Report - best-links.org/s?bcafe2f7

Report Overview

Visited public
2024-10-14 22:59:18
Tags
URL
best-links.org/s?bcafe2f7
Finishing URL
daughablelea.com/s?bcafe2f7
IP / ASN
172.67.140.118
#13335 CLOUDFLARENET
Title
Sophie Rain COLLECTION😈🔥

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
yfueuktureu.com	unknown	unknown	No data	No data	510 B	946 B	104.21.5.9
best-links.org	unknown	unknown	No data	No data	481 B	96 kB	104.21.87.36
undefined	142677	unknown	No data	No data	955 B	0 B	0.0.0.0
o.pki.goog	unknown	unknown	No data	No data	975 B	2.1 kB	142.250.74.67
dbrpevozgux5y.cloudfront.net	unknown	unknown	No data	No data	416 B	68 kB	54.230.241.86
ukankingwithea.com	unknown	unknown	No data	No data	872 B	111 kB	188.114.96.1
d1wzdj81h1hubn.cloudfront.net	unknown	unknown	No data	No data	457 B	95 kB	54.230.241.96
dfdgfruitie.xyz	unknown	unknown	No data	No data	411 B	708 B	172.67.132.206
oywhowascryingfo.com	unknown	unknown	No data	No data	999 B	1.3 kB	188.114.96.1
r10.o.lencr.org	unknown	unknown	No data	No data	1.3 kB	3.5 kB	23.33.119.57
fonts.gstatic.com	unknown	unknown	No data	No data	522 B	8.7 kB	142.250.74.163
fonts.googleapis.com	8877	unknown	No data	No data	938 B	3.4 kB	216.58.207.234
r11.o.lencr.org	unknown	unknown	No data	No data	981 B	2.7 kB	23.33.119.57
daughablelea.com	unknown	unknown	No data	No data	932 B	105 kB	172.67.177.146

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Mnemonic Secure DNS

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-10-14	medium	undefined	Sinkholed

ThreatFox

No alerts detected

JavaScript (3)

	URL	Size	First Seen	Last Seen
	daughablelea.com/s?bcafe2f7	92 kB	2024-10-14 22:59	2024-10-14 22:59
Pretty URL daughablelea.com/s?bcafe2f7 IP 172.67.177.146 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-10-14 22:59 Last Seen2024-10-14 22:59 Times Seen1 Hash 422a041e1b2fe8806150dfe9f37037c8 726f8c0ce884396d0c9bac1a8f6092087624647d be616cff89dc43fa43fb05b5f8b6e46c1635775f2d2a65df11612cfa183432ec Loading...

	dfdgfruitie.xyz/adserver/yzfdmoan.js	0 B	0001-01-01 00:00	2024-12-21 15:50
Pretty URL dfdgfruitie.xyz/adserver/yzfdmoan.js IP 172.67.132.206 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen0001-01-01 00:00 Last Seen2024-12-21 15:50 Times Seen3588733 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	dbrpevozgux5y.cloudfront.net/?tid=1068112	220 kB	2024-10-14 22:59	2024-10-14 22:59
Pretty URL dbrpevozgux5y.cloudfront.net/?tid=1068112 IP 54.230.241.86 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-14 22:59 Last Seen2024-10-14 22:59 Times Seen1 Hash 8e707a244cc38abc8e01a0b634e4e405 c6c6732eb6403a9a5094c65629ebda827f58938a 8775cb15bbded028251b0d455019ebed19e939c697c812efbe88917f6ff21196 Loading...

HTTP Transactions (25)

URL IP Response Size

r10.o.lencr.org/

23.33.119.57

200 OK

504 B

URL
r10.o.lencr.org/
IP
23.33.119.57:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
4ef646b0e9b7327e4a942f9294833f80
292c5eafd5f9d4c35b11f0f3d456cdbe77e30c21
eb25c0ba5c8244185a6c004482f85ef91889d1f4f368d44bf009bb957e776f28

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "EB25C0BA5C8244185A6C004482F85EF91889D1F4F368D44BF009BB957E776F28"
Last-Modified: Sun, 13 Oct 2024 04:16:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9377
Expires: Tue, 15 Oct 2024 01:35:06 GMT
Date: Mon, 14 Oct 2024 22:58:49 GMT
Connection: keep-alive

r10.o.lencr.org/

23.33.119.57

200 OK

504 B

URL
r10.o.lencr.org/
IP
23.33.119.57:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
8c678121da7ea2edc90ea014cf3552af
3d76ebd2a3aba8dab56e3c15310551e9b226e249
1839e2eb73c24c27fda8e6bf4715b73ce52cc1c059bd1dfd9b739e71409cda3b

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "1839E2EB73C24C27FDA8E6BF4715B73CE52CC1C059BD1DFD9B739E71409CDA3B"
Last-Modified: Mon, 14 Oct 2024 08:07:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9264
Expires: Tue, 15 Oct 2024 01:33:13 GMT
Date: Mon, 14 Oct 2024 22:58:49 GMT
Connection: keep-alive

r10.o.lencr.org/

23.33.119.57

200 OK

504 B

URL
r10.o.lencr.org/
IP
23.33.119.57:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
56575c1ee1a13dc9b3b9cbbbeb550407
818d2c9ecafa6e391ce4f19a4bd601b3d5531ccd
10541b95854d95ab545073ed31ff3473355942b1bf0038b86eac59c77d4854eb

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "10541B95854D95AB545073ED31FF3473355942B1BF0038B86EAC59C77D4854EB"
Last-Modified: Mon, 14 Oct 2024 14:21:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9681
Expires: Tue, 15 Oct 2024 01:40:10 GMT
Date: Mon, 14 Oct 2024 22:58:49 GMT
Connection: keep-alive

r10.o.lencr.org/

23.33.119.57

200 OK

504 B

URL
r10.o.lencr.org/
IP
23.33.119.57:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
7d3f40edab25e8d6b700410399e281dd
5abaaed5e9ea61626fd4d67b7c817195302b43a8
5438ee24c6b0170e7fa46e12c21b8a3bac1eb29bc86b1810a267dd3c72ea95ae

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "5438EE24C6B0170E7FA46E12C21B8A3BAC1EB29BC86B1810A267DD3C72EA95AE"
Last-Modified: Mon, 14 Oct 2024 06:24:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9354
Expires: Tue, 15 Oct 2024 01:34:44 GMT
Date: Mon, 14 Oct 2024 22:58:50 GMT
Connection: keep-alive

o.pki.goog/wr2

142.250.74.67

200 OK

472 B

URL
o.pki.goog/wr2
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5ea85c32beb06621d3c98a9d9d5b8cf8
93a361890013c599f35ea545964fa81c05ecaf92
c21799b4716e3b725b841fc5f08734fb03ff8378d948256de6f8c71812cfa517

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Oct 2024 22:58:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&display=swap

216.58.207.234

200 OK

1.4 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&display=swap
IP
216.58.207.234:443
ASN
#15169 GOOGLE

Requested by
https://daughablelea.com/s?bcafe2f7
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint80:2E:9C:80:BE:20:08:CB:81:6F:92:4C:83:5C:1E:73:D7:6B:F3:27
ValidityTue, 24 Sep 2024 03:17:04 GMT - Tue, 17 Dec 2024 03:17:03 GMT

File type
gzip compressed data, max compression
Size
1.4 kB (1352 bytes)
Hash
1ff636613bae31ee5136b1fbc909cb1b
22d3ac0759dd9fbf568a5ba8cab9cb1ba4805836
543fb4418483076fb9e3c1f34d9fe48b1e4a152448bce4767397a1449acf77c5

HTTP Headers

GET /css2?family=Roboto:wght@100;300;400;500;700;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://daughablelea.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 14 Oct 2024 22:58:51 GMT
date: Mon, 14 Oct 2024 22:58:51 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

d1wzdj81h1hubn.cloudfront.net/resources/debdb4f9c95eec17.jpeg

54.230.241.96

200 OK

95 kB

URL GET HTTP/2
d1wzdj81h1hubn.cloudfront.net/resources/debdb4f9c95eec17.jpeg
IP
54.230.241.96:443
ASN
#16509 AMAZON-02

Requested by
https://daughablelea.com/s?bcafe2f7
Certificate
IssuerAmazon
Subject*.cloudfront.net
Fingerprint28:D3:87:79:3C:E8:8B:3C:D9:10:45:E5:F7:64:7A:6D:44:4E:5A:62
ValidityTue, 30 Jul 2024 00:00:00 GMT - Thu, 03 Jul 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 821x895, components 3
Size
95 kB (94621 bytes)
Hash
ea9772bcce3c6d2153eaede6b8c1ff24
213642e2085a41d69828f2b4052cb9a3929d28da
ea28a53d62608cedd8769480128b0c6c94e476bbffea7cecaba3ac6b7644867c

HTTP Headers

GET /resources/debdb4f9c95eec17.jpeg HTTP/1.1
Host: d1wzdj81h1hubn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://daughablelea.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
content-length: 94621
last-modified: Tue, 17 Sep 2024 19:10:15 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-publisher_id: 375640
x-amz-meta-timestamp: 2024-09-17T17:26:04.911295
accept-ranges: bytes
server: AmazonS3
date: Mon, 14 Oct 2024 07:36:20 GMT
etag: "ea9772bcce3c6d2153eaede6b8c1ff24"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4YEHdBRv7XV7OaJq8q6aBf3BtTW5X-ciGsCohds7CjvTT3HL5WuS9w==
age: 55352
X-Firefox-Spdy: h2

dfdgfruitie.xyz/adserver/yzfdmoan.js

172.67.132.206

200 OK

0 B

URL GET HTTP/2
dfdgfruitie.xyz/adserver/yzfdmoan.js
IP
172.67.132.206:443
ASN
#13335 CLOUDFLARENET

Requested by
https://daughablelea.com/s?bcafe2f7
Certificate
IssuerGoogle Trust Services
Subjectdfdgfruitie.xyz
Fingerprint98:1D:5E:36:30:97:98:91:A0:7C:89:A5:C7:05:70:1B:28:90:ED:16
ValiditySun, 22 Sep 2024 19:20:22 GMT - Sat, 21 Dec 2024 19:20:21 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /adserver/yzfdmoan.js HTTP/1.1
Host: dfdgfruitie.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://daughablelea.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 14 Oct 2024 22:58:51 GMT
content-type: application/x-javascript
content-length: 0
last-modified: Fri, 03 Feb 2023 19:26:28 GMT
etag: "63dd5fe4-0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4283
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xBEMRqY2TbhAjXeI2k6VqlpJi3ttTOf7igmMEGl1IPHitj56FDtOPo6T75XbAfvSozc8u%2Bec69a5NDDem1Vh3WYA8E3LlQ6IwdrW8obCa6xuc1C1OOR1y5warE%2F0tV8tqAI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d2b2d2e58aa56c0-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

dbrpevozgux5y.cloudfront.net/?tid=1068112

54.230.241.86

200 OK

67 kB

URL
dbrpevozgux5y.cloudfront.net/?tid=1068112
IP
54.230.241.86:0
ASN
#16509 AMAZON-02

File type
JavaScript source, ASCII text, with very long lines (1743)
Size
67 kB (67377 bytes)
Hash
8e707a244cc38abc8e01a0b634e4e405
c6c6732eb6403a9a5094c65629ebda827f58938a
8775cb15bbded028251b0d455019ebed19e939c697c812efbe88917f6ff21196

HTTP Headers

GET /?tid=1068112 HTTP/1.1
Host: dbrpevozgux5y.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://daughablelea.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-length: 67377
date: Mon, 14 Oct 2024 22:58:51 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bohkAbMmHUgEu6oo6CBdSHemiuBePr8k2IqBqeRjaNhY3JhLAWstqw==
X-Firefox-Spdy: h2

oywhowascryingfo.com/bTBkdDZCDwcHCzRdKjlVKAkFIX47eQJFUjVVVDITX3YyImRYYSwXEBlZAEkHXQZcRQdfFhQdUlADUVJFGVEQAUVQAUIdWAtfWVJAUABKQhhfHlRSQ1ABQgBGDFdZRRAdRBAYC1wHVkwPWQZTRwdYBVc

188.114.96.1

204 No Content

0 B

URL GET HTTP/2
oywhowascryingfo.com/bTBkdDZCDwcHCzRdKjlVKAkFIX47eQJFUjVVVDITX3YyImRYYSwXEBlZAEkHXQZcRQdfFhQdUlADUVJFGVEQAUVQAUIdWAtfWVJAUABKQhhfHlRSQ1ABQgBGDFdZRRAdRBAYC1wHVkwPWQZTRwdYBVc
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://daughablelea.com/s?bcafe2f7
Certificate
IssuerGoogle Trust Services
Subjectoywhowascryingfo.com
Fingerprint3B:2C:FC:9A:2F:1D:CB:18:B2:A2:D7:E3:A2:43:BE:D8:90:EB:1D:C8
ValidityFri, 06 Sep 2024 06:38:33 GMT - Thu, 05 Dec 2024 06:38:32 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /bTBkdDZCDwcHCzRdKjlVKAkFIX47eQJFUjVVVDITX3YyImRYYSwXEBlZAEkHXQZcRQdfFhQdUlADUVJFGVEQAUVQAUIdWAtfWVJAUABKQhhfHlRSQ1ABQgBGDFdZRRAdRBAYC1wHVkwPWQZTRwdYBVc HTTP/1.1
Host: oywhowascryingfo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://daughablelea.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Mon, 14 Oct 2024 22:58:51 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jf9vXy%2BNn%2BD0YRfS2SvRcPeUVPOGQTpvdjcMdZWmHpEGmgplrPOPP7Vvm8peluoVQM7GfgPM9UIDNCzLNHnVtByvn9yKSPMz2fX1shkjTipvC1wYJRHYastaOLhRxBcDzfZheLig2A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8d2b2d3069ea56a3-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ukankingwithea.com/asd100.bin

188.114.96.1

200 OK

102 kB

URL GET HTTP/2
ukankingwithea.com/asd100.bin
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://daughablelea.com/s?bcafe2f7
Certificate
IssuerGoogle Trust Services
Subjectukankingwithea.com
Fingerprint1E:50:56:01:B8:4D:0D:64:A3:5D:F9:E4:4A:5D:AE:8D:5E:FC:FB:FC
ValidityThu, 05 Sep 2024 11:45:15 GMT - Wed, 04 Dec 2024 11:45:14 GMT

File type
data
Size
102 kB (102458 bytes)
Hash
2e96d549342dbddc6004b6ea9e0819ab
4645c882a026a788884794cb0353cea0be82ac75
e3d71be6a7a2321afc5ec18a13286b8c2bfe6559baba29212c593da483d7c81d

HTTP Headers

GET /asd100.bin HTTP/1.1
Host: ukankingwithea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://daughablelea.com/
Origin: https://daughablelea.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 14 Oct 2024 22:58:51 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://daughablelea.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 5826
last-modified: Mon, 14 Oct 2024 21:21:45 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jf5UfpUlFLu7wMA9dD7BoCSFXCqVvBZu5mf%2FsfGLOsEDcn%2B7Ub1XmnX492Y%2BM2phfdSdg23ZNae2hwll16PzjxPu3P0yIoBaVqFEv9Q0xAKyv6jmK0Ol%2BSeAuU1ON96vyeiYMuc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d2b2d306fd75693-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

r11.o.lencr.org/

23.33.119.57

200 OK

504 B

URL
r11.o.lencr.org/
IP
23.33.119.57:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
df561bb5aeeed26ec80dd28ea6ab5558
8dac4b67fdf82b7930ebba64c35208d5ac84c861
8bad15fc800c4a5db18dd22633896b1443d4d691221d6f1662610e51ae6084b1

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "8BAD15FC800C4A5DB18DD22633896B1443D4D691221D6F1662610E51AE6084B1"
Last-Modified: Sun, 13 Oct 2024 17:09:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10836
Expires: Tue, 15 Oct 2024 01:59:28 GMT
Date: Mon, 14 Oct 2024 22:58:52 GMT
Connection: keep-alive

r11.o.lencr.org/

23.33.119.57

200 OK

504 B

URL
r11.o.lencr.org/
IP
23.33.119.57:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
df561bb5aeeed26ec80dd28ea6ab5558
8dac4b67fdf82b7930ebba64c35208d5ac84c861
8bad15fc800c4a5db18dd22633896b1443d4d691221d6f1662610e51ae6084b1

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "8BAD15FC800C4A5DB18DD22633896B1443D4D691221D6F1662610E51AE6084B1"
Last-Modified: Sun, 13 Oct 2024 17:09:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10836
Expires: Tue, 15 Oct 2024 01:59:28 GMT
Date: Mon, 14 Oct 2024 22:58:52 GMT
Connection: keep-alive

r11.o.lencr.org/

23.33.119.57

200 OK

504 B

URL
r11.o.lencr.org/
IP
23.33.119.57:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
df561bb5aeeed26ec80dd28ea6ab5558
8dac4b67fdf82b7930ebba64c35208d5ac84c861
8bad15fc800c4a5db18dd22633896b1443d4d691221d6f1662610e51ae6084b1

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "8BAD15FC800C4A5DB18DD22633896B1443D4D691221D6F1662610E51AE6084B1"
Last-Modified: Sun, 13 Oct 2024 17:09:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10836
Expires: Tue, 15 Oct 2024 01:59:28 GMT
Date: Mon, 14 Oct 2024 22:58:52 GMT
Connection: keep-alive

daughablelea.com/favicon.ico

172.67.177.146

404 Not Found

7.6 kB

URL GET HTTP/3
daughablelea.com/favicon.ico
IP
172.67.177.146:443
ASN
#13335 CLOUDFLARENET

Requested by
https://daughablelea.com/s?bcafe2f7
Certificate
IssuerGoogle Trust Services
Subjectdaughablelea.com
FingerprintB7:62:B3:17:3E:AD:A6:9A:1E:2D:4B:67:11:C1:9B:FA:C4:03:44:6C
ValidityMon, 23 Sep 2024 10:37:07 GMT - Sun, 22 Dec 2024 10:37:06 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
7.6 kB (7624 bytes)
Hash
9e37deb55ca9f546027c1659d978f585
42bf4108e9db71b0939fb3894e1fe819c530c6af
bd9b8dc5e4936e1d19cb5095a9a6de3cf82859cc2ff7bbbf561a8b5290a7f745

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: daughablelea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://daughablelea.com/s?bcafe2f7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
date: Mon, 14 Oct 2024 22:58:51 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: HIT
age: 130
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YbLNhT0z9rSZGeaCuCwCuUVx9HfUAsZ%2BfNPl7uztN3rrCkh%2F%2BlCCdEoSENlTQQpmIQ%2Fp4rm%2FIv3Caekah1PEY7chwzeWomLynTUNsiQhqKrgBg%2Bh8juLznpjhgv3Rw3TCmGg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 8d2b2d2dad64b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

ukankingwithea.com/

188.114.96.1

200 OK

7.0 kB

URL GET HTTP/3
ukankingwithea.com/
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://daughablelea.com/s?bcafe2f7
Certificate
IssuerGoogle Trust Services
Subjectukankingwithea.com
Fingerprint1E:50:56:01:B8:4D:0D:64:A3:5D:F9:E4:4A:5D:AE:8D:5E:FC:FB:FC
ValidityThu, 05 Sep 2024 11:45:15 GMT - Wed, 04 Dec 2024 11:45:14 GMT

File type
ASCII text, with no line terminators
Size
7.0 kB (6955 bytes)
Hash
878137d038eb58ec04d75f430ea18dd5
3f2a176ba734e1f4110be161e37daf1510d85d4f
448301e561ef3ba28c0dfae10aa61ac41144509b2ed0a10d5f46b6e93d4c201b

HTTP Headers

GET / HTTP/1.1
Host: ukankingwithea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://daughablelea.com/
Origin: https://daughablelea.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 14 Oct 2024 22:58:51 GMT
content-type: text/plain
set-cookie: csu=666222460231717@1@1728946731; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://daughablelea.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rYdcZHXcsSLcIGnzrCvW6%2F9YJkfViPCjGFrDfzbelr6yGawLJ8ay0fqIY4qq5gLpQnnFLCjAkhMd3YF3sAsZQx8qBH286l%2BhLVhfJOlxN31i1HXv%2B7WmpJejaj4l1xAzwHm0rZk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8d2b2d30eef8b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

yfueuktureu.com/tc

104.21.5.9

200 OK

0 B

URL OPTIONS HTTP/2
yfueuktureu.com/tc
IP
104.21.5.9:443
ASN
#13335 CLOUDFLARENET

Requested by
https://daughablelea.com/s?bcafe2f7
Certificate
IssuerGoogle Trust Services
Subjectyfueuktureu.com
Fingerprint25:7B:29:76:3C:CF:5F:B2:D0:90:15:56:F6:1F:2C:0A:C0:06:66:42
ValiditySun, 29 Sep 2024 10:51:26 GMT - Sat, 28 Dec 2024 10:51:25 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /tc HTTP/1.1
Host: yfueuktureu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://daughablelea.com/
Origin: https://daughablelea.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 14 Oct 2024 22:58:52 GMT
content-type: application/json
content-length: 0
set-cookie: ci=1978981962121282; Max-Age=86400; Secure; SameSite=None
access-control-allow-origin: https://daughablelea.com
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST, GET, OPTIONS, HEAD
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bk3kOiX5zVnJRp1qkdscuLMu8FsHfZL8h6jecGxAfKNqJxk16qfF5%2BuH3FvGrnfnBH8gLZlauunJdayJo5WYJmDXkqZON%2BNinIaFFrGRwqy0gJGL8Jp5DoNb%2Bb7RjDMEPTc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8d2b2d33bd5856c6-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.67

200 OK

471 B

URL
o.pki.goog/wr2
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
9bb5178564ab48ac10d09a5ec8becd0c
f14466610ec3d91c522ae3a6704c6b63932e34a2
85c91c52d00bfa51b4590d67108c514ed152a88ab624b971785e5e08d3a5ea63

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Oct 2024 22:58:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2

142.250.74.163

200 OK

7.9 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://daughablelea.com/s?bcafe2f7
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint68:2C:2F:8B:6E:2C:E2:87:F4:B9:78:87:69:F9:2B:25:59:0D:2D:5B
ValidityTue, 24 Sep 2024 03:16:33 GMT - Tue, 17 Dec 2024 03:16:32 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7884, version 1.0
Size
7.9 kB (7884 bytes)
Hash
9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

HTTP Headers

GET /s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://daughablelea.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 11 Oct 2024 18:55:28 GMT
expires: Sat, 11 Oct 2025 18:55:28 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
content-type: font/woff2
age: 273805
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.67

200 OK

471 B

URL
o.pki.goog/wr2
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
9bb5178564ab48ac10d09a5ec8becd0c
f14466610ec3d91c522ae3a6704c6b63932e34a2
85c91c52d00bfa51b4590d67108c514ed152a88ab624b971785e5e08d3a5ea63

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Oct 2024 22:58:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

daughablelea.com/s?bcafe2f7

172.67.177.146

200 OK

96 kB

URL User Request GET HTTP/2
daughablelea.com/s?bcafe2f7
IP
172.67.177.146:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectdaughablelea.com
FingerprintB7:62:B3:17:3E:AD:A6:9A:1E:2D:4B:67:11:C1:9B:FA:C4:03:44:6C
ValidityMon, 23 Sep 2024 10:37:07 GMT - Sun, 22 Dec 2024 10:37:06 GMT

File type

Size
96 kB (95513 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s?bcafe2f7 HTTP/1.1
Host: daughablelea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 14 Oct 2024 22:58:50 GMT
content-type: text/html
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST, GET, OPTIONS, HEAD
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tB%2FbGR2xWcrLFfAuF5dBobe4VQZKvuMiSIJD9Wrh83NxGDylU%2BkTmFhx4uFJo54%2Fq%2FH2NcvaP3SRl6YaCRIqQHOLiY3wfEOObRXO559UdJFsJBGbZvhQOur%2FrJCwzM%2FlfdtN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 8d2b2d290d21712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

best-links.org/s?bcafe2f7

104.21.87.36

302 Found

96 kB

URL User Request GET HTTP/2
best-links.org/s?bcafe2f7
IP
104.21.87.36:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectbest-links.org
Fingerprint14:B5:70:69:0F:11:19:33:A2:10:7C:EC:98:BD:71:A1:9F:A4:9C:5C
ValiditySat, 31 Aug 2024 10:15:00 GMT - Fri, 29 Nov 2024 10:14:59 GMT

File type

Size
96 kB (95513 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s?bcafe2f7 HTTP/1.1
Host: best-links.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Mon, 14 Oct 2024 22:58:50 GMT
content-type: text/html
location: https://daughablelea.com/s?bcafe2f7
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BICKszFMUaQxrEieE%2FJxKcMDwhnPreA4rwPjj%2BYqAgfHQraUQ7KfPfbpn5jY3LeFHHAjJXAP2DrKv5cWXItNTAX3xOCPvBhm5RhB8W1RPJyyZbrHc6Ni3fJ7l%2FPGzfHreQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 8d2b2d273d5a56b1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

undefined/ZzNRNEsGUTJZdAYOMxI+FV9sEXkhFmNyLwVBIVE9CEk2QTNSSn9XJwhGNVI5CF0lGiUCR3QGDS9SYkQGKQA2fQ00eQNmM19nGnU7LWRhTHslWD1uEyNLF3waVnsachIpdxN9PzFhAHsNDl8GYiwAZRhmDjR0E2EiNQMEUQ4zAmBkCAwGHWIzAnsmdSQkWDl6DQ4CC3x6PVAaYiAFZTpAOjFbJn4ZVFQDcAkUZRtDJClxAwA7MmEUcgMeVANwGhd7GGIsJHI5bSwxX2BuGy9YC2cOUno3dnMmZDpAOyV3IXsYL0szcRoyYx92ASxkJn57JmA1UB8KHjpxBAwGGFIOMnwFXyApdzoBDTReBGcYC0A1fx02ZxNyckIBE1ceF1ECBzwvYAdABwZiB30PNX50BgkyW2VxCgpYF2QnLX4IUy8CezpQckFZIlslFw4kXzoldxN3Kgw

0.0.0.0

0 B

URL GET
undefined/ZzNRNEsGUTJZdAYOMxI+FV9sEXkhFmNyLwVBIVE9CEk2QTNSSn9XJwhGNVI5CF0lGiUCR3QGDS9SYkQGKQA2fQ00eQNmM19nGnU7LWRhTHslWD1uEyNLF3waVnsachIpdxN9PzFhAHsNDl8GYiwAZRhmDjR0E2EiNQMEUQ4zAmBkCAwGHWIzAnsmdSQkWDl6DQ4CC3x6PVAaYiAFZTpAOjFbJn4ZVFQDcAkUZRtDJClxAwA7MmEUcgMeVANwGhd7GGIsJHI5bSwxX2BuGy9YC2cOUno3dnMmZDpAOyV3IXsYL0szcRoyYx92ASxkJn57JmA1UB8KHjpxBAwGGFIOMnwFXyApdzoBDTReBGcYC0A1fx02ZxNyckIBE1ceF1ECBzwvYAdABwZiB30PNX50BgkyW2VxCgpYF2QnLX4IUy8CezpQckFZIlslFw4kXzoldxN3Kgw
IP
0.0.0.0:0
ASN
#0

Requested by
https://daughablelea.com/s?bcafe2f7

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ZzNRNEsGUTJZdAYOMxI+FV9sEXkhFmNyLwVBIVE9CEk2QTNSSn9XJwhGNVI5CF0lGiUCR3QGDS9SYkQGKQA2fQ00eQNmM19nGnU7LWRhTHslWD1uEyNLF3waVnsachIpdxN9PzFhAHsNDl8GYiwAZRhmDjR0E2EiNQMEUQ4zAmBkCAwGHWIzAnsmdSQkWDl6DQ4CC3x6PVAaYiAFZTpAOjFbJn4ZVFQDcAkUZRtDJClxAwA7MmEUcgMeVANwGhd7GGIsJHI5bSwxX2BuGy9YC2cOUno3dnMmZDpAOyV3IXsYL0szcRoyYx92ASxkJn57JmA1UB8KHjpxBAwGGFIOMnwFXyApdzoBDTReBGcYC0A1fx02ZxNyckIBE1ceF1ECBzwvYAdABwZiB30PNX50BgkyW2VxCgpYF2QnLX4IUy8CezpQckFZIlslFw4kXzoldxN3Kgw HTTP/1.1
Host: undefined
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://daughablelea.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

oywhowascryingfo.com/popunder.gif

0.0.0.0

200 OK

0 B

URL GET
oywhowascryingfo.com/popunder.gif
IP
0.0.0.0:0
ASN
#0

Requested by
https://daughablelea.com/s?bcafe2f7
Certificate
IssuerGoogle Trust Services
Subjectoywhowascryingfo.com
Fingerprint3B:2C:FC:9A:2F:1D:CB:18:B2:A2:D7:E3:A2:43:BE:D8:90:EB:1D:C8
ValidityFri, 06 Sep 2024 06:38:33 GMT - Thu, 05 Dec 2024 06:38:32 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /popunder.gif HTTP/1.1
Host: oywhowascryingfo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://daughablelea.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 14 Oct 2024 22:58:51 GMT
content-type: image/gif
content-length: 58
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
content-encoding: gzip
cf-cache-status: HIT
age: 54422
last-modified: Mon, 14 Oct 2024 07:51:49 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B19CvS8ZkugKSfjaAXe%2B22gxmQ0LRXUrLylTBYFFicXKx7AEjMPtFOYFuUCDn9xFZwXF4Xt5a8PbtQldgjp5XdUlHVjmx9HFeT%2F0oAWSw5eih8Tja3%2Fkm6GpERqpTT0tUGde%2B93bZg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d2b2d32c95d56c7-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

fonts.googleapis.com/css?family=Poppins:wght@300;400;500;600;700&display=swap

216.58.207.234

200 OK

781 B

URL GET HTTP/3
fonts.googleapis.com/css?family=Poppins:wght@300;400;500;600;700&display=swap
IP
216.58.207.234:443
ASN
#15169 GOOGLE

Requested by
https://daughablelea.com/s?bcafe2f7
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint80:2E:9C:80:BE:20:08:CB:81:6F:92:4C:83:5C:1E:73:D7:6B:F3:27
ValidityTue, 24 Sep 2024 03:17:04 GMT - Tue, 17 Dec 2024 03:17:03 GMT

File type
ASCII text, with very long lines (799), with no line terminators
Size
781 B (781 bytes)
Hash
f2734c367eb54d2729867445e0ea79a8
18f8b32901dae48bedc55cc12baca116e56e6bb7
d5f6fe55368116052648d76167ba4c103db2e0e52680340cd0cb014d3f6cf1d4

HTTP Headers

GET /css?family=Poppins:wght@300;400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://daughablelea.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 14 Oct 2024 22:58:52 GMT
date: Mon, 14 Oct 2024 22:58:52 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Mnemonic Secure DNS

Quad9 DNS

ThreatFox

JavaScript (3)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (25)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2