Report - stfly.cc/5K4gf

Report Overview

Submitted URL
stfly.cc/5K4gf
IP
188.114.97.1
ASN
#13335 CLOUDFLARENET
Submitted
2023-06-01 17:25:14
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
2
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2023-05-31	426 B	29 kB	104.17.24.14
stfly.me	208120	2020-06-19	2020-06-19	2023-06-01	902 B	13 kB	172.67.192.47
tignuget.net	unknown	2023-05-22	2023-05-23	2023-06-01	1.4 kB	69 kB	139.45.197.244
www.google.no	25607	2001-02-26	2016-04-05	2023-06-01	519 B	580 B	216.58.207.227
gh.centrerauriga.com	unknown	2023-05-21	2023-05-21	2023-05-30	401 B	1.2 kB	23.109.150.138
my.rtmark.net	9054	2014-10-29	2015-02-04	2023-05-31	451 B	737 B	139.45.195.8
unpkg.com	11693	2016-01-06	2016-01-08	2023-05-31	863 B	5.3 kB	104.16.123.175
region1.analytics.google.com	unknown	1997-09-15	2022-03-17	2023-05-31	618 B	439 B	216.239.34.36
ocsp.pki.goog	175	2016-06-13	2018-07-01	2023-05-31	2.3 kB	4.9 kB	142.250.74.131
stfly.cc	unknown	2022-08-14	2022-08-14	2023-05-31	470 B	6.9 kB	188.114.97.1
stackpath.bootstrapcdn.com	2467	2012-05-25	2018-06-15	2023-05-31	449 B	157 kB	104.18.10.207
www.googletagmanager.com	75	2011-11-11	2013-05-22	2023-05-31	867 B	152 kB	142.250.74.72
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2023-06-01	554 B	20 kB	216.58.207.227
betotodilea.com	52465	2021-08-09	2021-08-17	2023-06-01	396 B	514 B	139.45.197.237
nanouwho.com	unknown	2022-07-09	2022-07-09	2023-05-31	393 B	624 B	139.45.197.242
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2023-05-31	426 B	3.5 kB	142.250.74.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-06-01 17:24:55	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-06-01 17:24:55	medium	Client IP	Internal IP	ET DNS Query for .cc TLD

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (11)

	URL	Size	First Seen	Last Seen
	stfly.cc/5K4gf	155 B	2023-03-07	2024-03-16
Pretty URL stfly.cc/5K4gf IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 15:18:16 Last Seen2024-03-16 08:53:59 Times Seen122 Hash 59ebe0b9de3964823af9e47ca93a4955 f8bc090309fd3f812825b06ac082ea98cd27a8f7 fcb5a666860ca97d0ad3ed1a21203060b8fc1ac42a73b4cf628f8044698d8a2a Loading...

	stfly.cc/5K4gf	2.4 kB	2023-03-08	2024-03-16
Pretty URL stfly.cc/5K4gf IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 14:35:33 Last Seen2024-03-16 08:54:00 Times Seen122 Hash a1704fd491a577a58e2d012ac00ef92b be2f0459eaa4565828d125bf90a13b69d4e7b437 62d2ea0f5f0040686256ce7936143e9a6233f336f7d1efbd7dca27fd73e90b12 Loading...

	www.googletagmanager.com/gtag/js?id=UA-108199505-1	177 kB	2023-06-01	2023-06-01
Pretty URL www.googletagmanager.com/gtag/js?id=UA-108199505-1 IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-01 19:25:15 Last Seen2023-06-01 19:25:15 Times Seen2 Hash 23f0d832c5a38cf17c12103e2b821ea1 52624c2e32d1faafa34e061016ab3de5ce87b639 f9b2e094db1c00076916491c0e0c0106edecae2bfc03aa377c0dfaa5af6405e4 Loading...

	tignuget.net/5/3381289	65 kB	2023-06-01	2023-06-01
Pretty URL tignuget.net/5/3381289 IP 139.45.197.244 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-01 19:25:15 Last Seen2023-06-01 19:25:15 Times Seen2 Hash d1df8dcec1c7ad368b203230ba996dba 7f4ef85803bb7248a6712c1f4f25881a38010c68 fcf7306c8c64364aa6d3116725cdca0be248d4db78f781068ec6309b2e375807 Loading...

	gh.centrerauriga.com/1clkn/55315	6 B	2023-03-07	2024-04-25
Pretty URL gh.centrerauriga.com/1clkn/55315 IP 23.109.150.138 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:04 Last Seen2024-04-25 12:32:10 Times Seen13599 Hash 9082dc37e5e8046929da411544ad071a 41e0e3963ed94e59e8a2f115994c382712411537 b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550 Loading...

	www.googletagmanager.com/gtag/js?id=G-PDV6XHL2ZF&l=dataLayer&cx=c	253 kB	2023-06-01	2023-06-01
Pretty URL www.googletagmanager.com/gtag/js?id=G-PDV6XHL2ZF&l=dataLayer&cx=c IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-01 19:25:15 Last Seen2023-06-01 19:25:15 Times Seen2 Hash ddc3e4663f22626262d7a312792807cd 9f83ab64fdbb56c9deaaaee6e0ed41d4a8d533ae 168cc6b8e25518b25b5abac858ff5440afc4d0f34f8a6555a177cb78382a0df5 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js	90 kB	2023-03-07	2024-04-25
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-04-25 14:30:27 Times Seen261231 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	stfly.cc/5K4gf	886 B	2023-06-01	2023-06-01
Pretty URL stfly.cc/5K4gf IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-01 19:25:15 Last Seen2023-06-01 19:25:15 Times Seen1 Hash 6cded185e633d68bfa0776e7ca7441e2 8bca2c3253b13c07c409ad4cfdac2c48e653c585 237dfd657b55784681db6555c4b01a164cf2a50b4705e984e88aff362c8802c0 Loading...

	unpkg.com/just-detect-adblock@latest/dist/bundle.umd.js	2.6 kB	2023-03-07	2024-03-16
Pretty URL unpkg.com/just-detect-adblock@latest/dist/bundle.umd.js IP 104.16.123.175 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:06:05 Last Seen2024-03-16 08:54:00 Times Seen152 Hash 09f554e0361d2bb83c02eca48ec2a0ee e80452ce6ee60b10f8edd2c134db6566effbd0eb 6ea0709e076a8dd6569a1d148aabce6669d3bb30087be54fd8368ac1293bd771 Loading...

	stfly.cc/sandbox%20eval%20code	147 B	2023-04-11	2024-04-25
Pretty URL stfly.cc/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-04-25 14:39:13 Times Seen342061 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-04-25
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-04-25 14:39:13 Times Seen341564 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

HTTP Transactions (26)

	URL	IP	Response	Size
	cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js	104.17.24.14	200 OK	28 kB
URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js IP 104.17.24.14:443 ASN #13335 CLOUDFLARENET Requested by https://stfly.cc/5K4gf Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT File type ASCII text, with very long lines (65447) Size 28 kB (27938 bytes) Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e HTTP Headers `GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1 Host: cdnjs.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://stfly.cc/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Thu, 01 Jun 2023 17:24:57 GMT content-type: application/javascript; charset=utf-8 content-length: 27938 access-control-allow-origin: * cache-control: public, max-age=30672000 content-encoding: br etag: "603e8adc-15d9d" last-modified: Tue, 02 Mar 2021 18:58:36 GMT cf-cdnjs-via: cfworker/kv cross-origin-resource-policy: cross-origin timing-allow-origin: * x-content-type-options: nosniff vary: Accept-Encoding cf-cache-status: HIT age: 6041521 expires: Tue, 21 May 2024 17:24:57 GMT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=79w5tAStG5%2B%2BB4eYR7wwC4xXeWdJd78AIVUcMwaBdG4wxSY9J2eYRpd3v13U905vMm2x%2FEpJXauA8oQGGtwDtFc8bKj210UDksgziQky1LCHEUCidK7K09LDHKxLKWA%2FSyIiB1XU"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=15780000 server: cloudflare cf-ray: 7d0927307fcdfab8-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	stfly.me/wp-content/uploads/2022/12/logo-wp.png	172.67.192.47	200 OK	11 kB
URL GET HTTP/2 stfly.me/wp-content/uploads/2022/12/logo-wp.png IP 172.67.192.47:443 ASN #13335 CLOUDFLARENET Requested by https://stfly.cc/5K4gf Certificate IssuerGoogle Trust Services LLC Subjectstfly.me FingerprintD0:26:B8:12:FB:B0:05:A6:93:D9:1A:10:4E:3B:F1:22:DA:34:F1:C5 ValidityWed, 17 May 2023 01:56:27 GMT - Tue, 15 Aug 2023 01:56:26 GMT File type PNG image data, 684 x 251, 8-bit colormap, non-interlaced\012- data Size 11 kB (10590 bytes) Hash 94130f636ea5a1676c65189017652bd1 f29c40a9146876dfd0b18a8babe6de2958d970ec 20d03dbd1aefea543ffa2e04625f3466936a9b6c0b90449941490aaa7b080a6d HTTP Headers `GET /wp-content/uploads/2022/12/logo-wp.png HTTP/1.1 Host: stfly.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://stfly.cc/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Thu, 01 Jun 2023 17:24:57 GMT content-type: image/png content-length: 10590 last-modified: Thu, 15 Dec 2022 13:16:27 GMT etag: "639b1e2b-295e" expires: Sat, 03 Jun 2023 15:46:46 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000 cf-cache-status: HIT age: 2425091 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q43oIqjZzT%2BGQGiBp%2FeeZePPDLh1vrgCeuE%2BeOe%2Fwmvuxmm%2FCJRCrKywQiJMUeDT6haiJxv0m91BrZ4N6K4a3bz5JXLsiWUyQD5Sj1IpANCbNEYvhZeQFTfGQw%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d092730df53b4fd-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131		472 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 582908ff8bc13bc9b5422491129d8b0e 8deb8d1987e09761ca90108160cc262f1ee8dffa daa1cabdc684ac8d98c86cd6aa983b52bb982052a8a7b6632f565a606c85a8b2 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 01 Jun 2023 17:24:57 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131		472 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 5b53f2fcda25e30bbbf202b507fac96c 1d1cfb1765f42aba83c3b3e89417b228ed9f0b22 6971f9675ef64b91754cc952302f0a4e9d93b0435625536165dde4c7fe71b235 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 01 Jun 2023 17:24:57 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.googletagmanager.com/gtag/js?id=UA-108199505-1	142.250.74.72	200 OK	64 kB
URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=UA-108199505-1 IP 142.250.74.72:443 ASN #15169 GOOGLE Requested by https://stfly.cc/5K4gf Certificate IssuerGoogle Trust Services LLC Subject.google-analytics.com FingerprintEB:A2:AF:B3:20:F1:B1:77:23:0B:85:D2:B1:16:33:A7:97:49:EE:51 ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT File type ASCII text, with very long lines (4372) Size 64 kB (64336 bytes) Hash 23f0d832c5a38cf17c12103e2b821ea1 52624c2e32d1faafa34e061016ab3de5ce87b639 f9b2e094db1c00076916491c0e0c0106edecae2bfc03aa377c0dfaa5af6405e4 HTTP Headers `GET /gtag/js?id=UA-108199505-1 HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://stfly.cc/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Thu, 01 Jun 2023 17:24:57 GMT expires: Thu, 01 Jun 2023 17:24:57 GMT cache-control: private, max-age=900 strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 64336 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	gh.centrerauriga.com/1clkn/55315	23.109.150.138	200 OK	26 B
URL GET HTTP/1.1 gh.centrerauriga.com/1clkn/55315 IP 23.109.150.138:443 ASN #7979 SERVERS-COM Requested by https://stfly.cc/5K4gf Certificate IssuerLet's Encrypt Subjectgh.centrerauriga.com FingerprintB4:33:D1:47:8D:DD:3A:52:C8:0F:F5:D3:33:12:63:B5:23:68:8E:3B ValiditySun, 21 May 2023 18:32:49 GMT - Sat, 19 Aug 2023 18:32:48 GMT File type ASCII text, with no line terminators Size 26 B (26 bytes) Hash 9082dc37e5e8046929da411544ad071a 41e0e3963ed94e59e8a2f115994c382712411537 b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550 HTTP Headers `GET /1clkn/55315 HTTP/1.1 Host: gh.centrerauriga.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://stfly.cc/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Server: nginx Date: Thu, 01 Jun 2023 17:24:57 GMT Content-Type: application/javascript; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=20 Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version Set-Cookie: GL_UI4=eJw9jU1Sg0AQhSH8RQ1oV3EAj8AQMcnSTVbegZphGhwD06lmQuLtHa3S3fteffVeEASr8hHCJY0husgGnl8aXe97Ve31tsZq34vda9UoIbp6u1PycIA7M7dOqhFdDOt5kuxat8SwGdAim67tSGMOT976a06WrjaGRLG0Oodk8saYQ6aYrjNyGUFs5YSQHQ1jTzdvyE9iiIQQPhvrc1jBiuYyKu4heTf2cis2aVAUaQAP51G6nnhqjfaYDCw1QvgG6046HIi%2FINM4nxydAWjU7b%2F%2Fe5qMP2uQalxM55HcB%2FI3ouZOdQ%3D%3D; expires=Fri, 02-Jun-2023 17:24:57 GMT; Max-Age=86400; path=/; secure; SameSite=None GL_GI10=eJw9i8sKwjAURGuUYNVWBvwAf8D6QBdu1aXUhbgOtd6WYM0tTXzUr%2FcFruYwc8bzPDEIIXSJ3nIaLSfRfBZNF3M0c2KIeIdeylfjqlqZ5EKQMVf3pIasKNdsAnR%2FoFI%2BETrxbnQwZ8N38x8%2BtwCtVLs6gP%2BJrxu20dS2RLgq9GO45%2BLq3raFb8gpWxKd4K%2BTY0HjzX6L8N9%2Bz7KBtraqrPhRv7nv9IWebEhxlllyUqBxk%2BIFsdRBIw%3D%3D; expires=Fri, 02-Jun-2023 17:24:57 GMT; Max-Age=86400; path=/; secure; SameSite=None Content-Encoding: gzip Vary: Accept-Encoding Strict-Transport-Security: max-age=1 X-Content-Type-Options: nosniff

	ocsp.pki.goog/gts1c3	142.250.74.131		472 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 582908ff8bc13bc9b5422491129d8b0e 8deb8d1987e09761ca90108160cc262f1ee8dffa daa1cabdc684ac8d98c86cd6aa983b52bb982052a8a7b6632f565a606c85a8b2 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 01 Jun 2023 17:24:57 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131		472 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 5b53f2fcda25e30bbbf202b507fac96c 1d1cfb1765f42aba83c3b3e89417b228ed9f0b22 6971f9675ef64b91754cc952302f0a4e9d93b0435625536165dde4c7fe71b235 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 01 Jun 2023 17:24:57 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131		472 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash fd0c5fcd552e140b1496b4697b18a3a4 264e38a9d130f40f54539a52cba317d16aea03ef a7ed4a9f0a8b37cf7bcf3a12317f70c607fa56aac6a980a6fda121b2c30d5151 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 01 Jun 2023 17:24:57 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	fonts.gstatic.com/s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2	216.58.207.227	200 OK	19 kB
URL GET HTTP/2 fonts.gstatic.com/s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 IP 216.58.207.227:443 ASN #15169 GOOGLE Requested by https://stfly.cc/5K4gf Certificate IssuerGoogle Trust Services LLC Subject.gstatic.com FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6 ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT File type Web Open Font Format (Version 2), TrueType, length 18664, version 1.0\012- data Size 19 kB (18664 bytes) Hash 8d1c44b2bf75a4e6f1bd141f9a965f4f 1e5dfdb7ca5ee8e823f9f5787f84b18fbdc38434 441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709 HTTP Headers GET /s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://stfly.cc DNT: 1 Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 18664 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 01 Jun 2023 07:49:32 GMT expires: Fri, 31 May 2024 07:49:32 GMT cache-control: public, max-age=31536000 age: 34525 last-modified: Tue, 02 May 2023 15:19:23 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	stfly.cc/5K4gf	188.114.97.1	200 OK	5.9 kB
URL User Request GET HTTP/2 stfly.cc/5K4gf IP 188.114.97.1:443 ASN #13335 CLOUDFLARENET Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint35:DA:9C:BA:3B:97:74:70:98:BE:3A:1C:91:20:35:8C:26:23:54:86 ValidityTue, 07 Feb 2023 00:00:00 GMT - Tue, 06 Feb 2024 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4913), with CRLF, LF line terminators Size 5.9 kB (5932 bytes) Hash 2b77bf26925b30223390a4355dc5f978 90e408ace62e989c26dfd1baeb21dfceef665c3d b484d2e9307eec04477e8e6167261382a3669c0175422a6a55f1f5a777bed52a HTTP Headers `GET /5K4gf HTTP/1.1 Host: stfly.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Thu, 01 Jun 2023 17:24:56 GMT content-type: text/html; charset=UTF-8 vary: Accept-Encoding expires: Wed, 11 Jan 1984 05:00:00 GMT cache-control: no-cache, must-revalidate, max-age=0 set-cookie: 793502d0d5bc13c06a135e921a2115ef=97kbcJd3_sE3wVqZ6PPIZLsKy8pqVE2YLblfn_iktnt8vBXAAERurCABF7rgyiBlQG06OuSZC7-upU8wyFJQcQ; expires=Fri, 02-Jun-2023 17:24:56 GMT; Max-Age=86400; path=/; domain=stfly.cc; HttpOnly; SameSite=Lax strict-transport-security: max-age=31536000 cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TUBhQfOA7xfvV4JcHUnVHFtTN5euGLFt3fAm5ODf4VUoqjAD61wjY%2BQWEF7geg3OQ6hFkZrVuZQQ%2BAaCkQvaHBBZi5XnZr8ta9FXvyyLS7wLOhiZjhqDcNf5eg%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d09272ad9f8b509-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	www.googletagmanager.com/gtag/js?id=G-PDV6XHL2ZF&l=dataLayer&cx=c	142.250.74.72	200 OK	86 kB
URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=G-PDV6XHL2ZF&l=dataLayer&cx=c IP 142.250.74.72:443 ASN #15169 GOOGLE Requested by https://stfly.cc/5K4gf Certificate IssuerGoogle Trust Services LLC Subject.google-analytics.com FingerprintEB:A2:AF:B3:20:F1:B1:77:23:0B:85:D2:B1:16:33:A7:97:49:EE:51 ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT File type ASCII text, with very long lines (4537) Size 86 kB (86307 bytes) Hash ddc3e4663f22626262d7a312792807cd 9f83ab64fdbb56c9deaaaee6e0ed41d4a8d533ae 168cc6b8e25518b25b5abac858ff5440afc4d0f34f8a6555a177cb78382a0df5 HTTP Headers `GET /gtag/js?id=G-PDV6XHL2ZF&l=dataLayer&cx=c HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://stfly.cc/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Thu, 01 Jun 2023 17:24:57 GMT expires: Thu, 01 Jun 2023 17:24:57 GMT cache-control: private, max-age=900 strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 86307 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	ocsp.pki.goog/gts1c3	142.250.74.131		472 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash de06f6fcbc144014f20c63dd5fe236b4 7f10e556cc7c7786c031a226d3efc006f8511c28 ae157c3fec7620409ce8cf7d841a47c30b487c02bbc82df9127345b7b1149f3e HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 01 Jun 2023 17:24:57 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	betotodilea.com/400/4495548	139.45.197.237	403 Forbidden	22 B
URL GET HTTP/2 betotodilea.com/400/4495548 IP 139.45.197.237:443 ASN #9002 RETN Limited Requested by https://stfly.cc/5K4gf Certificate IssuerLet's Encrypt Subjectbetotodilea.com FingerprintC9:DD:16:90:AA:F5:63:38:44:6E:FD:CC:C1:67:99:9F:22:F6:67:66 ValidityWed, 05 Apr 2023 04:47:01 GMT - Tue, 04 Jul 2023 04:47:00 GMT File type ASCII text, with no line terminators Size 22 B (22 bytes) Hash b5e50d07b6b24e1e105e6e4fceb97bf6 95d7e8119b8befc7153b44b4c7be59f26bd6ad33 61c3148fba3befcce5b4636c4209a440913a136138bf62005df97386827f2ae2 HTTP Headers `GET /400/4495548 HTTP/1.1 Host: betotodilea.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://stfly.cc/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 403 Forbidden server: nginx date: Thu, 01 Jun 2023 17:24:57 GMT content-type: text/plain; charset=utf-8 content-length: 22 x-trace-id: bd9d6b55c4602f0660a31f47d6226211 expires: Tue, 11 Jan 1994 10:00:00 GMT cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0 pragma: no-cache timing-allow-origin: * vary: Origin access-control-allow-origin: * access-control-expose-headers: Link access-control-allow-credentials: true X-Firefox-Spdy: h2`

	nanouwho.com/1?z=3968308	139.45.197.242	404 Not Found	7 B
URL GET HTTP/2 nanouwho.com/1?z=3968308 IP 139.45.197.242:443 ASN #9002 RETN Limited Requested by https://stfly.cc/5K4gf Certificate IssuerLet's Encrypt Subjectnanouwho.com Fingerprint17:8A:69:ED:47:86:DA:AC:CF:48:90:92:79:0C:F0:AC:0C:E8:8C:84 ValidityThu, 25 May 2023 04:38:28 GMT - Wed, 23 Aug 2023 04:38:27 GMT File type ASCII text, with no line terminators Size 7 B (7 bytes) Hash 3b66fb7a307f3ca29bd59b2f354055bd d6ae6ccb37eb272d94d4a5191fa50372f4d06bba de68e8f959bc131328db7581860711517d6ae1eb03aa047043dc7f826906e5a4 HTTP Headers `GET /1?z=3968308 HTTP/1.1 Host: nanouwho.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://stfly.cc/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 404 Not Found server: nginx date: Thu, 01 Jun 2023 17:24:57 GMT content-type: text/plain; charset=utf-8 content-length: 7 access-control-allow-credentials: true access-control-allow-origin: access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID x-trace-id: 25047e6cc6f65c7e83ec676b1cb06fbd access-control-expose-headers: X-Sc x-sc: 4KdnrdofxFOHMlcU set-cookie: scm=1; expires=Fri, 31 May 2024 17:24:57 GMT; secure; SameSite=None X-Firefox-Spdy: h2

	my.rtmark.net/gid.js?userId=57f5f147a01e4d7caa39e9bfc7f8a63f	139.45.195.8	200 OK	65 B
URL GET HTTP/2 my.rtmark.net/gid.js?userId=57f5f147a01e4d7caa39e9bfc7f8a63f IP 139.45.195.8:443 ASN #9002 RETN Limited Requested by https://stfly.cc/5K4gf Certificate IssuerLet's Encrypt Subjectrtmark.net Fingerprint84:56:36:C3:24:DE:FB:F0:E7:EB:EB:9D:C8:B6:28:31:B5:3C:8B:80 ValiditySat, 06 May 2023 08:48:01 GMT - Fri, 04 Aug 2023 08:48:00 GMT File type JSON data\012- , ASCII text Size 65 B (65 bytes) Hash e3a8fa5128c32cd6f3b4ec4e8b3c5364 80e4b135aa24b87de47c4bf8952123c64a459923 1726a3f4e291450fcaf89cd4b4bbf8381d3e69f64a0a65b6983915324d1ad183 HTTP Headers `GET /gid.js?userId=57f5f147a01e4d7caa39e9bfc7f8a63f HTTP/1.1 Host: my.rtmark.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://stfly.cc DNT: 1 Connection: keep-alive Referer: https://stfly.cc/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: nginx date: Thu, 01 Jun 2023 17:24:57 GMT content-type: application/json; charset=utf-8 content-length: 65 access-control-allow-origin: https://stfly.cc access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token access-control-expose-headers: Authorization access-control-allow-credentials: true set-cookie: ID=57f5f147a01e4d7caa39e9bfc7f8a63f; expires=Fri, 31 May 2024 17:24:57 GMT; secure; SameSite=None strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , X-Firefox-Spdy: h2

	stfly.me/wp-content/uploads/2022/12/favicon.png	172.67.192.47	200 OK	1.3 kB
URL GET HTTP/3 stfly.me/wp-content/uploads/2022/12/favicon.png IP 172.67.192.47:443 ASN #13335 CLOUDFLARENET Requested by https://stfly.cc/5K4gf Certificate IssuerGoogle Trust Services LLC Subjectstfly.me FingerprintD0:26:B8:12:FB:B0:05:A6:93:D9:1A:10:4E:3B:F1:22:DA:34:F1:C5 ValidityWed, 17 May 2023 01:56:27 GMT - Tue, 15 Aug 2023 01:56:26 GMT File type PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data Size 1.3 kB (1273 bytes) Hash 77004a5b31f1c5ab30755cad675630cb 9ff49298b2f92e7895b7d47a115b2473fe3d35e1 f75a1c9fe89949bcaa5941eb8f583e9df82b4b07da88162fdb552660b7909b60 HTTP Headers `GET /wp-content/uploads/2022/12/favicon.png HTTP/1.1 Host: stfly.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://stfly.cc/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Thu, 01 Jun 2023 17:24:57 GMT content-type: image/png content-length: 1273 last-modified: Thu, 15 Dec 2022 13:18:03 GMT etag: "639b1e8b-4f9" expires: Mon, 12 Jun 2023 07:18:11 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000 cf-cache-status: HIT age: 1678006 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dxYz%2B2%2BVXY%2FQeEarCAbjTCmekY3NtPkg7XIEVa1ADv9ASqCC6ITRhOfdL%2BKmGKcEGt5B%2F3lqwHE6F1DeWqA7ER6gczWL3KVWtJmLMYPvxY%2FG1WWbN83xq%2F6pbA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d092735a97ab51b-OSL alt-svc: h3=":443"; ma=86400

	ocsp.pki.goog/gts1c3	142.250.74.131		472 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash ec1458576ada616603980e927aecc7e2 99e65899f1a132d05d7077216a57c11d3870fa8d af449ad4f469ca46bd50bc1260655a9cd55e14719682e461b41796d6bf8e7cb7 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 01 Jun 2023 17:24:57 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	tignuget.net/?rb=a9Kr12g2PcGk-SwmXzz5lcfFnaf5EYxuPjECDHEVXYd3wAF2dJ_4NWKC4ejaQPxoxPHIeE4J7eRt8juTLuPBv9dwLSOLs0G7dBtIVV7A5RSLwTluQN2l44ibZsTbb6haipMH6sT9wZUffAKCom3_BDOSg91O5U8vJYBABva73N6iPXRLpL9vzAEiBUYlt78rMCweBeG1WdT0tCtGorHBUQ%3D%3D&request_ab2=0&zoneid=3381289&js_build=iclick-v1.551.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=0&pl=https%3A%2F%2Fstfly.cc%2F5K4gf&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.551.0&bs=7c5a2086-910e-4d2c-b1d4-26946126b2e1&userId=57f5f147a01e4d7caa39e9bfc7f8a63f&m=link	139.45.197.244	200 OK	1.7 kB
URL GET HTTP/2 tignuget.net/?rb=a9Kr12g2PcGk-SwmXzz5lcfFnaf5EYxuPjECDHEVXYd3wAF2dJ_4NWKC4ejaQPxoxPHIeE4J7eRt8juTLuPBv9dwLSOLs0G7dBtIVV7A5RSLwTluQN2l44ibZsTbb6haipMH6sT9wZUffAKCom3_BDOSg91O5U8vJYBABva73N6iPXRLpL9vzAEiBUYlt78rMCweBeG1WdT0tCtGorHBUQ%3D%3D&request_ab2=0&zoneid=3381289&js_build=iclick-v1.551.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=0&pl=https%3A%2F%2Fstfly.cc%2F5K4gf&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.551.0&bs=7c5a2086-910e-4d2c-b1d4-26946126b2e1&userId=57f5f147a01e4d7caa39e9bfc7f8a63f&m=link IP 139.45.197.244:443 ASN #9002 RETN Limited Requested by https://stfly.cc/5K4gf Certificate IssuerLet's Encrypt Subjecttignuget.net FingerprintC0:94:6B:9D:1C:F2:5D:88:4B:30:56:66:CC:7B:24:71:64:C4:AC:94 ValidityMon, 22 May 2023 07:39:44 GMT - Sun, 20 Aug 2023 07:39:43 GMT File type gzip compressed data, max speed, from Unix\012- data Size 1.7 kB (1709 bytes) Hash 0ae35af8ab55152cbbd5b12c66977cec 495495ae3ecf67b793c750639c3ab2a3b7fac82e 4df0fd9558e22be3f8e5ca2b1a682427fba138d3f58fc939fb310f23fa252045 HTTP Headers GET /?rb=a9Kr12g2PcGk-SwmXzz5lcfFnaf5EYxuPjECDHEVXYd3wAF2dJ_4NWKC4ejaQPxoxPHIeE4J7eRt8juTLuPBv9dwLSOLs0G7dBtIVV7A5RSLwTluQN2l44ibZsTbb6haipMH6sT9wZUffAKCom3_BDOSg91O5U8vJYBABva73N6iPXRLpL9vzAEiBUYlt78rMCweBeG1WdT0tCtGorHBUQ%3D%3D&request_ab2=0&zoneid=3381289&js_build=iclick-v1.551.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=0&pl=https%3A%2F%2Fstfly.cc%2F5K4gf&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.551.0&bs=7c5a2086-910e-4d2c-b1d4-26946126b2e1&userId=57f5f147a01e4d7caa39e9bfc7f8a63f&m=link HTTP/1.1 Host: tignuget.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://stfly.cc/ Origin: https://stfly.cc DNT: 1 Connection: keep-alive Cookie: OAID=57f5f147a01e4d7caa39e9bfc7f8a63f; oaidts=1685640297 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK server: nginx date: Thu, 01 Jun 2023 17:24:57 GMT content-type: application/json x-trace-id: 4d044ab24c231e809662ee35337b0b1a access-control-allow-origin: https://stfly.cc access-control-allow-credentials: true access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace access-control-max-age: 86400 pragma: no-cache cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0 expires: Tue, 11 Jan 1994 10:00:00 GMT set-cookie: OAID=57f5f147a01e4d7caa39e9bfc7f8a63f; expires=Fri, 31 May 2024 17:24:57 GMT; path=/; secure; SameSite=None oaidts=1685640297; expires=Fri, 31 May 2024 17:24:57 GMT; path=/; secure; SameSite=None syncedCookie=true; expires=Thu, 08 Jun 2023 17:24:57 GMT; path=/; secure; SameSite=None strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , content-encoding: gzip X-Firefox-Spdy: h2

	unpkg.com/just-detect-adblock@1.1.0/dist/bundle.umd.js	104.16.123.175	200 OK	1.6 kB
URL GET HTTP/2 unpkg.com/just-detect-adblock@1.1.0/dist/bundle.umd.js IP 104.16.123.175:443 ASN #13335 CLOUDFLARENET Requested by https://stfly.cc/5K4gf Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT File type ASCII text, with very long lines (2579) Size 1.6 kB (1565 bytes) Hash 09f554e0361d2bb83c02eca48ec2a0ee e80452ce6ee60b10f8edd2c134db6566effbd0eb 6ea0709e076a8dd6569a1d148aabce6669d3bb30087be54fd8368ac1293bd771 HTTP Headers `GET /just-detect-adblock@1.1.0/dist/bundle.umd.js HTTP/1.1 Host: unpkg.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://stfly.cc/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Thu, 01 Jun 2023 17:24:57 GMT content-type: application/javascript; charset=utf-8 access-control-allow-origin: * cache-control: public, max-age=31536000 last-modified: Sat, 26 Oct 1985 08:15:00 GMT etag: W/"a14-6ARSzm7mCxD47dLBNNtlZu/70Os" via: 1.1 fly.io fly-request-id: 01GXDN55X68ZQDDPH54B4M1K1X-ams cf-cache-status: HIT age: 4775945 vary: Accept-Encoding strict-transport-security: max-age=31536000; includeSubDomains; preload x-content-type-options: nosniff server: cloudflare cf-ray: 7d092733ba20b4f7-OSL content-encoding: br X-Firefox-Spdy: h2

	region1.analytics.google.com/g/collect?v=2&tid=G-PDV6XHL2ZF&gtm=45je35v0&_p=989433892&_gaz=1&cid=1308417904.1685640297&ul=en-us&sr=1280x1024&_s=1&sid=1685640297&sct=1&seg=0&dl=https%3A%2F%2Fstfly.cc%2F5K4gf&dt=Stfly&en=page_view&_fv=1&_nsi=1&_ss=1	216.239.34.36	204 No Content	0 B
URL POST HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-PDV6XHL2ZF&gtm=45je35v0&_p=989433892&_gaz=1&cid=1308417904.1685640297&ul=en-us&sr=1280x1024&_s=1&sid=1685640297&sct=1&seg=0&dl=https%3A%2F%2Fstfly.cc%2F5K4gf&dt=Stfly&en=page_view&_fv=1&_nsi=1&_ss=1 IP 216.239.34.36:443 ASN #15169 GOOGLE Requested by https://stfly.cc/5K4gf Certificate IssuerGoogle Trust Services LLC Subject.google-analytics.com FingerprintEB:A2:AF:B3:20:F1:B1:77:23:0B:85:D2:B1:16:33:A7:97:49:EE:51 ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /g/collect?v=2&tid=G-PDV6XHL2ZF&gtm=45je35v0&_p=989433892&_gaz=1&cid=1308417904.1685640297&ul=en-us&sr=1280x1024&_s=1&sid=1685640297&sct=1&seg=0&dl=https%3A%2F%2Fstfly.cc%2F5K4gf&dt=Stfly&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1 Host: region1.analytics.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://stfly.cc DNT: 1 Connection: keep-alive Referer: https://stfly.cc/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Content-Length: 0 `HTTP/2 204 No Content access-control-allow-origin: https://stfly.cc date: Thu, 01 Jun 2023 17:24:58 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate access-control-allow-credentials: true content-type: text/plain cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2`

	stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css	104.18.10.207	200 OK	156 kB
URL GET HTTP/2 stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css IP 104.18.10.207:443 ASN #13335 CLOUDFLARENET Requested by https://stfly.cc/5K4gf Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT File type ASCII text, with very long lines (65324) Size 156 kB (155758 bytes) Hash a15c2ac3234aa8f6064ef9c1f7383c37 6e10354828454898fda80f55f3decb347fd9ed21 60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36 HTTP Headers `GET /bootstrap/4.3.1/css/bootstrap.min.css HTTP/1.1 Host: stackpath.bootstrapcdn.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://stfly.cc/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Thu, 01 Jun 2023 17:24:57 GMT content-type: text/css; charset=utf-8 vary: Accept-Encoding cdn-pullzone: 252412 cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestcountrycode: DE access-control-allow-origin: * cache-control: public, max-age=31919000 last-modified: Mon, 25 Jan 2021 22:04:08 GMT cdn-cachedat: 12/27/2021 07:28:05 cdn-edgestorageid: 756 cdn-requestpullcode: 200 cdn-requestpullsuccess: True timing-allow-origin: * cross-origin-resource-policy: cross-origin x-content-type-options: nosniff cdn-status: 200 cdn-proxyver: 1.02 cdn-requestid: 5a4f218ff2cc791bfca3e2943b0791a7 cdn-cache: HIT cf-cache-status: HIT age: 31086921 strict-transport-security: max-age=31536000; includeSubDomains; preload server: cloudflare cf-ray: 7d092730c98db51b-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	tignuget.net/5/3381289	139.45.197.244	200 OK	65 kB
URL GET HTTP/2 tignuget.net/5/3381289 IP 139.45.197.244:443 ASN #9002 RETN Limited Requested by https://stfly.cc/5K4gf Certificate IssuerLet's Encrypt Subjecttignuget.net FingerprintC0:94:6B:9D:1C:F2:5D:88:4B:30:56:66:CC:7B:24:71:64:C4:AC:94 ValidityMon, 22 May 2023 07:39:44 GMT - Sun, 20 Aug 2023 07:39:43 GMT File type ASCII text, with very long lines (64745), with no line terminators Size 65 kB (64745 bytes) Hash d1df8dcec1c7ad368b203230ba996dba 7f4ef85803bb7248a6712c1f4f25881a38010c68 fcf7306c8c64364aa6d3116725cdca0be248d4db78f781068ec6309b2e375807 HTTP Headers `GET /5/3381289 HTTP/1.1 Host: tignuget.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://stfly.cc/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: nginx date: Thu, 01 Jun 2023 17:24:57 GMT content-type: application/javascript x-trace-id: 52e96eea8ffe9cbd538ae5582735f63e link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://xobr219pa.com>; rel="preconnect dns-prefetch" access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace access-control-max-age: 86400 timing-allow-origin: * set-cookie: OAID=57f5f147a01e4d7caa39e9bfc7f8a63f; expires=Fri, 31 May 2024 17:24:57 GMT; path=/; secure; SameSite=None oaidts=1685640297; expires=Fri, 31 May 2024 17:24:57 GMT; path=/; secure; SameSite=None syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT pragma: no-cache, no-cache cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0 expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT content-encoding: gzip X-Firefox-Spdy: h2

	www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-PDV6XHL2ZF&cid=1308417904.1685640297&gtm=45je35v0&aip=1&z=876432325	216.58.207.227	200 OK	42 B
URL GET HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-PDV6XHL2ZF&cid=1308417904.1685640297&gtm=45je35v0&aip=1&z=876432325 IP 216.58.207.227:443 ASN #15169 GOOGLE Requested by https://stfly.cc/5K4gf Certificate IssuerGoogle Trust Services LLC Subject.google.no FingerprintB6:72:A5:B7:45:AC:AA:AB:11:6F:E9:5D:A6:4D:03:19:3A:00:31:45 ValidityMon, 08 May 2023 08:26:53 GMT - Mon, 31 Jul 2023 08:26:52 GMT File type GIF image data, version 89a, 1 x 1\012- data Size 42 B (42 bytes) Hash d89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 HTTP Headers GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-PDV6XHL2ZF&cid=1308417904.1685640297&gtm=45je35v0&aip=1&z=876432325 HTTP/1.1 Host: www.google.no User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://stfly.cc/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin: * cross-origin-resource-policy: cross-origin date: Thu, 01 Jun 2023 17:24:57 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate content-type: image/gif x-content-type-options: nosniff server: cafe content-length: 42 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.googleapis.com/css?family=Open+Sans	142.250.74.106	200 OK	2.9 kB
URL GET HTTP/2 fonts.googleapis.com/css?family=Open+Sans IP 142.250.74.106:443 ASN #15169 GOOGLE Requested by https://stfly.cc/5K4gf Certificate IssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint5F:AC:74:E6:97:66:CD:D0:F1:EA:0D:01:37:89:65:2E:98:22:84:6C ValidityMon, 08 May 2023 08:24:50 GMT - Mon, 31 Jul 2023 08:24:49 GMT File type ASCII text, with very long lines (2967), with no line terminators Size 2.9 kB (2895 bytes) Hash 943667d1776ef7de00d3b96830f3369c dda878ceaa309afae1df46f142fe271fce34a474 fd773a1fa9b41a9f137a141646e33d40093df650cb94b739268d83fc6f5cc852 HTTP Headers `GET /css?family=Open+Sans HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://stfly.cc/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Thu, 01 Jun 2023 17:24:57 GMT date: Thu, 01 Jun 2023 17:24:57 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	unpkg.com/just-detect-adblock@latest/dist/bundle.umd.js	104.16.123.175	302 Found	2.6 kB
URL GET HTTP/2 unpkg.com/just-detect-adblock@latest/dist/bundle.umd.js IP 104.16.123.175:443 ASN #13335 CLOUDFLARENET Requested by https://stfly.cc/5K4gf Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT File type Size 2.6 kB (2580 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /just-detect-adblock@latest/dist/bundle.umd.js HTTP/1.1 Host: unpkg.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://stfly.cc/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 302 Found date: Thu, 01 Jun 2023 17:24:57 GMT content-type: text/plain; charset=utf-8 access-control-allow-origin: * cache-control: public, s-maxage=600, max-age=60 location: /just-detect-adblock@1.1.0/dist/bundle.umd.js vary: Accept, Accept-Encoding via: 1.1 fly.io fly-request-id: 01H1VZVEZK13E8FM0BXJBA17HM-arn cf-cache-status: EXPIRED strict-transport-security: max-age=31536000; includeSubDomains; preload x-content-type-options: nosniff server: cloudflare cf-ray: 7d0927330901b4f7-OSL X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (11)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML