| za.gl/pd3d3 |  104.26.5.66 | 301 Moved Permanently | 0 B |
IP104.26.5.66:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pd3d3 HTTP/1.1
Host: za.gl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 28 Nov 2022 19:33:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 28 Nov 2022 20:33:49 GMT
Location: https://za.gl/pd3d3
Server-Timing: cf-q-config;dur=6.0000020312145e-06
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ceKlhmmmq9n7KEpNFZPoxukMzWc8fP9CleqfmrE%2FJJr2VVYst3rzBHq2vXW60rLCgE7Kblx4IlQGQ7sigRssdLySBv5tISxC2ik9Z4oQiRDhkCkd90ey"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7715899adf5ab4ee-OSL
alt-svc: h2=":443"; ma=60
|
|
| r3.o.lencr.org/ |  23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashcdbad2434b7d127a4fc769807a9dc3e7 fa98cd9fc2309ab4423f33f683d17bdb17d76713 560cbbb751ab2884024da3b93fba6bc45c6434797dba72a98c05e7fc2bb94bc1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "560CBBB751AB2884024DA3B93FBA6BC45C6434797DBA72A98C05E7FC2BB94BC1"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4717
Expires: Mon, 28 Nov 2022 20:52:27 GMT
Date: Mon, 28 Nov 2022 19:33:50 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ |  93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash9408cc0694fcbea57966c3a3ba906092 fddcee1fdcf3209298e41a4b1b5560357fa165f0 6ef7120d9463f56e3ddfadd5766d02da8523f34061b13bdba54bf9ab72a1e979
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4856
Cache-Control: max-age=145107
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 19:33:50 GMT
Etag: "63848df9-1d7"
Expires: Wed, 30 Nov 2022 11:52:17 GMT
Last-Modified: Mon, 28 Nov 2022 10:31:21 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
|
|
| firefox.settings.services.mozilla.com/v1/ | 34.102.187.140 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash14cd9a0afb6ba9a763651d5112760d1e 75d7b104ab9ab11fbb73c3f348b43b0119b5adfa 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 28 Nov 2022 19:19:33 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 857
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash24a380608356c3a542047a5ad4a40784 fc695afa59eb7dc53208fdc6067f7e413237ccdc e31a93f980acc018343e4a077c780c33bc7179d2efdc40ea55fd8e66a8427d0d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6239
Cache-Control: max-age=87070
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 19:33:50 GMT
Etag: "6383a5dd-117"
Expires: Tue, 29 Nov 2022 19:45:00 GMT
Last-Modified: Sun, 27 Nov 2022 18:01:01 GMT
Server: ECS (amb/6BAE)
X-Cache: HIT
Content-Length: 279
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 19:33:50 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash71f9c681a82440fd55e76c780a20e55d 3147768cfbcdd06e0c6e69684292e68e99917a80 5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7189
Expires: Mon, 28 Nov 2022 21:33:39 GMT
Date: Mon, 28 Nov 2022 19:33:50 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash9ebddc2b260d081ebbefee47c037cb28 492bad62a7ca6a74738921ef5ae6f0be5edebf39 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 96g0/kfzGuB3wlSewNCB5qAPYGtgL0/ZlEQ6tSKP4jgpwleatBWFzCdCDtSDZDBzb3TrZSDSezU=
x-amz-request-id: X2S2K8NQNRXW7T7K
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 28 Nov 2022 18:45:08 GMT
age: 2922
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash24a380608356c3a542047a5ad4a40784 fc695afa59eb7dc53208fdc6067f7e413237ccdc e31a93f980acc018343e4a077c780c33bc7179d2efdc40ea55fd8e66a8427d0d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6239
Cache-Control: max-age=87070
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 19:33:50 GMT
Etag: "6383a5dd-117"
Expires: Tue, 29 Nov 2022 19:45:00 GMT
Last-Modified: Sun, 27 Nov 2022 18:01:01 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 2.6 kB |
IP93.184.220.29:0
Hashff3ba9b64d524bdb676485a62ac3c103 401c456909c1a767ffee8c75dadd8a4d8ab3d1a2 6b9876cfa68a42d65a7045fc50d3d2981f754db8e515a794eb9c488038b5011a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6115
Cache-Control: max-age=95590
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 19:33:50 GMT
Etag: "6383c7a1-118"
Expires: Tue, 29 Nov 2022 22:07:00 GMT
Last-Modified: Sun, 27 Nov 2022 20:25:05 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 280
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 551 B |
IP93.184.220.29:0
Hashc36278f756b39110ee5e37dadf9e33a5 ea25ce27354c8b9574ca280479b984a5316555df d6ef06f07646d753756adaca4ec90cd8e5f276854968f59a9ddddf08f7794728
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6115
Cache-Control: max-age=95590
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 19:33:50 GMT
Etag: "6383c7a1-118"
Expires: Tue, 29 Nov 2022 22:07:00 GMT
Last-Modified: Sun, 27 Nov 2022 20:25:05 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 280
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 278 B |
IP93.184.220.29:0
Hash55b22769d33d50f269469b09b21f67a0 185ebf9cca9e9568c59fc10541bef48c3aed3c92 3408601a115d5ffb329a336c8dfaca861940179dc7c3746f07d45e9d6a00b0ea
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6453
Cache-Control: max-age=132985
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 19:33:50 GMT
Etag: "63845862-116"
Expires: Wed, 30 Nov 2022 08:30:15 GMT
Last-Modified: Mon, 28 Nov 2022 06:42:42 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 278
|
|
| cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/aes.js |  104.17.24.14 | 200 OK | 4.3 kB |
URL HTTP/2cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/aes.js IP104.17.24.14:0
File typeASCII text, with very long lines (548) Hash4dc1890d39b14772f9579894d823296e ae5c8609bcf332695e4669f817c91a20a81e3208 e8280ea3c6c000fb1d319cc116e7ebe934818e2091fcf87dd6cc450b62d00b48
GET /ajax/libs/crypto-js/3.1.2/rollups/aes.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 19:33:50 GMT
content-type: application/javascript; charset=utf-8
content-length: 4256
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e2d-3430"
last-modified: Mon, 04 May 2020 16:09:17 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 512712
expires: Sat, 18 Nov 2023 19:33:50 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=58E3IwAmlVn3xupMVnS7c44ol9XStBk%2FodifkqNDSj0%2Fz%2FC3ew0U57cvtfypIbw0F12NnTydGd4AimgUVpWBtOrn9kSyVFq5CmY3j3en7nrPCndr%2BEXwceI6o0KFwZUVBxIZfiCp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7715899f68c4b52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashdfc6d93c89faf83ac654cd676c02764d ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d 83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 19:33:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| polyfill.io/v3/polyfill.js?features=Intl%2Cfetch | 151.101.193.26 | 200 OK | 142 B |
URL HTTP/2polyfill.io/v3/polyfill.js?features=Intl%2Cfetch IP151.101.193.26:0
Hash0029422a03c75d739c3591816bdefde0 bf4af2e7c626fa715e179d4a726c6afb30e29e90 290c315adf54b46aa291ed06a69cd4d9111c08a83b265fbd57897cef29f003f0
GET /v3/polyfill.js?features=Intl%2Cfetch HTTP/1.1
Host: polyfill.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
content-type: text/javascript; charset=utf-8
last-modified: Sat, 19 Nov 2022 11:32:20 GMT
content-encoding: br
age: 0
accept-ranges: bytes
useragent_normaliser: firefox/105.0.0
date: Mon, 28 Nov 2022 19:33:50 GMT
vary: User-Agent, Accept-Encoding
server-timing: cache-bma1665, PASS, fastly;desc="Edge time";dur=11
content-length: 142
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 4.6 kB |
IP142.250.74.3:0
Hasha1d6804892c028fc6859bbfe5596d87e 027b77df80bff353609e9e1e780cf17a0ff37b63 23855e23bf87e9657c91e2ece399957954cb10e777fdc0eb2341d672f2e76b93
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 19:33:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 1.4 kB |
IP142.250.74.3:0
Hashda8c9ff158154301662ecfc76a8db3eb ceff996016ba16dcd113b8b19afff9fa79860074 7e7ec50ec1752d5d11f7e3db32b7570b725e7d89652ae08ec8442627c366edcc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 19:33:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick.js | 104.17.24.14 | 200 OK | 12 kB |
URL HTTP/2cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick.js IP104.17.24.14:0
Hashfab824518fd82853ed2698f39d8ec43e df19bf45131085a88eb2cd4c07e2bda44cef0e98 d55908906f498a577e0f9cc6ffeac157765acb67643c23d22c0d51b352e208c4
GET /ajax/libs/slick-carousel/1.6.0/slick.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 19:33:50 GMT
content-type: application/javascript; charset=utf-8
content-length: 12032
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fd5-14929"
last-modified: Mon, 04 May 2020 16:16:21 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 5285146
expires: Sat, 18 Nov 2023 19:33:50 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0irKnwHm%2Bg9Ct9ur54%2BFMNkXWYy6piVacvKKgwUpmmdImRAMx%2F8MP1%2FRetwzOlnGoYwNc5IRGBCQhuHgyIcAASlIxfBRe7B%2BbJYyZjysH%2F8gXUS%2BXldEltuMhJvphgZn5l3o6Wkn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7715899f78f1b52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 746 B |
IP142.250.74.3:0
Hash6f885ddd93d8c2e7aa7825ee4ed22465 31fdf0b8650a1dc0f0a6339ca24e2ac4d5389a84 1f6f6255b32cb2af70894009834c24ed2bc3e522f0f52a7df24c685d53409676
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 19:33:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js | 142.250.74.138 | 200 OK | 30 kB |
URL HTTP/2ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js IP142.250.74.138:0
File typeASCII text, with very long lines (32058) Hashfc3fc31e5e7c0933dc18e562c1c071bf a44c31323f6bd29e583cc585036e6eb39f7014a6 ddad766fb94b23efeb5574cdedc5e8446d496fb91bd0b08cd80be212e001055d
GET /ajax/libs/jquery/3.2.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30306
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:54:48 GMT
expires: Thu, 23 Nov 2023 18:54:48 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 434342
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 280 B |
IP93.184.220.29:0
Hashc621d4c62f1b73d7db42f083617dc8db 1a78ba537afba7aea6308288c5c41c90de74b3ba d7b3c5b2e9ea4ad8e5c33649a912d471545651f643b62238beb7d33188146322
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6115
Cache-Control: max-age=95590
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 19:33:50 GMT
Etag: "6383c7a1-118"
Expires: Tue, 29 Nov 2022 22:07:00 GMT
Last-Modified: Sun, 27 Nov 2022 20:25:05 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 280
|
|
| www.google.com/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit | 142.250.74.164 | 200 OK | 580 B |
URL HTTP/2www.google.com/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit IP142.250.74.164:0
File typeASCII text, with very long lines (918), with no line terminators Hashdbf518f97165d213611f9e6f762bf876 a8529116d76204a0420a8c244723466310787f79 bc0692ecebd5884ea21d4bd3cd0ef1aa05f8a8439ea5f8ea7ebfe8110b603082
GET /recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Mon, 28 Nov 2022 19:33:50 GMT
date: Mon, 28 Nov 2022 19:33:50 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 580
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-6QVVMFTPT3 | 142.250.74.168 | 200 OK | 76 kB |
URL HTTP/2www.googletagmanager.com/gtag/js?id=G-6QVVMFTPT3 IP142.250.74.168:0
File typeASCII text, with very long lines (19102) Hashcfd2161d24f65e2cedd8484bb99675ee 5967b2365868f7f638a2ad171050719c3167864b 5344f95f3bc15a40a88769aaab20f0b9ef966b6224aa3b81535c09e17babc4ac
GET /gtag/js?id=G-6QVVMFTPT3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 28 Nov 2022 19:33:50 GMT
expires: Mon, 28 Nov 2022 19:33:50 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75990
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=UA-120643151-1 | 142.250.74.168 | 200 OK | 44 kB |
URL HTTP/2www.googletagmanager.com/gtag/js?id=UA-120643151-1 IP142.250.74.168:0
File typeASCII text, with very long lines (1921) Hash51222fe286b6d2d3bb16bf188780833f 33fc60d789b4ae36ce7839d9a4c822fe147595a5 3f7e4ad3c0ed18e2accb589efa9482016c0077eafa1509157cd55bf95d07dc08
GET /gtag/js?id=UA-120643151-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 28 Nov 2022 19:33:50 GMT
expires: Mon, 28 Nov 2022 19:33:50 GMT
cache-control: private, max-age=900
last-modified: Mon, 28 Nov 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43680
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashdfc6d93c89faf83ac654cd676c02764d ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d 83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 19:33:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashc81653e99cfdfb43236c8d50248b2e51 a33bc0cb7d3bb714b7ef23b059bb304cf23d464f e75fa0ce568755990d6949ef93e3e5c29213a5a11887f697af901f41b14e0274
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 19:33:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash7207a5076b63fb5f39b9436ced9fb18f cdd84ecfe85882601e81f11783d9f63b30084de3 6d4543402df8135d5860ecd47dd52d96d66d2e1ac6feec11accb5f43f2da7d0d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 19:33:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 34.102.187.140 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 28 Nov 2022 19:11:12 GMT
cache-control: public,max-age=3600
age: 1358
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashf5fcfc4ae23adb1905b063bc606d60f9 79ac19dc63ae74a109c74a688a722bdedfec3d34 a98e1913a17232e258d9d66f2688cdd71d32af6383bb04f9d5bea1097356128a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A98E1913A17232E258D9D66F2688CDD71D32AF6383BB04F9D5BEA1097356128A"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8767
Expires: Mon, 28 Nov 2022 21:59:57 GMT
Date: Mon, 28 Nov 2022 19:33:50 GMT
Connection: keep-alive
|
|
| opticlygremio.com/1clkn/14927 |  23.109.248.164 | 200 OK | 26 B |
URL HTTP/1.1opticlygremio.com/1clkn/14927 IP23.109.248.164:0
File typeASCII text, with no line terminators Hash414a242a6fee8464282857e475d3ef61 f669890350347f53aa9bd19c1a355692e8d17d2f d4914e81dd0b4c1d8ee8e789f6b369d107b93ac886f862930e1a98580e79aafa
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /1clkn/14927 HTTP/1.1
Host: opticlygremio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 19:33:50 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Tue, 29-Nov-2022 19:33:50 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjM0KgkAYRW0qSwrjQg%2FQC2T%2Fi7bVMnThAwxmXzFg84kz%2FdjTpwbR5nI4cK7jOGLsQ6gcw%2B0i2M6D9TJYbNZoX4khwgjDlO%2FaFqXUyY3ghlw8kxJuQVfFGmK%2BwuDLMuUzoRtG0z%2FXRIPIZDzZ1z8lOqmqt1bwav52vaprXFuZHP4uU69JzNndVi8GniYrTU50hrdPThnNDvER%2Fs82H24LfWVkXvCrrHhk1Y3erEny5WLIVqr1cMUHDLFHVQ%3D%3D; expires=Tue, 29-Nov-2022 19:33:50 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashcd0a5be4865b85e858cfcaafa90f8dca 122569d314b0900b1f5e5f58cdad0d9fc16b7e1b 624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 19:33:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashcd0a5be4865b85e858cfcaafa90f8dca 122569d314b0900b1f5e5f58cdad0d9fc16b7e1b 624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 19:33:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/dmsans/v11/rP2Cp2ywxg089UriASitCBimCw.woff2 | 216.58.207.195 | 200 OK | 18 kB |
URL HTTP/2fonts.gstatic.com/s/dmsans/v11/rP2Cp2ywxg089UriASitCBimCw.woff2 IP216.58.207.195:0
File typeWeb Open Font Format (Version 2), TrueType, length 18212, version 1.0\012- data Hashca72fb4e277e59be50b8850190822581 159b97b22006fe2a483da0a13d33cfb3cc5aa031 f3c0fa2cd71bb91d0e3acf5d77b93c49a184e9ad941532ca8c07c82eb0bd6a6c
GET /s/dmsans/v11/rP2Cp2ywxg089UriASitCBimCw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://za.gl
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18212
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 27 Nov 2022 00:51:09 GMT
expires: Mon, 27 Nov 2023 00:51:09 GMT
cache-control: public, max-age=31536000
age: 153761
last-modified: Thu, 21 Apr 2022 16:54:14 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/dmsans/v11/rP2Hp2ywxg089UriCZOIHQ.woff2 | 216.58.207.195 | 200 OK | 18 kB |
URL HTTP/2fonts.gstatic.com/s/dmsans/v11/rP2Hp2ywxg089UriCZOIHQ.woff2 IP216.58.207.195:0
File typeWeb Open Font Format (Version 2), TrueType, length 18096, version 1.0\012- data Hashf29503a1895affee5ed85d0246238af8 f474c6e8a3e4e28fb68cf7fb29bd448cdfeb0278 7164a212fb4df27bf1e006342d1686badcba58f5a5d301772c14cc7adf1d4821
GET /s/dmsans/v11/rP2Hp2ywxg089UriCZOIHQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://za.gl
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18096
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 20:33:10 GMT
expires: Fri, 24 Nov 2023 20:33:10 GMT
cache-control: public, max-age=31536000
age: 342040
last-modified: Thu, 21 Apr 2022 16:54:12 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash7ab2ef968cb6a3078f4b9cb2dda813d4 e669116047ca058a2c1b2999ff0ea8682719162c 6ddecf0b21c44f3851da8efeb6ecdc6c8e9b83d7681153c31952b4ec8c23c940
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3530
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 19:33:51 GMT
Last-Modified: Mon, 28 Nov 2022 18:35:01 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashcd0a5be4865b85e858cfcaafa90f8dca 122569d314b0900b1f5e5f58cdad0d9fc16b7e1b 624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 19:33:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.sca1b.amazontrust.com/ | 143.204.42.88 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP143.204.42.88:0
Hash4e07b22c2d6a8fd22ef7a18e8e51bb74 3dc7a3bb0d6dbb333ad6cee995ca6b8c69682ce1 83fe0583154a1f6a4eac602cb6e163915aa9801f3dda880d7a69fc398923b548
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=144866
Date: Mon, 28 Nov 2022 19:33:51 GMT
Etag: "63848c5d-1d7"
Expires: Wed, 30 Nov 2022 11:48:16 GMT
Last-Modified: Mon, 28 Nov 2022 10:24:29 GMT
Server: ECS (nyb/1D1F)
X-Cache: Miss from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: pM2iftgERNkQdQMkQdtY0lMv1qakPZQ2gGLrCzac50x9mNWrVhKT3Q==
Age: 5027
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash8c1b5643a2bc5f5232722e32fc71bd74 329931ad2a38f34d67ddbeb9553f3429e5796eb5 fbd6316f84b6e6f515d9a0ffe2556f5dbea0cbcbc24290a995505ece2bc83eab
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FBD6316F84B6E6F515D9A0FFE2556F5DBEA0CBCBC24290A995505ECE2BC83EAB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8895
Expires: Mon, 28 Nov 2022 22:02:06 GMT
Date: Mon, 28 Nov 2022 19:33:51 GMT
Connection: keep-alive
|
|
| www.google-analytics.com/analytics.js | 142.250.74.174 | 200 OK | 20 kB |
URL HTTP/2www.google-analytics.com/analytics.js IP142.250.74.174:0
File typeASCII text, with very long lines (1325) Hash47e6f374ca946fddd5b59871b325736c baa9282efc8785e84d247c3bff518eaa45f101c4 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Mon, 28 Nov 2022 18:41:08 GMT
expires: Mon, 28 Nov 2022 20:41:08 GMT
cache-control: public, max-age=7200
age: 3163
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash8c1b5643a2bc5f5232722e32fc71bd74 329931ad2a38f34d67ddbeb9553f3429e5796eb5 fbd6316f84b6e6f515d9a0ffe2556f5dbea0cbcbc24290a995505ece2bc83eab
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FBD6316F84B6E6F515D9A0FFE2556F5DBEA0CBCBC24290A995505ECE2BC83EAB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8895
Expires: Mon, 28 Nov 2022 22:02:06 GMT
Date: Mon, 28 Nov 2022 19:33:51 GMT
Connection: keep-alive
|
|
| push.services.mozilla.com/ | 54.187.102.159 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP54.187.102.159:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: s9JU4Q9QUkR1Z84zk84U6A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Ykpm/E9qHgsZVMMUfSv6eOrt+GQ=
|
|
| www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js | 142.250.74.163 | 200 OK | 163 kB |
URL HTTP/2www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js IP142.250.74.163:0
File typeASCII text, with very long lines (730) Size163 kB (162976 bytes) Hash79d18cf4265108d7cecca1bf4ada6109 e51d0285a545381d4c39e9e0292a650ffeeecbb9 59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://za.gl
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Nov 2022 21:26:04 GMT
expires: Sun, 26 Nov 2023 21:26:04 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 166067
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fishermanslush.com/3e/c0/90/3ec0905094195898e97f189a6f59b52b.js | 192.243.59.20 | 200 OK | 13 kB |
URL HTTP/1.1fishermanslush.com/3e/c0/90/3ec0905094195898e97f189a6f59b52b.js IP192.243.59.20:0 ASN#39572 DataWeb Global Group B.V.
File typeASCII text, with very long lines (37163), with no line terminators Hash674c0658120ed5ffccb7fef8ccbdbff3 5a011029eaa982979023371ea771c2b355b727f3 42a143dfb6c8d8c0806f94e280db4ad120fd0c07c43f7d778a2fe34b757a69c2
GET /3e/c0/90/3ec0905094195898e97f189a6f59b52b.js HTTP/1.1
Host: fishermanslush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 28 Nov 2022 19:33:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 94b109f3c1e23620b69d368df915899a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| fishermanslush.com/ae/5b/60/ae5b60e24661bf9ec039fadca57ec6c7.js | 192.243.59.20 | 200 OK | 21 kB |
URL HTTP/1.1fishermanslush.com/ae/5b/60/ae5b60e24661bf9ec039fadca57ec6c7.js IP192.243.59.20:0 ASN#39572 DataWeb Global Group B.V.
File typeHTML document, ASCII text, with very long lines (60158), with no line terminators Hash51a79f9b0e6d1020e79487e3bc1f8005 9f2bac1fcb81b52e3789388d3cca9a2a65fc4165 42429293ce87c509f2925abe9e7d9a0f2ab07b5bbefd72d524bbc212c9dc5049
GET /ae/5b/60/ae5b60e24661bf9ec039fadca57ec6c7.js HTTP/1.1
Host: fishermanslush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 28 Nov 2022 19:33:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9497f867c92eed7be206984c481dafe3
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| e1.o.lencr.org/ | 23.36.77.32 | 200 OK | 345 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash55703d3bfe2eb684148ed6c064f04955 7ebd83b433d0f21d992c54c5cb686fac8031a0cf ace43109e30792780c3b526994d017abac37d7bedec0382de7b0fb3a10d62041
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "ACE43109E30792780C3B526994D017ABAC37D7BEDEC0382DE7B0FB3A10D62041"
Last-Modified: Sun, 27 Nov 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3421
Expires: Mon, 28 Nov 2022 20:30:52 GMT
Date: Mon, 28 Nov 2022 19:33:51 GMT
Connection: keep-alive
|
|
| region1.google-analytics.com/g/collect?v=2&tid=G-6QVVMFTPT3>m=2oeb90&_p=2010867687&cid=150467746.1669664030&ul=en-us&sr=1280x1024&_s=1&sid=1669664030&sct=1&seg=0&dl=https%3A%2F%2Fza.gl%2Fpd3d3&dt=za.gl&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 | 216.239.32.36 | 204 No Content | 0 B |
URL HTTP/2region1.google-analytics.com/g/collect?v=2&tid=G-6QVVMFTPT3>m=2oeb90&_p=2010867687&cid=150467746.1669664030&ul=en-us&sr=1280x1024&_s=1&sid=1669664030&sct=1&seg=0&dl=https%3A%2F%2Fza.gl%2Fpd3d3&dt=za.gl&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 IP216.239.32.36:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-6QVVMFTPT3>m=2oeb90&_p=2010867687&cid=150467746.1669664030&ul=en-us&sr=1280x1024&_s=1&sid=1669664030&sct=1&seg=0&dl=https%3A%2F%2Fza.gl%2Fpd3d3&dt=za.gl&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://za.gl
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://za.gl
date: Mon, 28 Nov 2022 19:33:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.sca1b.amazontrust.com/ | 143.204.42.88 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP143.204.42.88:0
Hash94d394d6beaad25971b7f1e02d93b841 07359fac8e3e5c10dee86bdb0d2a468ab90d8f9a 06c4f25efd09668ee6bc8cc7b4d278841c5abb5d31c0e029cda8b43c4ee4a489
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 28 Nov 2022 19:33:51 GMT
Last-Modified: Mon, 28 Nov 2022 17:45:24 GMT
Server: ECS (nyb/1D22)
X-Cache: Miss from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: yQvtPLmVawFl5PTe-1TVBnN2xVwoXrPutBFDIZjMljxb46Cg8evq-w==
Age: 6507
|
|
| simplewebanalysis.com/stats |  18.185.190.54 | 200 OK | 40 B |
URL HTTP/2simplewebanalysis.com/stats IP18.185.190.54:0
File typeASCII text, with no line terminators Hash8b58fa8a9d1e4d8a15fb3bf0380dd5e1 b29f7131287b317634b15ad50d47a83ebe05d5a5 accafff1709875aa017f82c6973a1b2268d42e529f8a0a4208b7ee3dcd5a1588
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://za.gl
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 19:33:51 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://za.gl
access-control-allow-credentials: true
set-cookie: uid_id2=ba9f8ac2-4aca-4830-98fb-2481c1e12ce4:1:1; expires=Thu, 25 Nov 2032 19:33:51 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.36.77.32 | 200 OK | 345 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash55703d3bfe2eb684148ed6c064f04955 7ebd83b433d0f21d992c54c5cb686fac8031a0cf ace43109e30792780c3b526994d017abac37d7bedec0382de7b0fb3a10d62041
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "ACE43109E30792780C3B526994D017ABAC37D7BEDEC0382DE7B0FB3A10D62041"
Last-Modified: Sun, 27 Nov 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3421
Expires: Mon, 28 Nov 2022 20:30:52 GMT
Date: Mon, 28 Nov 2022 19:33:51 GMT
Connection: keep-alive
|
|
| ocsp.sca1b.amazontrust.com/ | 143.204.42.88 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP143.204.42.88:0
Hash94d394d6beaad25971b7f1e02d93b841 07359fac8e3e5c10dee86bdb0d2a468ab90d8f9a 06c4f25efd09668ee6bc8cc7b4d278841c5abb5d31c0e029cda8b43c4ee4a489
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=153891
Date: Mon, 28 Nov 2022 19:33:51 GMT
Etag: "6384b816-1d7"
Expires: Wed, 30 Nov 2022 14:18:42 GMT
Last-Modified: Mon, 28 Nov 2022 13:31:02 GMT
Server: ECS (bsa/EB12)
X-Cache: Miss from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: KmN7Oj5YaJdysF5XN3Lwmfi4uV7i4EiFInmvGZacr369zwoHSSkr2w==
Age: 2860
|
|
| simplewebanalysis.com/stats | 18.185.190.54 | 200 OK | 40 B |
URL HTTP/2simplewebanalysis.com/stats IP18.185.190.54:0
File typeASCII text, with no line terminators Hash2db4fea1a06573e11a61171605d325d5 a286776e1d9b4af9e9f48cabeeb83e4ee9a32ed8 9c3a321a726c6ec0ad8a686b05b7ce05300fbf346f68c047d96774f7b73c2879
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://za.gl
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 19:33:51 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://za.gl
access-control-allow-credentials: true
set-cookie: uid_id2=825afeab-b1c5-4b17-a2b3-a231167a9a64:1:1; expires=Thu, 25 Nov 2032 19:33:51 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashe946cb0c788ecef674c6c56fd2481db7 19342e6b84f6faa4ef532d995ca5a914d32e0672 3e87cec29350a8b24a5759e6fdb0e6298a581186294cf9d869dca0015d08b8f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3E87CEC29350A8B24A5759E6FDB0E6298A581186294CF9D869DCA0015D08B8F3"
Last-Modified: Sun, 27 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6945
Expires: Mon, 28 Nov 2022 21:29:37 GMT
Date: Mon, 28 Nov 2022 19:33:52 GMT
Connection: keep-alive
|
|
| specialistinsensitive.com/pixel/purst?dl=0&th=0&sc=0&rs=1916&rd=1916&fd=888&bv=22.10.v.9&tmpl=70 | 173.233.137.44 | 200 OK | 0 B |
URL HTTP/1.1specialistinsensitive.com/pixel/purst?dl=0&th=0&sc=0&rs=1916&rd=1916&fd=888&bv=22.10.v.9&tmpl=70 IP173.233.137.44:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /pixel/purst?dl=0&th=0&sc=0&rs=1916&rd=1916&fd=888&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: specialistinsensitive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 19:33:52 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashaebda342a81ad83f60d2523f54ccda67 e590d9326e4a283e0929a8ffccb13cc4308af0e6 bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3631
Expires: Mon, 28 Nov 2022 20:34:23 GMT
Date: Mon, 28 Nov 2022 19:33:52 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashaebda342a81ad83f60d2523f54ccda67 e590d9326e4a283e0929a8ffccb13cc4308af0e6 bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3631
Expires: Mon, 28 Nov 2022 20:34:23 GMT
Date: Mon, 28 Nov 2022 19:33:52 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 1.4 kB |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash997bb1711443b9da12623610b656b7c3 cac28e0e2a8194a6503c7fc2deff90f4b4aa97dd 996ae2de792e6e38483dbb40741527057688500f5c684404827e578d380f961f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3631
Expires: Mon, 28 Nov 2022 20:34:23 GMT
Date: Mon, 28 Nov 2022 19:33:52 GMT
Connection: keep-alive
|
|
| friendshipmale.com/sfp.js | 172.64.140.24 | 200 OK | 34 kB |
URL HTTP/2friendshipmale.com/sfp.js IP172.64.140.24:0
File typeUnicode text, UTF-8 text, with very long lines (65529), with no line terminators Hash2537d5d19fe0e5f6a442f647716cb60a ed56440d84b3210f39623dd1bb9e06a60ff95f42 0f50974808f9479aa2ecf296cbe5d2bcb9861786bf746bd82389d9db84d80315
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 19:33:51 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 5db9caa6b9c6ebcee5d7b7449e44599c
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Mon, 28 Nov 2022 19:33:51 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ku30Wg5adPAXfmIgTtdyk8rqSdinwo0BVR7fQkOBA5p6sAQnqpJ5DPzTfEDVg0Q2%2FcmConTpU3WP1QaOXhV%2BYvwsF81GgTvSoZYE8KNpXmwp8SFaGFBm39VWRbMnSuJ2XNphJMM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771589a649c672a6-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashaebda342a81ad83f60d2523f54ccda67 e590d9326e4a283e0929a8ffccb13cc4308af0e6 bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3631
Expires: Mon, 28 Nov 2022 20:34:23 GMT
Date: Mon, 28 Nov 2022 19:33:52 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg | 34.120.237.76 | 200 OK | 9.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash1f434933b5bd6377d299ada22d1ae7ef 075531f525e625b117b2497f31139c9824d0e9c5 b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9430
x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7wyGCIIAMFhgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ibLuLI6j9EWh0dgk51O7kiPBRyURZ0UdNtlgbBD-SXnDg_GT_tJm8Q==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:16 GMT
age: 77556
etag: "075531f525e625b117b2497f31139c9824d0e9c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg | 34.120.237.76 | 200 OK | 4.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashcc0a257323f882caff067adb86d906e4 cedf2f21be7cd366bd46055b62b5513db3011dfc c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AVwDLlKoy5pc9NNuR_OakMB0ONGAoO-k2AKwV--b2sjiaqYSKAWlZg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:25:51 GMT
age: 76081
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg | 34.120.237.76 | 200 OK | 10 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash2cd887044e91d7ed0f1a8d7119ff7dd0 ae8aa4ce6ddaccba771fe65446926b60fc5628da bad283c15531000b7a8c126d442154b64a880cc26196a46cbd2e6266a526db67
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10199
x-amzn-requestid: baee3bbe-7ded-425a-ae39-fccfc8169217
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iF1VIAMF09g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-5522727b2f09b27e63b23270;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CXOqm7bjsSV0aJBTkTI7LsMovjgPeISPt3sZotEc7CjZnUL_y4_OoQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:43 GMT
age: 78129
etag: "ae8aa4ce6ddaccba771fe65446926b60fc5628da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f2e6328-f3c1-4a69-b0b6-73920b885144.jpeg | 34.120.237.76 | 200 OK | 8.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f2e6328-f3c1-4a69-b0b6-73920b885144.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash3a1a4e00f1f15827cf651f373863c379 70c2a238f06ca7e56ef80c83738e081bf0de3330 3d936e1f0c96297f121faece12d6f8173e12eed5087165cd4eefc0fab368419f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f2e6328-f3c1-4a69-b0b6-73920b885144.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8885
x-amzn-requestid: 71b8367f-f79f-42a7-bcb8-c441a154babf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cGDTEFSeIAMF3rg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637f18e0-631b775d3430a8c30c3b4420;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 07:10:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jsmd6yxjJxLMEgv1jDa87iEoZXL2OuALsmUZ9Nxx1rUN-xOTdtN1-A==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 08:11:39 GMT
age: 40933
etag: "70c2a238f06ca7e56ef80c83738e081bf0de3330"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4908162-9f1d-4654-8d78-fe85386ce233.jpeg | 34.120.237.76 | 200 OK | 7.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4908162-9f1d-4654-8d78-fe85386ce233.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash7e5051d8c06f69e1842a9295ce256a36 1a542a53ba0b1cd0fb23257ebed8166555f16dfb a7c0dbbb4d0d9138f5ca318cc2aa44e12dadf7ed6263ec204ba756da64b29c41
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4908162-9f1d-4654-8d78-fe85386ce233.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7556
x-amzn-requestid: 1cda5313-2256-4830-bf84-2e6e15949d3e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR78KFTmoAMF4yg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d9e7-452e36d718a298d12a2374a9;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:43:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OWVkuAw6-nRNU_CVOgvsSSenSXnfSYSmJiKa60JvSaiJgPuXjJByZw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:46:41 GMT
age: 78431
etag: "1a542a53ba0b1cd0fb23257ebed8166555f16dfb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashf1cead67c25d45dd27f438a8b295b2bd d56a17c5ad8bf98e5ab4488f4209f96553c4759d 0ada029befe5ac8e12e582f2a97f47eee4c0979debea4d66b9b74b5661a29130
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0ADA029BEFE5AC8E12E582F2A97F47EEE4C0979DEBEA4D66B9B74B5661A29130"
Last-Modified: Sun, 27 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11650
Expires: Mon, 28 Nov 2022 22:48:02 GMT
Date: Mon, 28 Nov 2022 19:33:52 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashc1e0e890fa0d9f79c9d31d7e51050c45 7c8320ddaac9a281a8e991a370e7f04f56b52667 952ea85225c5754b61c1b640ca341fadec09162769ff53870d86ac578839feea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "952EA85225C5754B61C1B640CA341FADEC09162769FF53870D86AC578839FEEA"
Last-Modified: Sun, 27 Nov 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12985
Expires: Mon, 28 Nov 2022 23:10:17 GMT
Date: Mon, 28 Nov 2022 19:33:52 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashc1e0e890fa0d9f79c9d31d7e51050c45 7c8320ddaac9a281a8e991a370e7f04f56b52667 952ea85225c5754b61c1b640ca341fadec09162769ff53870d86ac578839feea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "952EA85225C5754B61C1B640CA341FADEC09162769FF53870D86AC578839FEEA"
Last-Modified: Sun, 27 Nov 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12985
Expires: Mon, 28 Nov 2022 23:10:17 GMT
Date: Mon, 28 Nov 2022 19:33:52 GMT
Connection: keep-alive
|
|
| parkingridiculous.com/sbar.json?key=3ec0905094195898e97f189a6f59b52b&uuid=ba9f8ac2-4aca-4830-98fb-2481c1e12ce4%3A1%3A1 | 173.233.137.60 | 200 OK | 3.6 kB |
URL HTTP/1.1parkingridiculous.com/sbar.json?key=3ec0905094195898e97f189a6f59b52b&uuid=ba9f8ac2-4aca-4830-98fb-2481c1e12ce4%3A1%3A1 IP173.233.137.60:0
File typeJSON data\012- , ASCII text, with very long lines (5850), with no line terminators Hash1367c4170d371e9e75e1f62307f05530 abc14bdee73494b5bb8c6f36447a993160a387ed 613c774d697680f7120683d39a1d23ccc3d8de8d64183991ba5f4406c2134300
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /sbar.json?key=3ec0905094195898e97f189a6f59b52b&uuid=ba9f8ac2-4aca-4830-98fb-2481c1e12ce4%3A1%3A1 HTTP/1.1
Host: parkingridiculous.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://za.gl
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 19:33:52 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://za.gl
Access-Control-Allow-Origin: https://za.gl
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16908321; expires=Tue, 29 Nov 2022 19:33:52 GMT; secure; SameSite=None
uid_id2=ba9f8ac2-4aca-4830-98fb-2481c1e12ce4:1:1; expires=Mon, 05 Dec 2022 19:33:52 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 29 Nov 2022 19:33:52 GMT; secure; SameSite=None
uncs=1; expires=Tue, 29 Nov 2022 19:33:52 GMT; secure; SameSite=None
pdhtkv29=true; expires=Tue, 29 Nov 2022 19:33:52 GMT; secure; SameSite=None
uncs29=1; expires=Tue, 29 Nov 2022 19:33:52 GMT; secure; SameSite=None
slec3ec0905094195898e97f189a6f59b52b=[3760946]; expires=Mon, 28 Nov 2022 19:33:57 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4db296197f5c069cfecf02203cfdeba5
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| parkingridiculous.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scxR%2Btzne%2FOShCFC8KSgs5KLiz3T3dmWlzWIwxsphfJJHchKrq6tlya7qaqu7p2QFhMSg5eBjx4kXofbObRQ1iroIos1GQATHjQfaQ%2FRdUIgFvMrMDix%2Fo%2Fnyq3jt83nv10XZ5SDyU9ODqJT2QStGVqOG5L9%2BUWaIr616%2B4fpewzvr3pTZmfCs25%2F9TO8134sa3ivuW4Jv6JXA8z3P93z3gjQi1f2VOQqZ3439Ruw1wqDhRyH65r9nWzqw1EHSOyTPQCbT%2F6%2F%2FfA%2BSj5F1vzkv7Eah81ff7JaKFtqgl%2By9k21kusrQPR5T4yDN9hZsaDsl5LMT0NneQgF0b2emAExOifO7D5btLdYE6%2B0ebcoURAaWPImqN4ZQY0g6Bte3IJMHBOAJLl9B1r1zWZuKbh6hdIZOydLjR5DVlCw9fBZZ9%2BtzSvbd61qVhdSZRT%2BtIftjyM4YebmPYuBAVvvgxQeQyS9k5fFFZN2dK1ZpyOTgNKNx2qY8WA4pp8thu%2Bktx%2B2ULQdh2%2Be%2B8AMuwrlFUo4h0zGUGIJaB%2BXskw7K1EGZO%2BgmBy6N4tTzWilLm812yDlvNjmP2meSKGmG7dRDyWcahijyIbgagpst5GYLG3IIU%2F4Au17DJg5sQdBLalSCoLIEFSWoJEFVEFS9ejdRNrD1nUTZkvmLHix6sx7porNNd3XRERnZzg%2FJ0zPjnBPkJWyIA7cpuBd7kReHfhy147aIW6nfjumZNIpZFDBYWUPaE3OZg1mKvzrIZ706BUb3YdU%2BuDwFWr4AWo1agQe6PgrbHgbZ7oA2OgqJrpEXSyg2nW11SJ6bJxfzAIJPVv9e%2B%2FbdaPV9cFMjNzXek%2FcJOur26JquyM41XVly70peyK4c0Fmq1wtaiKUv3xablTbJ2nk7%2FOJ1PgNm490bwhYXaZbIrGPJV%2BdkkghzQRsuyHdr9qZgV0u7fq40WZlfvPrGhbVuboS1UmdjUPmg9Sm4nJInLm3N3%2BuLH9%2BHNGOYska3nJBFQep98HwLNp%2Bs%2FnXy9MOV52tYTWDUMYflDqqyHpmAHV8qOSXBox%2BhxGT188nJf%2F44%2FxMoq2HFsQ1MTL7%2F84i%2FbW%2BjYxzQ4haybo2eqdFTNagawpb%2FGxW5maz%2B1pwXmHJGTBlnhymjPjmy18oDV0SplwovECyNWdqiXhKnYcxo7IsWi6iPwk75h0%2B5%2FwIAAP%2F%2FAQAA%2F%2F%2BbjMyUiwQAAA%3D%3D | 173.233.137.60 | 200 OK | 7 B |
URL HTTP/1.1parkingridiculous.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scxR%2Btzne%2FOShCFC8KSgs5KLiz3T3dmWlzWIwxsphfJJHchKrq6tlya7qaqu7p2QFhMSg5eBjx4kXofbObRQ1iroIos1GQATHjQfaQ%2FRdUIgFvMrMDix%2Fo%2Fnyq3jt83nv10XZ5SDyU9ODqJT2QStGVqOG5L9%2BUWaIr616%2B4fpewzvr3pTZmfCs25%2F9TO8134sa3ivuW4Jv6JXA8z3P93z3gjQi1f2VOQqZ3439Ruw1wqDhRyH65r9nWzqw1EHSOyTPQCbT%2F6%2F%2FfA%2BSj5F1vzkv7Eah81ff7JaKFtqgl%2By9k21kusrQPR5T4yDN9hZsaDsl5LMT0NneQgF0b2emAExOifO7D5btLdYE6%2B0ebcoURAaWPImqN4ZQY0g6Bte3IJMHBOAJLl9B1r1zWZuKbh6hdIZOydLjR5DVlCw9fBZZ9%2BtzSvbd61qVhdSZRT%2BtIftjyM4YebmPYuBAVvvgxQeQyS9k5fFFZN2dK1ZpyOTgNKNx2qY8WA4pp8thu%2Bktx%2B2ULQdh2%2Be%2B8AMuwrlFUo4h0zGUGIJaB%2BXskw7K1EGZO%2BgmBy6N4tTzWilLm812yDlvNjmP2meSKGmG7dRDyWcahijyIbgagpst5GYLG3IIU%2F4Au17DJg5sQdBLalSCoLIEFSWoJEFVEFS9ejdRNrD1nUTZkvmLHix6sx7porNNd3XRERnZzg%2FJ0zPjnBPkJWyIA7cpuBd7kReHfhy147aIW6nfjumZNIpZFDBYWUPaE3OZg1mKvzrIZ706BUb3YdU%2BuDwFWr4AWo1agQe6PgrbHgbZ7oA2OgqJrpEXSyg2nW11SJ6bJxfzAIJPVv9e%2B%2FbdaPV9cFMjNzXek%2FcJOur26JquyM41XVly70peyK4c0Fmq1wtaiKUv3xablTbJ2nk7%2FOJ1PgNm490bwhYXaZbIrGPJV%2BdkkghzQRsuyHdr9qZgV0u7fq40WZlfvPrGhbVuboS1UmdjUPmg9Sm4nJInLm3N3%2BuLH9%2BHNGOYska3nJBFQep98HwLNp%2Bs%2FnXy9MOV52tYTWDUMYflDqqyHpmAHV8qOSXBox%2BhxGT188nJf%2F44%2FxMoq2HFsQ1MTL7%2F84i%2FbW%2BjYxzQ4haybo2eqdFTNagawpb%2FGxW5maz%2B1pwXmHJGTBlnhymjPjmy18oDV0SplwovECyNWdqiXhKnYcxo7IsWi6iPwk75h0%2B5%2FwIAAP%2F%2FAQAA%2F%2F%2BbjMyUiwQAAA%3D%3D IP173.233.137.60:0
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scxR%2Btzne%2FOShCFC8KSgs5KLiz3T3dmWlzWIwxsphfJJHchKrq6tlya7qaqu7p2QFhMSg5eBjx4kXofbObRQ1iroIos1GQATHjQfaQ%2FRdUIgFvMrMDix%2Fo%2Fnyq3jt83nv10XZ5SDyU9ODqJT2QStGVqOG5L9%2BUWaIr616%2B4fpewzvr3pTZmfCs25%2F9TO8134sa3ivuW4Jv6JXA8z3P93z3gjQi1f2VOQqZ3439Ruw1wqDhRyH65r9nWzqw1EHSOyTPQCbT%2F6%2F%2FfA%2BSj5F1vzkv7Eah81ff7JaKFtqgl%2By9k21kusrQPR5T4yDN9hZsaDsl5LMT0NneQgF0b2emAExOifO7D5btLdYE6%2B0ebcoURAaWPImqN4ZQY0g6Bte3IJMHBOAJLl9B1r1zWZuKbh6hdIZOydLjR5DVlCw9fBZZ9%2BtzSvbd61qVhdSZRT%2BtIftjyM4YebmPYuBAVvvgxQeQyS9k5fFFZN2dK1ZpyOTgNKNx2qY8WA4pp8thu%2Bktx%2B2ULQdh2%2Be%2B8AMuwrlFUo4h0zGUGIJaB%2BXskw7K1EGZO%2BgmBy6N4tTzWilLm812yDlvNjmP2meSKGmG7dRDyWcahijyIbgagpst5GYLG3IIU%2F4Au17DJg5sQdBLalSCoLIEFSWoJEFVEFS9ejdRNrD1nUTZkvmLHix6sx7porNNd3XRERnZzg%2FJ0zPjnBPkJWyIA7cpuBd7kReHfhy147aIW6nfjumZNIpZFDBYWUPaE3OZg1mKvzrIZ706BUb3YdU%2BuDwFWr4AWo1agQe6PgrbHgbZ7oA2OgqJrpEXSyg2nW11SJ6bJxfzAIJPVv9e%2B%2FbdaPV9cFMjNzXek%2FcJOur26JquyM41XVly70peyK4c0Fmq1wtaiKUv3xablTbJ2nk7%2FOJ1PgNm490bwhYXaZbIrGPJV%2BdkkghzQRsuyHdr9qZgV0u7fq40WZlfvPrGhbVuboS1UmdjUPmg9Sm4nJInLm3N3%2BuLH9%2BHNGOYska3nJBFQep98HwLNp%2Bs%2FnXy9MOV52tYTWDUMYflDqqyHpmAHV8qOSXBox%2BhxGT188nJf%2F44%2FxMoq2HFsQ1MTL7%2F84i%2FbW%2BjYxzQ4haybo2eqdFTNagawpb%2FGxW5maz%2B1pwXmHJGTBlnhymjPjmy18oDV0SplwovECyNWdqiXhKnYcxo7IsWi6iPwk75h0%2B5%2FwIAAP%2F%2FAQAA%2F%2F%2BbjMyUiwQAAA%3D%3D HTTP/1.1
Host: parkingridiculous.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Cookie: u_pl=16908321; uid_id2=ba9f8ac2-4aca-4830-98fb-2481c1e12ce4:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec3ec0905094195898e97f189a6f59b52b=[3760946]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 19:33:53 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: de424ab74a47b7d0cfed1c6f9fb972d0
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| unseenreport.com/pxf.gif?uuid=825afeab-b1c5-4b17-a2b3-a231167a9a64&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=ae5b60e24661bf9ec039fadca57ec6c7&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=19 | 192.243.59.20 | 200 OK | 1 B |
URL HTTP/1.1unseenreport.com/pxf.gif?uuid=825afeab-b1c5-4b17-a2b3-a231167a9a64&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=ae5b60e24661bf9ec039fadca57ec6c7&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=19 IP192.243.59.20:0 ASN#39572 DataWeb Global Group B.V.
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /pxf.gif?uuid=825afeab-b1c5-4b17-a2b3-a231167a9a64&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=ae5b60e24661bf9ec039fadca57ec6c7&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=19 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 28 Nov 2022 19:33:53 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6d84c4ebd7a5444a9e7bf96cde8dd02d
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| unseenreport.com/pxf.gif?uuid=825afeab-b1c5-4b17-a2b3-a231167a9a64&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=3ec0905094195898e97f189a6f59b52b&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=19 | 192.243.59.20 | 200 OK | 1 B |
URL HTTP/1.1unseenreport.com/pxf.gif?uuid=825afeab-b1c5-4b17-a2b3-a231167a9a64&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=3ec0905094195898e97f189a6f59b52b&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=19 IP192.243.59.20:0 ASN#39572 DataWeb Global Group B.V.
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /pxf.gif?uuid=825afeab-b1c5-4b17-a2b3-a231167a9a64&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=3ec0905094195898e97f189a6f59b52b&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=19 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 28 Nov 2022 19:33:53 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9d5b9205608eb42e87e60c35977f2e96
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashc7afa63a2e765a5889feedb036228204 546d048429118d6ff49049b948a6d39c3706b4e1 ce33ebbd5115ffaac9721eacc50f458d369b30dbc875379c5602fe846d078207
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CE33EBBD5115FFAAC9721EACC50F458D369B30DBC875379C5602FE846D078207"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16634
Expires: Tue, 29 Nov 2022 00:11:07 GMT
Date: Mon, 28 Nov 2022 19:33:53 GMT
Connection: keep-alive
|
|
| e1.o.lencr.org/ | 23.36.77.32 | 200 OK | 345 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashce55e81445f700b6b290ec842b17e5ad fabdff5a1233d6f7780a15909cb2a4c8ec2af825 36adcf898ee0c49024419b2d15c2ac2d3d48543480fee5efd8731b32f120f5e5
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "36ADCF898EE0C49024419B2D15C2AC2D3D48543480FEE5EFD8731B32F120F5E5"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5486
Expires: Mon, 28 Nov 2022 21:05:19 GMT
Date: Mon, 28 Nov 2022 19:33:53 GMT
Connection: keep-alive
|
|
| parkingridiculous.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Findex.html&l=3323&fd=388 | 173.233.137.60 | 200 OK | 0 B |
URL HTTP/1.1parkingridiculous.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Findex.html&l=3323&fd=388 IP173.233.137.60:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Findex.html&l=3323&fd=388 HTTP/1.1
Host: parkingridiculous.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Cookie: u_pl=16908321; uid_id2=ba9f8ac2-4aca-4830-98fb-2481c1e12ce4:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec3ec0905094195898e97f189a6f59b52b=[3760946]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 19:33:53 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/img/flash-logo.png | 172.64.108.13 | 200 OK | 9.4 kB |
URL HTTP/2cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/img/flash-logo.png IP172.64.108.13:0
File typePNG image data, 240 x 240, 8-bit colormap, non-interlaced\012- data Hash910542c04f8bf2f90ee33d17d538a006 18d5943e5d51539038f7988c34bccef2937c5545 5969cb3c5c4f573f5c05035ddf9748ee17d5c71df6fca4e484f65d30e2694e57
GET /sb/interstitial/software/flashPlayer/mac/multi/1/img/flash-logo.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 19:33:53 GMT
content-type: image/png
content-length: 9360
last-modified: Wed, 01 Sep 2021 12:22:39 GMT
etag: "612f708f-2490"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1143755
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y6NZxqfytUMFPhvYoPflkwkD5jejy73a8AgB9MWWIIWY4aEzj1P%2B68g%2BVgG9wpsgIfdKNJHzxoFxHbQjdCTe3YTWCQUB9dtuijwDZ%2B92zdu2qNk3ggbSSjFxxMqypVlvdg96rB975Ni2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771589b1cac606b2-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.36.77.32 | 200 OK | 345 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashce55e81445f700b6b290ec842b17e5ad fabdff5a1233d6f7780a15909cb2a4c8ec2af825 36adcf898ee0c49024419b2d15c2ac2d3d48543480fee5efd8731b32f120f5e5
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "36ADCF898EE0C49024419B2D15C2AC2D3D48543480FEE5EFD8731B32F120F5E5"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5486
Expires: Mon, 28 Nov 2022 21:05:19 GMT
Date: Mon, 28 Nov 2022 19:33:53 GMT
Connection: keep-alive
|
|
| cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/js/jquery.min.js | 172.64.108.13 | 200 OK | 31 kB |
URL HTTP/2cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/js/jquery.min.js IP172.64.108.13:0
File typeASCII text, with very long lines (32025), with CRLF line terminators Hash495f2637f06227cfe1ca251b271469a4 9938a06dbbbe9202b2e63f3a78def4cdae776de4 8ebdfa0cf6b633da88c4b315ae426f7fc03c0bf7e502a6f33e2f6347f3994aac
GET /sb/interstitial/software/flashPlayer/mac/multi/1/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 19:33:53 GMT
content-type: application/javascript
last-modified: Wed, 01 Sep 2021 12:22:37 GMT
etag: W/"612f708d-149a0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1143755
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U3rLcorN542ndLNHnCe%2FIgQonOc9UYTKXgjxuEnFfgBgxv17NFuKnc39AnRMQ0yWr8TUS7os4%2FpsMGnzkBkG%2BLL%2BQWoGoIJzBobzPGre7Ku8SECGyqwZdVytPgui7UEM%2FsLesKYWuZ7a"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771589b1cac906b2-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/css/animate.css | 172.64.108.13 | 200 OK | 4.8 kB |
URL HTTP/2cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/css/animate.css IP172.64.108.13:0
Hashc91016401e0a0b7b3d7572de48c76597 12fb634abb5e708b4f55d1489055b4f626d3cdd1 2472e286e0bf6f54cef9d99e9c63301c873fa02bc4e3979e1a18587a6d973120
GET /sb/interstitial/software/flashPlayer/mac/multi/1/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://za.gl
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 19:33:54 GMT
content-type: text/css
last-modified: Wed, 01 Sep 2021 12:22:34 GMT
etag: W/"612f708a-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H86nEu0vDZJAv%2BoTVdR0eGXAGcXWG1OQE%2FI0ts6qEXiD4Jv11Ruvumc8euLnzbqJzRkcLSjV0IkGyUFGsxo4PiNoy%2BkSHmNXWmIbbQzgPXSC%2F6fVeN%2FBLEpzZxuzfKCU8EsmKO7MSqhl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771589b17a2706b2-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/js/script.js | 172.64.108.13 | 200 OK | 12 kB |
URL HTTP/2cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/js/script.js IP172.64.108.13:0
Hashd21e57396a265f441bcc76c55c2a33aa 7efbaf4e164f96f0f47bb8103ff2ebff8142f063 7abb79b0b4637cfe12f620051352d2561c0fee6b48ab7948f6035fffc051d616
GET /sb/interstitial/software/flashPlayer/mac/multi/1/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://za.gl
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 19:33:54 GMT
content-type: application/javascript
last-modified: Wed, 01 Sep 2021 12:22:36 GMT
etag: W/"612f708c-7082"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j11XyFT6ze5L5Gj6XzbbKaUTd253G%2F3rdh6%2BJlGMc8HYhK0CpWNKYWmEliKbBGqjETM4fphwng1%2FVdmXBVzbMgK6m6Eb3IySiwGOEKwJHDhY58Qm9Uci2JY4wHkl69l8uG2RXp0csayW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771589b24baa06b2-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| parkingridiculous.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scxR%2Btzne%2FOShCFC8KSgs5KLiz3T3dmW5zWIwxsphfJJHchOqq6tlya7qaqu7p3QVhMSg5eBjx4kXofbObRQ1iroIos1GQATHjQfaQ%2FRdUIgFvMrMDix%2Fo%2Fnyq3jt83nv10XZ1SDxU9ODqJb0plaJLUctzX74pc65r616%2B4fpeyzvr3pT5mfCsuz79mf5rvhe1vFfctwRb00uB53ue7%2FnuBWlEpteXZihkcTfxW4nXCoOWH4VYN%2F8928qBpQ54%2F5A8A8kn%2F1%2F9%2BR4kGyHvfXNe2LVSF6%2B%2B2asULbVBn%2B%2B9k6%2Flus7ROx4z4yDL9%2BZsaDsh5LMT0PneXAF0f2eqAKmcEOd3H2m%2BN18TaX%2F3aNNUQeRI%2BZOo%2ByMINYKkIzB9C5I%2FIADjuHwFee%2FOZW1qunGE0ik6IQuPH0HWE7Lw8Fnkva%2FPKbnuXteqKqXOLdazBnJ9BNkdoaj2UW46kPU%2BWPkBJP%2BFLD2%2BiLy3c8UqDckPTqc0yWLKgsWQMroYxm1vMYmzdDEIY5%2F5wg%2BYCGcWSTmCzEZQYgBqHVTTTzqoMgdV4aDHD1waJZnndbI0a7fjkDHWbjMWxWd4xNthnHmo2FTDAGUxAFMDMLOFwmxhTQ5gqh9gVxtY7sCWBH3eoBYEtSWoKUEtCeqSoO43u1zZwDZ3uLJV6s97MO%2FtZqjL7jbd1WVX5GS7OCRPT41zTpCXsCYO3LZgXuJFXhL6SRQnsUg6mR8n9EwWJWkUpLCygbQnZjI3pyn%2B6qCY9voUUroPq%2FbB5CnQ6gXQetgJPNDVYRh72Mx3N2mrq8B1g6JcQLnhbKtD8twsuYQFEGy8%2FPfKt%2B9Gy%2B%2BDmQaFafCevE%2FQVbeH13RNdq7p2pJ7V4pS9uQmnaZ6vaSlWPjybbFRa8NXztvBF6%2BzKTAd794QtrxIcy7zriVfnZOcC3NBGybIdyv2pkivVnb1XGXyqrh49Y0LK73CCGulzkeg8kHnUzA5IU9c2pq91xc%2Fvg9pRjBVg141JvOC1PtgxRZsMV7%2B6%2BTph0vPN7CawKhjTlo4qKtmaIL0%2BFLJCQke%2FQglxsufj0%2F%2B88f5n0DTBlYc25CK8fd%2FHvG37W10jQNa3kLea9A3DfqqAVUD2Op%2Fw7Iw4%2BXf2rNCqpxhqoyzkyqjPjmy18oDN%2FJDEadxh3GeCsb9TtCO254XcB52EuEnKO2EffiU%2By8AAAD%2F%2FwEAAP%2F%2Fj4RCcosEAAA%3D | 173.233.137.60 | 200 OK | 7 B |
URL HTTP/1.1parkingridiculous.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scxR%2Btzne%2FOShCFC8KSgs5KLiz3T3dmW5zWIwxsphfJJHchOqq6tlya7qaqu7p3QVhMSg5eBjx4kXofbObRQ1iroIos1GQATHjQfaQ%2FRdUIgFvMrMDix%2Fo%2Fnyq3jt83nv10XZ1SDxU9ODqJb0plaJLUctzX74pc65r616%2B4fpeyzvr3pT5mfCsuz79mf5rvhe1vFfctwRb00uB53ue7%2FnuBWlEpteXZihkcTfxW4nXCoOWH4VYN%2F8928qBpQ54%2F5A8A8kn%2F1%2F9%2BR4kGyHvfXNe2LVSF6%2B%2B2asULbVBn%2B%2B9k6%2Flus7ROx4z4yDL9%2BZsaDsh5LMT0PneXAF0f2eqAKmcEOd3H2m%2BN18TaX%2F3aNNUQeRI%2BZOo%2ByMINYKkIzB9C5I%2FIADjuHwFee%2FOZW1qunGE0ik6IQuPH0HWE7Lw8Fnkva%2FPKbnuXteqKqXOLdazBnJ9BNkdoaj2UW46kPU%2BWPkBJP%2BFLD2%2BiLy3c8UqDckPTqc0yWLKgsWQMroYxm1vMYmzdDEIY5%2F5wg%2BYCGcWSTmCzEZQYgBqHVTTTzqoMgdV4aDHD1waJZnndbI0a7fjkDHWbjMWxWd4xNthnHmo2FTDAGUxAFMDMLOFwmxhTQ5gqh9gVxtY7sCWBH3eoBYEtSWoKUEtCeqSoO43u1zZwDZ3uLJV6s97MO%2FtZqjL7jbd1WVX5GS7OCRPT41zTpCXsCYO3LZgXuJFXhL6SRQnsUg6mR8n9EwWJWkUpLCygbQnZjI3pyn%2B6qCY9voUUroPq%2FbB5CnQ6gXQetgJPNDVYRh72Mx3N2mrq8B1g6JcQLnhbKtD8twsuYQFEGy8%2FPfKt%2B9Gy%2B%2BDmQaFafCevE%2FQVbeH13RNdq7p2pJ7V4pS9uQmnaZ6vaSlWPjybbFRa8NXztvBF6%2BzKTAd794QtrxIcy7zriVfnZOcC3NBGybIdyv2pkivVnb1XGXyqrh49Y0LK73CCGulzkeg8kHnUzA5IU9c2pq91xc%2Fvg9pRjBVg141JvOC1PtgxRZsMV7%2B6%2BTph0vPN7CawKhjTlo4qKtmaIL0%2BFLJCQke%2FQglxsufj0%2F%2B88f5n0DTBlYc25CK8fd%2FHvG37W10jQNa3kLea9A3DfqqAVUD2Op%2Fw7Iw4%2BXf2rNCqpxhqoyzkyqjPjmy18oDN%2FJDEadxh3GeCsb9TtCO254XcB52EuEnKO2EffiU%2By8AAAD%2F%2FwEAAP%2F%2Fj4RCcosEAAA%3D IP173.233.137.60:0
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | | | quad9 | Sinkholed | |
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scxR%2Btzne%2FOShCFC8KSgs5KLiz3T3dmW5zWIwxsphfJJHchOqq6tlya7qaqu7p3QVhMSg5eBjx4kXofbObRQ1iroIos1GQATHjQfaQ%2FRdUIgFvMrMDix%2Fo%2Fnyq3jt83nv10XZ1SDxU9ODqJb0plaJLUctzX74pc65r616%2B4fpeyzvr3pT5mfCsuz79mf5rvhe1vFfctwRb00uB53ue7%2FnuBWlEpteXZihkcTfxW4nXCoOWH4VYN%2F8928qBpQ54%2F5A8A8kn%2F1%2F9%2BR4kGyHvfXNe2LVSF6%2B%2B2asULbVBn%2B%2B9k6%2Flus7ROx4z4yDL9%2BZsaDsh5LMT0PneXAF0f2eqAKmcEOd3H2m%2BN18TaX%2F3aNNUQeRI%2BZOo%2ByMINYKkIzB9C5I%2FIADjuHwFee%2FOZW1qunGE0ik6IQuPH0HWE7Lw8Fnkva%2FPKbnuXteqKqXOLdazBnJ9BNkdoaj2UW46kPU%2BWPkBJP%2BFLD2%2BiLy3c8UqDckPTqc0yWLKgsWQMroYxm1vMYmzdDEIY5%2F5wg%2BYCGcWSTmCzEZQYgBqHVTTTzqoMgdV4aDHD1waJZnndbI0a7fjkDHWbjMWxWd4xNthnHmo2FTDAGUxAFMDMLOFwmxhTQ5gqh9gVxtY7sCWBH3eoBYEtSWoKUEtCeqSoO43u1zZwDZ3uLJV6s97MO%2FtZqjL7jbd1WVX5GS7OCRPT41zTpCXsCYO3LZgXuJFXhL6SRQnsUg6mR8n9EwWJWkUpLCygbQnZjI3pyn%2B6qCY9voUUroPq%2FbB5CnQ6gXQetgJPNDVYRh72Mx3N2mrq8B1g6JcQLnhbKtD8twsuYQFEGy8%2FPfKt%2B9Gy%2B%2BDmQaFafCevE%2FQVbeH13RNdq7p2pJ7V4pS9uQmnaZ6vaSlWPjybbFRa8NXztvBF6%2BzKTAd794QtrxIcy7zriVfnZOcC3NBGybIdyv2pkivVnb1XGXyqrh49Y0LK73CCGulzkeg8kHnUzA5IU9c2pq91xc%2Fvg9pRjBVg141JvOC1PtgxRZsMV7%2B6%2BTph0vPN7CawKhjTlo4qKtmaIL0%2BFLJCQke%2FQglxsufj0%2F%2B88f5n0DTBlYc25CK8fd%2FHvG37W10jQNa3kLea9A3DfqqAVUD2Op%2Fw7Iw4%2BXf2rNCqpxhqoyzkyqjPjmy18oDN%2FJDEadxh3GeCsb9TtCO254XcB52EuEnKO2EffiU%2By8AAAD%2F%2FwEAAP%2F%2Fj4RCcosEAAA%3D HTTP/1.1
Host: parkingridiculous.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Cookie: u_pl=16908321; uid_id2=ba9f8ac2-4aca-4830-98fb-2481c1e12ce4:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec3ec0905094195898e97f189a6f59b52b=[3760946]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 19:33:54 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4c1ea9ab8e81006d7277a86f778c5a80
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| parkingridiculous.com/pixel/sbs?c=1 | 173.233.137.60 | 200 OK | 0 B |
URL HTTP/1.1parkingridiculous.com/pixel/sbs?c=1 IP173.233.137.60:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | | | quad9 | Sinkholed | |
GET /pixel/sbs?c=1 HTTP/1.1
Host: parkingridiculous.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Cookie: u_pl=16908321; uid_id2=ba9f8ac2-4aca-4830-98fb-2481c1e12ce4:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec3ec0905094195898e97f189a6f59b52b=[3760946]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 19:33:55 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/css/style.css | 172.64.108.13 | 200 OK | 0 B |
URL HTTP/2cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/css/style.css IP172.64.108.13:0
GET /sb/interstitial/software/flashPlayer/mac/multi/1/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://za.gl
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 19:33:53 GMT
content-type: text/css
last-modified: Wed, 01 Sep 2021 12:22:34 GMT
etag: W/"612f708a-11aa"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XxnpTcxdz%2BnTecLfP%2FmgXDe%2FR6NakxwU4vtMhwqsGjPAEPGRfn8jd1updqdzEwz9AFnGjs2O2VgvVhxNXgnIoRNbge44%2F0ijoB9a9z0ht5cpN2C4x9LUK6OUM6v6rlomJbNNanp5ER%2Bd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771589b17a2e06b2-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| za.gl/pd3d3 | 104.26.5.66 | 200 OK | 0 B |
IP104.26.5.66:0
GET /pd3d3 HTTP/1.1
Host: za.gl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Mon, 28 Nov 2022 19:33:50 GMT
content-type: text/html; charset=UTF-8
set-cookie: AppSession=t3fqakupg4dm3ortqt1f2ta407; path=/; HttpOnly; secure
zagl_publisher=865410; expires=Mon, 28-Nov-2022 19:34:50 GMT; Max-Age=60; path=/; secure
scr=0.45; expires=Mon, 28-Nov-2022 19:34:50 GMT; Max-Age=60; path=/; secure
zagl_publisher=865410; expires=Mon, 28-Nov-2022 19:34:50 GMT; Max-Age=60; path=/; secure
scr=0.45; expires=Mon, 28-Nov-2022 19:34:50 GMT; Max-Age=60; path=/; secure
csrfToken=20a9d221104ab9cbea1e3632afb6d3932fe3a6b0ad0fea03ef93ff51055190dc5c534fd11d44b429ada63ad3198fbcd59f3e13d0349aef8d2dbc96f5aa3707fa; path=/; secure
visitor=Q2FrZQ%3D%3D.ZGQ3MDFmM2UyZmU5ZmFmYWE0ZTI1YTJjOGQ3MmExNzUwNWIxOTc0NzdiMmEwNGYzNjU1M2FkNDBlMmE5OTRlNRO0m00l%2Bjgyhx9dY4WFU3UyzVpLk%2FohdkJzNtVpEY8hOwM3YcdHwfIM5Y1s0M8rwIDexsrZe5kHlNZzP3KsuYnJoqXXnZeW11MgTBrIi%2Fk0; expires=Tue, 29-Nov-2022 19:33:50 GMT; Max-Age=86400; path=/; HttpOnly; secure
hash=Q2FrZQ%3D%3D.ZDllM2U0ZDY1MDA2ZDY1ZDAyYjU2NjNhMzIzNTEzMmMwMWM1MmU4OTNhZWZkZGMxMjRmOWE1YmNkMGI1MzNlYUkwFcMPBEebEWBfknMv%2F3uxIrtMzC%2B%2BXdLMeLcdinnVLjhFWvZ%2FNvSrdinjtIDNo%2FDNnXO6hqhaNYJY8M%2FvMOU%3D; expires=Wed, 28-Dec-2022 19:33:50 GMT; Max-Age=2592000; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PuOR6tAgMMNwE9KkCi26peIT9LoamEkhUD8f%2BDr2h%2FgqDE1koAzvkJ8RChK4WERJvBs3rExRjI6JAP3k064qZlJD4P1jnJ6SUrajSZQmUH2ny7VMqUSv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7715899cde45b51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| openfpcdn.io/fingerprintjs/v3 | 54.230.111.116 | 200 OK | 0 B |
URL HTTP/2openfpcdn.io/fingerprintjs/v3 IP54.230.111.116:0
GET /fingerprintjs/v3 HTTP/1.1
Host: openfpcdn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://za.gl
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
server: CloudFront
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 28 Nov 2022 18:04:13 GMT
cache-control: public, max-age=626121, s-maxage=11165
etag: W/"iGPd/qM5rvpVhWvx3vVSNedX/OA"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: iqHOUIMlIS1pcpNbOlyvoss5P9xb7Sqi25hY7K1U7Qm6QJccC9FH5w==
age: 5377
X-Firefox-Spdy: h2
|
|
| static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 | 104.16.57.101 | 200 OK | 0 B |
URL HTTP/2static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 IP104.16.57.101:0
GET /beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://za.gl
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 19:33:50 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2022.10.1
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 7715899f79171bfe-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=DM+Sans:wght@400;700&display=swap | 142.250.74.10 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/css2?family=DM+Sans:wght@400;700&display=swap IP142.250.74.10:0
GET /css2?family=DM+Sans:wght@400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 28 Nov 2022 19:33:50 GMT
date: Mon, 28 Nov 2022 19:33:50 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| cdn.barscreative1.com/sb/interstitial/software/flashPlayer/mac/multi/1/index.html | 45.133.44.3 | 200 OK | 0 B |
URL HTTP/2cdn.barscreative1.com/sb/interstitial/software/flashPlayer/mac/multi/1/index.html IP45.133.44.3:0 ASN#39572 DataWeb Global Group B.V.
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /sb/interstitial/software/flashPlayer/mac/multi/1/index.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://za.gl
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 19:33:53 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Wed, 01 Sep 2021 12:22:33 GMT
etag: W/"612f7089-cfb"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Mon, 28 Nov 2022 20:33:53 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/img/close.svg | 172.64.108.13 | 200 OK | 0 B |
URL HTTP/2cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/img/close.svg IP172.64.108.13:0
GET /sb/interstitial/software/flashPlayer/mac/multi/1/img/close.svg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 19:33:53 GMT
content-type: image/svg+xml
last-modified: Wed, 01 Sep 2021 12:22:39 GMT
etag: W/"612f708f-4ff"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1143755
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cmW2cmEQDPuPx6mzYccIMcww%2F1ypVghVJT8q94iYzbpmaqyTo5dPqIRsiIyBhbH5RTKIinD1d9orlCsvqLhw0aWCMfthiMDhc33HKkgpproLzkSB54ffMaIg3gx1Dk6208SLtJNDYPAN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771589b1cac106b2-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|