67391fb7709201b88b8e95002ea7ac9675c63f57b3e8b36092c465 Loading...

	www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js	ScriptElement	476 kB	2023-11-14	2024-08-20
Pretty URL www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-14 09:02 Last Seen2024-08-20 19:39 Times Seen12206 Hash 23b9dd721490a4062ba8d01454ef6ba9 efdbb7331585411f7d397dacbf51fd3e95f3031d 4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LflndkbAAAAAMtC8hy8LXjRop4gJqLVz0S1OyJQ&co=aHR0cHM6Ly9nb29uZS5wcm86NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=dark&size=normal&cb=blqf5mkjzfy3	ScriptElement	69 B	2023-03-07	2025-05-09
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LflndkbAAAAAMtC8hy8LXjRop4gJqLVz0S1OyJQ&co=aHR0cHM6Ly9nb29uZS5wcm86NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=dark&size=normal&cb=blqf5mkjzfy3 IP 142.250.74.100 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 09:52 Times Seen116162 Hash 45ecf7458f42da80ac248ad42d610372 a5b3edf8328769bc754e6e616a957ceed4fdadd7 75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf Loading...

	goone.pro/player/js/jquery.min.js?v=10.0.2	ScriptElement	86 kB	2023-03-07	2025-02-01
Pretty URL goone.pro/player/js/jquery.min.js?v=10.0.2 IP 172.67.72.91 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-02-01 17:45 Times Seen496 Hash ed72e2a6ae1afb03eb3e917c2dbe2b50 b23ec2f5041209e5d1d567740fe5ad323688b76a f8e5351fc39356f8f94d7f334b11f9a0f44a67a9461bbd3e8be10cf44acdf780 Loading...

	goone.pro/download?id=MTk4NjI=&typesub=Gogoanime-SUB&title=Initial+D:+First+Stage+Episode+1	ScriptElement	0 B	0001-01-01	2025-05-09
Pretty URL goone.pro/download?id=MTk4NjI=&typesub=Gogoanime-SUB&title=Initial+D:+First+Stage+Episode+1 IP 172.67.72.91 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-09 10:00 Times Seen4635202 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.googletagmanager.com/gtag/js?id=G-PY1M3DS3LQ	ScriptElement	281 kB	2023-12-06	2023-12-06
Pretty URL www.googletagmanager.com/gtag/js?id=G-PY1M3DS3LQ IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-06 23:34 Last Seen2023-12-06 23:34 Times Seen1 Hash b2353d36f5de1693e04e3c1131bebf88 59aee9dddd85b81b5f284287879671c5631d5caf 922366b1ccae9b3441afe4b648e8192b185a70245a83cb00d05b2d765bae11ec Loading...

	keewoach.net/5/6674563?var=4448528	ScriptElement	968 B	2023-12-02	2023-12-06
Pretty URL keewoach.net/5/6674563?var=4448528 IP 139.45.197.245 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-02 15:53 Last Seen2023-12-06 23:34 Times Seen3 Hash 6cab9f5793a8758c0b05ff506f43af4d dbfd22a7e50ef8ddcfdd791a11e013a9b0f34df9 733b1b3fd97faaf086d2722cbeb05196eaed3770f7effdbfe7185b0bb362cc9f Loading...

	www.google.com/recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LflndkbAAAAAMtC8hy8LXjRop4gJqLVz0S1OyJQ	ScriptElement	0 B	0001-01-01	2025-05-09
Pretty URL www.google.com/recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LflndkbAAAAAMtC8hy8LXjRop4gJqLVz0S1OyJQ IP 142.250.74.100 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-09 10:00 Times Seen4635202 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	gishejuy.com/400/4448528?var=5187598	ScriptElement	82 kB	2023-12-06	2023-12-06
Pretty URL gishejuy.com/400/4448528?var=5187598 IP 139.45.197.242 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-06 23:34 Last Seen2023-12-06 23:34 Times Seen1 Hash 4557a71c3a9e215749a34df2dd5a7ac3 e9814fb3105f2fae3578625d7d9f5a28dc178ee5 beb7217ea2aefa80c725959a5eb7d519db3574992beca902cd33927482408586 Loading...

	gq.broggerneven.com/rt9v0WbHXwGHE0pIS/70760	ScriptElement	0 B	0001-01-01	2025-05-09
Pretty URL gq.broggerneven.com/rt9v0WbHXwGHE0pIS/70760 IP 172.255.6.150 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen0001-01-01 00:00 Last Seen2025-05-09 10:00 Times Seen4635202 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	platform.bidgear.com/ads.php?domainid=3113&sizeid=17&zoneid=8091	ScriptElement	569 B	2023-12-06	2023-12-06
Pretty URL platform.bidgear.com/ads.php?domainid=3113&sizeid=17&zoneid=8091 IP 104.26.3.107 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-06 23:34 Last Seen2023-12-06 23:34 Times Seen1 Hash 20d6228b8fb7ce44413900ec8adf7950 d0a1096a58ebc18e6b4b2c246b2942038f72f8a5 8dcbc74cc27ab950dc8be512092b254e9cb58c310c83e2da91bcaf5c08df3570 Loading...

	goone.pro/js/jw8.21/jwplayer.js?v=10.0.2	ScriptElement	114 kB	2023-03-07	2025-02-20
Pretty URL goone.pro/js/jw8.21/jwplayer.js?v=10.0.2 IP 172.67.72.91 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-02-20 07:00 Times Seen165 Hash bb5e42e4210f921bac1043a165b87703 7bb8da96bbed9a24799868bfb394863597f27726 421bd3d398dcba5196a09a792b61ae1f4f2de63109396b16ac4f76d8e4d8d763 Loading...

	roastoup.com/5/5187598	ScriptElement	72 kB	2024-08-20	2024-08-20
Pretty URL roastoup.com/5/5187598 IP 139.45.197.242 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 16:32 Last Seen2024-08-20 16:32 Times Seen1 Hash cece923a2a9708f324754c108648bfc0 aa59fede8c00e75d5f9534f1c2e0c8ce53485d8e 0db5f03e23fca21968b89b8542a8950e713185d81ba90dab7a13e1c91eac08dc Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LealdkbAAAAAHbox4XlHS8ZMQ6lkcx96WV62UfO&co=aHR0cHM6Ly9nb29uZS5wcm86NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=trjejzg2nngg	ScriptElement	53 kB	2024-08-20	2024-08-20
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LealdkbAAAAAHbox4XlHS8ZMQ6lkcx96WV62UfO&co=aHR0cHM6Ly9nb29uZS5wcm86NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=trjejzg2nngg IP 142.250.74.100 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:32 Last Seen2024-08-20 16:32 Times Seen1 Hash 26c3a87a49a360f86f545310eb4ae047 36660bf5fcf3f467e1d1bfe7d2f6dadfe712a5f3 e793d1e4bf5411775d2c06c34c1e6e9d6cea8e2bb75c028a7f7d060fd0cd0f0f Loading...

	unknown	ScriptElement	526 B	2024-08-20	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 16:32 Last Seen2024-08-20 16:32 Times Seen1 Hash 23a1a07c64ba245924fcdbe7becaae9f de03d476058719a711416bc8c55fe76c52b4af78 e6eb546d9645a636b49a801d7c880d1abd4faaf56b4a5d1899abdd8c13280128 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js	ScriptElement	90 kB	2023-03-07	2025-05-09
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 09:42 Times Seen205613 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LflndkbAAAAAMtC8hy8LXjRop4gJqLVz0S1OyJQ&co=aHR0cHM6Ly9nb29uZS5wcm86NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=dark&size=normal&cb=blqf5mkjzfy3	ScriptElement	54 kB	2024-08-20	2024-08-20
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LflndkbAAAAAMtC8hy8LXjRop4gJqLVz0S1OyJQ&co=aHR0cHM6Ly9nb29uZS5wcm86NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=dark&size=normal&cb=blqf5mkjzfy3 IP 142.250.74.100 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:32 Last Seen2024-08-20 16:32 Times Seen1 Hash 9afac805295e2ada10ff6f82e42fe9c3 5bec0dfa246d66c8a43aa68da229d02e9a5c6a40 ee951500cc2441789a082c2eb0e8a34f31e3e8ecf418ceaf28ef488a5edb5632 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 7ac78e8d78881d6b48f031d49a135f84	22 kB	2024-08-20 16:32	2024-08-20 16:32
Pretty Observations First Seen2024-08-20 16:32 Last Seen2024-08-20 16:32 Times Seen1 Hash 7ac78e8d78881d6b48f031d49a135f84 29b0a2f529d9cc3d1e7c3863f4eb0bfdbf1f3798 e8e1e992b35cf61dcad23670d7365456b1322f9d62d390931c871e052435f924 Loading...

	#2 Eval - 8987ffa77aa352a5a1b1ffe80f1437f2	20 kB	2023-12-06 23:34	2024-08-20 16:32
Pretty Observations First Seen2023-12-06 23:34 Last Seen2024-08-20 16:32 Times Seen2 Hash 8987ffa77aa352a5a1b1ffe80f1437f2 595841bb9caa70b60df6f65340faf5ec7eabc651 c1e07700e8904d276628b66ce86747efe065a9b84f4025c3c774b069ec75a84b Loading...

	#3 Eval - 0b1ca71539381027908e315e6d6e1cc6	64 B	2023-11-30 07:49	2024-08-22 03:40
Pretty Observations First Seen2023-11-30 07:49 Last Seen2024-08-22 03:40 Times Seen2259 Hash 0b1ca71539381027908e315e6d6e1cc6 654f40337ce70eb4e2f75be3b6ef1bb1aec36b53 124045c49850cfd40af81b03c0dd79070042a8cfc5f0aeece680fb4be1282a99 Loading...

	#4 Eval - 27d1d86623c8c79ffc2b7d310b36adcb	17 kB	2023-11-30 07:49	2024-08-22 03:40
Pretty Observations First Seen2023-11-30 07:49 Last Seen2024-08-22 03:40 Times Seen2281 Hash 27d1d86623c8c79ffc2b7d310b36adcb f7d78dfbaa4a74f394ed34a7549798f2939f80fe 071ab86e7fd2fd640b8b57a67e9a70e1e7ec5b3074ee6b6545ae7fd8eeac3ffb Loading...

	#5 Eval - f0b73f3914f92d41e001da6f86f01380	22 B	2023-11-30 07:49	2024-08-22 03:40
Pretty Observations First Seen2023-11-30 07:49 Last Seen2024-08-22 03:40 Times Seen2227 Hash f0b73f3914f92d41e001da6f86f01380 80474a79f150a3ff10d2d0ab8f0996a940d485c9 f728616374bca26d1ecc7355b89ee4f19d852f98830366e573a2dbec05de8eb2 Loading...

	#6 Eval - 74e01d4ead6f2e30b18b74c6dc77be64	22 B	2023-11-30 07:49	2024-08-22 03:40
Pretty Observations First Seen2023-11-30 07:49 Last Seen2024-08-22 03:40 Times Seen2268 Hash 74e01d4ead6f2e30b18b74c6dc77be64 39ad1de59a09ba3b6aa76a3459c19a05bb164575 add3c5b922cd22da41ca6398a431c1aed805c3fdbe87fda8cff688fa4086295a Loading...

		Size	First Seen	Last Seen
	#1 Write - 78a4c5ecc721e45f8a1309919b73192b	543 B	2024-08-20 16:32	2024-08-20 16:32
Pretty Observations First Seen2024-08-20 16:32 Last Seen2024-08-20 16:32 Times Seen1 Hash 78a4c5ecc721e45f8a1309919b73192b 2f0ea760ff7fda2e31d946e2ad6998dc93281543 627d5037e35c6a76a41eefde032ecb4c806bc0f9841e62ddbabaf0019c530c7f Loading...

HTTP Transactions (46)

URL IP Response Size

goone.pro/img/logo.png

172.67.72.91

200 OK

17 kB

URL GET HTTP/2
goone.pro/img/logo.png
IP
172.67.72.91:443
ASN
#13335 CLOUDFLARENET

Requested by
https://goone.pro/download?id=MTk4NjI=&typesub=Gogoanime-SUB&title=Initial+D:+First+Stage+Episode+1
Certificate
IssuerGoogle Trust Services LLC
Subjectgoone.pro
Fingerprint1A:18:1E:28:48:A0:67:4A:A4:01:49:34:BE:68:74:7E:95:20:89:F2
ValidityMon, 16 Oct 2023 08:29:30 GMT - Sun, 14 Jan 2024 09:29:27 GMT

File type
PNG image data, 217 x 34, 8-bit/color RGBA, non-interlaced\012- data
Size
17 kB (17285 bytes)
Hash
3de9b525fca2b5ae8ae13973499b540b
5321d0e52e85104423c6de5c411820c8cc90711e
ef5d2227bd02c291d619f6fba92f4c207dbde307b4207ccc56fd816f6abcc626

HTTP Headers

GET /img/logo.png HTTP/1.1
Host: goone.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goone.pro/download?id=MTk4NjI=&typesub=Gogoanime-SUB&title=Initial+D:+First+Stage+Episode+1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 06 Dec 2023 22:34:35 GMT
content-type: image/png
content-length: 17285
last-modified: Tue, 06 Nov 2018 04:02:46 GMT
etag: "5be11266-4385"
expires: Sat, 23 Dec 2023 05:15:50 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
pragma: public
cf-cache-status: HIT
age: 1185525
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FgFuN6ybmxgTZjyE3D0g1509l2kGqPxH4%2FEWIG2PEAu63xIkpNA3aieE8Qsswrp5N5wdoZt9nc6Crj5kr7MxN0dw6QLgRH4zriLrHYugBxo%2Blrcl4mW2eIO1HA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8317ff420831b50c-OSL
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

104.17.24.14

200 OK

28 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://goone.pro/download?id=MTk4NjI=&typesub=Gogoanime-SUB&title=Initial+D:+First+Stage+Episode+1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65447)
Size
28 kB (27938 bytes)
Hash
8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

HTTP Headers

GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goone.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 06 Dec 2023 22:34:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 27938
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "603e8adc-15d9d"
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1009773
expires: Mon, 25 Nov 2024 22:34:35 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y5JaUSPkkFcFomfWgJujlkTcw305HqVB7p8FcJyaMP%2F%2FSpS2w09UJ95zAlf16dtHjAsp38M9F6SX4mw3vYhJ%2F5JbjKQk0rYS6TFn9JsyQQlojyX1b6hSs0CsE7UiRpkmFIQSbS%2Bl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8317ff422a1e0afa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-PY1M3DS3LQ

142.250.74.168

200 OK

93 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-PY1M3DS3LQ
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://goone.pro/download?id=MTk4NjI=&typesub=Gogoanime-SUB&title=Initial+D:+First+Stage+Episode+1
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (5955)
Size
93 kB (93185 bytes)
Hash
b2353d36f5de1693e04e3c1131bebf88
59aee9dddd85b81b5f284287879671c5631d5caf
922366b1ccae9b3441afe4b648e8192b185a70245a83cb00d05b2d765bae11ec

HTTP Headers

GET /gtag/js?id=G-PY1M3DS3LQ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goone.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 06 Dec 2023 22:34:35 GMT
expires: Wed, 06 Dec 2023 22:34:35 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 93185
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

roastoup.com/5/5187598

139.45.197.242

200 OK

27 kB

URL GET HTTP/2
roastoup.com/5/5187598
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://goone.pro/download?id=MTk4NjI=&typesub=Gogoanime-SUB&title=Initial+D:+First+Stage+Episode+1
Certificate
IssuerLet's Encrypt
Subjectroastoup.com
FingerprintD8:66:CB:01:7D:F1:AF:3B:C3:27:51:3C:9B:4A:B4:91:0D:B2:4A:60
ValidityMon, 23 Oct 2023 08:57:43 GMT - Sun, 21 Jan 2024 08:57:42 GMT

File type
gzip compressed data, max speed, from Unix\012- data
Size
27 kB (27341 bytes)
Hash
dcb11f0093c99fb9f711b498ef35fae2
5bce9e57bd2312890be2131a6a63bf4af7fed295
955f9a0151e188b79a76ede4b004524694a290e474b8401dcbbe37d9ea74c21b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /5/5187598 HTTP/1.1
Host: roastoup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goone.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 22:34:35 GMT
content-type: application/javascript
x-trace-id: d0fd9e09534602f5c06667fb4af28438
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=da0ee7c9fd044291873954c09b63bc95; expires=Thu, 05 Dec 2024 22:34:35 GMT; path=/; secure; SameSite=None
oaidts=1701902075; expires=Thu, 05 Dec 2024 22:34:35 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

goone.pro/img/bg_header.png

172.67.72.91

200 OK

941 B

URL GET HTTP/2
goone.pro/img/bg_header.png
IP
172.67.72.91:443
ASN
#13335 CLOUDFLARENET

Requested by
https://goone.pro/download?id=MTk4NjI=&typesub=Gogoanime-SUB&title=Initial+D:+First+Stage+Episode+1
Certificate
IssuerGoogle Trust Services LLC
Subjectgoone.pro
Fingerprint1A:18:1E:28:48:A0:67:4A:A4:01:49:34:BE:68:74:7E:95:20:89:F2
ValidityMon, 16 Oct 2023 08:29:30 GMT - Sun, 14 Jan 2024 09:29:27 GMT

File type
PNG image data, 2 x 87, 8-bit/color RGB, non-interlaced\012- data
Size
941 B (941 bytes)
Hash
de5c6e3d7572f9ba4d4c8b8479a6bbe1
880037da56cf23fcbf8ee69c92643b66f36486cf
c6c09c4864fbadc58509fe626b9c769d92cea08d1be7ef5ef9df03d23b4e59d5

HTTP Headers

GET /img/bg_header.png HTTP/1.1
Host: goone.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goone.pro/css/style.css?v=1.2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 06 Dec 2023 22:34:35 GMT
content-type: image/png
content-length: 941
last-modified: Fri, 24 Nov 2023 22:58:18 GMT
etag: "65612a8a-3ad"
expires: Sat, 30 Dec 2023 05:01:43 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
pragma: public
cf-cache-status: HIT
age: 581571
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jPE0XcdWwjJXaKizWteIW4QCTTdBO%2Fhvi6oX%2Bp%2FW%2FM6VL%2F%2BgpnjYwXQRiEgRbK88Ty2g5GzVTEWSCmN%2Fj1aIRCYTYdRHa3HBEu25LgiTF9nX1KUVhBv4EyQc5g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8317ff4419c4b50c-OSL
X-Firefox-Spdy: h2

ssl.p.jwpcdn.com/player/v/8.21.1/jwplayer.core.controls.html5.js

151.101.194.114

200 OK

93 kB

URL GET HTTP/2
ssl.p.jwpcdn.com/player/v/8.21.1/jwplayer.core.controls.html5.js
IP
151.101.194.114:443
ASN
#54113 FASTLY

Requested by
https://goone.pro/download?id=MTk4NjI=&typesub=Gogoanime-SUB&title=Initial+D:+First+Stage+Episode+1
Certificate
IssuerGlobalSign nv-sa
Subject*.jwplayer.com
FingerprintAB:15:C6:40:38:53:10:D6:CD:12:E9:B3:27:A9:9A:A9:79:8D:B2:9A
ValidityWed, 30 Aug 2023 18:09:48 GMT - Mon, 30 Sep 2024 18:09:47 GMT

File type
Unicode text, UTF-8 text, with very long lines (65135)
Size
93 kB (93385 bytes)
Hash
00defed8cdc2155ad316d0543fdd07d8
0ae19cd3531bcc4892d6b24bbf7702931f8d0cd3
68ab3c487b67391fb7709201b88b8e95002ea7ac9675c63f57b3e8b36092c465

HTTP Headers

GET /player/v/8.21.1/jwplayer.core.controls.html5.js HTTP/1.1
Host: ssl.p.jwpcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goone.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: max-age=31536000, immutable
last-modified: Fri, 16 Jul 2021 21:39:21 GMT
etag: "00defed8cdc2155ad316d0543fdd07d8"
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Wed, 06 Dec 2023 22:34:35 GMT
via: 1.1 varnish
age: 78632
x-served-by: cache-bma1656-BMA
x-cache: HIT
x-cache-hits: 4
x-timer: S1701902076.587087,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 93385
X-Firefox-Spdy: h2

www.google.com/recaptcha/api.js?render=6LealdkbAAAAAHbox4XlHS8ZMQ6lkcx96WV62UfO

142.250.74.100

200 OK

18 kB

URL GET HTTP/2
www.google.com/recaptcha/api.js?render=6LealdkbAAAAAHbox4XlHS8ZMQ6lkcx96WV62UfO
IP
142.250.74.100:443
ASN
#15169 GOOGLE

Requested by
https://goone.pro/download?id=MTk4NjI=&typesub=Gogoanime-SUB&title=Initial+D:+First+Stage+Episode+1
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintB0:8E:97:10:7E:30:90:F6:42:A1:32:63:5C:78:27:D3:A8:F1:05:D1
ValidityMon, 23 Oct 2023 11:24:57 GMT - Mon, 15 Jan 2024 11:24:56 GMT

File type
ASCII text, with very long lines (59413)
Size
18 kB (17951 bytes)
Hash
15d82a7702754d6d4bd8a9b2ba459bb5
5cf57968d85cf8f9712f9b02f916c1f58d6463ac
b5c7531775760f350bd4ef160fe1d372052ce69a3e5b85d20b8e73aa97065735

HTTP Headers

GET /recaptcha/api.js?render=6LealdkbAAAAAHbox4XlHS8ZMQ6lkcx96WV62UfO HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goone.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Wed, 06 Dec 2023 22:34:35 GMT
date: Wed, 06 Dec 2023 22:34:35 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

platform.bidgear.com/ads.php?domainid=3113&sizeid=17&zoneid=8091

104.26.3.107

200 OK

961 B

URL GET HTTP/2
platform.bidgear.com/ads.php?domainid=3113&sizeid=17&zoneid=8091
IP
104.26.3.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://goone.pro/download?id=MTk4NjI=&typesub=Gogoanime-SUB&title=Initial+D:+First+Stage+Episode+1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint96:B8:F2:6C:8B:F4:3C:4D:3F:C4:69:A4:B1:28:D0:CB:0A:E6:73:2B
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT

File type
HTML document text\012- HTML document, ASCII text, with very long lines (569), with no line terminators
Size
961 B (961 bytes)
Hash
20d6228b8fb7ce44413900ec8adf7950
d0a1096a58ebc18e6b4b2c246b2942038f72f8a5
8dcbc74cc27ab950dc8be512092b254e9cb58c310c83e2da91bcaf5c08df3570

HTTP Headers

GET /ads.php?domainid=3113&sizeid=17&zoneid=8091 HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goone.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 06 Dec 2023 22:34:35 GMT
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YWRY0fnFWCSj4LoGb9fzg2qg4h9muOxLox6fJe2CNUBIDk0H9jh1EQUg3%2B7sPxzqeGsnXzR65oRsikqFiOXrsjNGyc4m8PK%2BhMsGj2%2BzdPNzipt778kJH5KvocbDaBiOGFF014r2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8317ff427ec30b55-OSL
content-encoding: br
X-Firefox-Spdy: h2

my.rtmark.net/gid.js?userId=da0ee7c9fd044291873954c09b63bc95

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js?userId=da0ee7c9fd044291873954c09b63bc95
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://goone.pro/download?id=MTk4NjI=&typesub=Gogoanime-SUB&title=Initial+D:+First+Stage+Episode+1
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
FingerprintE8:81:4E:79:89:89:BE:CE:75:1F:E0:2A:60:54:8A:A4:11:2E:F7:42
ValiditySat, 07 Oct 2023 15:22:00 GMT - Fri, 05 Jan 2024 15:21:59 GMT

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
a445c8ac0e871daabda3faa9539184df
e365e04f2dd0b9d8bfa12c05d11e11c9eeb9b272
f8c0af6dbd7d1d567a5fab415f637d11ef2aefc361100450e40bde2d9806ebcb

HTTP Headers

GET /gid.js?userId=da0ee7c9fd044291873954c09b63bc95 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goone.pro
DNT: 1
Connection: keep-alive
Referer: https://goone.pro/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 22:34:35 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://goone.pro
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=da0ee7c9fd044291873954c09b63bc95; expires=Thu, 05 Dec 2024 22:34:35 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

gq.broggerneven.com/rt9v0WbHXwGHE0pIS/70760

172.255.6.150

200 OK

20 B

URL GET HTTP/1.1
gq.broggerneven.com/rt9v0WbHXwGHE0pIS/70760
IP
172.255.6.150:443
ASN
#7979 SERVERS-COM

Requested by
https://goone.pro/download?id=MTk4NjI=&typesub=Gogoanime-SUB&title=Initial+D:+First+Stage+Episode+1
Certificate
IssuerLet's Encrypt
Subjectgq.broggerneven.com
Fingerprint68:1E:BD:25:17:23:CE:20:C5:FF:67:F6:77:12:DB:25:B1:55:70:8C
ValidityWed, 29 Nov 2023 23:29:03 GMT - Tue, 27 Feb 2024 23:29:02 GMT

File type
gzip compressed data, from Unix\012- data
Size
20 B (20 bytes)
Hash
7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2

HTTP Headers

GET /rt9v0WbHXwGHE0pIS/70760 HTTP/1.1
Host: gq.broggerneven.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goone.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 22:34:35 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://goone.pro
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9zV1OhDAcBHC%2BWXVBJ%2BEAHqFVQXz0Za%2FgIyntH6wL7aZU0NtLTPRtMvlNJgiCqLpFuGYp4k9R414NvJGs5fKhfmRNUz8JRkPfvvTtc8MFa3Gll86LfiKf4LDMwvnOrwmOIxlyWnbSKipwt6u%2F5mzsZhKkvRNGFUjnXUwF8t7ZbSFXxUiMmAn5STsa7NcuxId1iDmr96zNnkOGyC5VXF4jf9NG7cvyiIizsswC3Fwm4Qfr5k6rLEQ6OqEI4SsOUngarftGrmg5e3sB7KS6f%2F97HG%2BcIVO0aklIrX8n9wNBjE5s; expires=Thu, 07-Dec-2023 22:34:35 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwViE0KgzAUBvMeJVAqhY96AE%2BQamsXbmuXRReewGopgZBIEvtz%2B%2BpiBmaEEJwmYD0hqQpV5ao8qeJSgl7gpgUPFrJx%2FtP%2FQB6cn8HeYtcG47LazTYuf8BmbZDG%2Fmr0N%2BucmaN2NoAXtnX%2FMM%2FjrbuDJkng6FaHMRWgtzz8AV7hHdE%3D; expires=Thu, 07-Dec-2023 22:34:35 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

goone.pro/css/font/MyriadPro-Regular.ttf

172.67.72.91

200 OK

364 kB

URL GET HTTP/2
goone.pro/css/font/MyriadPro-Regular.ttf
IP
172.67.72.91:443
ASN
#13335 CLOUDFLARENET

Requested by
https://goone.pro/download?id=MTk4NjI=&typesub=Gogoanime-SUB&title=Initial+D:+First+Stage+Episode+1
Certificate
IssuerGoogle Trust Services LLC
Subjectgoone.pro
Fingerprint1A:18:1E:28:48:A0:67:4A:A4:01:49:34:BE:68:74:7E:95:20:89:F2
ValidityMon, 16 Oct 2023 08:29:30 GMT - Sun, 14 Jan 2024 09:29:27 GMT

File type
TrueType Font data, 20 tables, 1st "GPOS", 23 names, Macintosh, \251 1992, 1994, 1997, 2000, 2004 Adobe Systems Incorporated. All rights reserved. Protected by \012- data
Size
364 kB (363680 bytes)
Hash
aeaff3e02250b65d88887f2f28714836
5c2716a1235091f8fbf5dd1618ca928d4aa87fba
0b0d0464b4990b53fecec96ed57ac75e4de4d3bfe6a781c399e98876b22afd58

HTTP Headers

GET /css/font/MyriadPro-Regular.ttf HTTP/1.1
Host: goone.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goone.pro/css/font.css
Cookie: tvshow=639grgohvvddq3kf2ikqdat034; token=6570f6fb9cafc; _ga_PY1M3DS3LQ=GS1.1.1701902081.1.0.1701902082.0.0.0; _ga=GA1.1.1297122084.1701902082
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 06 Dec 2023 22:34:35 GMT
content-type: application/octet-stream
content-length: 363680
last-modified: Fri, 24 Nov 2023 22:58:18 GMT
etag: "65612a8a-58ca0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5073
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h6lJYeRRETxgdYGoBlFWB7VVfy1gvLJw33jXjswtAI9%2F2EeZNF%2Bjv5RglQqfQttL7UlfnHKctPjKB%2Fy02RTiDPHEZbLTPe7BDhtMcnjE2u%2BVLh3icyYr1xrSBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8317ff466caeb50c-OSL
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js

142.250.74.35

200 OK

191 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LealdkbAAAAAHbox4XlHS8ZMQ6lkcx96WV62UfO&co=aHR0cHM6Ly9nb29uZS5wcm86NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=trjejzg2nngg
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (563)
Size
191 kB (190682 bytes)
Hash
23b9dd721490a4062ba8d01454ef6ba9
efdbb7331585411f7d397dacbf51fd3e95f3031d
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7

HTTP Headers

GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goone.pro
DNT: 1
Connection: keep-alive
Referer: https://goone.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 190682
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 06 Dec 2023 20:24:10 GMT
expires: Thu, 05 Dec 2024 20:24:10 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 7826
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

keewoach.net/5/6674563?var=4448528

139.45.197.245

200 OK

968 B

URL GET HTTP/2
keewoach.net/5/6674563?var=4448528
IP
139.45.197.245:443
ASN
#9002 RETN Limited

Requested by
https://goone.pro/download?id=MTk4NjI=&typesub=Gogoanime-SUB&title=Initial+D:+First+Stage+Episode+1
Certificate
IssuerLet's Encrypt
Subjectkeewoach.net
Fingerprint9D:A9:CE:66:DA:06:CB:52:BF:6E:C2:BD:B2:56:CD:15:00:F3:A1:19
ValidityMon, 13 Nov 2023 05:10:24 GMT - Sun, 11 Feb 2024 05:10:23 GMT

File type
ASCII text, with very long lines (801)
Size
968 B (968 bytes)
Hash
6cab9f5793a8758c0b05ff506f43af4d
dbfd22a7e50ef8ddcfdd791a11e013a9b0f34df9
733b1b3fd97faaf086d2722cbeb05196eaed3770f7effdbfe7185b0bb362cc9f

HTTP Headers

GET /5/6674563?var=4448528 HTTP/1.1
Host: keewoach.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goone.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 22:34:36 GMT
content-type: application/javascript
content-length: 968
x-trace-id: 23a634cc771f825128c8fa3498162f3b
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=fa1fdb4d7d584122b56afdfdecabe358; expires=Thu, 05 Dec 2024 22:34:36 GMT; path=/; secure; SameSite=None
oaidts=1701902076; expires=Thu, 05 Dec 2024 22:34:36 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

www.google.com/recaptcha/api2/anchor?ar=1&k=6LealdkbAAAAAHbox4XlHS8ZMQ6lkcx96WV62UfO&co=aHR0cHM6Ly9nb29uZS5wcm86NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=trjejzg2nngg

142.250.74.100

200 OK

59 kB

URL GET HTTP/3
www.google.com/recaptcha/api2/anchor?ar=1&k=6LealdkbAAAAAHbox4XlHS8ZMQ6lkcx96WV62UfO&co=aHR0cHM6Ly9nb29uZS5wcm86NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=trjejzg2nngg
IP
142.250.74.100:443
ASN
#15169 GOOGLE

Requested by
https://goone.pro/download?id=MTk4NjI=&typesub=Gogoanime-SUB&title=Initial+D:+First+Stage+Episode+1
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52952)
Size
59 kB (59147 bytes)
Hash
195aba6c4314ff4da0f3abb2f36c346e
b0562ec2a7535abc144a7dbe745bca5c68aa6c65
d6e3a717e32a40fa9c6fd5f206a9d89a0559caffad45bd3505687dd8fb03b82d

HTTP Headers

GET /recaptcha/api2/anchor?ar=1&k=6LealdkbAAAAAHbox4XlHS8ZMQ6lkcx96WV62UfO&co=aHR0cHM6Ly9nb29uZS5wcm86NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=trjejzg2nngg HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goone.pro/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 06 Dec 2023 22:34:36 GMT
content-security-policy: script-src 'nonce-5pjfnlmC1BsYWy1aK2vzqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

gishejuy.com/500/4448528?excludes=&oaid=da0ee7c9fd044291873954c09b63bc95&var=5187598&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Fgoone.pro%2Fdownload%3Fid%3DMTk4NjI%3D%26typesub%3DGogoanime-SUB%26title%3DInitial%2BD%3A%2BFirst%2BStage%2BEpisode%2B1&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.312.0

139.45.197.242

200 OK

0 B

URL GET HTTP/2
gishejuy.com/500/4448528?excludes=&oaid=da0ee7c9fd044291873954c09b63bc95&var=5187598&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Fgoone.pro%2Fdownload%3Fid%3DMTk4NjI%3D%26typesub%3DGogoanime-SUB%26title%3DInitial%2BD%3A%2BFirst%2BStage%2BEpisode%2B1&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.312.0
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://goone.pro/download?id=MTk4NjI=&typesub=Gogoanime-SUB&title=Initial+D:+First+Stage+Episode+1
Certificate
IssuerLet's Encrypt
Subjectgishejuy.com
Fingerprint99:91:AA:4E:BA:FC:75:A0:0A:79:EE:F6:15:64:FA:15:B2:BC:61:31
ValidityWed, 25 Oct 2023 09:21:45 GMT - Tue, 23 Jan 2024 09:21:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /500/4448528?excludes=&oaid=da0ee7c9fd044291873954c09b63bc95&var=5187598&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Fgoone.pro%2Fdownload%3Fid%3DMTk4NjI%3D%26typesub%3DGogoanime-SUB%26title%3DInitial%2BD%3A%2BFirst%2BStage%2BEpisode%2B1&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.312.0 HTTP/1.1
Host: gishejuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://goone.pro/
Origin: https://goone.pro
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 22:34:36 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://goone.pro
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-credentials: true
access-control-max-age: 600
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js

142.250.74.35

200 OK

191 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LealdkbAAAAAHbox4XlHS8ZMQ6lkcx96WV62UfO&co=aHR0cHM6Ly9nb29uZS5wcm86NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=trjejzg2nngg
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (563)
Size
191 kB (190682 bytes)
Hash
23b9dd721490a4062ba8d01454ef6ba9
efdbb7331585411f7d397dacbf51fd3e95f3031d
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7

HTTP Headers

GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 190682
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 06 Dec 2023 20:24:10 GMT
expires: Thu, 05 Dec 2024 20:24:10 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 7826
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

offerimage.com/www/images/97ce600e62eb53788c1920257cdefb80.jpg

172.67.22.216

200 OK

13 kB

URL GET HTTP/2
offerimage.com/www/images/97ce600e62eb53788c1920257cdefb80.jpg
IP
172.67.22.216:443
ASN
#13335 CLOUDFLARENET

Requested by
https://goone.pro/download?id=MTk4NjI=&typesub=Gogoanime-SUB&title=Initial+D:+First+Stage+Episode+1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintDB:4D:42:F8:E2:4C:E3:E4:BB:22:D8:D1:F7:64:B5:9A:10:B6:25:E0
ValiditySun, 07 May 2023 00:00:00 GMT - Mon, 06 May 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Size
13 kB (12858 bytes)
Hash
97ce600e62eb53788c1920257cdefb80
bcbc75eeb3e4e2ca5f286d55888069d9469b4828
eb036f274e243cdae4222876aca351e5d9bf65d83e32aa476e4d58df266063a1

HTTP Headers

GET /www/images/97ce600e62eb53788c1920257cdefb80.jpg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goone.pro/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 06 Dec 2023 22:34:36 GMT
content-type: image/jpeg
content-length: 12858
cache-control: max-age=86400
cf-bgj: h2pri
etag: "656ef9c7-323a"
expires: Thu, 07 Dec 2023 10:29:29 GMT
last-modified: Tue, 05 Dec 2023 10:21:59 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 43507
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8317ff4afd041c0e-OSL
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.211.3

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.211.3:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LflndkbAAAAAMtC8hy8LXjRop4gJqLVz0S1OyJQ&co=aHR0cHM6Ly9nb29uZS5wcm86NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=dark&size=normal&cb=blqf5mkjzfy3
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 05 Dec 2023 07:31:13 GMT
expires: Wed, 04 Dec 2024 07:31:13 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 140603
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.211.3

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.211.3:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LealdkbAAAAAHbox4XlHS8ZMQ6lkcx96WV62UfO&co=aHR0cHM6Ly9nb29uZS5wcm86NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=trjejzg2nngg
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 05 Dec 2023 03:26:41 GMT
expires: Wed, 04 Dec 2024 03:26:41 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 155275
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js

142.250.74.35

200 OK

191 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LealdkbAAAAAHbox4XlHS8ZMQ6lkcx96WV62UfO&co=aHR0cHM6Ly9nb29uZS5wcm86NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=trjejzg2nngg
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (563)
Size
191 kB (190682 bytes)
Hash
23b9dd721490a4062ba8d01454ef6ba9
efdbb7331585411f7d397dacbf51fd3e95f3031d
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7

HTTP Headers

GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 190682
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 06 Dec 2023 20:24:10 GMT
expires: Thu, 05 Dec 2024 20:24:10 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 7826
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/logo_48.png

142.250.74.35

200 OK

2.2 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/logo_48.png
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LealdkbAAAAAHbox4XlHS8ZMQ6lkcx96WV62UfO&co=aHR0cHM6Ly9nb29uZS5wcm86NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=trjejzg2nngg
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
2.2 kB (2228 bytes)
Hash
ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

HTTP Headers

GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 06 Dec 2023 21:37:43 GMT
expires: Wed, 13 Dec 2023 21:37:43 GMT
cache-control: public, max-age=604800
age: 3413
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

142.250.74.35

200 OK

25 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LealdkbAAAAAHbox4XlHS8ZMQ6lkcx96WV62UfO&co=aHR0cHM6Ly9nb29uZS5wcm86NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=trjejzg2nngg
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (56398), with no line terminators
Size
25 kB (24606 bytes)
Hash
eb4bc511f79f7a1573b45f5775b3a99b
d910fb51ad7316aa54f055079374574698e74b35
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

HTTP Headers

GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24606
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 06 Dec 2023 18:44:16 GMT
expires: Thu, 05 Dec 2024 18:44:16 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/css
vary: Accept-Encoding
age: 13821
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js

142.250.74.35

200 OK

191 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LealdkbAAAAAHbox4XlHS8ZMQ6lkcx96WV62UfO&co=aHR0cHM6Ly9nb29uZS5wcm86NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=trjejzg2nngg
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (563)
Size
191 kB (190682 bytes)
Hash
23b9dd721490a4062ba8d01454ef6ba9
efdbb7331585411f7d397dacbf51fd3e95f3031d
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7

HTTP Headers

GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 190682
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 06 Dec 2023 20:24:10 GMT
expires: Thu, 05 Dec 2024 20:24:10 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 7827
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.211.3

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.211.3:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LflndkbAAAAAMtC8hy8LXjRop4gJqLVz0S1OyJQ&co=aHR0cHM6Ly9nb29uZS5wcm86NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=dark&size=normal&cb=blqf5mkjzfy3
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 05 Dec 2023 07:31:13 GMT
expires: Wed, 04 Dec 2024 07:31:13 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 140605
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/api2/logo_48.png

142.250.74.35

200 OK

2.2 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/logo_48.png
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LealdkbAAAAAHbox4XlHS8ZMQ6lkcx96WV62UfO&co=aHR0cHM6Ly9nb29uZS5wcm86NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=trjejzg2nngg
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
2.2 kB (2228 bytes)
Hash
ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

HTTP Headers

GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 06 Dec 2023 21:37:43 GMT
expires: Wed, 13 Dec 2023 21:37:43 GMT
cache-control: public, max-age=604800
age: 3415
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js

142.250.74.35

200 OK

191 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LealdkbAAAAAHbox4XlHS8ZMQ6lkcx96WV62UfO&co=aHR0cHM6Ly9nb29uZS5wcm86NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=trjejzg2nngg
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (563)
Size
191 kB (190682 bytes)
Hash
23b9dd721490a4062ba8d01454ef6ba9
efdbb7331585411f7d397dacbf51fd3e95f3031d
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7

HTTP Headers

GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 190682
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 06 Dec 2023 20:24:10 GMT
expires: Thu, 05 Dec 2024 20:24:10 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 7828
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

142.250.74.35

200 OK

25 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LealdkbAAAAAHbox4XlHS8ZMQ6lkcx96WV62UfO&co=aHR0cHM6Ly9nb29uZS5wcm86NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=trjejzg2nngg
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (56398), with no line terminators
Size
25 kB (24606 bytes)
Hash
eb4bc511f79f7a1573b45f5775b3a99b
d910fb51ad7316aa54f055079374574698e74b35
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

HTTP Headers

GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24606
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 06 Dec 2023 18:44:16 GMT
expires: Thu, 05 Dec 2024 18:44:16 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/css
vary: Accept-Encoding
age: 13822
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js

142.250.74.35

200 OK

191 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LealdkbAAAAAHbox4XlHS8ZMQ6lkcx96WV62UfO&co=aHR0cHM6Ly9nb29uZS5wcm86NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=trjejzg2nngg
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (563)
Size
191 kB (190682 bytes)
Hash
23b9dd721490a4062ba8d01454ef6ba9
efdbb7331585411f7d397dacbf51fd3e95f3031d
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7

HTTP Headers

GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 190682
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 06 Dec 2023 20:24:10 GMT
expires: Thu, 05 Dec 2024 20:24:10 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 7828
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/api2/reload?k=6LealdkbAAAAAHbox4XlHS8ZMQ6lkcx96WV62UfO

142.250.74.100

200 OK

21 kB

URL POST HTTP/3
www.google.com/recaptcha/api2/reload?k=6LealdkbAAAAAHbox4XlHS8ZMQ6lkcx96WV62UfO
IP
142.250.74.100:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LealdkbAAAAAHbox4XlHS8ZMQ6lkcx96WV62UfO&co=aHR0cHM6Ly9nb29uZS5wcm86NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=trjejzg2nngg
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT

File type
gzip compressed data\012- data
Size
21 kB (20649 bytes)
Hash
05f84fd58d996cd50654d1bf75887a2e
7a17bc138ff4917f2e9a1de2b4374aa694001a61
2a8521b1a3438d01bd6f36e863d7b54acafa244a338120902f076634ea0f2a57

HTTP Headers

POST /recaptcha/api2/reload?k=6LealdkbAAAAAHbox4XlHS8ZMQ6lkcx96WV62UfO HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-protobuffer
Content-Length: 9174
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LealdkbAAAAAHbox4XlHS8ZMQ6lkcx96WV62UfO&co=aHR0cHM6Ly9nb29uZS5wcm86NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=trjejzg2nngg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/json; charset=utf-8
content-encoding: gzip
date: Wed, 06 Dec 2023 22:34:37 GMT
expires: Wed, 06 Dec 2023 22:34:37 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
set-cookie: _GRECAPTCHA=09AEovV3cVzmCIl7h9rjjxybzBwbwFZWJz-wFUTfuDCESwKxAVNzGHjWn5X1CQLkYGUShwaBTs-2GgSfhO_boAIT0;Path=/recaptcha;Expires=Mon, 03-Jun-2024 22:34:37 GMT;Secure;HttpOnly;Priority=HIGH;SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LflndkbAAAAAMtC8hy8LXjRop4gJqLVz0S1OyJQ

142.250.74.100

200 OK

14 kB

URL GET HTTP/3
www.google.com/recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LflndkbAAAAAMtC8hy8LXjRop4gJqLVz0S1OyJQ
IP
142.250.74.100:443
ASN
#15169 GOOGLE

Requested by
https://goone.pro/download?id=MTk4NjI=&typesub=Gogoanime-SUB&title=Initial+D:+First+Stage+Episode+1
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT

File type
gzip compressed data\012- data
Size
14 kB (14030 bytes)
Hash
df273f7dedc6111f8d5b95e87fd27e3d
fbe2ac289cad540cdfa372be35b483a8fcabcefa
bca9628282e64f696bb55a8bdc9ab03cd2f2f42cff0a21b356460298ae270000

HTTP Headers

GET /recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LflndkbAAAAAMtC8hy8LXjRop4gJqLVz0S1OyJQ HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goone.pro/
Cookie: _GRECAPTCHA=09AEovV3cVzmCIl7h9rjjxybzBwbwFZWJz-wFUTfuDCESwKxAVNzGHjWn5X1CQLkYGUShwaBTs-2GgSfhO_boAIT0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 06 Dec 2023 22:34:38 GMT
content-security-policy: script-src 'nonce-DL_t2mf4b9S5dG5o_vcm5Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

goone.pro/css/style.css?v=1.2

172.67.72.91

200 OK

3.1 kB

URL GET HTTP/2
goone.pro/css/style.css?v=1.2
IP
172.67.72.91:443
ASN
#13335 CLOUDFLARENET

Requested by
https://goone.pro/download?id=MTk4NjI=&typesub=Gogoanime-SUB&title=Initial+D:+First+Stage+Episode+1
Certificate
IssuerGoogle Trust Services LLC
Subjectgoone.pro
Fingerprint1A:18:1E:28:48:A0:67:4A:A4:01:49:34:BE:68:74:7E:95:20:89:F2
ValidityMon, 16 Oct 2023 08:29:30 GMT - Sun, 14 Jan 2024 09:29:27 GMT

File type
ASCII text, with very long lines (3467), with no line terminators
Size
3.1 kB (3145 bytes)
Hash
e4e3014082e1d436b042f00670c365e6
450749c71bf017fe87fb23df7fc8a59f721e321d
2d0b07c1b1d34c59f1f6b0e2086d163277c486b5ea414c34f92b9a45d4ba66a2

HTTP Headers

GET /css/style.css?v=1.2 HTTP/1.1
Host: goone.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goone.pro/download?id=MTk4NjI=&typesub=Gogoanime-SUB&title=Initial+D:+First+Stage+Episode+1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 06 Dec 2023 22:34:35 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding
last-modified: Fri, 24 Nov 2023 22:57:51 GMT
etag: W/"65612a6f-c49"
expires: Mon, 25 Dec 2023 08:30:58 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
pragma: public
cf-cache-status: HIT
age: 1001017
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zaT%2FId8vYrmjAGMOZkL3wdks6ryy7g2%2BzDNSAhGFioiL69DV1LTJ8G6CRc7C%2FdNi4I%2FGEkJfgvlN7N6vG%2B4qSbZyy9X99xDvuT3PfjtpIcocTDH3xtbkW%2B5upA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8317ff42082bb50c-OSL
content-encoding: br
X-Firefox-Spdy: h2

gishejuy.com/400/4448528?var=5187598

139.45.197.242

200 OK

82 kB

URL GET HTTP/2
gishejuy.com/400/4448528?var=5187598
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://goone.pro/download?id=MTk4NjI=&typesub=Gogoanime-SUB&title=Initial+D:+First+Stage+Episode+1
Certificate
IssuerLet's Encrypt
Subjectgishejuy.com
Fingerprint99:91:AA:4E:BA:FC:75:A0:0A:79:EE:F6:15:64:FA:15:B2:BC:61:31
ValidityWed, 25 Oct 2023 09:21:45 GMT - Tue, 23 Jan 2024 09:21:44 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
82 kB (82102 bytes)
Hash
4557a71c3a9e215749a34df2dd5a7ac3
e9814fb3105f2fae3578625d7d9f5a28dc178ee5
beb7217ea2aefa80c725959a5eb7d519db3574992beca902cd33927482408586

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /400/4448528?var=5187598 HTTP/1.1
Host: gishejuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goone.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 22:34:35 GMT
content-type: application/javascript
x-trace-id: 79ed072fb756f6ad9e782d556e5099a1
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
set-cookie: OAID=d78af4ddc3a84266a04e549b5165d0ce; expires=Thu, 05 Dec 2024 22:34:35 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

goone.pro/css/font.css

172.67.72.91

200 OK

555 B

URL GET HTTP/2
goone.pro/css/font.css
IP
172.67.72.91:443
ASN
#13335 CLOUDFLARENET

Requested by
https://goone.pro/download?id=MTk4NjI=&typesub=Gogoanime-SUB&title=Initial+D:+First+Stage+Episode+1
Certificate
IssuerGoogle Trust Services LLC
Subjectgoone.pro
Fingerprint1A:18:1E:28:48:A0:67:4A:A4:01:49:34:BE:68:74:7E:95:20:89:F2
ValidityMon, 16 Oct 2023 08:29:30 GMT - Sun, 14 Jan 2024 09:29:27 GMT

File type
ASCII text, with very long lines (579), with no line terminators
Size
555 B (555 bytes)
Hash
68057754334ec6b19c23009969f62d84
6cd2778075262326a20483029e8674cf363d25c1
2382046eda4fff39ba2503ee17e71a7301975284a9f8b1700067d761ebc2c86e

HTTP Headers

GET /css/font.css HTTP/1.1
Host: goone.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goone.pro/download?id=MTk4NjI=&typesub=Gogoanime-SUB&title=Initial+D:+First+Stage+Episode+1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 06 Dec 2023 22:34:35 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding
last-modified: Sun, 07 Mar 2021 15:29:40 GMT
etag: W/"6044f164-22b"
expires: Sun, 24 Dec 2023 05:20:29 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
pragma: public
cf-cache-status: HIT
age: 1098846
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ePsHv346n0%2B7TPJiTLEtpsgujFkdCmQm5YA0NjMExzDkCVR6YYECVLq42lwe6jd%2FM3m0A79J16kafn%2BvEkiyOrIoiTt32ABMtKqhJjKML4lMMdLWwUcicX3jAA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8317ff420827b50c-OSL
content-encoding: br
X-Firefox-Spdy: h2

ssl.p.jwpcdn.com/player/v/8.21.1/jwpsrv.js

151.101.194.114

200 OK

58 kB

URL GET HTTP/2
ssl.p.jwpcdn.com/player/v/8.21.1/jwpsrv.js
IP
151.101.194.114:443
ASN
#54113 FASTLY

Requested by
https://goone.pro/download?id=MTk4NjI=&typesub=Gogoanime-SUB&title=Initial+D:+First+Stage+Episode+1
Certificate
IssuerGlobalSign nv-sa
Subject*.jwplayer.com
FingerprintAB:15:C6:40:38:53:10:D6:CD:12:E9:B3:27:A9:9A:A9:79:8D:B2:9A
ValidityWed, 30 Aug 2023 18:09:48 GMT - Mon, 30 Sep 2024 18:09:47 GMT

File type
ASCII text, with very long lines (58529)
Size
58 kB (58530 bytes)
Hash
2d642e2770c705fe7a30a5a3a28396ea
1517b2df995bbb9f184a8f9d6ea6bcf46b464ee1
59582c75d6c2b9e2b4bbf226db778d7211d60de3343c83c809ad5a59a322fc15

HTTP Headers

GET /player/v/8.21.1/jwpsrv.js HTTP/1.1
Host: ssl.p.jwpcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goone.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: max-age=900, immutable
last-modified: Fri, 16 Jul 2021 21:39:28 GMT
etag: "2d642e2770c705fe7a30a5a3a28396ea"
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Wed, 06 Dec 2023 22:34:35 GMT
via: 1.1 varnish
age: 757
x-served-by: cache-bma1656-BMA
x-cache: HIT
x-cache-hits: 6
x-timer: S1701902076.589339,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 17364
X-Firefox-Spdy: h2

goone.pro/download

172.67.72.91

200 OK

656 B

URL POST HTTP/2
goone.pro/download
IP
172.67.72.91:443
ASN
#13335 CLOUDFLARENET

Requested by
https://goone.pro/download?id=MTk4NjI=&typesub=Gogoanime-SUB&title=Initial+D:+First+Stage+Episode+1
Certificate
IssuerGoogle Trust Services LLC
Subjectgoone.pro
Fingerprint1A:18:1E:28:48:A0:67:4A:A4:01:49:34:BE:68:74:7E:95:20:89:F2
ValidityMon, 16 Oct 2023 08:29:30 GMT - Sun, 14 Jan 2024 09:29:27 GMT

File type
HTML document, ASCII text, with very long lines (692), with no line terminators
Size
656 B (656 bytes)
Hash
62801d34e9111e3f987e1e7ca2888b1d
1f9b8fdd9d11955540c697e56537b4018fd81bae
5312d317a767440deaad3125ca4cfda7598dc9d1d59f0430cf3b16f4a621c38d

HTTP Headers

POST /download HTTP/1.1
Host: goone.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 573
Origin: https://goone.pro
DNT: 1
Connection: keep-alive
Referer: https://goone.pro/download?id=MTk4NjI=&typesub=Gogoanime-SUB&title=Initial+D:+First+Stage+Episode+1
Cookie: tvshow=639grgohvvddq3kf2ikqdat034; token=6570f6fb9cafc; _ga_PY1M3DS3LQ=GS1.1.1701902081.1.0.1701902082.0.0.0; _ga=GA1.1.1297122084.1701902082
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 06 Dec 2023 22:34:37 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding
x-powered-by: PHP/5.6.13
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gbnO%2BGruJFOX047b2zgD6NnfSrTX4xMF1TP4I4%2Fo7yexDdxtZrlrIIqJKcjeKuE4Hb7F6ej3Z36nXn9HBls2vHYHNdMfisBcNd0UHgAasKAF93uGRmQ273EvHg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8317ff50dd18b50c-OSL
content-encoding: br
X-Firefox-Spdy: h2

goone.pro/js/jw8.21/jwplayer.js?v=10.0.2

172.67.72.91

200 OK

114 kB

URL GET HTTP/2
goone.pro/js/jw8.21/jwplayer.js?v=10.0.2
IP
172.67.72.91:443
ASN
#13335 CLOUDFLARENET

Requested by
https://goone.pro/download?id=MTk4NjI=&typesub=Gogoanime-SUB&title=Initial+D:+First+Stage+Episode+1
Certificate
IssuerGoogle Trust Services LLC
Subjectgoone.pro
Fingerprint1A:18:1E:28:48:A0:67:4A:A4:01:49:34:BE:68:74:7E:95:20:89:F2
ValidityMon, 16 Oct 2023 08:29:30 GMT - Sun, 14 Jan 2024 09:29:27 GMT

File type
ASCII text, with very long lines (65143)
Size
114 kB (114468 bytes)
Hash
bb5e42e4210f921bac1043a165b87703
7bb8da96bbed9a24799868bfb394863597f27726
421bd3d398dcba5196a09a792b61ae1f4f2de63109396b16ac4f76d8e4d8d763

HTTP Headers

GET /js/jw8.21/jwplayer.js?v=10.0.2 HTTP/1.1
Host: goone.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goone.pro/download?id=MTk4NjI=&typesub=Gogoanime-SUB&title=Initial+D:+First+Stage+Episode+1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 06 Dec 2023 22:34:35 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding
last-modified: Mon, 23 Aug 2021 04:25:14 GMT
etag: W/"6123232a-1bf24"
expires: Sun, 24 Dec 2023 04:28:29 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
pragma: public
cf-cache-status: HIT
age: 1101966
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wxQpcZsrQKy17aRUbaVIIj7D9cXwkuPjgbxPXo%2Fy3DGt83plmn4Pm%2B2uDD3cqonZiKT7cH3rOtZt5zX3jc%2BMJUkRtOWsgv3k1AQHYHJCPwY5AMDL4sdSglmYvw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8317ff42082fb50c-OSL
content-encoding: br
X-Firefox-Spdy: h2

imp9.bidgear.com/rec?t=1&z=8091&uuid=ab0a50ca77364eb4b88f1152750b9084&p=85&g=NO&token=4a44335432&tbg=1701902075

104.26.3.107

200 OK

599 B

URL GET HTTP/2
imp9.bidgear.com/rec?t=1&z=8091&uuid=ab0a50ca77364eb4b88f1152750b9084&p=85&g=NO&token=4a44335432&tbg=1701902075
IP
104.26.3.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://goone.pro/download?id=MTk4NjI=&typesub=Gogoanime-SUB&title=Initial+D:+First+Stage+Episode+1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint96:B8:F2:6C:8B:F4:3C:4D:3F:C4:69:A4:B1:28:D0:CB:0A:E6:73:2B
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT

File type
JPEG image data, baseline, precision 8, 1x1, components 3\012- data
Size
599 B (599 bytes)
Hash
ca49a7e783b806a4e8576ea80346203d
6fe9d083221dae98f6c76f7121c37bc884b02d82
3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28

HTTP Headers

GET /rec?t=1&z=8091&uuid=ab0a50ca77364eb4b88f1152750b9084&p=85&g=NO&token=4a44335432&tbg=1701902075 HTTP/1.1
Host: imp9.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goone.pro/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 06 Dec 2023 22:34:35 GMT
content-type: image/jpeg
content-length: 599
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q3k7RUdbXAWtnChXmKI58g0S4bs8t6s9GVFw%2FDzVudI2ZPwaeturPM0dvVWzL9gKjTM8m2CPDxB8%2F0FwQARJWp1vGBG7KYmgG6B5FVnpDzIYSlenINVYRpHIGDFN5jfnCOk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8317ff44b81d0b55-OSL
X-Firefox-Spdy: h2

goone.pro/css/font/MYRIADPROREGULAR.woff

172.67.72.91

404 Not Found

4 B

URL GET HTTP/2
goone.pro/css/font/MYRIADPROREGULAR.woff
IP
172.67.72.91:443
ASN
#13335 CLOUDFLARENET

Requested by
https://goone.pro/download?id=MTk4NjI=&typesub=Gogoanime-SUB&title=Initial+D:+First+Stage+Episode+1
Certificate
IssuerGoogle Trust Services LLC
Subjectgoone.pro
Fingerprint1A:18:1E:28:48:A0:67:4A:A4:01:49:34:BE:68:74:7E:95:20:89:F2
ValidityMon, 16 Oct 2023 08:29:30 GMT - Sun, 14 Jan 2024 09:29:27 GMT

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
79603c1052ccfc92bec34c2e9133513d
cddc483286cf8096069868fbdff0067db6ad30a7
8c9e23d119a05b24acd3e9b4918c7a313ad7e3076689092af8ba65e4cade6480

HTTP Headers

GET /css/font/MYRIADPROREGULAR.woff HTTP/1.1
Host: goone.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://goone.pro/css/font.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Wed, 06 Dec 2023 22:34:35 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
x-powered-by: PHP/5.6.13
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
access-control-allow-origin: *
cf-cache-status: BYPASS
set-cookie: tvshow=639grgohvvddq3kf2ikqdat034; path=/
token=6570f6fb9cafc; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lt%2Fq8puDxQlYkXjcnFHAGVejMTZaUQVvv0tLah4i9vPEUhL58S1gb4X9vM%2BIHB05TdwVtnkck21z5ruazy%2Bn%2FyyoElw2jnBCXtyVaqS26jvgmwuf3mcTOnpy%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8317ff4419c8b50c-OSL
X-Firefox-Spdy: h2

gishejuy.com/impression/jiC3v2YQwS82nx_RML9r3QdGyqhr9TTBMIaKWWMfj75yTVasE5XOjSZxLn3p9guLy4sJxko8xaZwUKKZ0EIFgPELtLk60UUXFvx4YLpx2_x2MHIFgZQ44657yQI81jIZ_wIw9yePgmP5BNlixybw4QfQBf4lBvY9wg_4zX3Wok9xdc9kH8Y7LO9HqkCQzEXM32-taZ52vbbgUrtLwW6bVcpjjUJewI5rvvDNAYh1AxXwiY8Vy51BuINKncp6fZ2im9mBMKLytt5IRRZ-jawamYwpLLhHr6VhW7T2wuylmO4e_PXzML2TL-V_BSxIaEUp3tSQZRcYGcJvN_ZAV28_0HhoG-3LOM6PJkhotro1aKm0iaMFaXkmMbikxq9kshYPgzokWMIaPJvjjB40mv9hRi1wYz4CZa5BUScmKwrv_63EwFy4Y0XezRCDb_Hc4PWDFFhi55nA9Jq1lENI6ThSUvZUxn7O6ohalNsTYWCiPkEoJk41gyTfqEdTfNRmqItbIIqV3voSXfXPw-qVXo_D8zOkWh_38h0I3Wz27da38NOeyV7d2b80eZ68KnfPX4E5lEft1TCTHtoCjMbHhROIai0zCrA=?_z=4448528&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=4&pl=https%3A%2F%2Fgoone.pro%2Fdownload%3Fid%3DMTk4NjI%3D%26typesub%3DGogoanime-SUB%26title%3DInitial%2BD%3A%2BFirst%2BStage%2BEpisode%2B1&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.312.0

139.45.197.242

200 OK

43 B

URL GET HTTP/2
gishejuy.com/impression/jiC3v2YQwS82nx_RML9r3QdGyqhr9TTBMIaKWWMfj75yTVasE5XOjSZxLn3p9guLy4sJxko8xaZwUKKZ0EIFgPELtLk60UUXFvx4YLpx2_x2MHIFgZQ44657yQI81jIZ_wIw9yePgmP5BNlixybw4QfQBf4lBvY9wg_4zX3Wok9xdc9kH8Y7LO9HqkCQzEXM32-taZ52vbbgUrtLwW6bVcpjjUJewI5rvvDNAYh1AxXwiY8Vy51BuINKncp6fZ2im9mBMKLytt5IRRZ-jawamYwpLLhHr6VhW7T2wuylmO4e_PXzML2TL-V_BSxIaEUp3tSQZRcYGcJvN_ZAV28_0HhoG-3LOM6PJkhotro1aKm0iaMFaXkmMbikxq9kshYPgzokWMIaPJvjjB40mv9hRi1wYz4CZa5BUScmKwrv_63EwFy4Y0XezRCDb_Hc4PWDFFhi55nA9Jq1lENI6ThSUvZUxn7O6ohalNsTYWCiPkEoJk41gyTfqEdTfNRmqItbIIqV3voSXfXPw-qVXo_D8zOkWh_38h0I3Wz27da38NOeyV7d2b80eZ68KnfPX4E5lEft1TCTHtoCjMbHhROIai0zCrA=?_z=4448528&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=4&pl=https%3A%2F%2Fgoone.pro%2Fdownload%3Fid%3DMTk4NjI%3D%26typesub%3DGogoanime-SUB%26title%3DInitial%2BD%3A%2BFirst%2BStage%2BEpisode%2B1&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.312.0
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://goone.pro/download?id=MTk4NjI=&typesub=Gogoanime-SUB&title=Initial+D:+First+Stage+Episode+1
Certificate
IssuerLet's Encrypt
Subjectgishejuy.com
Fingerprint99:91:AA:4E:BA:FC:75:A0:0A:79:EE:F6:15:64:FA:15:B2:BC:61:31
ValidityWed, 25 Oct 2023 09:21:45 GMT - Tue, 23 Jan 2024 09:21:44 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impression/jiC3v2YQwS82nx_RML9r3QdGyqhr9TTBMIaKWWMfj75yTVasE5XOjSZxLn3p9guLy4sJxko8xaZwUKKZ0EIFgPELtLk60UUXFvx4YLpx2_x2MHIFgZQ44657yQI81jIZ_wIw9yePgmP5BNlixybw4QfQBf4lBvY9wg_4zX3Wok9xdc9kH8Y7LO9HqkCQzEXM32-taZ52vbbgUrtLwW6bVcpjjUJewI5rvvDNAYh1AxXwiY8Vy51BuINKncp6fZ2im9mBMKLytt5IRRZ-jawamYwpLLhHr6VhW7T2wuylmO4e_PXzML2TL-V_BSxIaEUp3tSQZRcYGcJvN_ZAV28_0HhoG-3LOM6PJkhotro1aKm0iaMFaXkmMbikxq9kshYPgzokWMIaPJvjjB40mv9hRi1wYz4CZa5BUScmKwrv_63EwFy4Y0XezRCDb_Hc4PWDFFhi55nA9Jq1lENI6ThSUvZUxn7O6ohalNsTYWCiPkEoJk41gyTfqEdTfNRmqItbIIqV3voSXfXPw-qVXo_D8zOkWh_38h0I3Wz27da38NOeyV7d2b80eZ68KnfPX4E5lEft1TCTHtoCjMbHhROIai0zCrA=?_z=4448528&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=4&pl=https%3A%2F%2Fgoone.pro%2Fdownload%3Fid%3DMTk4NjI%3D%26typesub%3DGogoanime-SUB%26title%3DInitial%2BD%3A%2BFirst%2BStage%2BEpisode%2B1&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.312.0 HTTP/1.1
Host: gishejuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goone.pro/
Cookie: OAID=da0ee7c9fd044291873954c09b63bc95
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 22:34:46 GMT
content-type: image/gif
content-length: 43
x-trace-id: 334ce30e05952fa021b7cb999c5a5441
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

goone.pro/player/js/jquery.min.js?v=10.0.2

172.67.72.91

200 OK

86 kB

URL GET HTTP/2
goone.pro/player/js/jquery.min.js?v=10.0.2
IP
172.67.72.91:443
ASN
#13335 CLOUDFLARENET

Requested by
https://goone.pro/download?id=MTk4NjI=&typesub=Gogoanime-SUB&title=Initial+D:+First+Stage+Episode+1
Certificate
IssuerGoogle Trust Services LLC
Subjectgoone.pro
Fingerprint1A:18:1E:28:48:A0:67:4A:A4:01:49:34:BE:68:74:7E:95:20:89:F2
ValidityMon, 16 Oct 2023 08:29:30 GMT - Sun, 14 Jan 2024 09:29:27 GMT

File type
ASCII text, with very long lines (32042)
Size
86 kB (86349 bytes)
Hash
ed72e2a6ae1afb03eb3e917c2dbe2b50
b23ec2f5041209e5d1d567740fe5ad323688b76a
f8e5351fc39356f8f94d7f334b11f9a0f44a67a9461bbd3e8be10cf44acdf780

HTTP Headers

GET /player/js/jquery.min.js?v=10.0.2 HTTP/1.1
Host: goone.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goone.pro/download?id=MTk4NjI=&typesub=Gogoanime-SUB&title=Initial+D:+First+Stage+Episode+1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 06 Dec 2023 22:34:35 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding
last-modified: Sun, 07 Mar 2021 17:12:54 GMT
etag: W/"60450996-1514d"
expires: Sun, 24 Dec 2023 02:25:45 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
pragma: public
cf-cache-status: HIT
age: 1109330
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=61UE087fHB9L87tS1EjGLdXGPu6%2F42cSQO9nsTYnDV2C7AGkqWXR7y9kQd%2BlDS2%2FiYEbC4L7GSUU%2F470g6QiYxyIQnuSBFXzB8%2BZ5GeooqRLCo7jP232zUILaA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8317ff42082eb50c-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.google.com/recaptcha/api2/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed

142.250.74.100

200 OK

102 B

URL GET HTTP/3
www.google.com/recaptcha/api2/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed
IP
142.250.74.100:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LflndkbAAAAAMtC8hy8LXjRop4gJqLVz0S1OyJQ&co=aHR0cHM6Ly9nb29uZS5wcm86NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=dark&size=normal&cb=blqf5mkjzfy3
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT

File type
ASCII text, with no line terminators
Size
102 B (102 bytes)
Hash
b581f6e6ac7eb4d572233bdd384918f8
12a90cd14cfea2286982801538560f638670eaff
b62f36160407c81030404ab242125afd42fa0da6626ef11e5f406dda12acf144

HTTP Headers

GET /recaptcha/api2/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LflndkbAAAAAMtC8hy8LXjRop4gJqLVz0S1OyJQ&co=aHR0cHM6Ly9nb29uZS5wcm86NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=dark&size=normal&cb=blqf5mkjzfy3
Cookie: _GRECAPTCHA=09AEovV3cVzmCIl7h9rjjxybzBwbwFZWJz-wFUTfuDCESwKxAVNzGHjWn5X1CQLkYGUShwaBTs-2GgSfhO_boAIT0
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/javascript; charset=utf-8
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 06 Dec 2023 22:34:38 GMT
date: Wed, 06 Dec 2023 22:34:38 GMT
cache-control: private, max-age=300
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/api2/anchor?ar=1&k=6LflndkbAAAAAMtC8hy8LXjRop4gJqLVz0S1OyJQ&co=aHR0cHM6Ly9nb29uZS5wcm86NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=dark&size=normal&cb=blqf5mkjzfy3

142.250.74.100

200 OK

63 kB

URL GET HTTP/3
www.google.com/recaptcha/api2/anchor?ar=1&k=6LflndkbAAAAAMtC8hy8LXjRop4gJqLVz0S1OyJQ&co=aHR0cHM6Ly9nb29uZS5wcm86NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=dark&size=normal&cb=blqf5mkjzfy3
IP
142.250.74.100:443
ASN
#15169 GOOGLE

Requested by
https://goone.pro/download?id=MTk4NjI=&typesub=Gogoanime-SUB&title=Initial+D:+First+Stage+Episode+1
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (54377)
Size
63 kB (62902 bytes)
Hash
de9bc62674dd9ed60b209c7786170a7e
71c277e1475fbc652d1b90be1fce31b95bec29b2
b0a2ed98dc87e504adc5ad8c1eca043f93ffde719140a93061e010507ad07bda

HTTP Headers

GET /recaptcha/api2/anchor?ar=1&k=6LflndkbAAAAAMtC8hy8LXjRop4gJqLVz0S1OyJQ&co=aHR0cHM6Ly9nb29uZS5wcm86NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=dark&size=normal&cb=blqf5mkjzfy3 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goone.pro/
Cookie: _GRECAPTCHA=09AEovV3cVzmCIl7h9rjjxybzBwbwFZWJz-wFUTfuDCESwKxAVNzGHjWn5X1CQLkYGUShwaBTs-2GgSfhO_boAIT0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 06 Dec 2023 22:34:37 GMT
content-security-policy: script-src 'nonce-nBPvGFMSYjG6a1Z9muvvGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

goone.pro/download?id=MTk4NjI=&typesub=Gogoanime-SUB&title=Initial+D:+First+Stage+Episode+1

172.67.72.91

200 OK

4.4 kB

URL User Request GET HTTP/2
goone.pro/download?id=MTk4NjI=&typesub=Gogoanime-SUB&title=Initial+D:+First+Stage+Episode+1
IP
172.67.72.91:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectgoone.pro
Fingerprint1A:18:1E:28:48:A0:67:4A:A4:01:49:34:BE:68:74:7E:95:20:89:F2
ValidityMon, 16 Oct 2023 08:29:30 GMT - Sun, 14 Jan 2024 09:29:27 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4790), with no line terminators
Size
4.4 kB (4443 bytes)
Hash
410db7d9670ea07dd7efb13a94e19f0f
d8df190eef1c55f1721ec05d3647d3ac23822942
a5a0694d0b0eded7dbe69b1dd32f4f6b1539c2febca7f620c5e5c96dc6850f39

HTTP Headers

GET /download?id=MTk4NjI=&typesub=Gogoanime-SUB&title=Initial+D:+First+Stage+Episode+1 HTTP/1.1
Host: goone.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 06 Dec 2023 22:34:34 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding
x-powered-by: PHP/5.6.13
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DS6jgSxGVC3XgBggHrtuHebcXV9tN1%2FtTB5sA6xHurL9s%2BsnOn%2FNYiotZlgQ00w4kF4L5SHEqD3GbTV307pzOPaCHYrR5NL9mSAtIBFEhvX9geJ4QZ6Ja%2BGIIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8317ff3debc4b50c-OSL
content-encoding: br
X-Firefox-Spdy: h2

goone.pro/img/bg_main.png

172.67.72.91

200 OK

934 B

URL GET HTTP/2
goone.pro/img/bg_main.png
IP
172.67.72.91:443
ASN
#13335 CLOUDFLARENET

Requested by
https://goone.pro/download?id=MTk4NjI=&typesub=Gogoanime-SUB&title=Initial+D:+First+Stage+Episode+1
Certificate
IssuerGoogle Trust Services LLC
Subjectgoone.pro
Fingerprint1A:18:1E:28:48:A0:67:4A:A4:01:49:34:BE:68:74:7E:95:20:89:F2
ValidityMon, 16 Oct 2023 08:29:30 GMT - Sun, 14 Jan 2024 09:29:27 GMT

File type
PNG image data, 1 x 49, 8-bit/color RGB, non-interlaced\012- data
Size
934 B (934 bytes)
Hash
90b4e18b7d87440049747cc0030d68b4
cd9cac77e919c503a924e5635f980fdad83877d4
ff911c9be9d032be042b58e4f77c4f7f220e1976ac47ce976f4e4d656a663da7

HTTP Headers

GET /img/bg_main.png HTTP/1.1
Host: goone.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goone.pro/css/style.css?v=1.2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 06 Dec 2023 22:34:35 GMT
content-type: image/png
content-length: 934
last-modified: Fri, 24 Nov 2023 22:58:18 GMT
etag: "65612a8a-3a6"
expires: Mon, 25 Dec 2023 04:40:15 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
pragma: public
cf-cache-status: HIT
age: 1014860
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qonbdrwhEoAAyUR4Q1%2Bkm4uDNmo%2Fel5mIes4YscFYCEIi9r27Wmavm7qFI3dSDb1wg8CjAxz6GN5HrqxI%2Fa6w%2BEqf%2FUAvONPrSs1Ro7K%2BfUkO3a6B7Hz0k5j6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8317ff43e9a8b50c-OSL
X-Firefox-Spdy: h2

goone.pro/favicon.ico

172.67.72.91

404 Not Found

564 B

URL GET HTTP/2
goone.pro/favicon.ico
IP
172.67.72.91:443
ASN
#13335 CLOUDFLARENET

Requested by
https://goone.pro/download?id=MTk4NjI=&typesub=Gogoanime-SUB&title=Initial+D:+First+Stage+Episode+1
Certificate
IssuerGoogle Trust Services LLC
Subjectgoone.pro
Fingerprint1A:18:1E:28:48:A0:67:4A:A4:01:49:34:BE:68:74:7E:95:20:89:F2
ValidityMon, 16 Oct 2023 08:29:30 GMT - Sun, 14 Jan 2024 09:29:27 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (592), with no line terminators
Size
564 B (564 bytes)
Hash
fdcc3670b5749c79b9fd2506176af388
1095fe0f01313e6da2c11cf5dbce11702601910a
3186816c26c71c47fa28220ea83b02b93fa62389d22d3d77e8eeefcc573f2b69

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: goone.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goone.pro/download?id=MTk4NjI=&typesub=Gogoanime-SUB&title=Initial+D:+First+Stage+Episode+1
Cookie: tvshow=639grgohvvddq3kf2ikqdat034; token=6570f6fb9cafc; _ga_PY1M3DS3LQ=GS1.1.1701902081.1.0.1701902082.0.0.0; _ga=GA1.1.1297122084.1701902082
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Wed, 06 Dec 2023 22:34:35 GMT
content-type: text/html
vary: Accept-Encoding, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 131
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P7Z0a5nuSCZhW372NbcAcpyBg0Tc7lly4tGUIvprOLqAEVAjM3o4niTqdeMivJgubPrPlRWjtHjb2LpvI6LKVPyXxhnkHjxMeOeAwM3u9IgobyaZjdE5pqsslw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8317ff46ccfbb50c-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.google.com/recaptcha/api2/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed

142.250.74.100

200 OK

102 B

URL GET HTTP/3
www.google.com/recaptcha/api2/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed
IP
142.250.74.100:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LealdkbAAAAAHbox4XlHS8ZMQ6lkcx96WV62UfO&co=aHR0cHM6Ly9nb29uZS5wcm86NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=trjejzg2nngg
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT

File type
ASCII text, with no line terminators
Size
102 B (102 bytes)
Hash
b581f6e6ac7eb4d572233bdd384918f8
12a90cd14cfea2286982801538560f638670eaff
b62f36160407c81030404ab242125afd42fa0da6626ef11e5f406dda12acf144

HTTP Headers

GET /recaptcha/api2/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LealdkbAAAAAHbox4XlHS8ZMQ6lkcx96WV62UfO&co=aHR0cHM6Ly9nb29uZS5wcm86NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=trjejzg2nngg
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/javascript; charset=utf-8
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 06 Dec 2023 22:34:36 GMT
date: Wed, 06 Dec 2023 22:34:36 GMT
cache-control: private, max-age=300
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (27)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by