| descarga.ink/wp-includes/css/dist/block-library/style.min.css?ver=6.5.2 | 107.189.31.193 | 200 OK | 14 kB |
URL GET HTTP/3descarga.ink/wp-includes/css/dist/block-library/style.min.css?ver=6.5.2 IP107.189.31.193:443
Requested byhttps://descarga.ink/engineeringsoftware/87/ CertificateIssuerLet's Encrypt Subjectdescarga.ink Fingerprint00:8A:3C:75:4A:06:E2:E1:15:2B:DD:B2:C9:FE:12:58:03:16:FD:8B ValidityThu, 07 Mar 2024 20:22:33 GMT - Wed, 05 Jun 2024 20:22:32 GMT
File typeASCII text, with very long lines (59701) Hash51a8390b47aa0582cf2d9c96c5addee2 b16a640874025d085c38119a1a02a3460f83f2de 98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.5.2 HTTP/1.1
Host: descarga.ink
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://descarga.ink/engineeringsoftware/87/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 22:49:57 GMT
content-type: text/css
last-modified: Sat, 27 Apr 2024 12:08:19 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 14071
date: Sat, 04 May 2024 22:49:57 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=157680000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
serversignature: Off
servertokens: Prod
x-permitted-cross-domain-policies: master-only
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
|
|
| descarga.ink/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.4.0 | 107.189.31.193 | 200 OK | 4.4 kB |
URL GET HTTP/3descarga.ink/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.4.0 IP107.189.31.193:443
Requested byhttps://descarga.ink/engineeringsoftware/87/ CertificateIssuerLet's Encrypt Subjectdescarga.ink Fingerprint00:8A:3C:75:4A:06:E2:E1:15:2B:DD:B2:C9:FE:12:58:03:16:FD:8B ValidityThu, 07 Mar 2024 20:22:33 GMT - Wed, 05 Jun 2024 20:22:32 GMT
File typeASCII text, with very long lines (19564), with no line terminators Hash867585929ee8b21749cdefa675d9aa11 afbd7bc967068d4e804641f4b1df78ab37417144 bc3b2c1e618a27e485095a3c0db20da5ba2fbfaf3b872ccd6ca35cb19eb37b5d
GET /wp-content/themes/generatepress/assets/css/main.min.css?ver=3.4.0 HTTP/1.1
Host: descarga.ink
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://descarga.ink/engineeringsoftware/87/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 22:49:57 GMT
content-type: text/css
last-modified: Wed, 13 Mar 2024 22:42:35 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4416
date: Sat, 04 May 2024 22:49:57 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=157680000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
serversignature: Off
servertokens: Prod
x-permitted-cross-domain-policies: master-only
|
|
| descarga.ink/wp-content/themes/generatepress_child/style.css?ver=1710369755 | 107.189.31.193 | 200 OK | 143 B |
URL GET HTTP/3descarga.ink/wp-content/themes/generatepress_child/style.css?ver=1710369755 IP107.189.31.193:443
Requested byhttps://descarga.ink/engineeringsoftware/87/ CertificateIssuerLet's Encrypt Subjectdescarga.ink Fingerprint00:8A:3C:75:4A:06:E2:E1:15:2B:DD:B2:C9:FE:12:58:03:16:FD:8B ValidityThu, 07 Mar 2024 20:22:33 GMT - Wed, 05 Jun 2024 20:22:32 GMT
File typeASCII text, with CRLF line terminators Hash492327f0d88ad2d055581d06770af6e2 5298ca7b326e86185ed8a29c66fd46ef356d6e84 f22691711c373a3444980cc32ab028fa86dad687c1b386e14847a47ce8b88e73
GET /wp-content/themes/generatepress_child/style.css?ver=1710369755 HTTP/1.1
Host: descarga.ink
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://descarga.ink/engineeringsoftware/87/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 22:49:57 GMT
content-type: text/css
last-modified: Wed, 13 Mar 2024 22:42:35 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 143
date: Sat, 04 May 2024 22:49:57 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=157680000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
serversignature: Off
servertokens: Prod
x-permitted-cross-domain-policies: master-only
|
|
| descarga.ink/wp-content/themes/generatepress/assets/js/navigation-search.min.js?ver=3.4.0 | 107.189.31.193 | 200 OK | 673 B |
URL GET HTTP/3descarga.ink/wp-content/themes/generatepress/assets/js/navigation-search.min.js?ver=3.4.0 IP107.189.31.193:443
Requested byhttps://descarga.ink/engineeringsoftware/87/ CertificateIssuerLet's Encrypt Subjectdescarga.ink Fingerprint00:8A:3C:75:4A:06:E2:E1:15:2B:DD:B2:C9:FE:12:58:03:16:FD:8B ValidityThu, 07 Mar 2024 20:22:33 GMT - Wed, 05 Jun 2024 20:22:32 GMT
File typeJavaScript source, ASCII text, with very long lines (2141), with no line terminators Hashd803bf6d0044d45f7a6dda2aec3fd1db b21e343b695d6ccc8a9122036f6d3a04c304f79b 07b22512394b6fe16bd285c017731e78759c4cda65c809240e49def78fba53a7
GET /wp-content/themes/generatepress/assets/js/navigation-search.min.js?ver=3.4.0 HTTP/1.1
Host: descarga.ink
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://descarga.ink/engineeringsoftware/87/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 22:49:57 GMT
content-type: application/javascript
last-modified: Wed, 13 Mar 2024 22:42:35 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 673
date: Sat, 04 May 2024 22:49:57 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=157680000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
serversignature: Off
servertokens: Prod
x-permitted-cross-domain-policies: master-only
|
|
| www.google.com/recaptcha/api.js?ver=6.5.2 | 142.250.74.132 | 200 OK | 1.0 kB |
URL GET HTTP/2www.google.com/recaptcha/api.js?ver=6.5.2 IP142.250.74.132:443
Requested byhttps://descarga.ink/engineeringsoftware/87/ CertificateIssuerGoogle Trust Services LLC Subjectwww.google.com FingerprintC6:A2:DC:31:5A:53:FA:DD:55:71:A3:F4:DD:43:3D:16:71:B8:B3:99 ValidityTue, 16 Apr 2024 04:20:32 GMT - Tue, 09 Jul 2024 04:20:31 GMT
Hasha1a76d9947adf38d1d452dd972f2b144 067446a067a6132172a484ec2d2f0917f4e82905 5a70a2d859ee2fbb5b47fb3e5096c339cf074b6183003cd4309d80bcdacc5d67
GET /recaptcha/api.js?ver=6.5.2 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://descarga.ink/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Sat, 04 May 2024 22:49:57 GMT
date: Sat, 04 May 2024 22:49:57 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| engineeringsoftware.net/wp-content/uploads/2020/12/cropped-engineeringsoftware.net-logo-black-1.png | 107.189.31.193 | 200 OK | 13 kB |
URL GET HTTP/2engineeringsoftware.net/wp-content/uploads/2020/12/cropped-engineeringsoftware.net-logo-black-1.png IP107.189.31.193:443
Requested byhttps://descarga.ink/engineeringsoftware/87/ CertificateIssuerLet's Encrypt Subjectengineeringsoftware.net Fingerprint59:AD:43:58:BD:53:47:9E:32:8E:AA:A9:61:87:11:27:E4:23:D4:C7 ValiditySat, 04 May 2024 17:47:17 GMT - Fri, 02 Aug 2024 17:47:16 GMT
File typePNG image data, 300 x 67, 8-bit/color RGBA, non-interlaced Hash42254774cf089455b3548e3121531745 376a7cd39f04df1ba12ded8b7b5dde79d41e2253 732b7aa32a3cf628dcb9d76a50bc160bd8e3b1e911d5aaa7a09c419827a1c9d2
GET /wp-content/uploads/2020/12/cropped-engineeringsoftware.net-logo-black-1.png HTTP/1.1
Host: engineeringsoftware.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://descarga.ink/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000,public,public
expires: Sun, 01 Sep 2024 22:49:57 GMT
content-type: image/png
last-modified: Wed, 11 Oct 2023 15:56:18 GMT
accept-ranges: bytes
content-length: 13174
date: Sat, 04 May 2024 22:49:57 GMT
vary: Accept-Encoding,Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=157680000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
serversignature: Off
servertokens: Prod
x-permitted-cross-domain-policies: master-only
content-security-policy: upgrade-insecure-requests;
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
|
|
| sarcasticnotarycontrived.com/ddf5f5874497be5818268b53a898151e/invoke.js | 172.240.108.84 | 200 OK | 12 kB |
URL GET HTTP/1.1sarcasticnotarycontrived.com/ddf5f5874497be5818268b53a898151e/invoke.js IP172.240.108.84:443
Requested byhttps://descarga.ink/engineeringsoftware/87/ CertificateIssuerLet's Encrypt Subject*.sarcasticnotarycontrived.com Fingerprint10:5B:4C:2C:01:5E:16:45:2D:08:5B:5A:77:61:29:AA:A7:90:63:40 ValidityTue, 02 Apr 2024 07:02:01 GMT - Mon, 01 Jul 2024 07:02:00 GMT
File typeJavaScript source, ASCII text, with very long lines (31289), with no line terminators Hash1f53d0dd384f4b72b80153e0951b1ad1 4eb4a9ca4010ba3dfa1bb2c602d8802edde8ec7e 7f25209e8f6b642419039db1fb958e75359d9741102df47df1f3bb9ff7cc77f8
GET /ddf5f5874497be5818268b53a898151e/invoke.js HTTP/1.1
Host: sarcasticnotarycontrived.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://descarga.ink/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 22:49:58 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c6de7f8c29c14798ee0067dfd3bead0d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| sarcasticnotarycontrived.com/36/e4/80/36e480f9b5da9023529bccefc295338f.js | 172.240.108.84 | 200 OK | 16 kB |
URL GET HTTP/1.1sarcasticnotarycontrived.com/36/e4/80/36e480f9b5da9023529bccefc295338f.js IP172.240.108.84:443
Requested byhttps://descarga.ink/engineeringsoftware/87/ CertificateIssuerLet's Encrypt Subject*.sarcasticnotarycontrived.com Fingerprint10:5B:4C:2C:01:5E:16:45:2D:08:5B:5A:77:61:29:AA:A7:90:63:40 ValidityTue, 02 Apr 2024 07:02:01 GMT - Mon, 01 Jul 2024 07:02:00 GMT
File typeJavaScript source, ASCII text, with very long lines (45337), with no line terminators Hashb348e8b4a4589c084cd0a387e2a9db15 2d27991f7c5e488c444e71ac894b2d6fab060bea ed44a70a24a3788a5b19bce4e80b24e66817a8c56530d6016c834702a7cfc3ae
GET /36/e4/80/36e480f9b5da9023529bccefc295338f.js HTTP/1.1
Host: sarcasticnotarycontrived.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://descarga.ink/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 22:49:58 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_CF-3448=1; expires=Wed, 08 May 2024 01:49:58 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 41c6da07ec34446120993c10d40f88ff
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| sarcasticnotarycontrived.com/ff/b9/27/ffb927d8765a7c99005c03149b95119e.js | 172.240.108.84 | 200 OK | 31 kB |
URL GET HTTP/1.1sarcasticnotarycontrived.com/ff/b9/27/ffb927d8765a7c99005c03149b95119e.js IP172.240.108.84:443
Requested byhttps://descarga.ink/engineeringsoftware/87/ CertificateIssuerLet's Encrypt Subject*.sarcasticnotarycontrived.com Fingerprint10:5B:4C:2C:01:5E:16:45:2D:08:5B:5A:77:61:29:AA:A7:90:63:40 ValidityTue, 02 Apr 2024 07:02:01 GMT - Mon, 01 Jul 2024 07:02:00 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hashc8c831efa190cbb86abd91f94123610a f1a6571a76e3a1f5176916a65278fc3b3e285009 dcaab89d1a77314ee534456130b22e5a6f6855cae9dac06315dcbc0a1337428e
GET /ff/b9/27/ffb927d8765a7c99005c03149b95119e.js HTTP/1.1
Host: sarcasticnotarycontrived.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://descarga.ink/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 22:49:58 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 06178b56da5daffce77e4d0a8357482f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| ocsp.r2m03.amazontrust.com/ | 143.204.53.97 | | 471 B |
URL ocsp.r2m03.amazontrust.com/ IP143.204.53.97:0
Hash691c3f87e4fe41a736328d3c71e2dbdc fd76f455b38ba18f00a6fb81e3585201eb3c43f6 8ac709de568d48e4c9e64b75afa6cd3fed58e2cf0c21e823af01ab342e6794b9
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sat, 04 May 2024 22:49:58 GMT
Last-Modified: Sat, 04 May 2024 22:03:47 GMT
Server: ECAcc (ska/F6D2)
X-Cache: Miss from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: R1hb3IbIvE2aBN_u1l71L0ZB4nJOrKS8RGRx0ro_fsm--ProccBnUg==
Age: 2771
|
|
| proftrafficcounter.com/stats | 52.29.105.35 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP52.29.105.35:443
Requested byhttps://descarga.ink/engineeringsoftware/87/ CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hashe6e0d455268c77d5eb9c3ab712a9766f 621d3f9c2d869d232e1c9d33435f528c4b4d6b05 2c409991cb35524fefb6f0f74b4076be593a3b430497704de4e076edc80673e4
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://descarga.ink
DNT: 1
Connection: keep-alive
Referer: https://descarga.ink/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 22:49:58 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://descarga.ink
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=e5dbc7fd-edd8-4173-882c-e61a3692f99d:2:1; expires=Tue, 02 May 2034 22:49:58 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| ocsp.r2m03.amazontrust.com/ | 143.204.53.97 | | 471 B |
URL ocsp.r2m03.amazontrust.com/ IP143.204.53.97:0
Hash691c3f87e4fe41a736328d3c71e2dbdc fd76f455b38ba18f00a6fb81e3585201eb3c43f6 8ac709de568d48e4c9e64b75afa6cd3fed58e2cf0c21e823af01ab342e6794b9
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sat, 04 May 2024 22:49:58 GMT
Last-Modified: Sat, 04 May 2024 22:31:48 GMT
Server: ECAcc (ska/F756)
X-Cache: Miss from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: hADwlH5-F46dkzBkOOBqxoHKA0cPNv15NQWb025J1YwYhNyjf5OBQA==
Age: 1091
|
|
| descarga.ink/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2 | 107.189.31.193 | 200 OK | 4.7 kB |
URL GET HTTP/3descarga.ink/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2 IP107.189.31.193:443
Requested byhttps://descarga.ink/engineeringsoftware/87/ CertificateIssuerLet's Encrypt Subjectdescarga.ink Fingerprint00:8A:3C:75:4A:06:E2:E1:15:2B:DD:B2:C9:FE:12:58:03:16:FD:8B ValidityThu, 07 Mar 2024 20:22:33 GMT - Wed, 05 Jun 2024 20:22:32 GMT
File typeJavaScript source, ASCII text, with very long lines (15752) Hashb976b651932bfd25b9ddb5b7693d88a7 7fcb7cb5c11227f9213b1e08a07d0212209e1432 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.5.2 HTTP/1.1
Host: descarga.ink
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://descarga.ink/engineeringsoftware/87/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 22:49:58 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 12:08:20 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4676
date: Sat, 04 May 2024 22:49:58 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=157680000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
serversignature: Off
servertokens: Prod
x-permitted-cross-domain-policies: master-only
|
|
| proftrafficcounter.com/stats | 52.29.105.35 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP52.29.105.35:443
Requested byhttps://descarga.ink/engineeringsoftware/87/ CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hashee08af0b939e0775afc5196672216645 76d1eac5cfd0232e1f673e6ac87ab8ba86bc786e 8878706d5f08b9b85b0032400e4b5cc72216483967bc9b484f26d1e9721103bc
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://descarga.ink
DNT: 1
Connection: keep-alive
Referer: https://descarga.ink/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 22:49:58 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://descarga.ink
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=d2a8d6d2-4fa8-46c1-94fa-a293b2b175b7:2:1; expires=Tue, 02 May 2034 22:49:58 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| proftrafficcounter.com/stats | 52.29.105.35 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP52.29.105.35:443
Requested byhttps://descarga.ink/engineeringsoftware/87/ CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash4bbe6a5d16c2973248e6cd68755a9ca9 7a078d16f7bebf69e9bac82f436ebf60a1833f24 688d4314df11ec6f27da9d7e75a8007951a0b8d3a9f6cb1c0a3304783915f809
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://descarga.ink
DNT: 1
Connection: keep-alive
Referer: https://descarga.ink/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 22:49:58 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://descarga.ink
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=e60037ff-0c60-45d9-b2b9-631a5b3cb57c:1:1; expires=Tue, 02 May 2034 22:49:58 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| inconveniencemimic.com/pixel/purst?dl=0&th=0&sc=0&rs=1460&rd=1460&fd=974&bv=24.5.6485&tmpl=70 | 172.240.127.234 | 200 OK | 0 B |
URL GET HTTP/1.1inconveniencemimic.com/pixel/purst?dl=0&th=0&sc=0&rs=1460&rd=1460&fd=974&bv=24.5.6485&tmpl=70 IP172.240.127.234:443
Requested byhttps://descarga.ink/engineeringsoftware/87/ CertificateIssuerLet's Encrypt Subjectinconveniencemimic.com FingerprintAF:84:31:F6:C9:08:AA:86:11:4D:BF:62:E5:2A:DB:57:5B:6E:E2:36 ValidityMon, 29 Apr 2024 08:23:14 GMT - Sun, 28 Jul 2024 08:23:13 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/purst?dl=0&th=0&sc=0&rs=1460&rd=1460&fd=974&bv=24.5.6485&tmpl=70 HTTP/1.1
Host: inconveniencemimic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://descarga.ink/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 22:49:59 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| capaciousdrewreligion.com/advertisers.js | 192.243.59.12 | 200 OK | 0 B |
URL GET HTTP/1.1capaciousdrewreligion.com/advertisers.js IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://descarga.ink/engineeringsoftware/87/ CertificateIssuerLet's Encrypt Subjectcapaciousdrewreligion.com Fingerprint53:B6:ED:C6:B5:B6:60:3E:6D:02:5A:92:2E:C3:12:74:64:A1:23:DC ValidityWed, 06 Mar 2024 11:57:32 GMT - Tue, 04 Jun 2024 11:57:31 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /advertisers.js HTTP/1.1
Host: capaciousdrewreligion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://descarga.ink/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 22:49:59 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c69c4c1f96f07cbc015d412d5a196cb6
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| decisivewade.com/watch.1692510195982.js?key=ddf5f5874497be5818268b53a898151e&kw=%5B%22download%22%2C%22autocad%22%2C%222014%22%2C%22free%22%2C%22and%22%2C%22full%22%2C%22by%22%2C%22mega%22%2C%22and%22%2C%22mediafire%22%2C%22%E2%80%93%22%2C%22descarga%22%2C%22ink%22%5D&refer=https%3A%2F%2Fdescarga.ink%2Fengineeringsoftware%2F87%2F&tz=0&dev=e&res=14.2071&uuid=e60037ff-0c60-45d9-b2b9-631a5b3cb57c%3A1%3A1 | 172.240.108.84 | 307 Temporary Redirect | 0 B |
URL GET HTTP/1.1decisivewade.com/watch.1692510195982.js?key=ddf5f5874497be5818268b53a898151e&kw=%5B%22download%22%2C%22autocad%22%2C%222014%22%2C%22free%22%2C%22and%22%2C%22full%22%2C%22by%22%2C%22mega%22%2C%22and%22%2C%22mediafire%22%2C%22%E2%80%93%22%2C%22descarga%22%2C%22ink%22%5D&refer=https%3A%2F%2Fdescarga.ink%2Fengineeringsoftware%2F87%2F&tz=0&dev=e&res=14.2071&uuid=e60037ff-0c60-45d9-b2b9-631a5b3cb57c%3A1%3A1 IP172.240.108.84:443
Requested byhttps://descarga.ink/engineeringsoftware/87/ CertificateIssuerLet's Encrypt Subjectdecisivewade.com Fingerprint97:80:1A:96:16:58:D9:94:6D:24:84:45:32:59:8C:44:59:0F:B7:8C ValidityMon, 29 Apr 2024 12:47:45 GMT - Sun, 28 Jul 2024 12:47:44 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /watch.1692510195982.js?key=ddf5f5874497be5818268b53a898151e&kw=%5B%22download%22%2C%22autocad%22%2C%222014%22%2C%22free%22%2C%22and%22%2C%22full%22%2C%22by%22%2C%22mega%22%2C%22and%22%2C%22mediafire%22%2C%22%E2%80%93%22%2C%22descarga%22%2C%22ink%22%5D&refer=https%3A%2F%2Fdescarga.ink%2Fengineeringsoftware%2F87%2F&tz=0&dev=e&res=14.2071&uuid=e60037ff-0c60-45d9-b2b9-631a5b3cb57c%3A1%3A1 HTTP/1.1
Host: decisivewade.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://descarga.ink
DNT: 1
Connection: keep-alive
Referer: https://descarga.ink/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Sat, 04 May 2024 22:49:59 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://descarga.ink
Access-Control-Allow-Origin: https://descarga.ink
Access-Control-Allow-Credentials: true
Location: https://decisivewade.com/watch.1692510195982.js?dev=e&key=ddf5f5874497be5818268b53a898151e&kw=%5B%22download%22%2C%22autocad%22%2C%222014%22%2C%22free%22%2C%22and%22%2C%22full%22%2C%22by%22%2C%22mega%22%2C%22and%22%2C%22mediafire%22%2C%22%E2%80%93%22%2C%22descarga%22%2C%22ink%22%5D&pst=1714863059&refer=https%3A%2F%2Fdescarga.ink%2Fengineeringsoftware%2F87%2F&res=14.2071&rmtc=t&shu=b192caab02d29671af3530bc5a832bf5a80ae6c9be5011633d2e9eaeb79257d5b6281bfeeacad579336b16a23e66e4917a3362ac73fcc785259aaa1c9547f4cf1f0164ad2f5d86317a2a9faf3eaadd317b21b0ac9ff2b0dd14ff0cbb18fbb501&tz=0&uuid=e60037ff-0c60-45d9-b2b9-631a5b3cb57c%3A1%3A1
Set-Cookie: u_pl=22673903; expires=Sun, 05 May 2024 22:49:59 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjY3MzkwMywiayI6ImRkZjVmNTg3NDQ5N2JlNTgxODI2OGI1M2E4OTgxNTFlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNjU4MDQzLCJwaWQiOjE1NDUyOSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjoyMywicHQiOjQsInBrIjoiZTk3cDByZWhpIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vZGVzY2FyZ2EuaW5rL2VuZ2luZWVyaW5nc29mdHdhcmUvODcvIiwiYXIiOltdfX0.PY2IA8Ms8zUg99q654C_R5VKiwNVhSPy8D30x4FNUxw; expires=Sat, 04 May 2024 22:50:59 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c082cf87f73c8f6511069a6c2c7670d1
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| decisivewade.com/watch.1692510195982.js?dev=e&key=ddf5f5874497be5818268b53a898151e&kw=%5B%22download%22%2C%22autocad%22%2C%222014%22%2C%22free%22%2C%22and%22%2C%22full%22%2C%22by%22%2C%22mega%22%2C%22and%22%2C%22mediafire%22%2C%22%E2%80%93%22%2C%22descarga%22%2C%22ink%22%5D&pst=1714863059&refer=https%3A%2F%2Fdescarga.ink%2Fengineeringsoftware%2F87%2F&res=14.2071&rmtc=t&shu=b192caab02d29671af3530bc5a832bf5a80ae6c9be5011633d2e9eaeb79257d5b6281bfeeacad579336b16a23e66e4917a3362ac73fcc785259aaa1c9547f4cf1f0164ad2f5d86317a2a9faf3eaadd317b21b0ac9ff2b0dd14ff0cbb18fbb501&tz=0&uuid=e60037ff-0c60-45d9-b2b9-631a5b3cb57c%3A1%3A1 | 172.240.108.84 | 200 OK | 2.1 kB |
URL GET HTTP/1.1decisivewade.com/watch.1692510195982.js?dev=e&key=ddf5f5874497be5818268b53a898151e&kw=%5B%22download%22%2C%22autocad%22%2C%222014%22%2C%22free%22%2C%22and%22%2C%22full%22%2C%22by%22%2C%22mega%22%2C%22and%22%2C%22mediafire%22%2C%22%E2%80%93%22%2C%22descarga%22%2C%22ink%22%5D&pst=1714863059&refer=https%3A%2F%2Fdescarga.ink%2Fengineeringsoftware%2F87%2F&res=14.2071&rmtc=t&shu=b192caab02d29671af3530bc5a832bf5a80ae6c9be5011633d2e9eaeb79257d5b6281bfeeacad579336b16a23e66e4917a3362ac73fcc785259aaa1c9547f4cf1f0164ad2f5d86317a2a9faf3eaadd317b21b0ac9ff2b0dd14ff0cbb18fbb501&tz=0&uuid=e60037ff-0c60-45d9-b2b9-631a5b3cb57c%3A1%3A1 IP172.240.108.84:443
Requested byhttps://descarga.ink/engineeringsoftware/87/ CertificateIssuerLet's Encrypt Subjectdecisivewade.com Fingerprint97:80:1A:96:16:58:D9:94:6D:24:84:45:32:59:8C:44:59:0F:B7:8C ValidityMon, 29 Apr 2024 12:47:45 GMT - Sun, 28 Jul 2024 12:47:44 GMT
File typeJavaScript source, ASCII text, with very long lines (2650) Hash055e19bfc7b8630cc4a883fd751e6b10 1dad6170039397433bab969f99f5eb8cfe6fb623 04d2d30405fd6ad8ece53d9c35b4638db5daab32dd71df455c0b2102842c2a5b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /watch.1692510195982.js?dev=e&key=ddf5f5874497be5818268b53a898151e&kw=%5B%22download%22%2C%22autocad%22%2C%222014%22%2C%22free%22%2C%22and%22%2C%22full%22%2C%22by%22%2C%22mega%22%2C%22and%22%2C%22mediafire%22%2C%22%E2%80%93%22%2C%22descarga%22%2C%22ink%22%5D&pst=1714863059&refer=https%3A%2F%2Fdescarga.ink%2Fengineeringsoftware%2F87%2F&res=14.2071&rmtc=t&shu=b192caab02d29671af3530bc5a832bf5a80ae6c9be5011633d2e9eaeb79257d5b6281bfeeacad579336b16a23e66e4917a3362ac73fcc785259aaa1c9547f4cf1f0164ad2f5d86317a2a9faf3eaadd317b21b0ac9ff2b0dd14ff0cbb18fbb501&tz=0&uuid=e60037ff-0c60-45d9-b2b9-631a5b3cb57c%3A1%3A1 HTTP/1.1
Host: decisivewade.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://descarga.ink
Referer: https://descarga.ink/
DNT: 1
Connection: keep-alive
Cookie: u_pl=22673903; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjY3MzkwMywiayI6ImRkZjVmNTg3NDQ5N2JlNTgxODI2OGI1M2E4OTgxNTFlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNjU4MDQzLCJwaWQiOjE1NDUyOSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjoyMywicHQiOjQsInBrIjoiZTk3cDByZWhpIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vZGVzY2FyZ2EuaW5rL2VuZ2luZWVyaW5nc29mdHdhcmUvODcvIiwiYXIiOltdfX0.PY2IA8Ms8zUg99q654C_R5VKiwNVhSPy8D30x4FNUxw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 22:49:59 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://descarga.ink
Access-Control-Allow-Origin: https://descarga.ink
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=e60037ff-0c60-45d9-b2b9-631a5b3cb57c:1:1; expires=Sat, 11 May 2024 22:49:59 GMT; secure; SameSite=None
iprc9c9c4527ffb3160df8e616e83161a3f0=3569808; expires=Sun, 05 May 2024 02:49:59 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 05 May 2024 22:49:59 GMT; secure; SameSite=None
uncs=1; expires=Sun, 05 May 2024 22:49:59 GMT; secure; SameSite=None
pdhtkv23=true; expires=Sun, 05 May 2024 22:49:59 GMT; secure; SameSite=None
uncs23=1; expires=Sun, 05 May 2024 22:49:59 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3ee620229a4ac5ebc2cf6115fae9baef
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| threeinvincible.com/sbar.json?key=36e480f9b5da9023529bccefc295338f&psid=CF-3448_1&uuid=e5dbc7fd-edd8-4173-882c-e61a3692f99d%3A2%3A1 | 172.240.253.132 | 200 OK | 9.1 kB |
URL GET HTTP/1.1threeinvincible.com/sbar.json?key=36e480f9b5da9023529bccefc295338f&psid=CF-3448_1&uuid=e5dbc7fd-edd8-4173-882c-e61a3692f99d%3A2%3A1 IP172.240.253.132:443
Requested byhttps://descarga.ink/engineeringsoftware/87/ CertificateIssuerLet's Encrypt Subjectthreeinvincible.com Fingerprint80:A7:5B:F8:68:36:7B:02:02:07:18:D1:59:E5:E8:BF:94:77:25:84 ValidityTue, 30 Apr 2024 15:27:42 GMT - Mon, 29 Jul 2024 15:27:41 GMT
Hash26107cea6b1e76b1bb2b1906c792114b 73609816d03a56edd7792c531007d3649f19169d ebb9e59afdf3125e450a0736912ec6a16ffd6093e90136827f7973ba07f89f6e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /sbar.json?key=36e480f9b5da9023529bccefc295338f&psid=CF-3448_1&uuid=e5dbc7fd-edd8-4173-882c-e61a3692f99d%3A2%3A1 HTTP/1.1
Host: threeinvincible.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://descarga.ink
DNT: 1
Connection: keep-alive
Referer: https://descarga.ink/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 22:49:59 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://descarga.ink
Access-Control-Allow-Origin: https://descarga.ink
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=22673900; expires=Sun, 05 May 2024 22:49:59 GMT; secure; SameSite=None
uid_id2=e5dbc7fd-edd8-4173-882c-e61a3692f99d:2:1; expires=Sat, 11 May 2024 22:49:59 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 05 May 2024 22:49:59 GMT; secure; SameSite=None
uncs=1; expires=Sun, 05 May 2024 22:49:59 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sun, 05 May 2024 22:49:59 GMT; secure; SameSite=None
uncs29=1; expires=Sun, 05 May 2024 22:49:59 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0288babe0be415ed994bae41e4ab7285
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| descarga.ink/wp-content/uploads/2023/03/favicon.png | 107.189.31.193 | 200 OK | 5.0 kB |
URL GET HTTP/3descarga.ink/wp-content/uploads/2023/03/favicon.png IP107.189.31.193:443
Requested byhttps://descarga.ink/engineeringsoftware/87/ CertificateIssuerLet's Encrypt Subjectdescarga.ink Fingerprint00:8A:3C:75:4A:06:E2:E1:15:2B:DD:B2:C9:FE:12:58:03:16:FD:8B ValidityThu, 07 Mar 2024 20:22:33 GMT - Wed, 05 Jun 2024 20:22:32 GMT
File typePNG image data, 128 x 128, 8-bit colormap, non-interlaced Hash05a51b2feeeef41cbaeb8d6ef5762b75 89b8a5810e315880625556b6973b0c30b4056e4e 1c0043e04e381e96c509d617f9bfe79260575d2e52a23a3047ca756c2a50e3e4
GET /wp-content/uploads/2023/03/favicon.png HTTP/1.1
Host: descarga.ink
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://descarga.ink/engineeringsoftware/87/
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=e60037ff-0c60-45d9-b2b9-631a5b3cb57c%3A1%3A1; sb_main_36e480f9b5da9023529bccefc295338f=1; sb_count_36e480f9b5da9023529bccefc295338f=1; pp_main_ffb927d8765a7c99005c03149b95119e=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 22:49:59 GMT
content-type: image/png
last-modified: Wed, 13 Mar 2024 22:42:35 GMT
accept-ranges: bytes
content-length: 4957
date: Sat, 04 May 2024 22:49:59 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=157680000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
serversignature: Off
servertokens: Prod
x-permitted-cross-domain-policies: master-only
|
|
| descarga.ink/wp-content/uploads/2023/03/favicon.png | 107.189.31.193 | 200 OK | 5.0 kB |
URL GET HTTP/3descarga.ink/wp-content/uploads/2023/03/favicon.png IP107.189.31.193:443
Requested byhttps://descarga.ink/engineeringsoftware/87/ CertificateIssuerLet's Encrypt Subjectdescarga.ink Fingerprint00:8A:3C:75:4A:06:E2:E1:15:2B:DD:B2:C9:FE:12:58:03:16:FD:8B ValidityThu, 07 Mar 2024 20:22:33 GMT - Wed, 05 Jun 2024 20:22:32 GMT
File typePNG image data, 128 x 128, 8-bit colormap, non-interlaced Hash05a51b2feeeef41cbaeb8d6ef5762b75 89b8a5810e315880625556b6973b0c30b4056e4e 1c0043e04e381e96c509d617f9bfe79260575d2e52a23a3047ca756c2a50e3e4
GET /wp-content/uploads/2023/03/favicon.png HTTP/1.1
Host: descarga.ink
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://descarga.ink/engineeringsoftware/87/
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=e60037ff-0c60-45d9-b2b9-631a5b3cb57c%3A1%3A1; sb_main_36e480f9b5da9023529bccefc295338f=1; sb_count_36e480f9b5da9023529bccefc295338f=1; pp_main_ffb927d8765a7c99005c03149b95119e=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 22:49:59 GMT
content-type: image/png
last-modified: Wed, 13 Mar 2024 22:42:35 GMT
accept-ranges: bytes
content-length: 4957
date: Sat, 04 May 2024 22:49:59 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=157680000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
serversignature: Off
servertokens: Prod
x-permitted-cross-domain-policies: master-only
|
|
| threeinvincible.com/ren.gif?sid=H4sIAAAAAAAC%2F4xSX2gc1Re%2Bk19efiiCUp9EGNxaVNzNzOzu7ExrCTZpSmxsSho1ItjeuffO5nbvzB3vndnZ5EGKBembqz4UfJqcTVpb6z98EdQim4IPgULWpxXMg8%2BCD0LBPsmuweiTPS%2FnHL4D5%2Fu%2Bc97dyPaQAxkezr4s17kQeKpescxnVmz7mLnA46xjdjz3vFs7Zqr2Ud%2BtWM%2BapxhpySnHsi3LtmxzjisWys7UCASe3PLtim9Vak7Frtego%2F7d68wAjQ2g7T30GHA6mLxjHAJO%2BhBHX8wy3Upl8vzJKBM4lQra9PorcSuWeQzRQRkqA8L4%2Bv40SL07dxtkvDWmC7L992DAB8j44TYE8fV9khC0N8c8AwEshoA%2BBHm7D0z0geM%2BEHkZON1FAITCmUWIo2tnpMrx2l8oHqEDNHnvd%2BD5AE3%2BfAji6LMTgnfMc1JkKZexhk5YAO%2F0gTf7kGTbkK5PAM%2B3gaTvAKd30dS9BYijzUUtJHA6PMzqNCCNkJYZpV65ZjeqZc9zSJm5Nq66vhP6Ph0bxHkfeNgHwbqA9QRk2oCMG5CFBmSJAREdmsS27YZFCbY8n5AqbbDApZaNG6GNbcv1ICMjDV1Iky4Q0QWiLkGiLkGLvz9AxuQpUNn3oFcL0NQAnSJo0wJyhiDXCHKMIOcI8hRB3i62qNCOLq5RobPA3s%2FOfq4WPZk2N%2FCWTJssRoBVFxQtNpI99OjIReP1P36FFhuaVZfVPCv0gzrFvuVU644fEMJC4vj1atULQfMbM3Plaq3mnbeB6wnA2oB1PkCN3WOQ8AGaeGMDArwNWmwD4Y8Dzp4EnBeAVwtYj29RpglWTVzhcQuoLCBJJyFdMzbEHnpifNDZC9eAkZ3pTx%2FJuwghIKqARBVwkd9B0BRXeksyR5tLMtfoy8Uk5RFfx6Njn0txytDN02wtl4rOz%2BrujRfJCBiVt5aZThdwTHnc1OiTE5xSpuakIgx9N69fY8HZTK%2BeyFScJQtnZ%2Bbmo0QxrbmM%2B4D5bucFIHyAHv5pZfzFT9%2F9P3C1DSobvrSapok%2BOjXViUS5XasQIbMAk1bZrshY8JhNEcFJa5ofby5FM%2Fna6bcWnsvPW0eS43bDrnmu4%2Ft%2BZWSzXYUo25nuvXn%2Fwkg0l30gyeWPS6X5mcUzpdJw5T8XpatZFMSYiwdZdoRHzfQ4JzK%2BUSotzy8vnCyVvvrlo%2BK3r98zpRbyqPkqVpqJz0ul2ZPnZpbmzy7Pj3k8tZgkFKdMmZSnqYnjlLe5ynSiZFPhyIy3t0AnO2g%2FQEsEShz0QWJA%2FiC%2BJbzDHkhKTznBzvTKh%2Bm3F9%2B%2BD4IjEOxgHw4K0P%2Fog4O6p3A2PGzXrYBiOywHOPDLtbDByp5jBWXPwizwiEtDx%2BopzIsNfQWaagJwehniqIC2KqAtCsCiCzr7Xy9N1M70j9VxQCAmeoFQE5uBUOKD8VMP0OmrN0HzodmoVi3s%2BnW70cCsEdQcL3RtirFTcx3XxVVI9SB0v7n6JwAAAP%2F%2FAQAA%2F%2F%2Bct7%2BcDwYAAA%3D%3D | 172.240.253.132 | 200 OK | 7 B |
URL GET HTTP/1.1threeinvincible.com/ren.gif?sid=H4sIAAAAAAAC%2F4xSX2gc1Re%2Bk19efiiCUp9EGNxaVNzNzOzu7ExrCTZpSmxsSho1ItjeuffO5nbvzB3vndnZ5EGKBembqz4UfJqcTVpb6z98EdQim4IPgULWpxXMg8%2BCD0LBPsmuweiTPS%2FnHL4D5%2Fu%2Bc97dyPaQAxkezr4s17kQeKpescxnVmz7mLnA46xjdjz3vFs7Zqr2Ud%2BtWM%2BapxhpySnHsi3LtmxzjisWys7UCASe3PLtim9Vak7Frtego%2F7d68wAjQ2g7T30GHA6mLxjHAJO%2BhBHX8wy3Upl8vzJKBM4lQra9PorcSuWeQzRQRkqA8L4%2Bv40SL07dxtkvDWmC7L992DAB8j44TYE8fV9khC0N8c8AwEshoA%2BBHm7D0z0geM%2BEHkZON1FAITCmUWIo2tnpMrx2l8oHqEDNHnvd%2BD5AE3%2BfAji6LMTgnfMc1JkKZexhk5YAO%2F0gTf7kGTbkK5PAM%2B3gaTvAKd30dS9BYijzUUtJHA6PMzqNCCNkJYZpV65ZjeqZc9zSJm5Nq66vhP6Ph0bxHkfeNgHwbqA9QRk2oCMG5CFBmSJAREdmsS27YZFCbY8n5AqbbDApZaNG6GNbcv1ICMjDV1Iky4Q0QWiLkGiLkGLvz9AxuQpUNn3oFcL0NQAnSJo0wJyhiDXCHKMIOcI8hRB3i62qNCOLq5RobPA3s%2FOfq4WPZk2N%2FCWTJssRoBVFxQtNpI99OjIReP1P36FFhuaVZfVPCv0gzrFvuVU644fEMJC4vj1atULQfMbM3Plaq3mnbeB6wnA2oB1PkCN3WOQ8AGaeGMDArwNWmwD4Y8Dzp4EnBeAVwtYj29RpglWTVzhcQuoLCBJJyFdMzbEHnpifNDZC9eAkZ3pTx%2FJuwghIKqARBVwkd9B0BRXeksyR5tLMtfoy8Uk5RFfx6Njn0txytDN02wtl4rOz%2BrujRfJCBiVt5aZThdwTHnc1OiTE5xSpuakIgx9N69fY8HZTK%2BeyFScJQtnZ%2Bbmo0QxrbmM%2B4D5bucFIHyAHv5pZfzFT9%2F9P3C1DSobvrSapok%2BOjXViUS5XasQIbMAk1bZrshY8JhNEcFJa5ofby5FM%2Fna6bcWnsvPW0eS43bDrnmu4%2Ft%2BZWSzXYUo25nuvXn%2Fwkg0l30gyeWPS6X5mcUzpdJw5T8XpatZFMSYiwdZdoRHzfQ4JzK%2BUSotzy8vnCyVvvrlo%2BK3r98zpRbyqPkqVpqJz0ul2ZPnZpbmzy7Pj3k8tZgkFKdMmZSnqYnjlLe5ynSiZFPhyIy3t0AnO2g%2FQEsEShz0QWJA%2FiC%2BJbzDHkhKTznBzvTKh%2Bm3F9%2B%2BD4IjEOxgHw4K0P%2Fog4O6p3A2PGzXrYBiOywHOPDLtbDByp5jBWXPwizwiEtDx%2BopzIsNfQWaagJwehniqIC2KqAtCsCiCzr7Xy9N1M70j9VxQCAmeoFQE5uBUOKD8VMP0OmrN0HzodmoVi3s%2BnW70cCsEdQcL3RtirFTcx3XxVVI9SB0v7n6JwAAAP%2F%2FAQAA%2F%2F%2Bct7%2BcDwYAAA%3D%3D IP172.240.253.132:443
Requested byhttps://descarga.ink/engineeringsoftware/87/ CertificateIssuerLet's Encrypt Subjectthreeinvincible.com Fingerprint80:A7:5B:F8:68:36:7B:02:02:07:18:D1:59:E5:E8:BF:94:77:25:84 ValidityTue, 30 Apr 2024 15:27:42 GMT - Mon, 29 Jul 2024 15:27:41 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ren.gif?sid=H4sIAAAAAAAC%2F4xSX2gc1Re%2Bk19efiiCUp9EGNxaVNzNzOzu7ExrCTZpSmxsSho1ItjeuffO5nbvzB3vndnZ5EGKBembqz4UfJqcTVpb6z98EdQim4IPgULWpxXMg8%2BCD0LBPsmuweiTPS%2FnHL4D5%2Fu%2Bc97dyPaQAxkezr4s17kQeKpescxnVmz7mLnA46xjdjz3vFs7Zqr2Ud%2BtWM%2BapxhpySnHsi3LtmxzjisWys7UCASe3PLtim9Vak7Frtego%2F7d68wAjQ2g7T30GHA6mLxjHAJO%2BhBHX8wy3Upl8vzJKBM4lQra9PorcSuWeQzRQRkqA8L4%2Bv40SL07dxtkvDWmC7L992DAB8j44TYE8fV9khC0N8c8AwEshoA%2BBHm7D0z0geM%2BEHkZON1FAITCmUWIo2tnpMrx2l8oHqEDNHnvd%2BD5AE3%2BfAji6LMTgnfMc1JkKZexhk5YAO%2F0gTf7kGTbkK5PAM%2B3gaTvAKd30dS9BYijzUUtJHA6PMzqNCCNkJYZpV65ZjeqZc9zSJm5Nq66vhP6Ph0bxHkfeNgHwbqA9QRk2oCMG5CFBmSJAREdmsS27YZFCbY8n5AqbbDApZaNG6GNbcv1ICMjDV1Iky4Q0QWiLkGiLkGLvz9AxuQpUNn3oFcL0NQAnSJo0wJyhiDXCHKMIOcI8hRB3i62qNCOLq5RobPA3s%2FOfq4WPZk2N%2FCWTJssRoBVFxQtNpI99OjIReP1P36FFhuaVZfVPCv0gzrFvuVU644fEMJC4vj1atULQfMbM3Plaq3mnbeB6wnA2oB1PkCN3WOQ8AGaeGMDArwNWmwD4Y8Dzp4EnBeAVwtYj29RpglWTVzhcQuoLCBJJyFdMzbEHnpifNDZC9eAkZ3pTx%2FJuwghIKqARBVwkd9B0BRXeksyR5tLMtfoy8Uk5RFfx6Njn0txytDN02wtl4rOz%2BrujRfJCBiVt5aZThdwTHnc1OiTE5xSpuakIgx9N69fY8HZTK%2BeyFScJQtnZ%2Bbmo0QxrbmM%2B4D5bucFIHyAHv5pZfzFT9%2F9P3C1DSobvrSapok%2BOjXViUS5XasQIbMAk1bZrshY8JhNEcFJa5ofby5FM%2Fna6bcWnsvPW0eS43bDrnmu4%2Ft%2BZWSzXYUo25nuvXn%2Fwkg0l30gyeWPS6X5mcUzpdJw5T8XpatZFMSYiwdZdoRHzfQ4JzK%2BUSotzy8vnCyVvvrlo%2BK3r98zpRbyqPkqVpqJz0ul2ZPnZpbmzy7Pj3k8tZgkFKdMmZSnqYnjlLe5ynSiZFPhyIy3t0AnO2g%2FQEsEShz0QWJA%2FiC%2BJbzDHkhKTznBzvTKh%2Bm3F9%2B%2BD4IjEOxgHw4K0P%2Fog4O6p3A2PGzXrYBiOywHOPDLtbDByp5jBWXPwizwiEtDx%2BopzIsNfQWaagJwehniqIC2KqAtCsCiCzr7Xy9N1M70j9VxQCAmeoFQE5uBUOKD8VMP0OmrN0HzodmoVi3s%2BnW70cCsEdQcL3RtirFTcx3XxVVI9SB0v7n6JwAAAP%2F%2FAQAA%2F%2F%2Bct7%2BcDwYAAA%3D%3D HTTP/1.1
Host: threeinvincible.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://descarga.ink/
Cookie: u_pl=22673900; uid_id2=e5dbc7fd-edd8-4173-882c-e61a3692f99d:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 22:49:59 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 387d8174fe6d69666544f6b8ec8854e5
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js | 142.250.74.35 | 200 OK | 206 kB |
URL GET HTTP/2www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js IP142.250.74.35:443
Requested byhttps://descarga.ink/engineeringsoftware/87/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeJavaScript source, ASCII text, with very long lines (631) Size206 kB (205803 bytes) Hashe2e79d6b927169d9e0e57e3baecc0993 1299473950b2999ba0b7f39bd5e4a60eafd1819d 231336ed913a5ebd4445b85486e053caf2b81cab91318241375f3f7a245b6c6b
GET /recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://descarga.ink
DNT: 1
Connection: keep-alive
Referer: https://descarga.ink/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 205803
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:56:11 GMT
expires: Fri, 02 May 2025 01:56:11 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2024 21:03:35 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 248028
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.cloudimagesb.com/cti/5c/10/b0/5c10b0b28e7a0e9d7e61bd8d09bee3db/1658920078.png | 45.133.44.9 | 200 OK | 106 kB |
URL GET HTTP/2cdn.cloudimagesb.com/cti/5c/10/b0/5c10b0b28e7a0e9d7e61bd8d09bee3db/1658920078.png IP45.133.44.9:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://descarga.ink/engineeringsoftware/87/ CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typePNG image data, 728 x 90, 8-bit/color RGBA, non-interlaced Size106 kB (105910 bytes) Hasha36b92bb68d9b579458560ba9b94862a 782d2932ccd3a56e5aad1cca7e6e7fb4a3cf23d6 9de12cf85ad80cae34d8bdaeb59169d75e3bd4f8b931ec90ea2c3be166647c0e
GET /cti/5c/10/b0/5c10b0b28e7a0e9d7e61bd8d09bee3db/1658920078.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 22:49:59 GMT
content-type: image/png
content-length: 105910
server: nginx/1.21.6
last-modified: Wed, 27 Jul 2022 11:08:06 GMT
etag: "62e11c96-19db6"
expires: Mon, 06 May 2024 22:49:59 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/notifications/rtb/msngr_1/social-media/instagram/1/img/number.png | 188.114.97.1 | 200 OK | 1.1 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/notifications/rtb/msngr_1/social-media/instagram/1/img/number.png IP188.114.97.1:443
Requested byhttps://descarga.ink/engineeringsoftware/87/ CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typePNG image data, 43 x 43, 8-bit/color RGBA, non-interlaced Hash9e4414e85c588bf7db195e49c02ab2bb 09254e79b255f1b2dfe45adbbe44583a4b433782 0b977ec6e7cf5d35df03cd3a8041f5f523f5d4059ac67c152c0a7b613e20b762
GET /sb/notifications/rtb/msngr_1/social-media/instagram/1/img/number.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 22:49:59 GMT
content-type: image/png
content-length: 1138
last-modified: Fri, 19 Jan 2024 14:28:03 GMT
etag: "65aa86f3-472"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 368989
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LMsXKJwDjkWC39FPJcu3SMqiQGVPYsJwbwp1v7KMH3B%2FfuDn%2BfQnfKCx%2F8lzzsEEs307vVB5Lm2QKOAriSD%2BqiGfks%2FQImrP%2FVzkGRvRrPro%2BoqDNLJn1Us5bJFENYigy%2FhAHIZTv92K"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ec0c150a2fb4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/notifications/rtb/msngr_1/social-media/instagram/1/img/close.png | 188.114.97.1 | 200 OK | 6.3 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/notifications/rtb/msngr_1/social-media/instagram/1/img/close.png IP188.114.97.1:443
Requested byhttps://descarga.ink/engineeringsoftware/87/ CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typePNG image data, 500 x 500, 8-bit gray+alpha, non-interlaced Hash79d4fc0209580bf8b6a7190bd944f9e5 7377bfc3095b86ac5d220c5052d9b9f7a44e5506 39724e1379deb5afe7ea9139a57b6e9ada37d9db28302083b23c941ebf40b8d1
GET /sb/notifications/rtb/msngr_1/social-media/instagram/1/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 22:49:59 GMT
content-type: image/png
content-length: 6318
last-modified: Fri, 19 Jan 2024 14:28:03 GMT
etag: "65aa86f3-18ae"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 368989
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=phLRdsbDS5ew6Xsn7AYGR%2BzPDDFf%2FWBLPYMjBQybHsFLCPkCOGJ%2BrdzaL7KyMjFiy9bGG7Ehfc1o87NqUADmpJN%2BUpzBSDt1LBML%2FnIpKEK5XvrhL%2FN0nli8bIyCodxHND6BlbB7Kg6B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ec0c150a35b4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap | 142.250.74.106 | 200 OK | 1.2 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap IP142.250.74.106:443
Requested byhttps://descarga.ink/engineeringsoftware/87/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typegzip compressed data, max compression Hashd7f194b9ecb48cc1f7732aa11f657af8 78bf4b130952a61d8c6c199b28ba35e75efc5521 5d1db349bd4390728870488442f17c7eb56399a95005b3d423dc2dfdce5c0454
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 22:50:00 GMT
date: Sat, 04 May 2024 22:50:00 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/notifications/rtb/msngr_1/social-media/instagram/1/css/animate.css | 188.114.97.1 | 200 OK | 5.4 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/notifications/rtb/msngr_1/social-media/instagram/1/css/animate.css IP188.114.97.1:443
Requested byhttps://descarga.ink/engineeringsoftware/87/ CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
Hash3d4123dbfb33d27a5cfdfcfa91df6783 e7d0eeeec54b848f0bc3da8685fa3bc88429d660 cb7d1393b65701b2f97d8da244c2c6023e9cbc3463ecb0136b915cfc775c6887
GET /sb/notifications/rtb/msngr_1/social-media/instagram/1/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://descarga.ink
DNT: 1
Connection: keep-alive
Referer: https://descarga.ink/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 22:50:00 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:28:03 GMT
etag: W/"65aa86f3-13361"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jGbh4QLHcFl7b4Eoe2kz%2BrDPBCX5YrkTpQZgQfIAXezEeTO%2BEnhRXDh5X8EGqwcTS1%2FZQ5xNY40a5ZSfAZbOTHTBC2Q%2Bt9TY1ea58%2BHaDL822sKH673whw4OCKvBTBf7NA3ESde7cwhe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ec0c150afa56ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| downstairsnegotiatebarren.com/sfp.js | 172.67.180.87 | 200 OK | 28 kB |
URL GET HTTP/2downstairsnegotiatebarren.com/sfp.js IP172.67.180.87:443
Requested byhttps://descarga.ink/engineeringsoftware/87/ CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint5D:DB:CB:C6:CE:2A:8B:34:7D:BC:43:74:33:1D:5F:77:48:F7:BC:1B ValidityThu, 02 May 2024 21:26:34 GMT - Wed, 31 Jul 2024 21:26:33 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators Hashf4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://descarga.ink/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 22:49:58 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 99c9c5c34e645c2016cb6c06a70589f7
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 04 May 2024 22:49:58 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FGB2ONBAC74zvXxob4DDUPzfl1hU0nHX8R2VGY6kTQUvo5XaH67vS1K3hPE2RVEMYciYDt2N%2BELzq6D4YsDJQjp6ujalAC88HqiTBtWqfkSste8v%2F6OSOeFiLIt%2BRLmcljL%2FO5pJiHcFKUvVuHHOYA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ec0c0caf55712f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| unseenreport.com/pxf.gif?uuid=e60037ff-0c60-45d9-b2b9-631a5b3cb57c&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=ffb927d8765a7c99005c03149b95119e&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=22 | 192.243.59.13 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=e60037ff-0c60-45d9-b2b9-631a5b3cb57c&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=ffb927d8765a7c99005c03149b95119e&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=22 IP192.243.59.13:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://descarga.ink/engineeringsoftware/87/ CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=e60037ff-0c60-45d9-b2b9-631a5b3cb57c&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=ffb927d8765a7c99005c03149b95119e&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=22 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://descarga.ink/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 22:50:00 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 14b897e2115dea07a5f884421d0ae061
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| cdn.creative-bars1.com/sb/notifications/rtb/msngr_1/social-media/instagram/1/js/script.js | 188.114.97.1 | 200 OK | 190 B |
URL GET HTTP/2cdn.creative-bars1.com/sb/notifications/rtb/msngr_1/social-media/instagram/1/js/script.js IP188.114.97.1:443
Requested byhttps://descarga.ink/engineeringsoftware/87/ CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
Hash5ca8c1679ba9453cfa512e01d6fec9c5 45628341eb20e4acee5e812d3b2dfc8f23962daf 520a0196a18cbe656f7382a02ec828125e68bdac511b9ebe2bf27f31e262d037
GET /sb/notifications/rtb/msngr_1/social-media/instagram/1/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://descarga.ink
DNT: 1
Connection: keep-alive
Referer: https://descarga.ink/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 22:50:00 GMT
content-type: application/javascript
last-modified: Fri, 19 Jan 2024 14:28:03 GMT
etag: W/"65aa86f3-182"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kUw9ufybiJGdKSNUFlWsHUTOFxknG5%2F56%2F%2F5t7mryaeVbvE6nHmmaWLshgKh2ljtzHNphLoPyDouErZo0wun4CvXrNGeD0wiVRqz14o5zUanZodUjQqen1X9kBPWvSdMDSEmdXR0CjlF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ec0c150af456ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP216.58.207.227:443
Requested byhttps://descarga.ink/engineeringsoftware/87/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0 Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://descarga.ink
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:55:00 GMT
expires: Fri, 02 May 2025 01:55:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 248100
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| static.pdn-1.com/n159/ad/192x192_SBUJJe3A.jpg | 23.36.76.160 | 200 OK | 4.8 kB |
URL GET HTTP/1.1static.pdn-1.com/n159/ad/192x192_SBUJJe3A.jpg IP23.36.76.160:443 ASN#20940 Akamai International B.V.
Requested byhttps://descarga.ink/engineeringsoftware/87/ CertificateIssuerLet's Encrypt Subjectstatic.pdn-1.com Fingerprint92:4B:0C:C7:10:81:E6:CE:3F:3E:2A:E1:77:DA:5F:50:71:B3:36:97 ValidityMon, 25 Mar 2024 20:12:40 GMT - Sun, 23 Jun 2024 20:12:39 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3 Hash4d6c90e12273df0bb20192091bb6e037 a4387afe6d3c11f104af2d09c533fd8f775ebf20 7b5f9fbfe3f23164cc1fb1ff332a0e38300fe887ee7b5f7287bdaa0c1b9283c2
GET /n159/ad/192x192_SBUJJe3A.jpg HTTP/1.1
Host: static.pdn-1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: image/jpeg
Content-Length: 4805
Last-Modified: Wed, 17 Apr 2024 10:15:08 GMT
ETag: "661fa12c-12c5"
Accept-Ranges: bytes
Cache-Control: max-age=86357
Expires: Sun, 05 May 2024 22:49:17 GMT
Date: Sat, 04 May 2024 22:50:00 GMT
Connection: keep-alive
X-Forward-Proto: http
CDN-Origin-Protocol: HTTP
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.227:443
Requested byhttps://descarga.ink/engineeringsoftware/87/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://descarga.ink
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 09:28:37 GMT
expires: Sun, 04 May 2025 09:28:37 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 48083
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| threeinvincible.com/impr.gif?sid=H4sIAAAAAAAC%2F4xST2hc1Re%2BL79sfiiCUlciPJxaVJzJe%2FP3vdYSbNKU2NiUNGpEsL3%2F3uR27nv3ee978yZZSLEg3TnqouDq5UzS2lr%2F4UZQi0wKLgKFjKsRzMK14EIo2JXMGIyu7Nmcc%2Fg%2BON%2F5znl3I91DZUjxcPZltS6kxFO1kmM%2Fs%2BK6x%2BwFEaUdu%2BPVz9erx2zdPurXS86z9ilOW2qq7LiO4zquPSc0D1RnagSCiG%2F5bsl3StVyya1VoaP%2F3ZvUAoMtYO099BgINpi8Yx0CQfsQhV%2FMctNKVPz8yTCVOFEa2uz6K1ErUlkE4UEZaAuC6Po%2BG5TZnbsNKtoaywXV%2FptIxABZP9wGEl3fFwmkvTnWSSTwCAh7CLJ2H7jsg8B9oOoyCLaLACiDM4sQhdfOKJ3htb9QPEIHaPLe7yCyAZr8%2BRBE4WcnpOjY55RME6EiA50gB9Hpg2j2IU63IVmfAJFtA03eAcHuoql7CxCFm4tGKhBseJjXGKGNgBU5Y16x6jYqRc8r0yKvu7hS98uB77OxQUL0QQR9kLwL2ExAaixIhQVpYEEaWxCyoU1d1204jGLH8ymtsAYndea4uBG42HXqHqR0tEMXkrgLVHaB6ksQ60vQEu8PkDV5CnT6PZjVHAyzwCQI2iyHjCPIDIIMI8gEgixBkLXzLSZN2eTXmDQpcfdzeT9X8p5Kmht4SyVNHiHAugua5RvxHnp05KL1%2Bh%2B%2FQosP7UqdVz0n8EmNYd8pV2pln1DKA1r2a5WKF4ARN2bmipVq1TvvgjATgI0F62KAGrvHIBYDNPHGBhC8DUZuAxWPA06fBJzlgFdzWI9uMW4o1k1cElELmMohTiYhWbM25B56YnzQ2QvXgNOd6U8fyboIIaA6h1jncFHcQdCUV3pLKkObSyoz6MvFOBGhWMejY59LcMLRzdN8LVOazc%2Ba7o0X6QgYlbeWuUkWcMRE1DTokxOCMa7nlKYcfTdvXuPkbGpWT6Q6SuOFszNz82GsuTFCRX3AYrfzAlAxQA%2F%2FtDL%2B4qfv%2Fh%2BE3gadDl9aTZLYHJ2a6oSy2K6WqFQpwbRVdEsqkiLiU1QK2poWx5tL4Uy2dvqtheey886R%2BLjbcKtevez7fmlks1uBMN2Z7r15%2F8JoaaH6QOPLNwqF5fnlhZOFwle%2FfJT%2F9vV7tjJSHbVfxdpw%2BXmhMHvy3MzS%2FNnl%2BcUzhcLwqcU4Zjjh2mYiSWwcJaItdGpirZoah3a0vfVxoTA%2FMyav%2FKf0ZDUNSYSFfBD5R0TYTI4LqiIw8Q7aDzAKgZYHPYktyB7Et1h0%2BAMN7uky2Zle%2BTD59uLb90EKBJIfzMMkB%2FOPnhzUPY3T4WG35hCG3aBIMPGL1aDBi17ZIUXPwZx4tM6CstPTWOQb5go09QTg5DJEYQ5tnUNb5oBlF0z6v14S653pHyvjACInekTqiU0itfxg%2FNQDdPrqTTBiaFcc1iA84A3Cq7VqwCkjtRpxaEBJhXkehcQMgvo3V%2F8EAAD%2F%2FwEAAP%2F%2FEZRRWQ8GAAA%3D | 172.240.253.132 | 200 OK | 7 B |
URL GET HTTP/1.1threeinvincible.com/impr.gif?sid=H4sIAAAAAAAC%2F4xST2hc1Re%2BL79sfiiCUlciPJxaVJzJe%2FP3vdYSbNKU2NiUNGpEsL3%2F3uR27nv3ee978yZZSLEg3TnqouDq5UzS2lr%2F4UZQi0wKLgKFjKsRzMK14EIo2JXMGIyu7Nmcc%2Fg%2BON%2F5znl3I91DZUjxcPZltS6kxFO1kmM%2Fs%2BK6x%2BwFEaUdu%2BPVz9erx2zdPurXS86z9ilOW2qq7LiO4zquPSc0D1RnagSCiG%2F5bsl3StVyya1VoaP%2F3ZvUAoMtYO099BgINpi8Yx0CQfsQhV%2FMctNKVPz8yTCVOFEa2uz6K1ErUlkE4UEZaAuC6Po%2BG5TZnbsNKtoaywXV%2FptIxABZP9wGEl3fFwmkvTnWSSTwCAh7CLJ2H7jsg8B9oOoyCLaLACiDM4sQhdfOKJ3htb9QPEIHaPLe7yCyAZr8%2BRBE4WcnpOjY55RME6EiA50gB9Hpg2j2IU63IVmfAJFtA03eAcHuoql7CxCFm4tGKhBseJjXGKGNgBU5Y16x6jYqRc8r0yKvu7hS98uB77OxQUL0QQR9kLwL2ExAaixIhQVpYEEaWxCyoU1d1204jGLH8ymtsAYndea4uBG42HXqHqR0tEMXkrgLVHaB6ksQ60vQEu8PkDV5CnT6PZjVHAyzwCQI2iyHjCPIDIIMI8gEgixBkLXzLSZN2eTXmDQpcfdzeT9X8p5Kmht4SyVNHiHAugua5RvxHnp05KL1%2Bh%2B%2FQosP7UqdVz0n8EmNYd8pV2pln1DKA1r2a5WKF4ARN2bmipVq1TvvgjATgI0F62KAGrvHIBYDNPHGBhC8DUZuAxWPA06fBJzlgFdzWI9uMW4o1k1cElELmMohTiYhWbM25B56YnzQ2QvXgNOd6U8fyboIIaA6h1jncFHcQdCUV3pLKkObSyoz6MvFOBGhWMejY59LcMLRzdN8LVOazc%2Ba7o0X6QgYlbeWuUkWcMRE1DTokxOCMa7nlKYcfTdvXuPkbGpWT6Q6SuOFszNz82GsuTFCRX3AYrfzAlAxQA%2F%2FtDL%2B4qfv%2Fh%2BE3gadDl9aTZLYHJ2a6oSy2K6WqFQpwbRVdEsqkiLiU1QK2poWx5tL4Uy2dvqtheey886R%2BLjbcKtevez7fmlks1uBMN2Z7r15%2F8JoaaH6QOPLNwqF5fnlhZOFwle%2FfJT%2F9vV7tjJSHbVfxdpw%2BXmhMHvy3MzS%2FNnl%2BcUzhcLwqcU4Zjjh2mYiSWwcJaItdGpirZoah3a0vfVxoTA%2FMyav%2FKf0ZDUNSYSFfBD5R0TYTI4LqiIw8Q7aDzAKgZYHPYktyB7Et1h0%2BAMN7uky2Zle%2BTD59uLb90EKBJIfzMMkB%2FOPnhzUPY3T4WG35hCG3aBIMPGL1aDBi17ZIUXPwZx4tM6CstPTWOQb5go09QTg5DJEYQ5tnUNb5oBlF0z6v14S653pHyvjACInekTqiU0itfxg%2FNQDdPrqTTBiaFcc1iA84A3Cq7VqwCkjtRpxaEBJhXkehcQMgvo3V%2F8EAAD%2F%2FwEAAP%2F%2FEZRRWQ8GAAA%3D IP172.240.253.132:443
Requested byhttps://descarga.ink/engineeringsoftware/87/ CertificateIssuerLet's Encrypt Subjectthreeinvincible.com Fingerprint80:A7:5B:F8:68:36:7B:02:02:07:18:D1:59:E5:E8:BF:94:77:25:84 ValidityTue, 30 Apr 2024 15:27:42 GMT - Mon, 29 Jul 2024 15:27:41 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /impr.gif?sid=H4sIAAAAAAAC%2F4xST2hc1Re%2BL79sfiiCUlciPJxaVJzJe%2FP3vdYSbNKU2NiUNGpEsL3%2F3uR27nv3ee978yZZSLEg3TnqouDq5UzS2lr%2F4UZQi0wKLgKFjKsRzMK14EIo2JXMGIyu7Nmcc%2Fg%2BON%2F5znl3I91DZUjxcPZltS6kxFO1kmM%2Fs%2BK6x%2BwFEaUdu%2BPVz9erx2zdPurXS86z9ilOW2qq7LiO4zquPSc0D1RnagSCiG%2F5bsl3StVyya1VoaP%2F3ZvUAoMtYO099BgINpi8Yx0CQfsQhV%2FMctNKVPz8yTCVOFEa2uz6K1ErUlkE4UEZaAuC6Po%2BG5TZnbsNKtoaywXV%2FptIxABZP9wGEl3fFwmkvTnWSSTwCAh7CLJ2H7jsg8B9oOoyCLaLACiDM4sQhdfOKJ3htb9QPEIHaPLe7yCyAZr8%2BRBE4WcnpOjY55RME6EiA50gB9Hpg2j2IU63IVmfAJFtA03eAcHuoql7CxCFm4tGKhBseJjXGKGNgBU5Y16x6jYqRc8r0yKvu7hS98uB77OxQUL0QQR9kLwL2ExAaixIhQVpYEEaWxCyoU1d1204jGLH8ymtsAYndea4uBG42HXqHqR0tEMXkrgLVHaB6ksQ60vQEu8PkDV5CnT6PZjVHAyzwCQI2iyHjCPIDIIMI8gEgixBkLXzLSZN2eTXmDQpcfdzeT9X8p5Kmht4SyVNHiHAugua5RvxHnp05KL1%2Bh%2B%2FQosP7UqdVz0n8EmNYd8pV2pln1DKA1r2a5WKF4ARN2bmipVq1TvvgjATgI0F62KAGrvHIBYDNPHGBhC8DUZuAxWPA06fBJzlgFdzWI9uMW4o1k1cElELmMohTiYhWbM25B56YnzQ2QvXgNOd6U8fyboIIaA6h1jncFHcQdCUV3pLKkObSyoz6MvFOBGhWMejY59LcMLRzdN8LVOazc%2Ba7o0X6QgYlbeWuUkWcMRE1DTokxOCMa7nlKYcfTdvXuPkbGpWT6Q6SuOFszNz82GsuTFCRX3AYrfzAlAxQA%2F%2FtDL%2B4qfv%2Fh%2BE3gadDl9aTZLYHJ2a6oSy2K6WqFQpwbRVdEsqkiLiU1QK2poWx5tL4Uy2dvqtheey886R%2BLjbcKtevez7fmlks1uBMN2Z7r15%2F8JoaaH6QOPLNwqF5fnlhZOFwle%2FfJT%2F9vV7tjJSHbVfxdpw%2BXmhMHvy3MzS%2FNnl%2BcUzhcLwqcU4Zjjh2mYiSWwcJaItdGpirZoah3a0vfVxoTA%2FMyav%2FKf0ZDUNSYSFfBD5R0TYTI4LqiIw8Q7aDzAKgZYHPYktyB7Et1h0%2BAMN7uky2Zle%2BTD59uLb90EKBJIfzMMkB%2FOPnhzUPY3T4WG35hCG3aBIMPGL1aDBi17ZIUXPwZx4tM6CstPTWOQb5go09QTg5DJEYQ5tnUNb5oBlF0z6v14S653pHyvjACInekTqiU0itfxg%2FNQDdPrqTTBiaFcc1iA84A3Cq7VqwCkjtRpxaEBJhXkehcQMgvo3V%2F8EAAD%2F%2FwEAAP%2F%2FEZRRWQ8GAAA%3D HTTP/1.1
Host: threeinvincible.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://descarga.ink/
Cookie: u_pl=22673900; uid_id2=e5dbc7fd-edd8-4173-882c-e61a3692f99d:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 22:50:00 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9f134a01ef0fb5a31d16bea097ceea95
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| threeinvincible.com/pixel/sbs?c=1 | 172.240.253.132 | 200 OK | 0 B |
URL GET HTTP/1.1threeinvincible.com/pixel/sbs?c=1 IP172.240.253.132:443
Requested byhttps://descarga.ink/engineeringsoftware/87/ CertificateIssuerLet's Encrypt Subjectthreeinvincible.com Fingerprint80:A7:5B:F8:68:36:7B:02:02:07:18:D1:59:E5:E8:BF:94:77:25:84 ValidityTue, 30 Apr 2024 15:27:42 GMT - Mon, 29 Jul 2024 15:27:41 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbs?c=1 HTTP/1.1
Host: threeinvincible.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://descarga.ink/
Cookie: u_pl=22673900; uid_id2=e5dbc7fd-edd8-4173-882c-e61a3692f99d:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 22:50:00 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.barscreative1.com/sb/notifications/rtb/msngr_1/social-media/instagram/1/index.html | 45.133.44.3 | 200 OK | 1.2 kB |
URL GET HTTP/2cdn.barscreative1.com/sb/notifications/rtb/msngr_1/social-media/instagram/1/index.html IP45.133.44.3:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://descarga.ink/engineeringsoftware/87/ CertificateIssuerLet's Encrypt Subjectcdn.barscreative1.com FingerprintF6:54:F4:B9:EB:AD:1E:FA:8F:76:B9:75:20:9B:41:57:32:37:94:E3 ValiditySun, 10 Mar 2024 03:01:32 GMT - Sat, 08 Jun 2024 03:01:31 GMT
File typeHTML document, ASCII text, with very long lines (1247), with no line terminators Hashd7e9bbdc14a6a43c585e317362083462 b534aa26ca00c609f983494f41e9d51324cf5922 c4d52e3945909d212f8f49c517f65dfe254cdd54e21d0e4ce12eb233aa73fcb4
GET /sb/notifications/rtb/msngr_1/social-media/instagram/1/index.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://descarga.ink
DNT: 1
Connection: keep-alive
Referer: https://descarga.ink/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 22:49:59 GMT
content-type: text/html; charset=utf-8
server: nginx/1.21.6
last-modified: Fri, 19 Jan 2024 14:28:03 GMT
etag: W/"65aa86f3-49a"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Sat, 04 May 2024 23:49:59 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/notifications/rtb/msngr_1/social-media/instagram/1/css/style.css | 188.114.97.1 | 200 OK | 5.0 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/notifications/rtb/msngr_1/social-media/instagram/1/css/style.css IP188.114.97.1:443
Requested byhttps://descarga.ink/engineeringsoftware/87/ CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeASCII text, with very long lines (5256), with no line terminators Hash20fc3575e1f60756b6fc80254e6949be fa0debcf63ba783ca6aad97674fcb9c4ce823095 b594ebf5062e8f2f8e88dc97e9dc2a8343d3a8b1dcc09e3d9e97b1a84e296f9b
GET /sb/notifications/rtb/msngr_1/social-media/instagram/1/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://descarga.ink
DNT: 1
Connection: keep-alive
Referer: https://descarga.ink/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 22:50:00 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:28:03 GMT
etag: W/"65aa86f3-137e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jd1R9R2REk5XZrkxK6LIizeOf%2FDpU9JVZuNH93z%2B2btUzXW6qXJkUEJD4z8UBkZyJrXbs41v5PppIuIeO8%2Fwuk1ojQv2%2B6OHkFDa%2FH1dDCnSTb4p7XLl6pAmZkMLSOLyHtuV6XZlBdgf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ec0c150afd56ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| descarga.ink/engineeringsoftware/87/ | 107.189.31.193 | 200 OK | 43 kB |
URL User Request GET HTTP/2descarga.ink/engineeringsoftware/87/ IP107.189.31.193:443
CertificateIssuerLet's Encrypt Subjectdescarga.ink Fingerprint00:8A:3C:75:4A:06:E2:E1:15:2B:DD:B2:C9:FE:12:58:03:16:FD:8B ValidityThu, 07 Mar 2024 20:22:33 GMT - Wed, 05 Jun 2024 20:22:32 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /engineeringsoftware/87/ HTTP/1.1
Host: descarga.ink
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-powered-by: PHP/7.4.33
content-type: text/html; charset=UTF-8
x-ua-compatible: IE=edge
link: <https://descarga.ink/wp-json/>; rel="https://api.w.org/", <https://descarga.ink/wp-json/wp/v2/posts/87>; rel="alternate"; type="application/json", <https://descarga.ink/?p=87>; rel=shortlink
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 May 2024 22:49:57 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=157680000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
serversignature: Off
servertokens: Prod
x-permitted-cross-domain-policies: master-only
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
|
|
| xml-v4.clouback-1.online/thumbnail?i=gRmCwyKqL*w_0&p=1714862999.235213&imgt=icon | 173.239.53.32 | 302 Found | 4.8 kB |
URL GET HTTP/1.1xml-v4.clouback-1.online/thumbnail?i=gRmCwyKqL*w_0&p=1714862999.235213&imgt=icon IP173.239.53.32:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://descarga.ink/engineeringsoftware/87/ CertificateIssuerLet's Encrypt Subjectclouback-1.online Fingerprint49:43:16:99:23:3B:84:3A:78:AF:92:AB:48:34:70:1F:61:2B:70:E2 ValidityWed, 24 Apr 2024 14:28:10 GMT - Tue, 23 Jul 2024 14:28:09 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /thumbnail?i=gRmCwyKqL*w_0&p=1714862999.235213&imgt=icon HTTP/1.1
Host: xml-v4.clouback-1.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 04 May 2024 22:50:00 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://static.pdn-1.com/n159/ad/192x192_SBUJJe3A.jpg
|
|
| unseenreport.com/pxf.gif?uuid=e60037ff-0c60-45d9-b2b9-631a5b3cb57c&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=36e480f9b5da9023529bccefc295338f&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=22 | 192.243.59.13 | 200 OK | 0 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=e60037ff-0c60-45d9-b2b9-631a5b3cb57c&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=36e480f9b5da9023529bccefc295338f&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=22 IP192.243.59.13:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://descarga.ink/engineeringsoftware/87/ CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=e60037ff-0c60-45d9-b2b9-631a5b3cb57c&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=36e480f9b5da9023529bccefc295338f&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=22 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://descarga.ink/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 22:50:00 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bd942d109c5875c5ca14ba09e0bc79cb
Strict-Transport-Security: max-age=0; includeSubdomains
|
|