Report - citrinocoin.co/wells/wells-fargo-security-update/login.php?cmd=login_submit&id=388a2a77a3986d90bbd7197d592404fc388a2a77a3986d90bbd7197d592404fc&session=388a2a77a3986d90bbd7197d592404fc388a2a77a3986d90bbd7197d592404fc

Report Overview

Visited public
2023-09-21 18:00:58
Tags
Submit Tags
URL
citrinocoin.co/wells/wells-fargo-security-update/login.php?cmd=login_submit&id=388a2a77a3986d90bbd7197d592404fc388a2a77a3986d90bbd7197d592404fc&session=388a2a77a3986d90bbd7197d592404fc388a2a77a3986d90bbd7197d592404fc
Finishing URL
ww1.citrinocoin.co/
IP / ASN
185.107.56.209
#43350 NForce Entertainment B.V.
Title
Citrinocoin.co

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ww1.citrinocoin.co	unknown	unknown	No data	No data	2.6 kB	74 kB	199.59.243.224
ocsp.pki.goog	175	2016-06-13	2018-07-01 08:43:07	2023-09-21 05:09:09	1.3 kB	2.8 kB	172.217.21.163
www.google.com	7	1997-09-15	2015-05-10 13:11:19	2023-09-20 20:05:47	3.1 kB	63 kB	142.250.74.132
afs.googleusercontent.com	12123	2008-11-17	2013-05-06 21:11:00	2023-09-21 05:11:25	981 B	2.1 kB	142.250.74.97
citrinocoin.co	unknown	2023-05-03	2021-12-24 18:42:15	2023-09-21 19:59:55	2.7 kB	1.7 kB	185.107.56.209

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (5)

	URL	From	Size	First Seen	Last Seen
	ww1.citrinocoin.co/	ScriptElement	307 B	2024-08-21	2024-08-21
Pretty URL ww1.citrinocoin.co/ IP 199.59.243.224 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-21 06:09 Last Seen2024-08-21 06:09 Times Seen1 Hash 61c1cadf848c83c049600c2b27915170 85c6dadaaa9c68519bfd39f3747f42f6e83be826 7f8111415a44387f1ccc9155d175af25f7259d267349ea68471d6c0f6432337a Loading...

	ww1.citrinocoin.co/aTqGGzhKX.js	ScriptElement	68 kB	2023-08-11	2023-09-26
Pretty URL ww1.citrinocoin.co/aTqGGzhKX.js IP 199.59.243.224 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-11 01:02 Last Seen2023-09-26 15:04 Times Seen7775 Hash 3ef0d214cbad58830beddd8bffd52c13 b6afe664ac6da2b0afccae8fb8782acaa9b7c6c9 7128591ce2852ff92fd3ca220b9fdd6e99a901dd2e4164ba264e5a0b9a19965b Loading...

	www.google.com/adsense/domains/caf.js	ScriptElement	152 kB	2023-09-20	2024-08-21
Pretty URL www.google.com/adsense/domains/caf.js IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-20 19:19 Last Seen2024-08-21 06:13 Times Seen67 Hash dcba2ad851b6b5cd8d29eca79ce1e4ee 7c7394b8ddcc3758817fa5890be679c68d7cc4e1 9f71e1182251ed7914ebfcce742d527e104b69be4d1f4ba68ee07ce1bb17c415 Loading...

	www.google.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol202%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol318%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol472&client=dp-bodis30_3ph&r=m&hl=en&rpbu=http%3A%2F%2Fww1.citrinocoin.co%3Fcaf%26&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2298147197369106&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301293%2C17301321%2C17301323&format=r3&nocache=4821695319243654&num=0&output=afd_ads&domain_name=ww1.citrinocoin.co&v=3&bsl=8&pac=0&u_his=3&u_tz=0&dt=1695319243657&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1264&psh=79&frm=0&cl=564420743&uio=-&cont=rs&jsid=caf&jsv=564420743&rurl=http%3A%2F%2Fww1.citrinocoin.co%2F&adbw=master-1%3A1264	ScriptElement	1.6 kB	2024-08-21	2024-08-21
Pretty URL www.google.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol202%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol318%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol472&client=dp-bodis30_3ph&r=m&hl=en&rpbu=http%3A%2F%2Fww1.citrinocoin.co%3Fcaf%26&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2298147197369106&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301293%2C17301321%2C17301323&format=r3&nocache=4821695319243654&num=0&output=afd_ads&domain_name=ww1.citrinocoin.co&v=3&bsl=8&pac=0&u_his=3&u_tz=0&dt=1695319243657&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1264&psh=79&frm=0&cl=564420743&uio=-&cont=rs&jsid=caf&jsv=564420743&rurl=http%3A%2F%2Fww1.citrinocoin.co%2F&adbw=master-1%3A1264 IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-21 06:09 Last Seen2024-08-21 06:09 Times Seen1 Hash dc63f0901eb3eb02806a513910b1b467 3266a65b7978ef9bc913688d1fed5337561e1208 aad76e7191a4a84668844edad769ae585214e986b5db0108f0f0c32122a0dc8c Loading...

	www.google.com/adsense/domains/caf.js	ScriptElement	152 kB	2023-09-21	2024-08-21
Pretty URL www.google.com/adsense/domains/caf.js IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-21 07:43 Last Seen2024-08-21 06:11 Times Seen42 Hash 97ce0f9da1949d48d03041fed5871715 e2dc3d1421f06d833510e04e91176d17cdd3c50a a7290dc0f85995045abb4f0d53469dd6916cb39f4dffa6ab854e88a0d1fe290b Loading...

HTTP Transactions (19)

	URL	IP	Response	Size
	citrinocoin.co/wells/wells-fargo-security-update/login.php?cmd=login_submit&id=388a2a77a3986d90bbd7197d592404fc388a2a77a3986d90bbd7197d592404fc&session=388a2a77a3986d90bbd7197d592404fc388a2a77a3986d90bbd7197d592404fc	185.107.56.209		677 B
URL citrinocoin.co/wells/wells-fargo-security-update/login.php?cmd=login_submit&id=388a2a77a3986d90bbd7197d592404fc388a2a77a3986d90bbd7197d592404fc&session=388a2a77a3986d90bbd7197d592404fc388a2a77a3986d90bbd7197d592404fc IP 185.107.56.209:0 ASN #43350 NForce Entertainment B.V. File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (677), with no line terminators Size 677 B (677 bytes) Hash ebad0184617a9b0fe64a0e1001843743 7bfdd38f3100ade508f243033e932e3d33799afe b40774e55cb5f89a53c11d9e15d9bab6d4297499e11a906901a48f01c3e45bb9 HTTP Headers GET /wells/wells-fargo-security-update/login.php?cmd=login_submit&id=388a2a77a3986d90bbd7197d592404fc388a2a77a3986d90bbd7197d592404fc&session=388a2a77a3986d90bbd7197d592404fc388a2a77a3986d90bbd7197d592404fc HTTP/1.1 Host: citrinocoin.co User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile cache-control: max-age=0, private, must-revalidate content-length: 677 content-type: text/html; charset=utf-8 date: Thu, 21 Sep 2023 18:00:40 GMT server: Cowboy set-cookie: sid=c6d4efba-58a8-11ee-98c8-181d3fc123a5; path=/; domain=.citrinocoin.co; expires=Tue, 09 Oct 2091 21:14:47 GMT; max-age=2147483647; secure; HttpOnly X-Firefox-Spdy: h2`

	citrinocoin.co/favicon.ico	185.107.56.209		9 B
URL citrinocoin.co/favicon.ico IP 185.107.56.209:0 ASN #43350 NForce Entertainment B.V. File type ASCII text, with no line terminators Size 9 B (9 bytes) Hash d8f4a1993546cc4b850cde3599e27aec 094b763b4cfcc0b05e5d040581cd513c3ca08067 907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9 HTTP Headers GET /favicon.ico HTTP/1.1 Host: citrinocoin.co User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://citrinocoin.co/wells/wells-fargo-security-update/login.php?cmd=login_submit&id=388a2a77a3986d90bbd7197d592404fc388a2a77a3986d90bbd7197d592404fc&session=388a2a77a3986d90bbd7197d592404fc388a2a77a3986d90bbd7197d592404fc Cookie: sid=c6d4efba-58a8-11ee-98c8-181d3fc123a5 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 404 Not Found cache-control: max-age=0, private, must-revalidate content-length: 9 date: Thu, 21 Sep 2023 18:00:40 GMT server: Cowboy X-Firefox-Spdy: h2`

	GET citrinocoin.co/wells/wells-fargo-security-update/login.php?ch=1&cmd=login_submit&id=388a2a77a3986d90bbd7197d592404fc388a2a77a3986d90bbd7197d592404fc&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY5NTMyNjQ0MCwiaWF0IjoxNjk1MzE5MjQwLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydTNmbm5nZG1hdTZnNDl2NW8wOTdoNDUiLCJuYmYiOjE2OTUzMTkyNDAsInRzIjoxNjk1MzE5MjQwODgyNjM1fQ.J_tveuv-qtF6CkRGjXRbF0p0G03j3XpcL5Mz8vVvxrs&session=388a2a77a3986d90bbd7197d592404fc388a2a77a3986d90bbd7197d592404fc&sid=c6d4efba-58a8-11ee-98c8-181d3fc123a5	185.107.56.209	302 Found	11 B
URL User Request GET HTTP/2 citrinocoin.co/wells/wells-fargo-security-update/login.php?ch=1&cmd=login_submit&id=388a2a77a3986d90bbd7197d592404fc388a2a77a3986d90bbd7197d592404fc&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY5NTMyNjQ0MCwiaWF0IjoxNjk1MzE5MjQwLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydTNmbm5nZG1hdTZnNDl2NW8wOTdoNDUiLCJuYmYiOjE2OTUzMTkyNDAsInRzIjoxNjk1MzE5MjQwODgyNjM1fQ.J_tveuv-qtF6CkRGjXRbF0p0G03j3XpcL5Mz8vVvxrs&session=388a2a77a3986d90bbd7197d592404fc388a2a77a3986d90bbd7197d592404fc&sid=c6d4efba-58a8-11ee-98c8-181d3fc123a5 IP 185.107.56.209:443 ASN #43350 NForce Entertainment B.V. Certificate IssuerLet's Encrypt Subjectcitrinocoin.co FingerprintBE:88:56:85:9F:F2:B7:7C:84:4C:6D:4D:40:FC:75:E4:10:19:FA:98 ValidityMon, 04 Sep 2023 18:50:26 GMT - Sun, 03 Dec 2023 18:50:25 GMT File type ASCII text, with no line terminators Size 11 B (11 bytes) Hash 32682312d17c7cbf18e73594f5570319 60e22121bdd0bc71cdb2bae2a3aa577006b2eae9 e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47 HTTP Headers GET /wells/wells-fargo-security-update/login.php?ch=1&cmd=login_submit&id=388a2a77a3986d90bbd7197d592404fc388a2a77a3986d90bbd7197d592404fc&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY5NTMyNjQ0MCwiaWF0IjoxNjk1MzE5MjQwLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydTNmbm5nZG1hdTZnNDl2NW8wOTdoNDUiLCJuYmYiOjE2OTUzMTkyNDAsInRzIjoxNjk1MzE5MjQwODgyNjM1fQ.J_tveuv-qtF6CkRGjXRbF0p0G03j3XpcL5Mz8vVvxrs&session=388a2a77a3986d90bbd7197d592404fc388a2a77a3986d90bbd7197d592404fc&sid=c6d4efba-58a8-11ee-98c8-181d3fc123a5 HTTP/1.1 Host: citrinocoin.co User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://citrinocoin.co/wells/wells-fargo-security-update/login.php?cmd=login_submit&id=388a2a77a3986d90bbd7197d592404fc388a2a77a3986d90bbd7197d592404fc&session=388a2a77a3986d90bbd7197d592404fc388a2a77a3986d90bbd7197d592404fc Cookie: sid=c6d4efba-58a8-11ee-98c8-181d3fc123a5 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found cache-control: max-age=0, private, must-revalidate content-length: 11 date: Thu, 21 Sep 2023 18:00:41 GMT location: http://ww1.citrinocoin.co server: Cowboy set-cookie: sid=c6d4efba-58a8-11ee-98c8-181d3fc123a5; path=/; domain=.citrinocoin.co; expires=Tue, 09 Oct 2091 21:14:49 GMT; max-age=2147483647; secure; HttpOnly X-Firefox-Spdy: h2`

	GET ww1.citrinocoin.co/	199.59.243.224	200 OK	1.0 kB
URL User Request GET HTTP/1.1 ww1.citrinocoin.co/ IP 199.59.243.224:80 ASN #16509 AMAZON-02 File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (322) Size 1.0 kB (1025 bytes) Hash 76159645f4bc0f6806472f1e88ce6d34 3e216e39bd89e914646e98ca382871ba08007b80 50af64198bf7cf301167aaaee0ad8dce662e67eaeea15c25282f1918a1c13f4b HTTP Headers `GET / HTTP/1.1 Host: ww1.citrinocoin.co User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK date: Thu, 21 Sep 2023 18:00:41 GMT content-type: text/html; charset=utf-8 content-length: 1025 x-request-id: a01eab44-26c1-4639-b958-acec6263f66c cache-control: no-store, max-age=0 accept-ch: sec-ch-prefers-color-scheme critical-ch: sec-ch-prefers-color-scheme vary: sec-ch-prefers-color-scheme x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_b7CsYvkG0mpzaexuRkvPfCp25ul0GeYnYfS61+Pfig8//bw4BvGU4cGDe1JwdNtf8xaJaG6GTH24AuxwjwzGbQ== set-cookie: parking_session=a01eab44-26c1-4639-b958-acec6263f66c; expires=Thu, 21 Sep 2023 18:15:42 GMT; path=/

	GET ww1.citrinocoin.co/aTqGGzhKX.js	199.59.243.224	200 OK	68 kB
URL GET HTTP/1.1 ww1.citrinocoin.co/aTqGGzhKX.js IP 199.59.243.224:80 ASN #16509 AMAZON-02 Requested by http://ww1.citrinocoin.co/ File type HTML document, ASCII text, with very long lines (65536), with no line terminators Size 68 kB (68406 bytes) Hash 3ef0d214cbad58830beddd8bffd52c13 b6afe664ac6da2b0afccae8fb8782acaa9b7c6c9 7128591ce2852ff92fd3ca220b9fdd6e99a901dd2e4164ba264e5a0b9a19965b HTTP Headers `GET /aTqGGzhKX.js HTTP/1.1 Host: ww1.citrinocoin.co User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Referer: http://ww1.citrinocoin.co/ Cookie: parking_session=a01eab44-26c1-4639-b958-acec6263f66c Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK date: Thu, 21 Sep 2023 18:00:41 GMT content-type: application/javascript; charset=utf-8 content-length: 68406 x-request-id: 7c678514-25ee-4e83-a7d5-b265ec2ca5af set-cookie: parking_session=a01eab44-26c1-4639-b958-acec6263f66c; expires=Thu, 21 Sep 2023 18:15:42 GMT`

	POST ww1.citrinocoin.co/_fd	199.59.243.224	200 OK	2.0 kB
URL POST HTTP/1.1 ww1.citrinocoin.co/_fd IP 199.59.243.224:80 ASN #16509 AMAZON-02 Requested by http://ww1.citrinocoin.co/ File type ASCII text, with very long lines (3969), with no line terminators Size 2.0 kB (2031 bytes) Hash f800a51d8beb48e695d727d2483f7bcc dcb557ac080f9a2188c90d199986f7b3c2388a0c 55d09a46a092346d9accf5f9c5fe4e0bfd06065394227c0672813a64884442f9 HTTP Headers `POST /_fd HTTP/1.1 Host: ww1.citrinocoin.co User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://ww1.citrinocoin.co/ Content-Type: application/json Origin: http://ww1.citrinocoin.co DNT: 1 Connection: keep-alive Cookie: parking_session=a01eab44-26c1-4639-b958-acec6263f66c Pragma: no-cache Cache-Control: no-cache Content-Length: 0` `HTTP/1.1 200 OK server: openresty date: Thu, 21 Sep 2023 18:00:42 GMT content-type: text/html; charset=UTF-8 content-encoding: gzip content-length: 2031 x-version: 2.106.5 expires: Thu, 01 Jan 1970 00:00:01 GMT cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0 pragma: no-cache set-cookie: parking_session=a01eab44-26c1-4639-b958-acec6263f66c; expires=Thu, 21 Sep 2023 18:15:43 GMT; Max-Age=900; path=/; httponly`

	GET ww1.citrinocoin.co/px.gif?ch=2&rn=0.17165106210940162	199.59.243.224	200 OK	42 B
URL GET HTTP/1.1 ww1.citrinocoin.co/px.gif?ch=2&rn=0.17165106210940162 IP 199.59.243.224:80 ASN #16509 AMAZON-02 Requested by http://ww1.citrinocoin.co/ File type GIF image data, version 89a, 1 x 1\012- data Size 42 B (42 bytes) Hash d89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 HTTP Headers `GET /px.gif?ch=2&rn=0.17165106210940162 HTTP/1.1 Host: ww1.citrinocoin.co User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Referer: http://ww1.citrinocoin.co/ Cookie: parking_session=a01eab44-26c1-4639-b958-acec6263f66c Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK server: openresty date: Thu, 21 Sep 2023 18:00:42 GMT content-type: image/gif content-length: 42 last-modified: Tue, 18 Jul 2023 15:33:43 GMT expires: Thu, 01 Jan 1970 00:00:01 GMT cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0 pragma: no-cache accept-ranges: bytes`

	GET ww1.citrinocoin.co/px.gif?ch=1&rn=0.17165106210940162	199.59.243.224	200 OK	42 B
URL GET HTTP/1.1 ww1.citrinocoin.co/px.gif?ch=1&rn=0.17165106210940162 IP 199.59.243.224:80 ASN #16509 AMAZON-02 Requested by http://ww1.citrinocoin.co/ File type GIF image data, version 89a, 1 x 1\012- data Size 42 B (42 bytes) Hash d89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 HTTP Headers `GET /px.gif?ch=1&rn=0.17165106210940162 HTTP/1.1 Host: ww1.citrinocoin.co User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Referer: http://ww1.citrinocoin.co/ Cookie: parking_session=a01eab44-26c1-4639-b958-acec6263f66c Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK server: openresty date: Thu, 21 Sep 2023 18:00:42 GMT content-type: image/gif content-length: 42 last-modified: Tue, 18 Jul 2023 15:33:43 GMT expires: Thu, 01 Jan 1970 00:00:01 GMT cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0 pragma: no-cache accept-ranges: bytes`

	ocsp.pki.goog/gts1c3	172.217.21.163		472 B
URL ocsp.pki.goog/gts1c3 IP 172.217.21.163:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 74f3f861c7332387728c7940c0058a00 92d0963a38c3581cd223f8316fa0ac4f30d61912 fc38cf8ec6198d8e9ff556e8c3243651503720919d60d3a98066df74da7e7c73 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 21 Sep 2023 18:00:43 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	GET www.google.com/adsense/domains/caf.js	142.250.74.132	200 OK	56 kB
URL GET HTTP/2 www.google.com/adsense/domains/caf.js IP 142.250.74.132:443 ASN #15169 GOOGLE Requested by http://ww1.citrinocoin.co/ Certificate IssuerGoogle Trust Services LLC Subjectwww.google.com Fingerprint46:10:6A:3E:F0:E9:34:E0:79:83:32:6E:2E:D8:2A:57:15:BD:AC:4C ValidityMon, 14 Aug 2023 08:23:03 GMT - Mon, 06 Nov 2023 08:23:02 GMT File type gzip compressed data, max compression\012- data Size 56 kB (55582 bytes) Hash c7ed7af64b91d6147d98f9d807288a5a bd90f10bdb0ffea4fbe33fd2bac1fdf0baa87022 52530ac857a3781e643cadd3a62f65c7b19b0e918ad87ebe91ac813284dd5e55 HTTP Headers `GET /adsense/domains/caf.js HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: http://ww1.citrinocoin.co/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes vary: Accept-Encoding content-type: text/javascript; charset=UTF-8 content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="ads-afs-ui" report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]} date: Thu, 21 Sep 2023 18:00:43 GMT expires: Thu, 21 Sep 2023 18:00:43 GMT cache-control: private, max-age=3600 etag: "11795871179405602012" x-content-type-options: nosniff link: <https://afs.googlesyndication.com>; rel="preconnect" content-encoding: gzip server: sffe x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	GET www.google.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol202%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol318%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol472&client=dp-bodis30_3ph&r=m&hl=en&rpbu=http%3A%2F%2Fww1.citrinocoin.co%3Fcaf%26&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2298147197369106&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301293%2C17301321%2C17301323&format=r3&nocache=4821695319243654&num=0&output=afd_ads&domain_name=ww1.citrinocoin.co&v=3&bsl=8&pac=0&u_his=3&u_tz=0&dt=1695319243657&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1264&psh=79&frm=0&cl=564420743&uio=-&cont=rs&jsid=caf&jsv=564420743&rurl=http%3A%2F%2Fww1.citrinocoin.co%2F&adbw=master-1%3A1264	142.250.74.132	200 OK	3.0 kB
URL GET HTTP/3 www.google.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol202%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol318%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol472&client=dp-bodis30_3ph&r=m&hl=en&rpbu=http%3A%2F%2Fww1.citrinocoin.co%3Fcaf%26&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2298147197369106&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301293%2C17301321%2C17301323&format=r3&nocache=4821695319243654&num=0&output=afd_ads&domain_name=ww1.citrinocoin.co&v=3&bsl=8&pac=0&u_his=3&u_tz=0&dt=1695319243657&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1264&psh=79&frm=0&cl=564420743&uio=-&cont=rs&jsid=caf&jsv=564420743&rurl=http%3A%2F%2Fww1.citrinocoin.co%2F&adbw=master-1%3A1264 IP 142.250.74.132:443 ASN #15169 GOOGLE Requested by http://ww1.citrinocoin.co/ Certificate IssuerGoogle Trust Services LLC Subject.google.com Fingerprint5A:48:5B:27:A7:FB:0B:D6:63:83:8E:8E:80:DB:29:B7:2C:72:A8:8E ValidityMon, 14 Aug 2023 08:16:28 GMT - Mon, 06 Nov 2023 08:16:27 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (12966) Size 3.0 kB (2976 bytes) Hash 87d4b09981ddf2d54cc2d8dcc79ee250 10165660b34a971088bb89a78d9136947df807c2 9af04fb7392c0cfd426d354bc234dbd225f0cb7a18922fdb1b171224c61a2f39 HTTP Headers GET /afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol202%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol318%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol472&client=dp-bodis30_3ph&r=m&hl=en&rpbu=http%3A%2F%2Fww1.citrinocoin.co%3Fcaf%26&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2298147197369106&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301293%2C17301321%2C17301323&format=r3&nocache=4821695319243654&num=0&output=afd_ads&domain_name=ww1.citrinocoin.co&v=3&bsl=8&pac=0&u_his=3&u_tz=0&dt=1695319243657&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1264&psh=79&frm=0&cl=564420743&uio=-&cont=rs&jsid=caf&jsv=564420743&rurl=http%3A%2F%2Fww1.citrinocoin.co%2F&adbw=master-1%3A1264 HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: http://ww1.citrinocoin.co/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK content-type: text/html; charset=UTF-8 content-disposition: inline date: Thu, 21 Sep 2023 18:00:43 GMT expires: Thu, 21 Sep 2023 18:00:43 GMT cache-control: private, max-age=3600 content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-uzuQx67zm1Lt6caD32VceA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other cross-origin-opener-policy: same-origin-allow-popups; report-to="gws" report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} content-encoding: br server: gws content-length: 2976 x-xss-protection: 0 set-cookie: CONSENT=PENDING+027; expires=Sat, 20-Sep-2025 18:00:43 GMT; path=/; domain=.google.com; Secure p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info." alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	ocsp.pki.goog/gts1c3	172.217.21.163		472 B
URL ocsp.pki.goog/gts1c3 IP 172.217.21.163:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash ce8eead0d99791e8eb42ec959bd6199a e30ca2a9482908ae1140e6190a5c3988f407c192 6e2d9fb383691f83606fb1b255a8c1b38f41ca20c116fcaa8f6061ce8128b0a1 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 21 Sep 2023 18:00:43 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	GET afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%2302198b	142.250.74.97	200 OK	174 B
URL GET HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%2302198b IP 142.250.74.97:443 ASN #15169 GOOGLE Requested by https://www.google.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol202%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol318%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol472&client=dp-bodis30_3ph&r=m&hl=en&rpbu=http%3A%2F%2Fww1.citrinocoin.co%3Fcaf%26&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2298147197369106&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301293%2C17301321%2C17301323&format=r3&nocache=4821695319243654&num=0&output=afd_ads&domain_name=ww1.citrinocoin.co&v=3&bsl=8&pac=0&u_his=3&u_tz=0&dt=1695319243657&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1264&psh=79&frm=0&cl=564420743&uio=-&cont=rs&jsid=caf&jsv=564420743&rurl=http%3A%2F%2Fww1.citrinocoin.co%2F&adbw=master-1%3A1264 Certificate IssuerGoogle Trust Services LLC Subject.googleusercontent.com FingerprintB5:F6:4B:DC:96:53:57:F2:9C:41:9E:96:E6:9A:00:DF:E1:A9:C9:76 ValidityMon, 14 Aug 2023 08:21:40 GMT - Mon, 06 Nov 2023 08:21:39 GMT File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators Size 174 B (174 bytes) Hash d47125b2ba92be53dcff07ba322ce1de e4a70c8a133bacf1699fdfa4c10e24ed5b3e0c28 5a0687ea8c9aa404a7724490f046e30023ec6b5aa81d01ae4f225889a64174f6 HTTP Headers `GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%2302198b HTTP/1.1 Host: afs.googleusercontent.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.google.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes content-encoding: gzip content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers" report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]} content-length: 174 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 20 Sep 2023 20:58:46 GMT expires: Thu, 21 Sep 2023 19:58:46 GMT cache-control: public, max-age=82800 age: 75717 last-modified: Tue, 27 Jun 2023 17:28:00 GMT content-type: image/svg+xml vary: Accept-Encoding alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	172.217.21.163		472 B
URL ocsp.pki.goog/gts1c3 IP 172.217.21.163:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash fecab6ced21f6064051eefcdc82a254f 03a9a37778b8db9c40c4e0b50c5dc9466bf309b9 506fcda2ea18d11bd38b77ec99ba9e4b961762852947e6b6c47bd77b1da55560 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 21 Sep 2023 18:00:43 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	GET afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff	142.250.74.97	200 OK	278 B
URL GET HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff IP 142.250.74.97:443 ASN #15169 GOOGLE Requested by https://www.google.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol202%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol318%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol472&client=dp-bodis30_3ph&r=m&hl=en&rpbu=http%3A%2F%2Fww1.citrinocoin.co%3Fcaf%26&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2298147197369106&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301293%2C17301321%2C17301323&format=r3&nocache=4821695319243654&num=0&output=afd_ads&domain_name=ww1.citrinocoin.co&v=3&bsl=8&pac=0&u_his=3&u_tz=0&dt=1695319243657&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1264&psh=79&frm=0&cl=564420743&uio=-&cont=rs&jsid=caf&jsv=564420743&rurl=http%3A%2F%2Fww1.citrinocoin.co%2F&adbw=master-1%3A1264 Certificate IssuerGoogle Trust Services LLC Subject.googleusercontent.com FingerprintB5:F6:4B:DC:96:53:57:F2:9C:41:9E:96:E6:9A:00:DF:E1:A9:C9:76 ValidityMon, 14 Aug 2023 08:21:40 GMT - Mon, 06 Nov 2023 08:21:39 GMT File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (306) Size 278 B (278 bytes) Hash fe7dd8c3c629cc6e9cd6d3e4d3cbe905 59ef3b8e4a17169a4cb45fba65bf0d2bf49c8a18 5455d8d4b8ae5150039ff7a83a6679d4338a435945985fa9f8d0ecbea9ae2f6e HTTP Headers `GET /ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff HTTP/1.1 Host: afs.googleusercontent.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.google.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes content-encoding: gzip content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers" report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]} content-length: 278 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 20 Sep 2023 20:58:04 GMT expires: Thu, 21 Sep 2023 19:58:04 GMT cache-control: public, max-age=82800 age: 75760 last-modified: Tue, 27 Jun 2023 17:28:00 GMT content-type: image/svg+xml vary: Accept-Encoding alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	172.217.21.163		472 B
URL ocsp.pki.goog/gts1c3 IP 172.217.21.163:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash fecab6ced21f6064051eefcdc82a254f 03a9a37778b8db9c40c4e0b50c5dc9466bf309b9 506fcda2ea18d11bd38b77ec99ba9e4b961762852947e6b6c47bd77b1da55560 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 21 Sep 2023 18:00:44 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	POST ww1.citrinocoin.co/_tr	199.59.243.224	200 OK	22 B
URL POST HTTP/1.1 ww1.citrinocoin.co/_tr IP 199.59.243.224:80 ASN #16509 AMAZON-02 Requested by http://ww1.citrinocoin.co/ File type ASCII text, with no line terminators Size 22 B (22 bytes) Hash 444bcb3a3fcf8389296c49467f27e1d6 7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df HTTP Headers `POST /_tr HTTP/1.1 Host: ww1.citrinocoin.co User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://ww1.citrinocoin.co/ Content-Type: application/json Content-Length: 1569 Origin: http://ww1.citrinocoin.co DNT: 1 Connection: keep-alive Cookie: parking_session=a01eab44-26c1-4639-b958-acec6263f66c Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK server: openresty date: Thu, 21 Sep 2023 18:00:43 GMT content-type: text/html; charset=UTF-8 content-encoding: gzip content-length: 22 x-version: 2.106.5 expires: Thu, 01 Jan 1970 00:00:01 GMT cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0 pragma: no-cache set-cookie: parking_session=a01eab44-26c1-4639-b958-acec6263f66c; expires=Thu, 21 Sep 2023 18:15:44 GMT; Max-Age=900; path=/; httponly`

	GET www.google.com/afs/gen_204?client=dp-bodis30_3ph&output=uds_ads_only&zx=l6kfc7u1ekk7&aqid=y4QMZfD7HrGzxdwPpsqF0AQ&psid=3113057640&pbt=bs&adbx=290&adby=145&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis30_3ph&errv=564420743&csala=11%7C0%7C314%7C69%7C283&lle=0&ifv=1&usr=0&hpt=0	142.250.74.132	204 No Content	0 B
URL GET HTTP/3 www.google.com/afs/gen_204?client=dp-bodis30_3ph&output=uds_ads_only&zx=l6kfc7u1ekk7&aqid=y4QMZfD7HrGzxdwPpsqF0AQ&psid=3113057640&pbt=bs&adbx=290&adby=145&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis30_3ph&errv=564420743&csala=11%7C0%7C314%7C69%7C283&lle=0&ifv=1&usr=0&hpt=0 IP 142.250.74.132:443 ASN #15169 GOOGLE Requested by http://ww1.citrinocoin.co/ Certificate IssuerGoogle Trust Services LLC Subject.google.com Fingerprint5A:48:5B:27:A7:FB:0B:D6:63:83:8E:8E:80:DB:29:B7:2C:72:A8:8E ValidityMon, 14 Aug 2023 08:16:28 GMT - Mon, 06 Nov 2023 08:16:27 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /afs/gen_204?client=dp-bodis30_3ph&output=uds_ads_only&zx=l6kfc7u1ekk7&aqid=y4QMZfD7HrGzxdwPpsqF0AQ&psid=3113057640&pbt=bs&adbx=290&adby=145&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis30_3ph&errv=564420743&csala=11%7C0%7C314%7C69%7C283&lle=0&ifv=1&usr=0&hpt=0 HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: http://ww1.citrinocoin.co/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 204 No Content content-type: text/html; charset=UTF-8 content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-oi4gvfmypQN3yT4Uzx7PeA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other cross-origin-opener-policy: same-origin-allow-popups; report-to="gws" report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info." date: Thu, 21 Sep 2023 18:00:45 GMT server: gws content-length: 0 x-xss-protection: 0 x-frame-options: SAMEORIGIN set-cookie: NID=511=pFCguKScau1lWvGUCpYlxzAxLQfw5-LwyDr2pRSK-WJBf04F53e7avkFCn2UxGFKHjHyppCp7cZHG3R1_o-KaKJ2mCBWEvEenNswH9Ncjm2MaTEZrCtJCzrmt9p8DTgxUFLNBeKsbx4HFz4OZUatYQNfU06FzI-bRL19dRvhPuE; expires=Fri, 22-Mar-2024 18:00:45 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none CONSENT=PENDING+761; expires=Sat, 20-Sep-2025 18:00:45 GMT; path=/; domain=.google.com; Secure alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	GET www.google.com/afs/gen_204?client=dp-bodis30_3ph&output=uds_ads_only&zx=n004wk8tv4sl&aqid=y4QMZfD7HrGzxdwPpsqF0AQ&psid=3113057640&pbt=bv&adbx=290&adby=145&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis30_3ph&errv=564420743&csala=11%7C0%7C314%7C69%7C283&lle=0&ifv=1&usr=0&hpt=0	142.250.74.132	204 No Content	0 B
URL GET HTTP/3 www.google.com/afs/gen_204?client=dp-bodis30_3ph&output=uds_ads_only&zx=n004wk8tv4sl&aqid=y4QMZfD7HrGzxdwPpsqF0AQ&psid=3113057640&pbt=bv&adbx=290&adby=145&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis30_3ph&errv=564420743&csala=11%7C0%7C314%7C69%7C283&lle=0&ifv=1&usr=0&hpt=0 IP 142.250.74.132:443 ASN #15169 GOOGLE Requested by http://ww1.citrinocoin.co/ Certificate IssuerGoogle Trust Services LLC Subject.google.com Fingerprint5A:48:5B:27:A7:FB:0B:D6:63:83:8E:8E:80:DB:29:B7:2C:72:A8:8E ValidityMon, 14 Aug 2023 08:16:28 GMT - Mon, 06 Nov 2023 08:16:27 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /afs/gen_204?client=dp-bodis30_3ph&output=uds_ads_only&zx=n004wk8tv4sl&aqid=y4QMZfD7HrGzxdwPpsqF0AQ&psid=3113057640&pbt=bv&adbx=290&adby=145&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis30_3ph&errv=564420743&csala=11%7C0%7C314%7C69%7C283&lle=0&ifv=1&usr=0&hpt=0 HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: http://ww1.citrinocoin.co/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 204 No Content content-type: text/html; charset=UTF-8 content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-L61fdMBzc3jqyXfYCoPmpg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other cross-origin-opener-policy: same-origin-allow-popups; report-to="gws" report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info." date: Thu, 21 Sep 2023 18:00:46 GMT server: gws content-length: 0 x-xss-protection: 0 x-frame-options: SAMEORIGIN set-cookie: NID=511=rD-8drxDpdi6G0vSJrMNIjbnDlVgFmJTAy15sWG0BwCXxAQ4XGwsx3UrB4O8ZXp2QpqkWVvUGlkjc5HkD2DB--QavVyQGIDJXzlrt6Cj7oONH-h99lLHeK_8_-rXwyjSRgWdMPFxWTQ8xMGHu18z0-b2AOJptp0DP5O3chC1deo; expires=Fri, 22-Mar-2024 18:00:46 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none CONSENT=PENDING+302; expires=Sat, 20-Sep-2025 18:00:46 GMT; path=/; domain=.google.com; Secure alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (19)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP