Report - trafslot.com/ls6ib/index.php

Report Overview

Submitted URL
trafslot.com/ls6ib/index.php
IP
165.227.26.65
ASN
#14061 DIGITALOCEAN-ASN
Submitted
2022-09-10 18:08:35
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	4.4 kB	23.33.119.27
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.49
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
trafslot.com	683602	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	347 B	371 B	165.227.26.65
top-conttent.com	749485	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	456 B	1.4 kB	18.193.209.105
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	54.70.239.215
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.36
littlecdn.com	11785	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	863 B	7.8 kB	172.67.10.98
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	49 kB	34.120.237.76
glbltraffic.com	995815	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.0 kB	11 kB	64.227.11.5

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-10	medium	trafslot.com/ls6ib/index.php	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (3)

	URL	Size	First Seen	Last Seen
	glbltraffic.com/je5id/index.html?brand=Desktop&model=Desktop&clickid=&cep=qjIrHvogX_jzac2GTBkB7mcZ6ulttfz8E1F_tcBN915eY4YP5DXuW_8UTQGSukwiohvZiyigw-ZZKs_ET_OZVFmxGjorw05vhUYGRZazGC6mr1_qNFUKYrn7Ogw8z71Yq51Hid06sl0BTjaQAgFVaaWEgDv6uHifTFo7v58rTRCVL-lLyxtpGjsm9j6VJjKsiGdCXwlXc1ouWMlgkj5vvsPiGxIMa_pewIN6nlgmsbpCmADy_eEwJRYNFHkxdUE5FQ9CvLG_gEu8f9dpc6f6p1uD2kjxMZ3NryeBvqnsDz-4uvNQjR6JB7UG8FS3Ll1yFWtpQwPoP97VlqWSNk2dSjrtWgSqW6wjxzsGAuScXBQ&lptoken=16b4622c830d51ed0541	358 B	2023-03-07	2023-04-17
Pretty URL glbltraffic.com/je5id/index.html?brand=Desktop&model=Desktop&clickid=&cep=qjIrHvogX_jzac2GTBkB7mcZ6ulttfz8E1F_tcBN915eY4YP5DXuW_8UTQGSukwiohvZiyigw-ZZKs_ET_OZVFmxGjorw05vhUYGRZazGC6mr1_qNFUKYrn7Ogw8z71Yq51Hid06sl0BTjaQAgFVaaWEgDv6uHifTFo7v58rTRCVL-lLyxtpGjsm9j6VJjKsiGdCXwlXc1ouWMlgkj5vvsPiGxIMa_pewIN6nlgmsbpCmADy_eEwJRYNFHkxdUE5FQ9CvLG_gEu8f9dpc6f6p1uD2kjxMZ3NryeBvqnsDz-4uvNQjR6JB7UG8FS3Ll1yFWtpQwPoP97VlqWSNk2dSjrtWgSqW6wjxzsGAuScXBQ&lptoken=16b4622c830d51ed0541 IP 64.227.11.5 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:02 Last Seen2023-04-17 00:56:25 Times Seen11 Hash 0e3d0b0d1e6eec347084ed5006928f20 cb1622346a2c21a015e64c16cfc302bbce4623da 56442cbc3d77d95e93f2c2aab32111741aedd2e37b6ea3394f6aa8c4b3b0212f Loading...

	glbltraffic.com/je5id/index.html?brand=Desktop&model=Desktop&clickid=&cep=qjIrHvogX_jzac2GTBkB7mcZ6ulttfz8E1F_tcBN915eY4YP5DXuW_8UTQGSukwiohvZiyigw-ZZKs_ET_OZVFmxGjorw05vhUYGRZazGC6mr1_qNFUKYrn7Ogw8z71Yq51Hid06sl0BTjaQAgFVaaWEgDv6uHifTFo7v58rTRCVL-lLyxtpGjsm9j6VJjKsiGdCXwlXc1ouWMlgkj5vvsPiGxIMa_pewIN6nlgmsbpCmADy_eEwJRYNFHkxdUE5FQ9CvLG_gEu8f9dpc6f6p1uD2kjxMZ3NryeBvqnsDz-4uvNQjR6JB7UG8FS3Ll1yFWtpQwPoP97VlqWSNk2dSjrtWgSqW6wjxzsGAuScXBQ&lptoken=16b4622c830d51ed0541	2.7 kB	2023-03-07	2023-03-17
Pretty URL glbltraffic.com/je5id/index.html?brand=Desktop&model=Desktop&clickid=&cep=qjIrHvogX_jzac2GTBkB7mcZ6ulttfz8E1F_tcBN915eY4YP5DXuW_8UTQGSukwiohvZiyigw-ZZKs_ET_OZVFmxGjorw05vhUYGRZazGC6mr1_qNFUKYrn7Ogw8z71Yq51Hid06sl0BTjaQAgFVaaWEgDv6uHifTFo7v58rTRCVL-lLyxtpGjsm9j6VJjKsiGdCXwlXc1ouWMlgkj5vvsPiGxIMa_pewIN6nlgmsbpCmADy_eEwJRYNFHkxdUE5FQ9CvLG_gEu8f9dpc6f6p1uD2kjxMZ3NryeBvqnsDz-4uvNQjR6JB7UG8FS3Ll1yFWtpQwPoP97VlqWSNk2dSjrtWgSqW6wjxzsGAuScXBQ&lptoken=16b4622c830d51ed0541 IP 64.227.11.5 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:02 Last Seen2023-03-17 12:48:00 Times Seen1 Hash 4b816051558b27be2acfc44da9231825 688e143d4a9f8fe5c43812e999e57bdb3cadd0a3 ed08797e28d2a76ba5391cec0362379d13f7033fb3c279efccbce570ce2cdbea Loading...

	glbltraffic.com/je5id/index.html?brand=Desktop&model=Desktop&clickid=&cep=qjIrHvogX_jzac2GTBkB7mcZ6ulttfz8E1F_tcBN915eY4YP5DXuW_8UTQGSukwiohvZiyigw-ZZKs_ET_OZVFmxGjorw05vhUYGRZazGC6mr1_qNFUKYrn7Ogw8z71Yq51Hid06sl0BTjaQAgFVaaWEgDv6uHifTFo7v58rTRCVL-lLyxtpGjsm9j6VJjKsiGdCXwlXc1ouWMlgkj5vvsPiGxIMa_pewIN6nlgmsbpCmADy_eEwJRYNFHkxdUE5FQ9CvLG_gEu8f9dpc6f6p1uD2kjxMZ3NryeBvqnsDz-4uvNQjR6JB7UG8FS3Ll1yFWtpQwPoP97VlqWSNk2dSjrtWgSqW6wjxzsGAuScXBQ&lptoken=16b4622c830d51ed0541	1.8 kB	2023-03-07	2023-04-02
Pretty URL glbltraffic.com/je5id/index.html?brand=Desktop&model=Desktop&clickid=&cep=qjIrHvogX_jzac2GTBkB7mcZ6ulttfz8E1F_tcBN915eY4YP5DXuW_8UTQGSukwiohvZiyigw-ZZKs_ET_OZVFmxGjorw05vhUYGRZazGC6mr1_qNFUKYrn7Ogw8z71Yq51Hid06sl0BTjaQAgFVaaWEgDv6uHifTFo7v58rTRCVL-lLyxtpGjsm9j6VJjKsiGdCXwlXc1ouWMlgkj5vvsPiGxIMa_pewIN6nlgmsbpCmADy_eEwJRYNFHkxdUE5FQ9CvLG_gEu8f9dpc6f6p1uD2kjxMZ3NryeBvqnsDz-4uvNQjR6JB7UG8FS3Ll1yFWtpQwPoP97VlqWSNk2dSjrtWgSqW6wjxzsGAuScXBQ&lptoken=16b4622c830d51ed0541 IP 64.227.11.5 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:02 Last Seen2023-04-02 21:32:48 Times Seen2 Hash 93a9203ef45b4b4d6903bea1cdf399a0 fba9d78231e479662a214f6192236233b1af16d3 360ebeaddf1a6a4b5d29623d668ae2fbc0e94eab9d40a3b0d94e6ae5f6ae2def Loading...

HTTP Transactions (24)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.36

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 10 Sep 2022 18:06:45 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: kYy13y6u4nLsb-5wbRQ_yxG66zDVsdAnHZbxxvuIXGo974X5dHo1TQ==
Age: 100

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f55e483f32b3fd50b1a2414aaada9b61
9d6b22edb98866e002e3b1ace44dfb0f8d00935f
4b09e1d2b887ded061e4ec5f82ec70ce699eeed428acc6b4fd3ef10ed9233c89

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B09E1D2B887DED061E4EC5F82EC70CE699EEED428ACC6B4FD3EF10ED9233C89"
Last-Modified: Thu, 08 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5008
Expires: Sat, 10 Sep 2022 19:31:53 GMT
Date: Sat, 10 Sep 2022 18:08:25 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.49

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.49:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 10 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: GWpuE60ZB8MEQQo6F6hMAMkUELogSR08VIlMzJhiEVTlRnQja-QxFA==
age: 39073
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 18:08:25 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

trafslot.com/ls6ib/index.php

165.227.26.65

200 OK

134 B

URL HTTP/1.1
trafslot.com/ls6ib/index.php
IP
165.227.26.65:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
134 B (134 bytes)
Hash
4ea44c98ab377f55912af479ad083f70
30979a551cc5ad54723caf0958a5cd108ddf601e
5a491569cdfff91b3d25d4523e632f2e3937fd45c4445a3674caf0f44c027503

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /ls6ib/index.php HTTP/1.1
Host: trafslot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx/1.16.0
Date: Sat, 10 Sep 2022 18:08:25 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.36

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 10 Sep 2022 17:56:07 GMT
Cache-Control: max-age=3600
Expires: Sat, 10 Sep 2022 17:59:40 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Wu-FPeqxEA7Zq2teBIWUFvrYhdCqmZ2y6MyXVRUqqgnvMCwL8AP58A==
Age: 738

top-conttent.com/c3b63313-8062-434f-ae68-4205559e8f8e

18.193.209.105

302 Found

0 B

URL HTTP/2
top-conttent.com/c3b63313-8062-434f-ae68-4205559e8f8e
IP
18.193.209.105:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c3b63313-8062-434f-ae68-4205559e8f8e HTTP/1.1
Host: top-conttent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Sat, 10 Sep 2022 18:08:25 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://glbltraffic.com/je5id/index.html?brand=Desktop&model=Desktop&clickid=&cep=qjIrHvogX_jzac2GTBkB7mcZ6ulttfz8E1F_tcBN915eY4YP5DXuW_8UTQGSukwiohvZiyigw-ZZKs_ET_OZVFmxGjorw05vhUYGRZazGC6mr1_qNFUKYrn7Ogw8z71Yq51Hid06sl0BTjaQAgFVaaWEgDv6uHifTFo7v58rTRCVL-lLyxtpGjsm9j6VJjKsiGdCXwlXc1ouWMlgkj5vvsPiGxIMa_pewIN6nlgmsbpCmADy_eEwJRYNFHkxdUE5FQ9CvLG_gEu8f9dpc6f6p1uD2kjxMZ3NryeBvqnsDz-4uvNQjR6JB7UG8FS3Ll1yFWtpQwPoP97VlqWSNk2dSjrtWgSqW6wjxzsGAuScXBQ&lptoken=16b4622c830d51ed0541
pragma: no-cache
set-cookie: c3b63313-8062-434f-ae68-4205559e8f8e-v4=UKxL60L3iE5ZfJw-ovqY0A8evAu8l58k11m1sZN2Srw; Max-Age=86400; Expires=Sun, 11-Sep-2022 18:08:25 GMT; Domain=top-conttent.com; Path=/; Secure; HttpOnly;SameSite=None
cep-v4=vQn4lKZftyaWganIl7dW7kJGWizdGcMg6cxKI_9QsbwPkrkW0X1ukCmTf7Np0quko9ykkD_2OaJ7cz3x-nkuP4jnKll3O09MIZulzYSdeSPyncmw0qw6GRNUF6nu15RZm7zwjdu2D_AOmRl8qTTBiWtZWQ6XFFv0ZZK1LTtz_D3Jvl8v1eNmzvrDAELmcJm6Vd_5VQ_NOx8x2uEeUTvmrOxBwhHOKak1KDY3m4JZ0usEXLpWjHYMJcWV5z45NiVTZ3Ry_TTyGlKRg66o9ELPdRSkZUrZghV4FFFlqM6nfWZDCQPe-wPdXOzY6a22zQE0tTZYKUEsnwjllxGtX-hgBeCkHYlz7-MuxM5VfktcJcI; Max-Age=86400; Expires=Sun, 11-Sep-2022 18:08:25 GMT; Domain=top-conttent.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
36fe04277220227ba5ecfe7d2ff1d9d9
2eb9f6560336248cc45c1cd66d87505b5ebdf5d4
94f8f2f8f3b67db18825ea48740ff0ce218d7156fe851d6b023ef43b6bee4f7f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4311
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 18:08:25 GMT
Last-Modified: Sat, 10 Sep 2022 16:56:34 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

54.70.239.215

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.70.239.215:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: V3SEZ5m9bL7AbQsoPixcvw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: MgfF8CTaPppQKtsIKfr/VcXHXak=

littlecdn.com/apps/contents/s/4a/2c/19/36c444996f735c0696006f92fd/034723420638.png

172.67.10.98

200 OK

6.3 kB

URL HTTP/2
littlecdn.com/apps/contents/s/4a/2c/19/36c444996f735c0696006f92fd/034723420638.png
IP
172.67.10.98:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 300 x 300, 8-bit colormap, non-interlaced\012- data
Size
6.3 kB (6308 bytes)
Hash
4a2c1936c444996f735c0696006f92fd
14bd6f11317d3196371cb9302c2cea39e86fc609
585e926709c767219ddfed37ee10f83ff1306cba64079f6e3e013f658fb05f1a

HTTP Headers

GET /apps/contents/s/4a/2c/19/36c444996f735c0696006f92fd/034723420638.png HTTP/1.1
Host: littlecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glbltraffic.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 10 Sep 2022 18:08:26 GMT
content-type: image/png
content-length: 6308
last-modified: Fri, 18 Jun 2021 16:24:26 GMT
etag: "60ccc8ba-18a4"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 748a1be4b90b0b45-OSL
X-Firefox-Spdy: h2

glbltraffic.com/je5id/index.html?brand=Desktop&model=Desktop&clickid=&cep=qjIrHvogX_jzac2GTBkB7mcZ6ulttfz8E1F_tcBN915eY4YP5DXuW_8UTQGSukwiohvZiyigw-ZZKs_ET_OZVFmxGjorw05vhUYGRZazGC6mr1_qNFUKYrn7Ogw8z71Yq51Hid06sl0BTjaQAgFVaaWEgDv6uHifTFo7v58rTRCVL-lLyxtpGjsm9j6VJjKsiGdCXwlXc1ouWMlgkj5vvsPiGxIMa_pewIN6nlgmsbpCmADy_eEwJRYNFHkxdUE5FQ9CvLG_gEu8f9dpc6f6p1uD2kjxMZ3NryeBvqnsDz-4uvNQjR6JB7UG8FS3Ll1yFWtpQwPoP97VlqWSNk2dSjrtWgSqW6wjxzsGAuScXBQ&lptoken=16b4622c830d51ed0541&mprtr=1

64.227.11.5

405 Method Not Allowed

157 B

URL HTTP/2
glbltraffic.com/je5id/index.html?brand=Desktop&model=Desktop&clickid=&cep=qjIrHvogX_jzac2GTBkB7mcZ6ulttfz8E1F_tcBN915eY4YP5DXuW_8UTQGSukwiohvZiyigw-ZZKs_ET_OZVFmxGjorw05vhUYGRZazGC6mr1_qNFUKYrn7Ogw8z71Yq51Hid06sl0BTjaQAgFVaaWEgDv6uHifTFo7v58rTRCVL-lLyxtpGjsm9j6VJjKsiGdCXwlXc1ouWMlgkj5vvsPiGxIMa_pewIN6nlgmsbpCmADy_eEwJRYNFHkxdUE5FQ9CvLG_gEu8f9dpc6f6p1uD2kjxMZ3NryeBvqnsDz-4uvNQjR6JB7UG8FS3Ll1yFWtpQwPoP97VlqWSNk2dSjrtWgSqW6wjxzsGAuScXBQ&lptoken=16b4622c830d51ed0541&mprtr=1
IP
64.227.11.5:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
157 B (157 bytes)
Hash
9a195a70e70e9d54a539462cab45087b
bee155a3e187603fe3bf676b3148d217de78daf0
a57d68810785990f171ed207811b7bd359248759135e43b2bde3020d235254d1

HTTP Headers

POST /je5id/index.html?brand=Desktop&model=Desktop&clickid=&cep=qjIrHvogX_jzac2GTBkB7mcZ6ulttfz8E1F_tcBN915eY4YP5DXuW_8UTQGSukwiohvZiyigw-ZZKs_ET_OZVFmxGjorw05vhUYGRZazGC6mr1_qNFUKYrn7Ogw8z71Yq51Hid06sl0BTjaQAgFVaaWEgDv6uHifTFo7v58rTRCVL-lLyxtpGjsm9j6VJjKsiGdCXwlXc1ouWMlgkj5vvsPiGxIMa_pewIN6nlgmsbpCmADy_eEwJRYNFHkxdUE5FQ9CvLG_gEu8f9dpc6f6p1uD2kjxMZ3NryeBvqnsDz-4uvNQjR6JB7UG8FS3Ll1yFWtpQwPoP97VlqWSNk2dSjrtWgSqW6wjxzsGAuScXBQ&lptoken=16b4622c830d51ed0541&mprtr=1 HTTP/1.1
Host: glbltraffic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://glbltraffic.com
Connection: keep-alive
Referer: https://glbltraffic.com/je5id/index.html?brand=Desktop&model=Desktop&clickid=&cep=qjIrHvogX_jzac2GTBkB7mcZ6ulttfz8E1F_tcBN915eY4YP5DXuW_8UTQGSukwiohvZiyigw-ZZKs_ET_OZVFmxGjorw05vhUYGRZazGC6mr1_qNFUKYrn7Ogw8z71Yq51Hid06sl0BTjaQAgFVaaWEgDv6uHifTFo7v58rTRCVL-lLyxtpGjsm9j6VJjKsiGdCXwlXc1ouWMlgkj5vvsPiGxIMa_pewIN6nlgmsbpCmADy_eEwJRYNFHkxdUE5FQ9CvLG_gEu8f9dpc6f6p1uD2kjxMZ3NryeBvqnsDz-4uvNQjR6JB7UG8FS3Ll1yFWtpQwPoP97VlqWSNk2dSjrtWgSqW6wjxzsGAuScXBQ&lptoken=16b4622c830d51ed0541
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers

HTTP/2 405 Method Not Allowed
server: nginx/1.16.1
date: Sat, 10 Sep 2022 18:08:26 GMT
content-type: text/html
content-length: 157
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
067a25317f830059945ff34292aae0a5
8f24946c0b43f19c664b6d148ceb3bad7fefc13d
e18308b0662a45ac0d54e2d01339609fce9aaf180617d797cf67b8c162b6bcab

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E18308B0662A45AC0D54E2D01339609FCE9AAF180617D797CF67B8C162B6BCAB"
Last-Modified: Thu, 08 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 11 Sep 2022 00:08:26 GMT
Date: Sat, 10 Sep 2022 18:08:26 GMT
Connection: keep-alive

64.227.11.5

200 OK

10 kB

URL HTTP/2
glbltraffic.com/je5id/index.html?brand=Desktop&model=Desktop&clickid=&cep=qjIrHvogX_jzac2GTBkB7mcZ6ulttfz8E1F_tcBN915eY4YP5DXuW_8UTQGSukwiohvZiyigw-ZZKs_ET_OZVFmxGjorw05vhUYGRZazGC6mr1_qNFUKYrn7Ogw8z71Yq51Hid06sl0BTjaQAgFVaaWEgDv6uHifTFo7v58rTRCVL-lLyxtpGjsm9j6VJjKsiGdCXwlXc1ouWMlgkj5vvsPiGxIMa_pewIN6nlgmsbpCmADy_eEwJRYNFHkxdUE5FQ9CvLG_gEu8f9dpc6f6p1uD2kjxMZ3NryeBvqnsDz-4uvNQjR6JB7UG8FS3Ll1yFWtpQwPoP97VlqWSNk2dSjrtWgSqW6wjxzsGAuScXBQ&lptoken=16b4622c830d51ed0541
IP
64.227.11.5:0
ASN
#14061 DIGITALOCEAN-ASN

File type
data
Size
10 kB (10444 bytes)
Hash
1b79dc8a09c8fe65c0786d54d86a26da
6812e5fad3a7fbb367dc196ddee7cf467c66207d
8a3fd47066a3841848b782129f929fce71c834700bc703f87cba2001f86d4dad

HTTP Headers

GET /je5id/index.html?brand=Desktop&model=Desktop&clickid=&cep=qjIrHvogX_jzac2GTBkB7mcZ6ulttfz8E1F_tcBN915eY4YP5DXuW_8UTQGSukwiohvZiyigw-ZZKs_ET_OZVFmxGjorw05vhUYGRZazGC6mr1_qNFUKYrn7Ogw8z71Yq51Hid06sl0BTjaQAgFVaaWEgDv6uHifTFo7v58rTRCVL-lLyxtpGjsm9j6VJjKsiGdCXwlXc1ouWMlgkj5vvsPiGxIMa_pewIN6nlgmsbpCmADy_eEwJRYNFHkxdUE5FQ9CvLG_gEu8f9dpc6f6p1uD2kjxMZ3NryeBvqnsDz-4uvNQjR6JB7UG8FS3Ll1yFWtpQwPoP97VlqWSNk2dSjrtWgSqW6wjxzsGAuScXBQ&lptoken=16b4622c830d51ed0541 HTTP/1.1
Host: glbltraffic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx/1.16.1
date: Sat, 10 Sep 2022 18:08:26 GMT
content-type: text/html
last-modified: Mon, 09 May 2022 10:55:17 GMT
etag: W/"6278f315-2524"
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3672
Expires: Sat, 10 Sep 2022 19:09:39 GMT
Date: Sat, 10 Sep 2022 18:08:27 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3672
Expires: Sat, 10 Sep 2022 19:09:39 GMT
Date: Sat, 10 Sep 2022 18:08:27 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3672
Expires: Sat, 10 Sep 2022 19:09:39 GMT
Date: Sat, 10 Sep 2022 18:08:27 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb150ddb5-18a6-405d-8041-cdea0c0e6a85.jpeg

34.120.237.76

200 OK

8.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb150ddb5-18a6-405d-8041-cdea0c0e6a85.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.3 kB (8266 bytes)
Hash
d21a3e07583d9fad4104b6457f7915e7
fdc9453562f993e2545ca99731a7741e748b6082
8ea38264c82c6b544447079cc92eae70d0968a070ba39022af0e18c498916338

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb150ddb5-18a6-405d-8041-cdea0c0e6a85.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8266
x-amzn-requestid: 3411ec4b-ac18-4b4e-8876-c99b94d3a4a3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNitWEjhIAMFWpw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb188-4d9e496e7ff141b46748d850;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:35:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: vyV1_onImxuLNGp4UI1W5grcuVW3LHJFJjvmO0VXU-OYorF6RVcoDw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 7d01bcfcfe27ce0b8979cf621dd081de.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 21:51:58 GMT
age: 72989
etag: "fdc9453562f993e2545ca99731a7741e748b6082"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e72c2e9-6d47-42ac-9514-316cd8f8f6c5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8676 bytes)
Hash
e8f11aeba65478b039cfb4100aa23435
88db17a82ea0207ccb4826c2961875c5106b427a
6f6ec5922ec54d824e7f933de87608c5a763da119ae9461d99c6525649b1a9af

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e72c2e9-6d47-42ac-9514-316cd8f8f6c5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8676
x-amzn-requestid: 64a58aa8-8321-4c91-98fe-dbf97996c513
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNiuZEjnIAMFRFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb18f-77b635593b202d7d3cd0ac84;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:35:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: VWwNSpFvcDq3nrn91QvYjrJX5hLjp96vrKgZzR-pOdrdHx7MlcagGQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 d1d67b07408bba8c682597d8303642e2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 21:56:34 GMT
age: 72713
etag: "88db17a82ea0207ccb4826c2961875c5106b427a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdde1c872-426a-4aec-b295-a2cac8b36edf.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.5 kB (4477 bytes)
Hash
71bafbee3867c04c3712ff98a123d52c
ccf471cd30f5aa96f4e5fdb9e0fbbcdbb475a0bf
58ff1700e0b125caefb73719e2b3d734b2fbcc5ed1aabe5a11bb73b43edab831

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdde1c872-426a-4aec-b295-a2cac8b36edf.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4477
x-amzn-requestid: bbdca46e-5628-4faf-a0fe-ea1b5b39ac2a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNjzaHrIoAMF-iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb348-567e946e7cf77f2e11c17c97;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:42:32 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: f2Av7EDI_l1jZfe0kR6K2yQNzxbBXdcXJGycIZbOTp4ZkCuusLk4Sw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 27fe6f224e0cfa3f3a446471ee256e56.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 21:50:47 GMT
age: 73060
etag: "ccf471cd30f5aa96f4e5fdb9e0fbbcdbb475a0bf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0bedecf7-d9af-4aa7-88b0-94b2a33f9e1a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.8 kB (9766 bytes)
Hash
7ade70e6dbcfb3ca1765f95112671e69
3768753be084c0e0fc268be5b192d02d769114b6
9670a3bf2476ba193cfeb3153c1254bdcfc980a28503dda0d9b398a3a59f53f4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0bedecf7-d9af-4aa7-88b0-94b2a33f9e1a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9766
x-amzn-requestid: 720a4111-91de-4672-88c8-f40db517c07d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YHsjRE13oAMFbCA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63195ae1-288f1f5456bf4d146dcf774c;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 03:00:49 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: CjZw9xgHd4_7KvhiiZEIBivRgoQeh1BYxEc_bOBbTvWoqHgTPq0sSA==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 d2575afea3774df33dcf5e5ff475025e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 05:37:01 GMT
age: 45086
etag: "3768753be084c0e0fc268be5b192d02d769114b6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F242561c0-8a95-468b-ba61-6859edfe8518.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.2 kB (7218 bytes)
Hash
3f8aeb20a6543be83f3e422796c4dc70
4e4e127039dd8099c63c3bde198118d2874f7342
0f9fdd1b577e4719f88620bb451131bfb120790479b4feccb4222647fb3ea453

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F242561c0-8a95-468b-ba61-6859edfe8518.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7218
x-amzn-requestid: 4e9672b6-5415-4808-9508-22e8c42de448
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YE_QzHffIAMFYTw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6318459e-743b975a2770e2a90c616d87;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 07:17:50 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: dR6KtfbMJzFz0j8zIFUNtdkJHUaerjxWbUyYKBD-jR_uAAvCCty01Q==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 03:23:21 GMT
age: 53106
etag: "4e4e127039dd8099c63c3bde198118d2874f7342"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1a40490a-216d-49e4-bfae-20c0ba1e9616.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.4 kB (4434 bytes)
Hash
0fd70eea0aa5e563509d9e2c0ae25050
75438d4566755201604bebadec4b699ba585b62b
584534a66a490a6a5f217b484edc5aebbb3076f70280984fecd724138420331c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1a40490a-216d-49e4-bfae-20c0ba1e9616.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4434
x-amzn-requestid: d2239717-afaf-485c-b238-e421f3f2750f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNjs3GsCoAMFTYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb31e-4d779e9e395f30db784955e7;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:41:50 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: hW6DClTvHw4WjHttC_4SBQBO0E8cAi1GnufETnH2OzaUP0EAj0S14g==
via: 1.1 1ec2938341958d70d56193d709c89dee.cloudfront.net (CloudFront), 1.1 a8e5d5aeee6eacca5c379e5059b1f68c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 21:53:49 GMT
age: 72878
etag: "75438d4566755201604bebadec4b699ba585b62b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

littlecdn.com/apps/templates/android-instructions/ios-sys-msg-icon/css/style.css?v=1.2

172.67.10.98

200 OK

0 B

URL HTTP/2
littlecdn.com/apps/templates/android-instructions/ios-sys-msg-icon/css/style.css?v=1.2
IP
172.67.10.98:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /apps/templates/android-instructions/ios-sys-msg-icon/css/style.css?v=1.2 HTTP/1.1
Host: littlecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glbltraffic.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 10 Sep 2022 18:08:26 GMT
content-type: text/css
last-modified: Tue, 06 Sep 2022 16:08:49 GMT
vary: Accept-Encoding
etag: W/"63177091-1525"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
cf-cache-status: HIT
age: 4479
server: cloudflare
cf-ray: 748a1be4b9090b45-OSL
content-encoding: br
X-Firefox-Spdy: h2

glbltraffic.com/favicon.ico

64.227.11.5

404 Not Found

0 B

URL HTTP/2
glbltraffic.com/favicon.ico
IP
64.227.11.5:0
ASN
#14061 DIGITALOCEAN-ASN

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: glbltraffic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glbltraffic.com/je5id/index.html?brand=Desktop&model=Desktop&clickid=&cep=qjIrHvogX_jzac2GTBkB7mcZ6ulttfz8E1F_tcBN915eY4YP5DXuW_8UTQGSukwiohvZiyigw-ZZKs_ET_OZVFmxGjorw05vhUYGRZazGC6mr1_qNFUKYrn7Ogw8z71Yq51Hid06sl0BTjaQAgFVaaWEgDv6uHifTFo7v58rTRCVL-lLyxtpGjsm9j6VJjKsiGdCXwlXc1ouWMlgkj5vvsPiGxIMa_pewIN6nlgmsbpCmADy_eEwJRYNFHkxdUE5FQ9CvLG_gEu8f9dpc6f6p1uD2kjxMZ3NryeBvqnsDz-4uvNQjR6JB7UG8FS3Ll1yFWtpQwPoP97VlqWSNk2dSjrtWgSqW6wjxzsGAuScXBQ&lptoken=16b4622c830d51ed0541
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx/1.16.1
date: Sat, 10 Sep 2022 18:08:26 GMT
content-type: text/html
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (3)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (24)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size