Report - www.combolist.xyz/14m-netherlands-combo-list-fresh-294

Report Overview

Visited public
2024-08-04 18:57:20
Tags
Submit Tags
URL
www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Finishing URL
www.combolist.xyz/14m-netherlands-combo-list-fresh-294
IP / ASN
104.21.12.211
#13335 CLOUDFLARENET
Title
1.4M__Netherlands_Combo_List_Fresh

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Sent	Received	IP
e6.o.lencr.org	unknown	652 B	1.5 kB	23.36.77.32
zusteemtoohy.net	unknown	470 B	167 kB	139.45.197.243
www.recaptcha.net	2060	457 B	62 kB	142.250.74.131
idaiwomseex.com	unknown	1.1 kB	194 kB	139.45.197.244
e5.o.lencr.org	unknown	326 B	728 B	23.36.76.226
www.combolist.xyz	unknown	14 kB	498 kB	172.67.196.90
fonts.gstatic.com	unknown	2.7 kB	171 kB	142.250.74.131
r11.o.lencr.org	unknown	654 B	1.8 kB	23.36.76.226
cdn.jsdelivr.net	439	7.1 kB	364 kB	104.18.187.31
o.pki.goog	unknown	3.6 kB	7.7 kB	142.250.74.131
www.googletagmanager.com	75	862 B	209 kB	142.250.74.168
zovidree.com	unknown	399 B	42 kB	172.67.166.14
pertawee.net	unknown	7.5 kB	145 kB	139.45.197.251
my.rtmark.net	9054	1.1 kB	1.5 kB	139.45.195.8
auchoahy.net	unknown	512 B	484 B	139.45.197.226
r10.o.lencr.org	unknown	2.3 kB	6.2 kB	23.36.77.32
fonts.googleapis.com	8877	1.3 kB	87 kB	142.250.74.106
www.gstatic.com	unknown	484 B	215 kB	142.250.74.35

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-08-04	medium	pertawee.net	Sinkholed
2024-08-04	medium	pertawee.net	Sinkholed
2024-08-04	medium	pertawee.net	Sinkholed
2024-08-04	medium	pertawee.net	Sinkholed
2024-08-04	medium	pertawee.net	Sinkholed
2024-08-04	medium	pertawee.net	Sinkholed
2024-08-04	medium	pertawee.net	Sinkholed
2024-08-04	medium	pertawee.net	Sinkholed
2024-08-04	medium	auchoahy.net	Sinkholed
2024-08-04	medium	pertawee.net	Sinkholed
2024-08-04	medium	pertawee.net	Sinkholed
2024-08-04	medium	pertawee.net	Sinkholed
2024-08-04	medium	pertawee.net	Sinkholed
2024-08-04	medium	pertawee.net	Sinkholed
2024-08-04	medium	pertawee.net	Sinkholed
2024-08-04	medium	pertawee.net	Sinkholed

ThreatFox

No alerts detected

JavaScript (28)

	URL	From	Size	First Seen	Last Seen
	www.combolist.xyz/14m-netherlands-combo-list-fresh-294	ScriptElement	192 B	2024-08-04	2024-10-13
Pretty URL www.combolist.xyz/14m-netherlands-combo-list-fresh-294 IP 172.67.196.90 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-04 20:57 Last Seen2024-10-13 13:49 Times Seen6 Hash afccbe6be6cea22f7f0cdcca846f262f 668278e38561fc9777b2180c3cc006d8b54bf6c3 c9ad2d63b9ea54b6214014c30235097ac1f982d38ccd59babc72d8b6f5bcba17 Loading...

	www.combolist.xyz/14m-netherlands-combo-list-fresh-294	ScriptElement	153 B	2024-08-04	2024-10-13
Pretty URL www.combolist.xyz/14m-netherlands-combo-list-fresh-294 IP 172.67.196.90 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-04 20:57 Last Seen2024-10-13 13:49 Times Seen6 Hash e58abcb7f11989a223f089bef77ffb91 d5f444c9dc782faac13cfee278bd89ba3d0888ec 64ebbe05f2d67a49f52d0bdc47b788817ccacc8c380f2cb505869a3ce2596fca Loading...

	cdn.jsdelivr.net/gh/Arlina-Design/quasar@master/arlinablock.js	ScriptElement	91 kB	2023-03-07	2025-07-15
Pretty URL cdn.jsdelivr.net/gh/Arlina-Design/quasar@master/arlinablock.js IP 104.18.187.31 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17 Last Seen2025-07-15 10:55 Times Seen121 Hash 2b77703699738a0afe4785cb1b853a75 27b1ae11bc11f614ed04ed5221ca3203775d1f0f 7479748bad5793b25b90b43aec31d698a6dc56b094c4b5d26ac884bce952931c Loading...

	www.combolist.xyz/sandbox%20eval%20code		128 B	2023-05-06	2025-07-16
Pretty URL www.combolist.xyz/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-05-06 01:21 Last Seen2025-07-16 06:49 Times Seen30051 Hash 23c336606ee3a6d444b305153fa0e2e2 473a2111970ae2a94b373e656d20c4bd4184d703 305375d5052f6a14434d2d338f852f0f4f04fb26495f88a5d62b6afde2e2cc60 Loading...

	www.combolist.xyz/14m-netherlands-combo-list-fresh-294	ScriptElement	396 B	2023-03-07	2025-07-15
Pretty URL www.combolist.xyz/14m-netherlands-combo-list-fresh-294 IP 172.67.196.90 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:17 Last Seen2025-07-15 10:55 Times Seen65 Hash 0a2eeea044774d403b7ca5a01441d884 c266d1836bcd05d4b24b77647f429cce0bfaa5bc c400ddfaedf3805ec2dc31532affcca0c4a34b4a7e35a36ba3c6eb924230a4b1 Loading...

	www.combolist.xyz/14m-netherlands-combo-list-fresh-294	ScriptElement	118 B	2023-03-07	2025-06-12
Pretty URL www.combolist.xyz/14m-netherlands-combo-list-fresh-294 IP 172.67.196.90 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:24 Last Seen2025-06-12 07:56 Times Seen576 Hash 34fdf55eb2c8dd74d766726998ac1e33 bf3d638f172ecf0bbeaba07b95906ac782df984b 825126e219ceec3705d99e914ca7f33d983db97d670a3392ea938be7c9419c94 Loading...

	unknown	ScriptElement	87 kB	2024-08-01	2024-08-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-01 16:39 Last Seen2024-08-19 15:01 Times Seen53 Hash 1787430d434417b2d794558ebb0aee4e afb3e6b88c5a7c609f87974fb7dc74b2d526f633 d13c2d8b4b1b7fdcb79dcf0886af09764c8320e303a861cff5f03ccbde1f1d82 Loading...

	unknown	ScriptElement	26 kB	2023-03-07	2025-01-30
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18 Last Seen2025-01-30 15:49 Times Seen1752 Hash a912e7afe74b51fdd03b28bf67e7d409 85004dfe087af5a730261c85262661d89b3d2516 706b3882753d8f81cfcf35aa2623303b1b380c8106686a4ad12a1fae23cf4650 Loading...

	www.combolist.xyz/14m-netherlands-combo-list-fresh-294	ScriptElement	138 B	2024-08-04	2024-10-11
Pretty URL www.combolist.xyz/14m-netherlands-combo-list-fresh-294 IP 172.67.196.90 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-04 20:57 Last Seen2024-10-11 09:06 Times Seen4 Hash e7a7a840b1021903789c259a7e07d22b 59e7c33c670136d6f08447e9216c0c5093e93d8d 88fe434db8a2d18502b5be33aac6ccde3faff60f51208f63b7fa626caf14cc17 Loading...

	www.combolist.xyz/assets/js/app.js?v=3.3.0	ScriptElement	35 kB	2024-08-04	2025-05-06
Pretty URL www.combolist.xyz/assets/js/app.js?v=3.3.0 IP 172.67.196.90 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-04 20:57 Last Seen2025-05-06 13:41 Times Seen7 Hash 0218b4cea237370e2297935af60e657c 86d7435073c1b42d0cfd752b13062e018185e51a 091e9ed03690763eb2d8fddf089e1b88b5a68c83c7259b7e99352d9b33374ff3 Loading...

	pagead2.googlesyndication.com/pagead/js/adsbygoogle.js	ScriptElement	1.6 kB	2023-05-06	2025-07-16
Pretty URL pagead2.googlesyndication.com/pagead/js/adsbygoogle.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-06 01:21 Last Seen2025-07-16 06:49 Times Seen29792 Hash 2e9e391ad98fbe1b2de0b7b4fa9ca904 21d7771223e8286a06ad878af425094a40de32b5 1468d954f25ab75355f3c0f42cd9c84efd64a67922c47d3b69bdb6d0eb399e69 Loading...

	www.combolist.xyz/14m-netherlands-combo-list-fresh-294	ScriptElement	764 B	2024-08-04	2024-09-19
Pretty URL www.combolist.xyz/14m-netherlands-combo-list-fresh-294 IP 172.67.196.90 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-04 20:57 Last Seen2024-09-19 21:08 Times Seen4 Hash 5efc1035007dcf933a2f0003250535e5 17758a693e48d27bc69b48ded5e4db06196b879a 0c01a5d0d72895fa29fc3ceddfd8a99659ed592b101d831950ebd9e42fe58aa5 Loading...

	cdn.jsdelivr.net/npm/jquery@3.6.0/dist/jquery.min.js	ScriptElement	90 kB	2023-03-07	2025-07-16
Pretty URL cdn.jsdelivr.net/npm/jquery@3.6.0/dist/jquery.min.js IP 104.18.187.31 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-07-16 07:42 Times Seen244732 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/recaptcha__en.js	ScriptElement	544 kB	2024-08-01	2025-06-30
Pretty URL www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/recaptcha__en.js IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-01 14:45 Last Seen2025-06-30 20:37 Times Seen4194 Hash 1d96c92a257d170cba9e96057042088e 70c323e5d1fc37d0839b3643c0b3825b1fc554f1 e96a5e1e04ee3d7ffd8118f853ec2c0bcbf73b571cfa1c710238557baf5dd896 Loading...

	cdn.jsdelivr.net/npm/blazy@1.8.2/blazy.min.js	ScriptElement	5.2 kB	2023-03-07	2025-07-15
Pretty URL cdn.jsdelivr.net/npm/blazy@1.8.2/blazy.min.js IP 104.18.187.31 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:36 Last Seen2025-07-15 14:50 Times Seen777 Hash 44701cfb0078345ec1d432f661e33709 0b31dabace05042ee29f5989b0191e7e4072a88f 0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f Loading...

	www.combolist.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	ScriptElement	1.2 kB	2023-03-07	2025-07-16
Pretty URL www.combolist.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP 172.67.196.90 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-07-16 07:41 Times Seen90422 Hash 9e8f56e8e1806253ba01a95cfc3d392c a8af90d7482e1e99d03de6bf88fed2315c5dd728 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Loading...

	pertawee.net/act/files/tag.min.js?z=7001884	ScriptElement	30 kB	2024-08-02	2024-08-19
Pretty URL pertawee.net/act/files/tag.min.js?z=7001884 IP 139.45.197.251 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-02 12:13 Last Seen2024-08-19 14:55 Times Seen38 Hash a0c4346a4ec72027390b33f9b000a28d 9e35e54f2fcb282630d839562228b90b2d6b72c3 e13bd2ec761cdce0696af4a649c569b2657ff778b6c9380d0d41760ef2d30d7e Loading...

	www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit	ScriptElement	941 B	2024-08-02	2024-08-19
Pretty URL www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit IP 142.250.74.131 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-02 05:16 Last Seen2024-08-19 14:57 Times Seen44 Hash 96648d38cc22b40217536f6f6f4e6609 5b3a928fba3dab3af9b86e9cbb9e49ac370c21bb 104122c9ef72bd058d9b0a7fc8e521c0e2048af16e264d4a0811d2cb1477e740 Loading...

	www.combolist.xyz/assets/js/ads.js	ScriptElement	191 B	2023-03-07	2025-07-15
Pretty URL www.combolist.xyz/assets/js/ads.js IP 172.67.196.90 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23 Last Seen2025-07-15 23:56 Times Seen971 Hash 17787a2eab84e597896283209c237ef4 8f981359046b81a2c99061fc68d7a6d214fc98bc 347f6365abfcb020615486b3d7e0a6021a507bc720e5fc70efb8bacce6a160ca Loading...

	cdn.jsdelivr.net/npm/bootstrap@4.6.1/dist/js/bootstrap.bundle.min.js	ScriptElement	83 kB	2023-03-07	2025-07-15
Pretty URL cdn.jsdelivr.net/npm/bootstrap@4.6.1/dist/js/bootstrap.bundle.min.js IP 104.18.187.31 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10 Last Seen2025-07-15 21:54 Times Seen2219 Hash 90146f01d8a2028ed6f2c3d2fba4ac9b 0363cb58b7a7b60ef7fbf82b8bceb6305232501a 7e02c082fedfc821a8a51fe004dab6896dd928876a21ccac8675142c2e2f7b1f Loading...

	cdn.jsdelivr.net/npm/owl.carousel@2.3.4/dist/owl.carousel.min.js	ScriptElement	44 kB	2023-03-07	2025-07-16
Pretty URL cdn.jsdelivr.net/npm/owl.carousel@2.3.4/dist/owl.carousel.min.js IP 104.18.187.31 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-07-16 03:23 Times Seen18600 Hash f416f9031fef25ae25ba9756e3eb6978 e2a600e433df72b4cfde93d7880e3114917a3cbe a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d Loading...

	cdn.jsdelivr.net/npm/selection-sharer@1.1.0/dist/selection-sharer.js	ScriptElement	9.4 kB	2023-06-27	2025-05-06
Pretty URL cdn.jsdelivr.net/npm/selection-sharer@1.1.0/dist/selection-sharer.js IP 104.18.187.31 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-27 14:13 Last Seen2025-05-06 13:41 Times Seen7 Hash 65a80fc448d43aca67ac7a6df04e479c 096db6126867b93dca5d3d53e52b00d2e0940798 0bcb34034069333dd04364cdb8f60bb4d741f1cdb1f0941eecb10970bfe24213 Loading...

	www.googletagmanager.com/gtag/js?id=G-LGP09V2C4S	ScriptElement	314 kB	2024-08-19	2024-08-19
Pretty URL www.googletagmanager.com/gtag/js?id=G-LGP09V2C4S IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 14:39 Last Seen2024-08-19 14:39 Times Seen1 Hash 4de1a73018ffe04aba02334e1b5ba007 74bd81bf9af69ef7b13abf7242ba6bcc6b99d2af d8b8b80c6bab64f7f2c5df7e353b774a6a57998aa7c383fc253b0405a3bfbe3f Loading...

	www.combolist.xyz/14m-netherlands-combo-list-fresh-294	ScriptElement	486 B	2024-08-19	2024-08-19
Pretty URL www.combolist.xyz/14m-netherlands-combo-list-fresh-294 IP 172.67.196.90 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-19 14:39 Last Seen2024-08-19 14:39 Times Seen1 Hash d88b54b288b8c451022e1a2a65bd69b7 e2be7f6b7f4ac1a654e940d10d3d0614fc46774a 74f5035adfbfc7cc710c29a8608baa3a7f03a1dac2ff5e73a17c653d46b971f8 Loading...

	cdn.jsdelivr.net/gh/ppowalowski/stickUp2@2.3.2/build/js/stickUp.min.js	ScriptElement	3.9 kB	2023-06-27	2025-05-06
Pretty URL cdn.jsdelivr.net/gh/ppowalowski/stickUp2@2.3.2/build/js/stickUp.min.js IP 104.18.187.31 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-27 14:13 Last Seen2025-05-06 13:41 Times Seen7 Hash b0f22f833103e551afe5180584f69159 0cd048229052f85c43b403cad39ae5aa29ba4ff8 9a4ac684927cc19f95f1ecf62d6482e6b8e17d743c98c6f13964288bb96c27a9 Loading...

	zovidree.com/tag.min.js	ScriptElement	69 kB	2024-08-04	2024-08-19
Pretty URL zovidree.com/tag.min.js IP 172.67.166.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-04 19:57 Last Seen2024-08-19 14:39 Times Seen3 Hash 994861198c811af4945b1c3701c31325 93e0e046700a67a4054f058b8fd30a909c9c30f5 48d501a6f9869263af42476eb3211f64b5d981f7da9b0643f485dc0acafda4cd Loading...

	www.googletagmanager.com/gtag/js?id=G-LGP09V2C4S	ScriptElement	314 kB	2024-08-19	2024-08-19
Pretty URL www.googletagmanager.com/gtag/js?id=G-LGP09V2C4S IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 14:39 Last Seen2024-08-19 14:39 Times Seen1 Hash fe88d70f986465362732541f3b276c63 9c99edd9f5617265d86a0e88b8fb9bc612984869 4c405f65b87082d9faefbae0a7c8193d055eba26de20b1d13203c5a516acd387 Loading...

		Size	First Seen	Last Seen
	#1 Write - e07e428f4bc522df41a557416a9033e4	51 kB	2024-08-04 20:57	2024-08-29 17:38
Pretty Observations First Seen2024-08-04 20:57 Last Seen2024-08-29 17:38 Times Seen3 Hash e07e428f4bc522df41a557416a9033e4 ec98578db318ff69be240ffa2bd4ef02bfe3ff57 6504b2ee80b4d3502e0be0ea6769040b0107556032b396574729c572abeee42a Loading...

HTTP Transactions (80)

URL IP Response Size

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
addc02313d62bf977d4b5dd463b48637
49b5e37e2888a9db981bd54827c4f4c7b9f7b53a
9b553a61256a129f9c5c31614a702c4f0441a3f018cc2b3897ab2cc16e184eeb

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "9B553A61256A129F9C5C31614A702C4F0441A3F018CC2B3897AB2CC16E184EEB"
Last-Modified: Sat, 03 Aug 2024 18:28:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4439
Expires: Sun, 04 Aug 2024 20:10:49 GMT
Date: Sun, 04 Aug 2024 18:56:50 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
084406a853d82fa208410ee4bc78b67c
1c6276ec2e9a0fa10937dc34d821a64633c7d16a
6d567507b5502a9e553e77b519b679e83b3a8a01896731cec08bd1da0699b379

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "6D567507B5502A9E553E77B519B679E83B3A8A01896731CEC08BD1DA0699B379"
Last-Modified: Sat, 03 Aug 2024 18:27:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13210
Expires: Sun, 04 Aug 2024 22:37:00 GMT
Date: Sun, 04 Aug 2024 18:56:50 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
8bd7201be8d12c4b511d2c5643b45dbc
f2ecb2ebafbf4f8d92f92007753001befcedc634
25cb2e6ad29d4503f32121fbe37e2b0f4ce64a7f6cb57233ebf16df5d6b78d53

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "25CB2E6AD29D4503F32121FBE37E2B0F4CE64A7F6CB57233EBF16DF5D6B78D53"
Last-Modified: Sat, 03 Aug 2024 18:58:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5544
Expires: Sun, 04 Aug 2024 20:29:15 GMT
Date: Sun, 04 Aug 2024 18:56:51 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
3653abf0951eea060f104ae59d60cf7c
75790e8c59cb78c77ab522e7dc7140b62a046bb9
d059eeda67b64dd02259f5a9352df39cc808e3f9e03068a434e0f6486814893d

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "D059EEDA67B64DD02259F5A9352DF39CC808E3F9E03068A434E0F6486814893D"
Last-Modified: Sat, 03 Aug 2024 18:27:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17238
Expires: Sun, 04 Aug 2024 23:44:09 GMT
Date: Sun, 04 Aug 2024 18:56:51 GMT
Connection: keep-alive

GET cdn.jsdelivr.net/npm/bootstrap@4.6.1/dist/css/bootstrap.min.css

104.18.187.31

200 OK

26 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/bootstrap@4.6.1/dist/css/bootstrap.min.css
IP
104.18.187.31:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Certificate
IssuerSectigo Limited
Subject*.jsdelivr.net
Fingerprint74:7A:63:DF:06:27:1E:52:8C:E8:0D:AD:1F:89:98:B5:EB:2D:49:EE
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT

File type
ASCII text, with very long lines (65326)
Size
26 kB (26391 bytes)
Hash
d44328cee87c2b405213893ba35eaf78
1fb83fc595cf28bf9362d87610eadfa3b7bbbe59
0c5ed985fdbddc027124d4e6879ce1a1860832cda85e2b517c18d8fbd2fffc06

HTTP Headers

GET /npm/bootstrap@4.6.1/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.combolist.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 04 Aug 2024 18:56:52 GMT
content-type: text/css; charset=utf-8
content-length: 26391
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 4.6.1
x-jsd-version-type: version
etag: W/"278e1-H7g/xZXPKL+TYth2EOrfo7e7vlk"
content-encoding: br
x-served-by: cache-fra-eddf8230108-FRA, cache-lga21976-LGA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 4524704
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z2uWxbK70gzOgwa1E4Om7PxStttz6XajUq9hGx1XryRwVJuPAntn2ZVD8jCbFwzLeuDQPBzpCzw11L736Kpn%2B9iflzAzzveYU57S7MsOnRe7KlEgUr71P6eNBtEVLwtpBhs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ae0c515483d1c02-OSL
X-Firefox-Spdy: h2

GET cdn.jsdelivr.net/npm/owl.carousel@2.3.4/dist/owl.carousel.min.js

104.18.187.31

200 OK

12 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/owl.carousel@2.3.4/dist/owl.carousel.min.js
IP
104.18.187.31:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Certificate
IssuerSectigo Limited
Subject*.jsdelivr.net
Fingerprint74:7A:63:DF:06:27:1E:52:8C:E8:0D:AD:1F:89:98:B5:EB:2D:49:EE
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (31997)
Size
12 kB (12428 bytes)
Hash
f416f9031fef25ae25ba9756e3eb6978
e2a600e433df72b4cfde93d7880e3114917a3cbe
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d

HTTP Headers

GET /npm/owl.carousel@2.3.4/dist/owl.carousel.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.combolist.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 04 Aug 2024 18:56:52 GMT
content-type: application/javascript; charset=utf-8
content-length: 12428
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 2.3.4
x-jsd-version-type: version
etag: W/"ad36-4qYA5DPfcrTP3pPXiA4xFJF6PL4"
content-encoding: br
x-served-by: cache-fra-eddf8230028-FRA, cache-lga21976-LGA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 4529300
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1B9AwxJBYE4N0xoLNdHg%2B6OMeKrx7oaxuuLTQO%2BMWKZ5oShvvJjq7JF2BQ3TUJXZAEwrJ77uZsUTL1Cdu4RnO38kanMaAr0jHZTSHwfQwQdM7bVg4g5%2BZqsmDCcX3BS1lvw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ae0c51548411c02-OSL
X-Firefox-Spdy: h2

GET cdn.jsdelivr.net/npm/bootstrap@4.6.1/dist/js/bootstrap.bundle.min.js

104.18.187.31

200 OK

24 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/bootstrap@4.6.1/dist/js/bootstrap.bundle.min.js
IP
104.18.187.31:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Certificate
IssuerSectigo Limited
Subject*.jsdelivr.net
Fingerprint74:7A:63:DF:06:27:1E:52:8C:E8:0D:AD:1F:89:98:B5:EB:2D:49:EE
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65299)
Size
24 kB (23650 bytes)
Hash
90146f01d8a2028ed6f2c3d2fba4ac9b
0363cb58b7a7b60ef7fbf82b8bceb6305232501a
7e02c082fedfc821a8a51fe004dab6896dd928876a21ccac8675142c2e2f7b1f

HTTP Headers

GET /npm/bootstrap@4.6.1/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.combolist.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 04 Aug 2024 18:56:52 GMT
content-type: application/javascript; charset=utf-8
content-length: 23650
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 4.6.1
x-jsd-version-type: version
etag: W/"14535-A2PLWLentg73+/gri862MFIyUBo"
content-encoding: br
x-served-by: cache-fra-etou8220111-FRA, cache-lga21974-LGA
x-cache: HIT, MISS
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 4519900
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RIUyCYqWUUVKYoPoBue36kFgXX3FyDbAu9eNtoyCtlE9wh51IfLWXqkQQXX2%2Budo8jcWYqDB1d1vJlPe9sL71D6D7FLpqyPQXNGunm4nKD8xb%2BBhb7mPqramEqfe8x2C4q4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ae0c51548401c02-OSL
X-Firefox-Spdy: h2

GET cdn.jsdelivr.net/npm/blazy@1.8.2/blazy.min.js

104.18.187.31

200 OK

2.0 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/blazy@1.8.2/blazy.min.js
IP
104.18.187.31:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Certificate
IssuerSectigo Limited
Subject*.jsdelivr.net
Fingerprint74:7A:63:DF:06:27:1E:52:8C:E8:0D:AD:1F:89:98:B5:EB:2D:49:EE
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (4991)
Size
2.0 kB (2009 bytes)
Hash
44701cfb0078345ec1d432f661e33709
0b31dabace05042ee29f5989b0191e7e4072a88f
0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f

HTTP Headers

GET /npm/blazy@1.8.2/blazy.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.combolist.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 04 Aug 2024 18:56:52 GMT
content-type: application/javascript; charset=utf-8
content-length: 2009
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 1.8.2
x-jsd-version-type: version
etag: W/"1448-CzHaus4FBC7in1mJsBkefkByqI8"
content-encoding: gzip
x-served-by: cache-fra-etou8220037-FRA, cache-lga21968-LGA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 4519708
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6TQAmqPG0GmSmwCG2nBXf11dWeD5bAaMywSPXGSdjwRzT2OD8qk3HiJJsWuRpUEUbYF%2BhznIB81PGKmnatj1%2BwrbKrD5v%2FZ2xaklZ7rJGZ6y8xDLFLSqqlLPAl1EmftXVkw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ae0c51548441c02-OSL
X-Firefox-Spdy: h2

GET cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5.15.4/css/all.min.css

104.18.187.31

200 OK

13 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5.15.4/css/all.min.css
IP
104.18.187.31:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Certificate
IssuerSectigo Limited
Subject*.jsdelivr.net
Fingerprint74:7A:63:DF:06:27:1E:52:8C:E8:0D:AD:1F:89:98:B5:EB:2D:49:EE
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT

File type
ASCII text, with very long lines (59119)
Size
13 kB (13056 bytes)
Hash
ecd507b3125edc4d2a03aa6ae5d07da9
a57ee68d11601b0fd8e5037fc241ff65a754473c
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

HTTP Headers

GET /npm/@fortawesome/fontawesome-free@5.15.4/css/all.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.combolist.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 04 Aug 2024 18:56:52 GMT
content-type: text/css; charset=utf-8
content-length: 13056
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 5.15.4
x-jsd-version-type: version
etag: W/"e7a9-pX7mjRFgGw/Y5QN/wkH/ZadURzw"
content-encoding: br
x-served-by: cache-fra-eddf8230072-FRA, cache-lga21968-LGA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 2624627
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FS1Z55%2Bz36dqfjb07e91RWVoNbFfQcKa%2BFNa6jkW0WNNUum%2Fll38njKAT9dnkCxtp3jQyBKAJz10TuF1oQPVWR8pe3fWZGr1PDGjaA8lPlI3x%2FqDQRalYU8BVv9hPgKNrj0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ae0c515c8ad1c02-OSL
X-Firefox-Spdy: h2

GET cdn.jsdelivr.net/npm/owl.carousel@2.3.4/dist/assets/owl.carousel.min.css

104.18.187.31

200 OK

1.1 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/owl.carousel@2.3.4/dist/assets/owl.carousel.min.css
IP
104.18.187.31:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Certificate
IssuerSectigo Limited
Subject*.jsdelivr.net
Fingerprint74:7A:63:DF:06:27:1E:52:8C:E8:0D:AD:1F:89:98:B5:EB:2D:49:EE
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT

File type
ASCII text, with very long lines (3184)
Size
1.1 kB (1061 bytes)
Hash
b2752a850d44f50036628eeaef3bfcfa
fba46353cf90450ef3d362a123f1e7af3e8c561e
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc

HTTP Headers

GET /npm/owl.carousel@2.3.4/dist/assets/owl.carousel.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.combolist.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 04 Aug 2024 18:56:52 GMT
content-type: text/css; charset=utf-8
content-length: 1061
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 2.3.4
x-jsd-version-type: version
etag: W/"d17-+6RjU8+QRQ7z02KhI/Hnrz6MVh4"
content-encoding: gzip
x-served-by: cache-fra-etou8220073-FRA, cache-lga21923-LGA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 2624988
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5NKHl8x9wJMnHC6DK87iFMHZUmTJMFnSdCAGrNsq76Z1uJXX1lIFfnKTMXdrdBbQX6day9I7AtFsyOcKRnQoHWt7IhYt5aO9N4nnuJel6edybL6LcrOMjdIVgyOPUwURqLk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ae0c515c8b11c02-OSL
X-Firefox-Spdy: h2

GET cdn.jsdelivr.net/npm/owl.carousel@2.3.4/dist/assets/owl.theme.default.min.css

104.18.187.31

200 OK

496 B

URL GET HTTP/2
cdn.jsdelivr.net/npm/owl.carousel@2.3.4/dist/assets/owl.theme.default.min.css
IP
104.18.187.31:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Certificate
IssuerSectigo Limited
Subject*.jsdelivr.net
Fingerprint74:7A:63:DF:06:27:1E:52:8C:E8:0D:AD:1F:89:98:B5:EB:2D:49:EE
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT

File type
ASCII text, with very long lines (846)
Size
496 B (496 bytes)
Hash
594b81805a98b267e47c70a8fad30d9f
684d84ec40b305ca14efc88c91f12972cb6342b4
924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac

HTTP Headers

GET /npm/owl.carousel@2.3.4/dist/assets/owl.theme.default.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.combolist.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 04 Aug 2024 18:56:52 GMT
content-type: text/css; charset=utf-8
content-length: 496
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 2.3.4
x-jsd-version-type: version
etag: W/"3f5-aE2E7ECzBcoU78iMkfEpcstjQrQ"
content-encoding: br
x-served-by: cache-fra-eddf8230111-FRA, cache-lga21976-LGA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 4519709
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r1Dc1aA1t3isqIJMsUuwsAsvVC9Ai9NXz1YcNtg43PoqQOHTtBwIURTvFXpxYxawD19xw6fWRh1CQ4QoeUCqV0KiddRrLnu8V9f5uKkK61%2FIzF5goCswl0V0R0w3UJaCUTA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ae0c515c8b31c02-OSL
X-Firefox-Spdy: h2

GET cdn.jsdelivr.net/gh/ppowalowski/stickUp2@2.3.2/build/js/stickUp.min.js

104.18.187.31

200 OK

1.5 kB

URL GET HTTP/2
cdn.jsdelivr.net/gh/ppowalowski/stickUp2@2.3.2/build/js/stickUp.min.js
IP
104.18.187.31:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Certificate
IssuerSectigo Limited
Subject*.jsdelivr.net
Fingerprint74:7A:63:DF:06:27:1E:52:8C:E8:0D:AD:1F:89:98:B5:EB:2D:49:EE
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (3935), with no line terminators
Size
1.5 kB (1536 bytes)
Hash
b0f22f833103e551afe5180584f69159
0cd048229052f85c43b403cad39ae5aa29ba4ff8
9a4ac684927cc19f95f1ecf62d6482e6b8e17d743c98c6f13964288bb96c27a9

HTTP Headers

GET /gh/ppowalowski/stickUp2@2.3.2/build/js/stickUp.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.combolist.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 04 Aug 2024 18:56:52 GMT
content-type: application/javascript; charset=utf-8
content-length: 1536
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 2.3.2
x-jsd-version-type: version
etag: W/"f5f-DNBIIpBS+FxDtAPK05rlqim6T/g"
content-encoding: gzip
x-served-by: cache-fra-etou8220045-FRA, cache-lga21936-LGA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1tULrdaqYEWZ5bY8APR1GQUlb9gMCwApnRpWmDxMT5IsSKkOoptASySigPnZpcEhkTTHpwgWKtjp6UTosDxhuRaYBCA7Q%2BwyyEktICf4Fg%2Bg1wnSwC49xHhuYfOAPOgTdGU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ae0c51548431c02-OSL
X-Firefox-Spdy: h2

GET cdn.jsdelivr.net/npm/jquery@3.6.0/dist/jquery.min.js

104.18.187.31

200 OK

30 kB

URL GET HTTP/3
cdn.jsdelivr.net/npm/jquery@3.6.0/dist/jquery.min.js
IP
104.18.187.31:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Certificate
IssuerSectigo Limited
Subject*.jsdelivr.net
Fingerprint74:7A:63:DF:06:27:1E:52:8C:E8:0D:AD:1F:89:98:B5:EB:2D:49:EE
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
30 kB (30113 bytes)
Hash
8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

HTTP Headers

GET /npm/jquery@3.6.0/dist/jquery.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.combolist.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 04 Aug 2024 18:56:52 GMT
content-type: application/javascript; charset=utf-8
content-length: 30113
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 3.6.0
x-jsd-version-type: version
etag: W/"15d9d-uC0jjU4x/fYYuuisEabIEsA90NQ"
content-encoding: br
x-served-by: cache-fra-eddf8230088-FRA, cache-lga21927-LGA
x-cache: HIT, MISS
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 2624979
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o8rOL7sF7yLa3mmJIzXWPJeqIrmxi6v59T%2FQDNnpnvnSRrHvH4kpd2xiRNyhZfLiB9QkVTQnpdx86LnI978XJBw4S07EbknsUF7%2BZ04I3pQtgmlowrpp8DjGQXi%2FFRDGYW4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ae0c5161dfe56b1-OSL

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
577d66d28f849b68ec73ff9bc07b794d
fc2ea9adfa38e9451679173b4af4d878f47a671f
8466169b3bbfe3c2dece8ebf4739b5c2f88e920ed6c252e1c26c29c25c83add2

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Aug 2024 18:56:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
577d66d28f849b68ec73ff9bc07b794d
fc2ea9adfa38e9451679173b4af4d878f47a671f
8466169b3bbfe3c2dece8ebf4739b5c2f88e920ed6c252e1c26c29c25c83add2

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Aug 2024 18:56:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

e5.o.lencr.org/

23.36.76.226

345 B

URL
e5.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
04c0b569c188522fe45217c56425b330
94f365b715f2c4acd3a1d7bbd3aa7ddca43534cd
6ee019dcc8f00dfc803c2838407c873eb87d46c6b94675e9f3a1ada13fc2a15a

HTTP Headers

POST / HTTP/1.1
Host: e5.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "6EE019DCC8F00DFC803C2838407C873EB87D46C6B94675E9F3A1ADA13FC2A15A"
Last-Modified: Sat, 03 Aug 2024 05:44:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8194
Expires: Sun, 04 Aug 2024 21:13:26 GMT
Date: Sun, 04 Aug 2024 18:56:52 GMT
Connection: keep-alive

GET cdn.jsdelivr.net/npm/selection-sharer@1.2.2/dist/selection-sharer.css

104.18.187.31

200 OK

3.5 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/selection-sharer@1.2.2/dist/selection-sharer.css
IP
104.18.187.31:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Certificate
IssuerSectigo Limited
Subject*.jsdelivr.net
Fingerprint74:7A:63:DF:06:27:1E:52:8C:E8:0D:AD:1F:89:98:B5:EB:2D:49:EE
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT

File type
ASCII text, with very long lines (8431)
Size
3.5 kB (3453 bytes)
Hash
9fe0d6c519ac2164e4a6a47d9e392c95
38a29c2a8ef91407a9b426535c67687fda5cfd7c
77864d52f21e1c929dfc0034dde234364f36424228d2787e02b90dec40a66891

HTTP Headers

GET /npm/selection-sharer@1.2.2/dist/selection-sharer.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.combolist.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 04 Aug 2024 18:56:52 GMT
content-type: text/css; charset=utf-8
content-length: 3453
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 1.2.2
x-jsd-version-type: version
etag: W/"2154-OKKcKo75FAeptCZTXGdof9pc/Xw"
content-encoding: gzip
x-served-by: cache-fra-eddf8230102-FRA, cache-lga21968-LGA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ousZ0jscjUyahPhlndc0UU1cJZXfUNRuhZf0o08pH1CWQWcOExQhxYppLtBZFL%2FYTEo3uYmtR5NWykmzc50bm2JeOmImwCyEY9czpe1r6sHAxwAe3LvyK8cqQ1AoLH0QoPk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ae0c515c8b51c02-OSL
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
81a79c4b857dbae03350ec16019194a2
a8ec0d561c980e63a14eae3a37d55810cf5cb28d
a1a5e840420d4fe1c5c697d6d66e051889f881eb9b2cc381d7e37ee3ff329248

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Aug 2024 18:56:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
80d5507dca466cc93248ccd61a3a114b
9f913ebd9a0f00d39b1a36c42b8262a623c4c3e7
1fbc70a41dbb1235f189d1f5a804bf8a5e8216f4b9c40c637c9d6db8edec2462

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Aug 2024 18:56:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET www.googletagmanager.com/gtag/js?id=G-LGP09V2C4S

142.250.74.168

200 OK

104 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-LGP09V2C4S
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint27:BF:6E:8E:D6:51:1C:C5:B2:CF:E2:E9:0F:87:D0:F3:33:23:E7:37
ValidityTue, 30 Jul 2024 12:32:47 GMT - Tue, 22 Oct 2024 12:32:46 GMT

File type
JavaScript source, ASCII text, with very long lines (5945)
Size
104 kB (103782 bytes)
Hash
fe88d70f986465362732541f3b276c63
9c99edd9f5617265d86a0e88b8fb9bc612984869
4c405f65b87082d9faefbae0a7c8193d055eba26de20b1d13203c5a516acd387

HTTP Headers

GET /gtag/js?id=G-LGP09V2C4S HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.combolist.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 04 Aug 2024 18:56:52 GMT
expires: Sun, 04 Aug 2024 18:56:52 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 103782
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
81a79c4b857dbae03350ec16019194a2
a8ec0d561c980e63a14eae3a37d55810cf5cb28d
a1a5e840420d4fe1c5c697d6d66e051889f881eb9b2cc381d7e37ee3ff329248

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Aug 2024 18:56:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET www.combolist.xyz/assets/img/Gaming.png

172.67.196.90

200 OK

8.9 kB

URL GET HTTP/3
www.combolist.xyz/assets/img/Gaming.png
IP
172.67.196.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Certificate
IssuerGoogle Trust Services
Subjectcombolist.xyz
FingerprintFB:F5:31:3B:55:BD:EE:68:FE:C6:72:0F:55:CD:FA:60:0C:7E:B1:34
ValidityMon, 22 Jul 2024 10:34:14 GMT - Sun, 20 Oct 2024 10:34:13 GMT

File type
PNG image data, 230 x 70, 8-bit/color RGBA, non-interlaced
Size
8.9 kB (8863 bytes)
Hash
cd31f25994d9c3862a3b4d15801c548a
aad357b20da054c47cf400165b3e434d97313dd7
959ce7bc9e8020d71cd491d79f56bd8729b8f8294f076244876cc550003613c9

HTTP Headers

GET /assets/img/Gaming.png HTTP/1.1
Host: www.combolist.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Cookie: visitor=eyJpdiI6ImxENDhuMXdmbG1XYk1CVDZnTDdzOUE9PSIsInZhbHVlIjoiOTl5bVNaRG1hNVV4aEVOa1ZHelN5L2JhWU0xZmVVamwvbGN5aUg5OTFRQ3hnYzhRZDRwTjdna04wT3F6allIMyIsIm1hYyI6IjY2OThmMjEwMzYzNTE4MTRhMDJiZTdiMmZiMzEzMmRiZDA3MGExMjY2Y2ZiMWU3MzM3N2RiOGJkNGVkY2Q3ZmMiLCJ0YWciOiIifQ%3D%3D; XSRF-TOKEN=eyJpdiI6IldhS2gvc2h4ZWtMaEJERGxjUHhQREE9PSIsInZhbHVlIjoieUE2MjgrOGJmQnJNajN1VnBJbjUvM3FhaGduNTEwKy9xQUZnQkVyVWEwazFOeVhXM294MURlNWdTdU9EN1M0WXFEMmhWemsrSTd3c0IvRk9VWXlmM3hwUW1mRkFrZ3JwdWdHVGZoZy9PWW1xTVVVa3g4L1MyalZERDQzNFFoNE4iLCJtYWMiOiIwNDA5MGExZmJhMWFiMGEwMjgyOTc2MGYxMTJmYTYzZDVlMDliY2FjNzM3MWEzM2IzZTcyODkwNGM0ZmVmMTJiIiwidGFnIjoiIn0%3D; combo_list_hq_session=eyJpdiI6InlRdG9ORlptYVhPQk84UnYxbHE5OUE9PSIsInZhbHVlIjoiNFpyT3l3a0M5cWhZenYvZVRaZitxSFoxUjFFeTRyeTN2Ym1FU0tCeUp2R1NPV2FoRXBpb3hXR2k0OVNSVXFScHpza0RlQkFSNTkyV0dEU2VXTzlzbXdkck95VTRUT1puc0xxMjkrOVJKOUFOVTArQkxLQ0UxeVZNR29manA4V3kiLCJtYWMiOiJkOTgzMDBlYjllNzE2MjZkMGYzM2NiNDI2NjQ0ODMzODNlMDMxZTcwNzhhMDc0YzQ5MDU3NmQ1ZWE0MjVlNTFhIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Aug 2024 18:56:52 GMT
content-type: image/png
content-length: 8863
cache-control: public, max-age=31536000
expires: Mon, 04 Aug 2025 18:56:52 GMT
last-modified: Mon, 18 Dec 2023 19:15:23 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8MDW4NW9je3OlXISyPjWkdhU853VLhbz4bsH60%2FFXo3vBuT4RulCKwPCER5zxVMvQPaNoos2p9ZEduFyip%2FulY0HSBS2AUIV1YXlkwAlwPNU1NAQniqQTqLjqyhaBwjYwRN2hg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ae0c515199156ca-OSL
alt-svc: h3=":443"; ma=86400

GET cdn.jsdelivr.net/npm/selection-sharer@1.1.0/dist/selection-sharer.js

104.18.187.31

200 OK

3.1 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/selection-sharer@1.1.0/dist/selection-sharer.js
IP
104.18.187.31:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Certificate
IssuerSectigo Limited
Subject*.jsdelivr.net
Fingerprint74:7A:63:DF:06:27:1E:52:8C:E8:0D:AD:1F:89:98:B5:EB:2D:49:EE
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (9367), with no line terminators
Size
3.1 kB (3079 bytes)
Hash
65a80fc448d43aca67ac7a6df04e479c
096db6126867b93dca5d3d53e52b00d2e0940798
0bcb34034069333dd04364cdb8f60bb4d741f1cdb1f0941eecb10970bfe24213

HTTP Headers

GET /npm/selection-sharer@1.1.0/dist/selection-sharer.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.combolist.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 04 Aug 2024 18:56:52 GMT
content-type: application/javascript; charset=utf-8
content-length: 3079
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 1.1.0
x-jsd-version-type: version
etag: W/"249f-CW22EmhnuT3KXT1T5SsA0uCUB5g"
content-encoding: br
x-served-by: cache-fra-etou8220061-FRA, cache-lga21951-LGA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kOEOxbPXyWPuThtdT5M6KZeXnnUBvyCApozxdDnmmf5J%2BmMsOca1Slkq%2F9odT2RQEMeBbmyjFZC3kZ4E5pMXDdQJbOsEWRxwUdbMAeNSfcSOaeVPem9INQNS0ogjLE3M%2BZ8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ae0c51548421c02-OSL
X-Firefox-Spdy: h2

GET cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5.15.4/webfonts/fa-brands-400.woff2

104.18.187.31

200 OK

77 kB

URL GET HTTP/3
cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5.15.4/webfonts/fa-brands-400.woff2
IP
104.18.187.31:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Certificate
IssuerSectigo Limited
Subject*.jsdelivr.net
Fingerprint74:7A:63:DF:06:27:1E:52:8C:E8:0D:AD:1F:89:98:B5:EB:2D:49:EE
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 76736, version 331.-31196
Size
77 kB (76736 bytes)
Hash
ed311c7a0ade9a75bb3ebf5a7670f31d
0613c7ebba55ee47ef302c0f7766324692f899a7
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef

HTTP Headers

GET /npm/@fortawesome/fontawesome-free@5.15.4/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.combolist.xyz
DNT: 1
Connection: keep-alive
Referer: https://cdn.jsdelivr.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Aug 2024 18:56:52 GMT
content-type: font/woff2
content-length: 76736
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 5.15.4
x-jsd-version-type: version
etag: W/"12bc0-BhPH67pV7kfvMCwPd2YyRpL4mac"
x-served-by: cache-fra-etou8220072-FRA, cache-lga21935-LGA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 2624480
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qMXv8SfI6UHeNFSXXhZ2Z7gqA%2F7x51X2ofjF48IfSFlCfWI2sJN0IaDWHPbgdyZzi%2FjyFRWX33vcGmNMdDcWSUhFi%2Bpmxo%2FNs7DkSDRCMkiXAO0gvf78UOlT4cMXL2gjcww%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ae0c517e84156b1-OSL

GET cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5.15.4/webfonts/fa-solid-900.woff2

104.18.187.31

200 OK

78 kB

URL GET HTTP/3
cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5.15.4/webfonts/fa-solid-900.woff2
IP
104.18.187.31:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Certificate
IssuerSectigo Limited
Subject*.jsdelivr.net
Fingerprint74:7A:63:DF:06:27:1E:52:8C:E8:0D:AD:1F:89:98:B5:EB:2D:49:EE
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 78268, version 331.-31196
Size
78 kB (78268 bytes)
Hash
d824df7eb2e268626a2dd9a6a741ac4e
0ccb2c814a7e4ca12c4778821633809cb0361eaa
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

HTTP Headers

GET /npm/@fortawesome/fontawesome-free@5.15.4/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.combolist.xyz
DNT: 1
Connection: keep-alive
Referer: https://cdn.jsdelivr.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Aug 2024 18:56:52 GMT
content-type: font/woff2
content-length: 78268
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 5.15.4
x-jsd-version-type: version
etag: W/"131bc-DMssgUp+TKEsR3iCFjOAnLA2Hqo"
x-served-by: cache-fra-eddf8230076-FRA, cache-lga21978-LGA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 4519901
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gxJN4IWAXqf2mIWXDX8ANbV68%2FVryqNWSFUProMEr7GDsFZFpMJItGoMFxweOru6kp%2FGSgNlbxQreGmouDjiaCV%2F8nwKsl0RFgw%2FjsA6cKUMgEJr1kGdec7cOmZc8cfWlI0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ae0c517f86756b1-OSL

GET zovidree.com/tag.min.js

172.67.166.14

200 OK

41 kB

URL GET HTTP/2
zovidree.com/tag.min.js
IP
172.67.166.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Certificate
IssuerGoogle Trust Services
Subjectzovidree.com
Fingerprint45:24:2D:07:95:76:0C:DF:5F:2C:F8:CE:DD:AB:34:16:45:33:01:D4
ValidityThu, 20 Jun 2024 17:13:30 GMT - Wed, 18 Sep 2024 17:13:29 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
41 kB (41157 bytes)
Hash
994861198c811af4945b1c3701c31325
93e0e046700a67a4054f058b8fd30a909c9c30f5
48d501a6f9869263af42476eb3211f64b5d981f7da9b0643f485dc0acafda4cd

HTTP Headers

GET /tag.min.js HTTP/1.1
Host: zovidree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.combolist.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 04 Aug 2024 18:56:52 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: a169eaedd1a4e5a1abb1ad6393b42f0b
cache-control: max-age=86400
last-modified: Sun, 04 Aug 2024 16:37:23 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
expires: Mon, 05 Aug 2024 17:19:06 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 5866
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4RAMJ0%2Fml7lZVanmMz1D%2FDQfnn3lOSRFP5lezSikUzF5MT7xs1uEyqnHDZ%2F4VPnwgnLw%2B8zIV2UTn3waod%2Bb5zDe1VqurCC%2F%2FNBoVU0xkkMt7XluNQwXuc9xgNpw9vI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ae0c517f8845699-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
996b036d63a7652e2eb4b8a954e5f282
7ab9bf0acfd65fb9d670ef755dd41d4afb61df87
aeac2a1d1952f62b85d59b0056f9976c40b7c543930ed9fffa466e6a9d7cf595

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Aug 2024 18:56:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
996b036d63a7652e2eb4b8a954e5f282
7ab9bf0acfd65fb9d670ef755dd41d4afb61df87
aeac2a1d1952f62b85d59b0056f9976c40b7c543930ed9fffa466e6a9d7cf595

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Aug 2024 18:56:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET fonts.gstatic.com/s/notosansolditalic/v17/TuGOUUFzXI5FBtUq5a8bh68BJxxEVam7tVlWfxk.woff2

142.250.74.131

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/notosansolditalic/v17/TuGOUUFzXI5FBtUq5a8bh68BJxxEVam7tVlWfxk.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintF2:15:54:4E:F3:58:7F:5A:14:9D:F2:45:37:0E:B1:A6:48:C6:2B:14
ValidityTue, 30 Jul 2024 12:49:30 GMT - Tue, 22 Oct 2024 12:49:29 GMT

File type
Web Open Font Format (Version 2), TrueType, length 14916, version 1.0
Size
15 kB (14916 bytes)
Hash
f64ec88c60bf83cfc6ca438c71d5fbdf
1a4c49c5486b7f9146070dd81df66f76640df55e
a8cd0313509b6e7c3262b476d77b13bd421c9108093132dd8b72c1f0b56afc1c

HTTP Headers

GET /s/notosansolditalic/v17/TuGOUUFzXI5FBtUq5a8bh68BJxxEVam7tVlWfxk.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.combolist.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14916
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Aug 2024 07:34:54 GMT
expires: Sun, 03 Aug 2025 07:34:54 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 29 Jul 2024 22:49:46 GMT
content-type: font/woff2
age: 127318
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
996b036d63a7652e2eb4b8a954e5f282
7ab9bf0acfd65fb9d670ef755dd41d4afb61df87
aeac2a1d1952f62b85d59b0056f9976c40b7c543930ed9fffa466e6a9d7cf595

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Aug 2024 18:56:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2

142.250.74.131

200 OK

39 kB

URL GET HTTP/2
fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintF2:15:54:4E:F3:58:7F:5A:14:9D:F2:45:37:0E:B1:A6:48:C6:2B:14
ValidityTue, 30 Jul 2024 12:49:30 GMT - Tue, 22 Oct 2024 12:49:29 GMT

File type
Web Open Font Format (Version 2), TrueType, length 39124, version 1.0
Size
39 kB (39124 bytes)
Hash
86b73ab5f530be7984b704414f2a711d
8e297794ed7b6f5ea476d14b5270df12e8f3e42a
1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f

HTTP Headers

GET /s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.combolist.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 39124
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Aug 2024 02:58:52 GMT
expires: Sun, 03 Aug 2025 02:58:52 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Sep 2023 00:02:20 GMT
content-type: font/woff2
age: 143880
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2

142.250.74.131

200 OK

34 kB

URL GET HTTP/2
fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintF2:15:54:4E:F3:58:7F:5A:14:9D:F2:45:37:0E:B1:A6:48:C6:2B:14
ValidityTue, 30 Jul 2024 12:49:30 GMT - Tue, 22 Oct 2024 12:49:29 GMT

File type
Web Open Font Format (Version 2), TrueType, length 34328, version 1.0
Size
34 kB (34328 bytes)
Hash
6581ab53c220b5828e37162349375431
1922912ca5ab6eb5a55db138b183b38d066e85c8
a8e429611131e3fdc2018ec943a36100dbabb4aaa788c8dead6bdcf927917293

HTTP Headers

GET /s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.combolist.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 34328
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Aug 2024 01:04:01 GMT
expires: Fri, 01 Aug 2025 01:04:01 GMT
cache-control: public, max-age=31536000
age: 323571
last-modified: Tue, 24 Oct 2023 01:54:50 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET www.combolist.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

172.67.196.90

200 OK

40 kB

URL GET HTTP/3
www.combolist.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP
172.67.196.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Certificate
IssuerGoogle Trust Services
Subjectcombolist.xyz
FingerprintFB:F5:31:3B:55:BD:EE:68:FE:C6:72:0F:55:CD:FA:60:0C:7E:B1:34
ValidityMon, 22 Jul 2024 10:34:14 GMT - Sun, 20 Oct 2024 10:34:13 GMT

File type
gzip compressed data, from Unix
Size
40 kB (39779 bytes)
Hash
3a81b939bab5f33d7fd497503f1291b8
165912bf12ad92cf58ac80f7073f5c483c2059fc
996599d6ce51f3eb70ea691173abd16d4a5962a1fda38ed4a82ee2750d22bbb1

HTTP Headers

GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: www.combolist.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Cookie: visitor=eyJpdiI6ImxENDhuMXdmbG1XYk1CVDZnTDdzOUE9PSIsInZhbHVlIjoiOTl5bVNaRG1hNVV4aEVOa1ZHelN5L2JhWU0xZmVVamwvbGN5aUg5OTFRQ3hnYzhRZDRwTjdna04wT3F6allIMyIsIm1hYyI6IjY2OThmMjEwMzYzNTE4MTRhMDJiZTdiMmZiMzEzMmRiZDA3MGExMjY2Y2ZiMWU3MzM3N2RiOGJkNGVkY2Q3ZmMiLCJ0YWciOiIifQ%3D%3D; XSRF-TOKEN=eyJpdiI6IldhS2gvc2h4ZWtMaEJERGxjUHhQREE9PSIsInZhbHVlIjoieUE2MjgrOGJmQnJNajN1VnBJbjUvM3FhaGduNTEwKy9xQUZnQkVyVWEwazFOeVhXM294MURlNWdTdU9EN1M0WXFEMmhWemsrSTd3c0IvRk9VWXlmM3hwUW1mRkFrZ3JwdWdHVGZoZy9PWW1xTVVVa3g4L1MyalZERDQzNFFoNE4iLCJtYWMiOiIwNDA5MGExZmJhMWFiMGEwMjgyOTc2MGYxMTJmYTYzZDVlMDliY2FjNzM3MWEzM2IzZTcyODkwNGM0ZmVmMTJiIiwidGFnIjoiIn0%3D; combo_list_hq_session=eyJpdiI6InlRdG9ORlptYVhPQk84UnYxbHE5OUE9PSIsInZhbHVlIjoiNFpyT3l3a0M5cWhZenYvZVRaZitxSFoxUjFFeTRyeTN2Ym1FU0tCeUp2R1NPV2FoRXBpb3hXR2k0OVNSVXFScHpza0RlQkFSNTkyV0dEU2VXTzlzbXdkck95VTRUT1puc0xxMjkrOVJKOUFOVTArQkxLQ0UxeVZNR29manA4V3kiLCJtYWMiOiJkOTgzMDBlYjllNzE2MjZkMGYzM2NiNDI2NjQ0ODMzODNlMDMxZTcwNzhhMDc0YzQ5MDU3NmQ1ZWE0MjVlNTFhIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Aug 2024 18:56:52 GMT
content-type: application/javascript
last-modified: Tue, 30 Jul 2024 21:56:14 GMT
etag: W/"66a9617e-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c8K31Cf8Thz23HJJBR%2Fj4wCLtq5L1hit3%2F57%2BmOMuqBt2hS1EWm%2FpT%2BWJtQ9A04eLfhrmBnC1wyj2Sx5lAIlZJHJ4IxoZlX4vLujcxo9WDJWug4oOsjBZ48fzkBvkPj%2BhM%2B%2BJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ae0c515199956ca-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Tue, 06 Aug 2024 18:56:52 GMT
cache-control: max-age=172800, public
content-encoding: gzip

GET fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2

142.250.74.131

200 OK

39 kB

URL GET HTTP/2
fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintF2:15:54:4E:F3:58:7F:5A:14:9D:F2:45:37:0E:B1:A6:48:C6:2B:14
ValidityTue, 30 Jul 2024 12:49:30 GMT - Tue, 22 Oct 2024 12:49:29 GMT

File type
Web Open Font Format (Version 2), TrueType, length 39124, version 1.0
Size
39 kB (39124 bytes)
Hash
86b73ab5f530be7984b704414f2a711d
8e297794ed7b6f5ea476d14b5270df12e8f3e42a
1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f

HTTP Headers

GET /s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.combolist.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 39124
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Aug 2024 02:58:52 GMT
expires: Sun, 03 Aug 2025 02:58:52 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Sep 2023 00:02:20 GMT
content-type: font/woff2
age: 143880
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET www.googletagmanager.com/gtag/js?id=G-LGP09V2C4S

142.250.74.168

200 OK

104 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-LGP09V2C4S
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint27:BF:6E:8E:D6:51:1C:C5:B2:CF:E2:E9:0F:87:D0:F3:33:23:E7:37
ValidityTue, 30 Jul 2024 12:32:47 GMT - Tue, 22 Oct 2024 12:32:46 GMT

File type
JavaScript source, ASCII text, with very long lines (5945)
Size
104 kB (103784 bytes)
Hash
4de1a73018ffe04aba02334e1b5ba007
74bd81bf9af69ef7b13abf7242ba6bcc6b99d2af
d8b8b80c6bab64f7f2c5df7e353b774a6a57998aa7c383fc253b0405a3bfbe3f

HTTP Headers

GET /gtag/js?id=G-LGP09V2C4S HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.combolist.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 04 Aug 2024 18:56:52 GMT
expires: Sun, 04 Aug 2024 18:56:52 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 103784
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
996b036d63a7652e2eb4b8a954e5f282
7ab9bf0acfd65fb9d670ef755dd41d4afb61df87
aeac2a1d1952f62b85d59b0056f9976c40b7c543930ed9fffa466e6a9d7cf595

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Aug 2024 18:56:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2

142.250.74.131

200 OK

39 kB

URL GET HTTP/2
fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintF2:15:54:4E:F3:58:7F:5A:14:9D:F2:45:37:0E:B1:A6:48:C6:2B:14
ValidityTue, 30 Jul 2024 12:49:30 GMT - Tue, 22 Oct 2024 12:49:29 GMT

File type
Web Open Font Format (Version 2), TrueType, length 39124, version 1.0
Size
39 kB (39124 bytes)
Hash
86b73ab5f530be7984b704414f2a711d
8e297794ed7b6f5ea476d14b5270df12e8f3e42a
1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f

HTTP Headers

GET /s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.combolist.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 39124
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Aug 2024 02:58:52 GMT
expires: Sun, 03 Aug 2025 02:58:52 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Sep 2023 00:02:20 GMT
content-type: font/woff2
age: 143880
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET www.combolist.xyz/assets/css/app.css?v=3.3.0

172.67.196.90

200 OK

7.1 kB

URL GET HTTP/3
www.combolist.xyz/assets/css/app.css?v=3.3.0
IP
172.67.196.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Certificate
IssuerGoogle Trust Services
Subjectcombolist.xyz
FingerprintFB:F5:31:3B:55:BD:EE:68:FE:C6:72:0F:55:CD:FA:60:0C:7E:B1:34
ValidityMon, 22 Jul 2024 10:34:14 GMT - Sun, 20 Oct 2024 10:34:13 GMT

File type
ASCII text
Size
7.1 kB (7057 bytes)
Hash
1fe51a6805f5796f59fae02a44863e23
1df706b40d42e767a2688eec0edd72a1f9253b09
109b065b9cc014b8038bc1459f809d42e00800086db34bbf476969effa46bcb2

HTTP Headers

GET /assets/css/app.css?v=3.3.0 HTTP/1.1
Host: www.combolist.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Cookie: visitor=eyJpdiI6ImxENDhuMXdmbG1XYk1CVDZnTDdzOUE9PSIsInZhbHVlIjoiOTl5bVNaRG1hNVV4aEVOa1ZHelN5L2JhWU0xZmVVamwvbGN5aUg5OTFRQ3hnYzhRZDRwTjdna04wT3F6allIMyIsIm1hYyI6IjY2OThmMjEwMzYzNTE4MTRhMDJiZTdiMmZiMzEzMmRiZDA3MGExMjY2Y2ZiMWU3MzM3N2RiOGJkNGVkY2Q3ZmMiLCJ0YWciOiIifQ%3D%3D; XSRF-TOKEN=eyJpdiI6IldhS2gvc2h4ZWtMaEJERGxjUHhQREE9PSIsInZhbHVlIjoieUE2MjgrOGJmQnJNajN1VnBJbjUvM3FhaGduNTEwKy9xQUZnQkVyVWEwazFOeVhXM294MURlNWdTdU9EN1M0WXFEMmhWemsrSTd3c0IvRk9VWXlmM3hwUW1mRkFrZ3JwdWdHVGZoZy9PWW1xTVVVa3g4L1MyalZERDQzNFFoNE4iLCJtYWMiOiIwNDA5MGExZmJhMWFiMGEwMjgyOTc2MGYxMTJmYTYzZDVlMDliY2FjNzM3MWEzM2IzZTcyODkwNGM0ZmVmMTJiIiwidGFnIjoiIn0%3D; combo_list_hq_session=eyJpdiI6InlRdG9ORlptYVhPQk84UnYxbHE5OUE9PSIsInZhbHVlIjoiNFpyT3l3a0M5cWhZenYvZVRaZitxSFoxUjFFeTRyeTN2Ym1FU0tCeUp2R1NPV2FoRXBpb3hXR2k0OVNSVXFScHpza0RlQkFSNTkyV0dEU2VXTzlzbXdkck95VTRUT1puc0xxMjkrOVJKOUFOVTArQkxLQ0UxeVZNR29manA4V3kiLCJtYWMiOiJkOTgzMDBlYjllNzE2MjZkMGYzM2NiNDI2NjQ0ODMzODNlMDMxZTcwNzhhMDc0YzQ5MDU3NmQ1ZWE0MjVlNTFhIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Aug 2024 18:56:52 GMT
content-type: text/css
cache-control: public, max-age=31536000
expires: Mon, 04 Aug 2025 18:56:52 GMT
last-modified: Thu, 02 Feb 2023 21:22:36 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a6iK5w67lfZjiZFX%2FHS12Ih%2F4FiDmJLUftZvudVuBXMp89WnQLAt1Op7dRJe2xMkDxCtHXH35oLQ7JJ6fEf3xaCjWGf9R%2FX3BdHgh6tqjsZmydah%2B3I3bTUccFc7ADKGYxcQNg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ae0c515096e56ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET pertawee.net/zone?pub=0&zone_id=7001884&is_mobile=false&domain=www.combolist.xyz&var=&ymid=&var_3=&tg=0&sw=3.1.544&drf=

139.45.197.251

200 OK

876 B

URL GET HTTP/2
pertawee.net/zone?pub=0&zone_id=7001884&is_mobile=false&domain=www.combolist.xyz&var=&ymid=&var_3=&tg=0&sw=3.1.544&drf=
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Certificate
IssuerLet's Encrypt
Subjectpertawee.net
Fingerprint0D:D3:16:0E:17:21:36:5A:48:8C:F7:9A:C6:5E:3D:78:EB:97:EC:07
ValiditySat, 03 Aug 2024 04:37:07 GMT - Fri, 01 Nov 2024 04:37:06 GMT

File type
JSON text data
Size
876 B (876 bytes)
Hash
6008cd4bf4f4cbb5aae4e669d3b7cafd
866ccfd708a9f5d5ce2a3a8b8bc360cddf8dbba1
eb35b759e6636a7e83d88ef4cc2e2ba38774cadb49436dedfb77978fe8a463b1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /zone?pub=0&zone_id=7001884&is_mobile=false&domain=www.combolist.xyz&var=&ymid=&var_3=&tg=0&sw=3.1.544&drf= HTTP/1.1
Host: pertawee.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.combolist.xyz/
Origin: https://www.combolist.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Aug 2024 18:56:52 GMT
content-type: application/json; charset=utf-8
content-length: 876
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://www.combolist.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

r11.o.lencr.org/

23.36.76.226

504 B

URL
r11.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
93593f8582312bbc3bfd7dc2f416896b
cf16e090ce72630058c556f983c4326dc98f1bc0
b010e9dc72aef5101be5f7e5a1ac5da3f63a76eca8f04c16e1e99d150b77673d

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "B010E9DC72AEF5101BE5F7E5A1AC5DA3F63A76ECA8F04C16E1E99D150B77673D"
Last-Modified: Sat, 03 Aug 2024 19:06:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6494
Expires: Sun, 04 Aug 2024 20:45:07 GMT
Date: Sun, 04 Aug 2024 18:56:53 GMT
Connection: keep-alive

GET my.rtmark.net/gid.js?userId=0080ae4932304d92e23b55d8e6611d84

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js?userId=0080ae4932304d92e23b55d8e6611d84
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
Fingerprint4B:EF:80:EB:90:B5:8C:01:82:25:B6:92:59:BE:A9:6A:C7:83:75:8E
ValidityFri, 05 Jul 2024 22:30:11 GMT - Thu, 03 Oct 2024 22:30:10 GMT

File type
JSON text data
Size
65 B (65 bytes)
Hash
c0d12f8e7eedf68480e375eb307962dc
17a8070e19759471d95d470d6ff10044971ccdfb
fe4ea7ad0f0759c109781224f86542bd8c6354d15fe7691cf790e5c2932bb15e

HTTP Headers

GET /gid.js?userId=0080ae4932304d92e23b55d8e6611d84 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.combolist.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.combolist.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 04 Aug 2024 18:56:53 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://www.combolist.xyz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=0080ae4932304d92e23b55d8e6611d84; expires=Mon, 04 Aug 2025 18:56:53 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
78be19d93b8add0d8f3c63b67e490038
2ed9c5d656a70a78ced84cd8fedbf0dcceb35bd6
b8a162cbf6a846ccd9bd65a8744c313d48c66700352346c24777bdc1c2358726

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "B8A162CBF6A846CCD9BD65A8744C313D48C66700352346C24777BDC1C2358726"
Last-Modified: Sat, 03 Aug 2024 18:58:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5801
Expires: Sun, 04 Aug 2024 20:33:34 GMT
Date: Sun, 04 Aug 2024 18:56:53 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
78be19d93b8add0d8f3c63b67e490038
2ed9c5d656a70a78ced84cd8fedbf0dcceb35bd6
b8a162cbf6a846ccd9bd65a8744c313d48c66700352346c24777bdc1c2358726

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "B8A162CBF6A846CCD9BD65A8744C313D48C66700352346C24777BDC1C2358726"
Last-Modified: Sat, 03 Aug 2024 18:58:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5801
Expires: Sun, 04 Aug 2024 20:33:34 GMT
Date: Sun, 04 Aug 2024 18:56:53 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
78be19d93b8add0d8f3c63b67e490038
2ed9c5d656a70a78ced84cd8fedbf0dcceb35bd6
b8a162cbf6a846ccd9bd65a8744c313d48c66700352346c24777bdc1c2358726

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "B8A162CBF6A846CCD9BD65A8744C313D48C66700352346C24777BDC1C2358726"
Last-Modified: Sat, 03 Aug 2024 18:58:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5801
Expires: Sun, 04 Aug 2024 20:33:34 GMT
Date: Sun, 04 Aug 2024 18:56:53 GMT
Connection: keep-alive

OPTIONS pertawee.net/custom

139.45.197.251

200 OK

0 B

URL OPTIONS HTTP/2
pertawee.net/custom
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Certificate
IssuerLet's Encrypt
Subjectpertawee.net
Fingerprint0D:D3:16:0E:17:21:36:5A:48:8C:F7:9A:C6:5E:3D:78:EB:97:EC:07
ValiditySat, 03 Aug 2024 04:37:07 GMT - Fri, 01 Nov 2024 04:37:06 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /custom HTTP/1.1
Host: pertawee.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.combolist.xyz/
Origin: https://www.combolist.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Aug 2024 18:56:53 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://www.combolist.xyz
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2

POST pertawee.net/event

139.45.197.251

200 OK

0 B

URL POST HTTP/2
pertawee.net/event
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Certificate
IssuerLet's Encrypt
Subjectpertawee.net
Fingerprint0D:D3:16:0E:17:21:36:5A:48:8C:F7:9A:C6:5E:3D:78:EB:97:EC:07
ValiditySat, 03 Aug 2024 04:37:07 GMT - Fri, 01 Nov 2024 04:37:06 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /event HTTP/1.1
Host: pertawee.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.combolist.xyz/
Origin: https://www.combolist.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Aug 2024 18:56:53 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://www.combolist.xyz
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2

r11.o.lencr.org/

23.36.76.226

504 B

URL
r11.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
3c7726c06842ba28482d31992d1fef3f
3be3471d3250a8e768086d3a9b35a975a454ba59
8297d322cae43a12dc1686a6770a3b900e3d73bdf3e968d38dc957f739720969

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "8297D322CAE43A12DC1686A6770A3B900E3D73BDF3E968D38DC957F739720969"
Last-Modified: Sun, 04 Aug 2024 16:37:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16854
Expires: Sun, 04 Aug 2024 23:37:47 GMT
Date: Sun, 04 Aug 2024 18:56:53 GMT
Connection: keep-alive

e6.o.lencr.org/

23.36.77.32

344 B

URL
e6.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
d2d20af29a5573526ed69567629dac36
5272862f9014eb2b1ba0fc0ba009a943615af514
98ade2f840f0ceb86e885e18b7c999def3a4d7423406fb17c9182195904b0e00

HTTP Headers

POST / HTTP/1.1
Host: e6.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "98ADE2F840F0CEB86E885E18B7C999DEF3A4D7423406FB17C9182195904B0E00"
Last-Modified: Sat, 03 Aug 2024 19:50:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5652
Expires: Sun, 04 Aug 2024 20:31:05 GMT
Date: Sun, 04 Aug 2024 18:56:53 GMT
Connection: keep-alive

e6.o.lencr.org/

23.36.77.32

344 B

URL
e6.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
d2d20af29a5573526ed69567629dac36
5272862f9014eb2b1ba0fc0ba009a943615af514
98ade2f840f0ceb86e885e18b7c999def3a4d7423406fb17c9182195904b0e00

HTTP Headers

POST / HTTP/1.1
Host: e6.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "98ADE2F840F0CEB86E885E18B7C999DEF3A4D7423406FB17C9182195904B0E00"
Last-Modified: Sat, 03 Aug 2024 19:50:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5652
Expires: Sun, 04 Aug 2024 20:31:05 GMT
Date: Sun, 04 Aug 2024 18:56:53 GMT
Connection: keep-alive

OPTIONS pertawee.net/custom

139.45.197.251

200 OK

39 B

URL OPTIONS HTTP/2
pertawee.net/custom
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Certificate
IssuerLet's Encrypt
Subjectpertawee.net
Fingerprint0D:D3:16:0E:17:21:36:5A:48:8C:F7:9A:C6:5E:3D:78:EB:97:EC:07
ValiditySat, 03 Aug 2024 04:37:07 GMT - Fri, 01 Nov 2024 04:37:06 GMT

File type
JSON text data
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /custom HTTP/1.1
Host: pertawee.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.combolist.xyz/
Content-Type: application/json
Content-Length: 407
Origin: https://www.combolist.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Aug 2024 18:56:53 GMT
content-type: application/json; charset=utf-8
content-length: 39
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://www.combolist.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

POST pertawee.net/event

139.45.197.251

200 OK

81 B

URL POST HTTP/2
pertawee.net/event
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Certificate
IssuerLet's Encrypt
Subjectpertawee.net
Fingerprint0D:D3:16:0E:17:21:36:5A:48:8C:F7:9A:C6:5E:3D:78:EB:97:EC:07
ValiditySat, 03 Aug 2024 04:37:07 GMT - Fri, 01 Nov 2024 04:37:06 GMT

File type
JSON text data
Size
81 B (81 bytes)
Hash
11f133afeaec126586d88270230c6425
1f02a770f17f7485697e0b02073f06852ae9dac1
dbd5ee6c473bd294054183cce0b17191f8030c8c2ca1b551d80797bf53e5d3b9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /event HTTP/1.1
Host: pertawee.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.combolist.xyz/
Content-Type: application/json
Content-Length: 484
Origin: https://www.combolist.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Aug 2024 18:56:53 GMT
content-type: application/json; charset=utf-8
content-length: 81
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://www.combolist.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

POST pertawee.net/event

139.45.197.251

200 OK

0 B

URL POST HTTP/2
pertawee.net/event
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Certificate
IssuerLet's Encrypt
Subjectpertawee.net
Fingerprint0D:D3:16:0E:17:21:36:5A:48:8C:F7:9A:C6:5E:3D:78:EB:97:EC:07
ValiditySat, 03 Aug 2024 04:37:07 GMT - Fri, 01 Nov 2024 04:37:06 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /event HTTP/1.1
Host: pertawee.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-oaid
Referer: https://www.combolist.xyz/
Origin: https://www.combolist.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Aug 2024 18:56:53 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://www.combolist.xyz
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2

GET www.combolist.xyz/sw.js

172.67.196.90

404 Not Found

2.2 kB

URL GET HTTP/3
www.combolist.xyz/sw.js
IP
172.67.196.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Certificate
IssuerGoogle Trust Services
Subjectcombolist.xyz
FingerprintFB:F5:31:3B:55:BD:EE:68:FE:C6:72:0F:55:CD:FA:60:0C:7E:B1:34
ValidityMon, 22 Jul 2024 10:34:14 GMT - Sun, 20 Oct 2024 10:34:13 GMT

File type
HTML document, ASCII text
Size
2.2 kB (2234 bytes)
Hash
64334b9517f45518da3b0c5c05779313
dd5b4bb31a5a6dae2c15501d35a3d570af4f7eb0
1ae9e60900df9e02c7eb70bccd0a17b11b649c9a508ffed806bfdd04078f3f1b

HTTP Headers

GET /sw.js HTTP/1.1
Host: www.combolist.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
DNT: 1
Connection: keep-alive
Cookie: visitor=eyJpdiI6ImxENDhuMXdmbG1XYk1CVDZnTDdzOUE9PSIsInZhbHVlIjoiOTl5bVNaRG1hNVV4aEVOa1ZHelN5L2JhWU0xZmVVamwvbGN5aUg5OTFRQ3hnYzhRZDRwTjdna04wT3F6allIMyIsIm1hYyI6IjY2OThmMjEwMzYzNTE4MTRhMDJiZTdiMmZiMzEzMmRiZDA3MGExMjY2Y2ZiMWU3MzM3N2RiOGJkNGVkY2Q3ZmMiLCJ0YWciOiIifQ%3D%3D; XSRF-TOKEN=eyJpdiI6IldhS2gvc2h4ZWtMaEJERGxjUHhQREE9PSIsInZhbHVlIjoieUE2MjgrOGJmQnJNajN1VnBJbjUvM3FhaGduNTEwKy9xQUZnQkVyVWEwazFOeVhXM294MURlNWdTdU9EN1M0WXFEMmhWemsrSTd3c0IvRk9VWXlmM3hwUW1mRkFrZ3JwdWdHVGZoZy9PWW1xTVVVa3g4L1MyalZERDQzNFFoNE4iLCJtYWMiOiIwNDA5MGExZmJhMWFiMGEwMjgyOTc2MGYxMTJmYTYzZDVlMDliY2FjNzM3MWEzM2IzZTcyODkwNGM0ZmVmMTJiIiwidGFnIjoiIn0%3D; combo_list_hq_session=eyJpdiI6InlRdG9ORlptYVhPQk84UnYxbHE5OUE9PSIsInZhbHVlIjoiNFpyT3l3a0M5cWhZenYvZVRaZitxSFoxUjFFeTRyeTN2Ym1FU0tCeUp2R1NPV2FoRXBpb3hXR2k0OVNSVXFScHpza0RlQkFSNTkyV0dEU2VXTzlzbXdkck95VTRUT1puc0xxMjkrOVJKOUFOVTArQkxLQ0UxeVZNR29manA4V3kiLCJtYWMiOiJkOTgzMDBlYjllNzE2MjZkMGYzM2NiNDI2NjQ0ODMzODNlMDMxZTcwNzhhMDc0YzQ5MDU3NmQ1ZWE0MjVlNTFhIiwidGFnIjoiIn0%3D; ab=1; av=0; _ga_LGP09V2C4S=GS1.1.1722797812.1.0.1722797812.0.0.0; _ga=GA1.1.387028790.1722797813; prefetchAd_7296461=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
date: Sun, 04 Aug 2024 18:56:53 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.3.9
cache-control: no-cache, private
vary: Accept-Encoding,User-Agent,User-Agent
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uAyWhTIMJzgczIaYGZjaaYryEueOnTiLy3TeY2Ff%2BJXnX1zk4d0%2BIA6OYlS7KFJlUz%2BqxNYAI7xndnTZU5LHQKdd9oqlOZF56EM66fnVP5EpX%2Bdzev417X9lQSlxGTt4XnA2eQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ae0c51cfd2156ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET my.rtmark.net/gid.js?pub=0&userId=5f0fa08e88cb41b38b036f305ba1c005&zoneId=7001884&checkDuplicate=true&ymid=&var=&source=pusher

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js?pub=0&userId=5f0fa08e88cb41b38b036f305ba1c005&zoneId=7001884&checkDuplicate=true&ymid=&var=&source=pusher
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
Fingerprint4B:EF:80:EB:90:B5:8C:01:82:25:B6:92:59:BE:A9:6A:C7:83:75:8E
ValidityFri, 05 Jul 2024 22:30:11 GMT - Thu, 03 Oct 2024 22:30:10 GMT

File type
JSON text data
Size
65 B (65 bytes)
Hash
c0d12f8e7eedf68480e375eb307962dc
17a8070e19759471d95d470d6ff10044971ccdfb
fe4ea7ad0f0759c109781224f86542bd8c6354d15fe7691cf790e5c2932bb15e

HTTP Headers

GET /gid.js?pub=0&userId=5f0fa08e88cb41b38b036f305ba1c005&zoneId=7001884&checkDuplicate=true&ymid=&var=&source=pusher HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.combolist.xyz/
Origin: https://www.combolist.xyz
DNT: 1
Connection: keep-alive
Cookie: ID=0080ae4932304d92e23b55d8e6611d84
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Aug 2024 18:56:53 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://www.combolist.xyz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=0080ae4932304d92e23b55d8e6611d84; expires=Mon, 04 Aug 2025 18:56:53 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

GET zusteemtoohy.net/5/7296461/?oo=1&js_build=iclick-v1.874.20-auto

139.45.197.243

200 OK

166 kB

URL GET HTTP/2
zusteemtoohy.net/5/7296461/?oo=1&js_build=iclick-v1.874.20-auto
IP
139.45.197.243:443
ASN
#9002 RETN Limited

Requested by
https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Certificate
IssuerLet's Encrypt
Subjectzusteemtoohy.net
Fingerprint6A:DB:AE:85:1C:05:D9:78:D6:3A:ED:17:50:55:EF:32:BB:6D:AE:8A
ValiditySun, 04 Aug 2024 14:11:11 GMT - Sat, 02 Nov 2024 14:11:10 GMT

File type
gzip compressed data, max speed, from Unix
Size
166 kB (165526 bytes)
Hash
a0a24ec0129caa334f36b32afc48b8cd
0e1051c58ce7b175b9017620bf9cd9b4a41b94da
cd05e3371e7bac4cf927a26ce17d86449fbae0047e89d47557c3dfd061ec0c12

HTTP Headers

GET /5/7296461/?oo=1&js_build=iclick-v1.874.20-auto HTTP/1.1
Host: zusteemtoohy.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.combolist.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.combolist.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 04 Aug 2024 18:56:52 GMT
content-type: application/json
x-trace-id: 99803078e4853201d7b6785c8dd55777
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://www.combolist.xyz
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=0080ae4932304d92e23b55d8e6611d84; expires=Mon, 04 Aug 2025 18:56:52 GMT; path=/; secure; SameSite=None
oaidts=1722797812; expires=Mon, 04 Aug 2025 18:56:52 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

POST pertawee.net/event

139.45.197.251

200 OK

0 B

URL POST HTTP/2
pertawee.net/event
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Certificate
IssuerLet's Encrypt
Subjectpertawee.net
Fingerprint0D:D3:16:0E:17:21:36:5A:48:8C:F7:9A:C6:5E:3D:78:EB:97:EC:07
ValiditySat, 03 Aug 2024 04:37:07 GMT - Fri, 01 Nov 2024 04:37:06 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /event HTTP/1.1
Host: pertawee.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.combolist.xyz/
Origin: https://www.combolist.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Aug 2024 18:56:53 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://www.combolist.xyz
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2

POST pertawee.net/event

139.45.197.251

200 OK

81 B

URL POST HTTP/2
pertawee.net/event
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Certificate
IssuerLet's Encrypt
Subjectpertawee.net
Fingerprint0D:D3:16:0E:17:21:36:5A:48:8C:F7:9A:C6:5E:3D:78:EB:97:EC:07
ValiditySat, 03 Aug 2024 04:37:07 GMT - Fri, 01 Nov 2024 04:37:06 GMT

File type
JSON text data
Size
81 B (81 bytes)
Hash
3e0056e2b85caa78162fa15c5e781d7c
b33e40627eb10a7fe9d79b273d0eca4773a4a99c
41aaea420bcdab222549e6fdff0e175ebef796ee85f6b56eaaa6591b90e66902

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /event HTTP/1.1
Host: pertawee.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.combolist.xyz/
Content-Type: application/json
Content-Length: 484
Origin: https://www.combolist.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Aug 2024 18:56:53 GMT
content-type: application/json; charset=utf-8
content-length: 81
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://www.combolist.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

OPTIONS auchoahy.net/event

139.45.197.226

200 OK

0 B

URL OPTIONS HTTP/2
auchoahy.net/event
IP
139.45.197.226:443
ASN
#9002 RETN Limited

Requested by
https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Certificate
IssuerLet's Encrypt
Subjectauchoahy.net
Fingerprint3A:DE:56:77:2E:4A:67:9D:EB:BA:DD:AD:1D:1D:00:38:3D:CC:CE:3B
ValidityWed, 24 Jul 2024 08:39:43 GMT - Tue, 22 Oct 2024 08:39:42 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /event HTTP/1.1
Host: auchoahy.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.combolist.xyz/
Origin: https://www.combolist.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 04 Aug 2024 18:56:53 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://www.combolist.xyz
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2

OPTIONS pertawee.net/custom

139.45.197.251

200 OK

0 B

URL OPTIONS HTTP/2
pertawee.net/custom
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Certificate
IssuerLet's Encrypt
Subjectpertawee.net
Fingerprint0D:D3:16:0E:17:21:36:5A:48:8C:F7:9A:C6:5E:3D:78:EB:97:EC:07
ValiditySat, 03 Aug 2024 04:37:07 GMT - Fri, 01 Nov 2024 04:37:06 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /custom HTTP/1.1
Host: pertawee.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.combolist.xyz/
Origin: https://www.combolist.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Aug 2024 18:56:54 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://www.combolist.xyz
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2

GET pertawee.net/3bT/27mJf/defaultSkin.min.js

139.45.197.251

200 OK

20 kB

URL GET HTTP/2
pertawee.net/3bT/27mJf/defaultSkin.min.js
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Certificate
IssuerLet's Encrypt
Subjectpertawee.net
Fingerprint0D:D3:16:0E:17:21:36:5A:48:8C:F7:9A:C6:5E:3D:78:EB:97:EC:07
ValiditySat, 03 Aug 2024 04:37:07 GMT - Fri, 01 Nov 2024 04:37:06 GMT

File type
gzip compressed data, max speed, from Unix
Size
20 kB (19473 bytes)
Hash
63b48687affdc0a97de297d9f9142cd5
43221aa8ee22fb98dba312e62386f09045718db8
81f2fad578f4214b928947b2fb1febbfbf1c5d7b107d79bd7821a94ffbb751dd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /3bT/27mJf/defaultSkin.min.js HTTP/1.1
Host: pertawee.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.combolist.xyz/
Origin: https://www.combolist.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Aug 2024 18:56:53 GMT
content-type: application/javascript
last-modified: Thu, 01 Aug 2024 09:03:15 GMT
etag: W/"66ab4f53-df7c"
access-control-allow-origin: https://www.combolist.xyz
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
bae077de011689b2e928d4b4d9fcbcf6
bb075ba618d72f601e59c4128d1c176037f09842
ea038ce55630202a878eaef812665eb96da4363a977986dc3097ce5cc8772abc

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Aug 2024 18:56:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

OPTIONS pertawee.net/custom

139.45.197.251

200 OK

39 B

URL OPTIONS HTTP/2
pertawee.net/custom
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Certificate
IssuerLet's Encrypt
Subjectpertawee.net
Fingerprint0D:D3:16:0E:17:21:36:5A:48:8C:F7:9A:C6:5E:3D:78:EB:97:EC:07
ValiditySat, 03 Aug 2024 04:37:07 GMT - Fri, 01 Nov 2024 04:37:06 GMT

File type
JSON text data
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /custom HTTP/1.1
Host: pertawee.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.combolist.xyz/
Content-Type: application/json
Content-Length: 404
Origin: https://www.combolist.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Aug 2024 18:56:54 GMT
content-type: application/json; charset=utf-8
content-length: 39
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://www.combolist.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
bae077de011689b2e928d4b4d9fcbcf6
bb075ba618d72f601e59c4128d1c176037f09842
ea038ce55630202a878eaef812665eb96da4363a977986dc3097ce5cc8772abc

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Aug 2024 18:56:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/recaptcha__en.js

142.250.74.35

200 OK

215 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/recaptcha__en.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintF2:15:54:4E:F3:58:7F:5A:14:9D:F2:45:37:0E:B1:A6:48:C6:2B:14
ValidityTue, 30 Jul 2024 12:49:30 GMT - Tue, 22 Oct 2024 12:49:29 GMT

File type
JavaScript source, ASCII text, with very long lines (644)
Size
215 kB (214556 bytes)
Hash
1d96c92a257d170cba9e96057042088e
70c323e5d1fc37d0839b3643c0b3825b1fc554f1
e96a5e1e04ee3d7ffd8118f853ec2c0bcbf73b571cfa1c710238557baf5dd896

HTTP Headers

GET /recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.combolist.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.combolist.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 214556
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Aug 2024 02:55:42 GMT
expires: Sun, 03 Aug 2025 02:55:42 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 29 Jul 2024 04:00:39 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 144072
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit

142.250.74.131

200 OK

62 kB

URL GET HTTP/2
www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Certificate
IssuerGoogle Trust Services
Subjectmisc.google.com
FingerprintDE:B9:5F:A8:57:4B:D7:3A:B5:16:6C:09:17:B0:22:E3:89:54:AA:AB
ValidityTue, 30 Jul 2024 12:35:39 GMT - Tue, 22 Oct 2024 12:35:38 GMT

File type
gzip compressed data
Size
62 kB (61979 bytes)
Hash
c056b5bd2d014a2250ad2e82a7baab28
d0e4c1d35ae693e8857bdc046e02c092d8d89b7a
23191450339fed66d5c7dc23a6ff9a02f80d1ee1e3b7b888b03e84056565120f

HTTP Headers

GET /recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit HTTP/1.1
Host: www.recaptcha.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.combolist.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Sun, 04 Aug 2024 18:56:54 GMT
date: Sun, 04 Aug 2024 18:56:54 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET cdn.jsdelivr.net/gh/Arlina-Design/quasar@master/arlinablock.js

104.18.187.31

200 OK

61 kB

URL GET HTTP/3
cdn.jsdelivr.net/gh/Arlina-Design/quasar@master/arlinablock.js
IP
104.18.187.31:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Certificate
IssuerSectigo Limited
Subject*.jsdelivr.net
Fingerprint74:7A:63:DF:06:27:1E:52:8C:E8:0D:AD:1F:89:98:B5:EB:2D:49:EE
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
61 kB (61382 bytes)
Hash
2b77703699738a0afe4785cb1b853a75
27b1ae11bc11f614ed04ed5221ca3203775d1f0f
7479748bad5793b25b90b43aec31d698a6dc56b094c4b5d26ac884bce952931c

HTTP Headers

GET /gh/Arlina-Design/quasar@master/arlinablock.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.combolist.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Aug 2024 18:56:54 GMT
content-type: application/javascript; charset=utf-8
content-length: 61382
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: master
x-jsd-version-type: branch
etag: W/"162b7-J7GuEbwR9hTtBO1SIcoyA3ddHw8"
content-encoding: br
x-served-by: cache-fra-etou8220062-FRA, cache-lga21970-LGA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 39729
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BQ0lUv9INwesBJGeabujveL7JV%2BJnv3r1W9KwFnd7oeYCGOt0NEBHjApNHPVZyaeMBXfzyr6FboGSZ897um0GZ4dEGwnIImJBse%2FLvJfK8HMElCxmh1TbSGrWjYYT3LPbjE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ae0c526ce3256b1-OSL

OPTIONS pertawee.net/custom

139.45.197.251

200 OK

0 B

URL OPTIONS HTTP/2
pertawee.net/custom
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Certificate
IssuerLet's Encrypt
Subjectpertawee.net
Fingerprint0D:D3:16:0E:17:21:36:5A:48:8C:F7:9A:C6:5E:3D:78:EB:97:EC:07
ValiditySat, 03 Aug 2024 04:37:07 GMT - Fri, 01 Nov 2024 04:37:06 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /custom HTTP/1.1
Host: pertawee.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.combolist.xyz/
Origin: https://www.combolist.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Aug 2024 18:56:54 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://www.combolist.xyz
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2

OPTIONS pertawee.net/custom

139.45.197.251

200 OK

39 B

URL OPTIONS HTTP/2
pertawee.net/custom
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Certificate
IssuerLet's Encrypt
Subjectpertawee.net
Fingerprint0D:D3:16:0E:17:21:36:5A:48:8C:F7:9A:C6:5E:3D:78:EB:97:EC:07
ValiditySat, 03 Aug 2024 04:37:07 GMT - Fri, 01 Nov 2024 04:37:06 GMT

File type
JSON text data
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /custom HTTP/1.1
Host: pertawee.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.combolist.xyz/
Content-Type: application/json
Content-Length: 764
Origin: https://www.combolist.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Aug 2024 18:56:54 GMT
content-type: application/json; charset=utf-8
content-length: 39
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://www.combolist.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

GET idaiwomseex.com/?rb=gIXzmeb10EML9I2gPE5TX9ZFavxm0q-SAUh9bd1B3olJYk7Y1fjyoXqBRCFC6oShJMJM9i_p5yKTX7jBZaWlT90bUNuhNAdulaFCz2sd3XN_b3e0z0i7bV-R_7JvbZtfDCy6wli34Aq2_OUyCDdPGKTontkI9ScuiPNnDxqDC-0BzwUgehlGMx0q9qjpEijcF0tWBNqwjqdRjMVCOw1Nzo9oFllQHapKHDTbB4Omjv2fKRWpFQ7q_2_Ms4hRlM542uoa16ul6Gu9j1kp&request_ab2=0&zoneid=7296461&js_build=iclick-v1.874.20-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=0&pl=https%3A%2F%2Fwww.combolist.xyz%2F14m-netherlands-combo-list-fresh-294&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.874.20-auto&navlng=en-US&pnt=0&pnrc=0&bs=1127f815-cb6d-41b9-bff4-6c928f9f67e8&wasm=1&userId=0080ae4932304d92e23b55d8e6611d84&m=link

139.45.197.244

200 OK

193 kB

URL GET HTTP/2
idaiwomseex.com/?rb=gIXzmeb10EML9I2gPE5TX9ZFavxm0q-SAUh9bd1B3olJYk7Y1fjyoXqBRCFC6oShJMJM9i_p5yKTX7jBZaWlT90bUNuhNAdulaFCz2sd3XN_b3e0z0i7bV-R_7JvbZtfDCy6wli34Aq2_OUyCDdPGKTontkI9ScuiPNnDxqDC-0BzwUgehlGMx0q9qjpEijcF0tWBNqwjqdRjMVCOw1Nzo9oFllQHapKHDTbB4Omjv2fKRWpFQ7q_2_Ms4hRlM542uoa16ul6Gu9j1kp&request_ab2=0&zoneid=7296461&js_build=iclick-v1.874.20-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=0&pl=https%3A%2F%2Fwww.combolist.xyz%2F14m-netherlands-combo-list-fresh-294&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.874.20-auto&navlng=en-US&pnt=0&pnrc=0&bs=1127f815-cb6d-41b9-bff4-6c928f9f67e8&wasm=1&userId=0080ae4932304d92e23b55d8e6611d84&m=link
IP
139.45.197.244:443
ASN
#9002 RETN Limited

Requested by
https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Certificate
IssuerLet's Encrypt
Subjectidaiwomseex.com
FingerprintEA:5F:DC:B9:DD:79:23:0E:E9:A1:65:D8:4E:6D:5B:93:30:10:6E:1A
ValiditySun, 04 Aug 2024 15:32:13 GMT - Sat, 02 Nov 2024 15:32:12 GMT

File type
gzip compressed data, max speed, from Unix
Size
193 kB (192682 bytes)
Hash
0b75c30c08e91d1c78721d3c941537bf
9ae5b0c166f59eb02316b4ca1f354b3f415a6aa8
fde2e4998427a07013f127ddf81c2b958711503253f702f9f4c218e845e31ee2

HTTP Headers

GET /?rb=gIXzmeb10EML9I2gPE5TX9ZFavxm0q-SAUh9bd1B3olJYk7Y1fjyoXqBRCFC6oShJMJM9i_p5yKTX7jBZaWlT90bUNuhNAdulaFCz2sd3XN_b3e0z0i7bV-R_7JvbZtfDCy6wli34Aq2_OUyCDdPGKTontkI9ScuiPNnDxqDC-0BzwUgehlGMx0q9qjpEijcF0tWBNqwjqdRjMVCOw1Nzo9oFllQHapKHDTbB4Omjv2fKRWpFQ7q_2_Ms4hRlM542uoa16ul6Gu9j1kp&request_ab2=0&zoneid=7296461&js_build=iclick-v1.874.20-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=0&pl=https%3A%2F%2Fwww.combolist.xyz%2F14m-netherlands-combo-list-fresh-294&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.874.20-auto&navlng=en-US&pnt=0&pnrc=0&bs=1127f815-cb6d-41b9-bff4-6c928f9f67e8&wasm=1&userId=0080ae4932304d92e23b55d8e6611d84&m=link HTTP/1.1
Host: idaiwomseex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.combolist.xyz/
Origin: https://www.combolist.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 04 Aug 2024 18:56:53 GMT
content-type: application/json
x-trace-id: d4146e69370d89a961be5cf26a4d427a
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://www.combolist.xyz
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=0080ae4932304d92e23b55d8e6611d84; expires=Mon, 04 Aug 2025 18:56:53 GMT; path=/; secure; SameSite=None
oaidts=1722797813; expires=Mon, 04 Aug 2025 18:56:53 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sun, 11 Aug 2024 18:56:53 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

POST www.combolist.xyz/article/go

172.67.196.90

200 OK

6.9 kB

URL POST HTTP/3
www.combolist.xyz/article/go
IP
172.67.196.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Certificate
IssuerGoogle Trust Services
Subjectcombolist.xyz
FingerprintFB:F5:31:3B:55:BD:EE:68:FE:C6:72:0F:55:CD:FA:60:0C:7E:B1:34
ValidityMon, 22 Jul 2024 10:34:14 GMT - Sun, 20 Oct 2024 10:34:13 GMT

File type
JSON text data
Size
6.9 kB (6907 bytes)
Hash
d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

HTTP Headers

POST /article/go HTTP/1.1
Host: www.combolist.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 355
Origin: https://www.combolist.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Cookie: visitor=eyJpdiI6ImxENDhuMXdmbG1XYk1CVDZnTDdzOUE9PSIsInZhbHVlIjoiOTl5bVNaRG1hNVV4aEVOa1ZHelN5L2JhWU0xZmVVamwvbGN5aUg5OTFRQ3hnYzhRZDRwTjdna04wT3F6allIMyIsIm1hYyI6IjY2OThmMjEwMzYzNTE4MTRhMDJiZTdiMmZiMzEzMmRiZDA3MGExMjY2Y2ZiMWU3MzM3N2RiOGJkNGVkY2Q3ZmMiLCJ0YWciOiIifQ%3D%3D; XSRF-TOKEN=eyJpdiI6IldhS2gvc2h4ZWtMaEJERGxjUHhQREE9PSIsInZhbHVlIjoieUE2MjgrOGJmQnJNajN1VnBJbjUvM3FhaGduNTEwKy9xQUZnQkVyVWEwazFOeVhXM294MURlNWdTdU9EN1M0WXFEMmhWemsrSTd3c0IvRk9VWXlmM3hwUW1mRkFrZ3JwdWdHVGZoZy9PWW1xTVVVa3g4L1MyalZERDQzNFFoNE4iLCJtYWMiOiIwNDA5MGExZmJhMWFiMGEwMjgyOTc2MGYxMTJmYTYzZDVlMDliY2FjNzM3MWEzM2IzZTcyODkwNGM0ZmVmMTJiIiwidGFnIjoiIn0%3D; combo_list_hq_session=eyJpdiI6InlRdG9ORlptYVhPQk84UnYxbHE5OUE9PSIsInZhbHVlIjoiNFpyT3l3a0M5cWhZenYvZVRaZitxSFoxUjFFeTRyeTN2Ym1FU0tCeUp2R1NPV2FoRXBpb3hXR2k0OVNSVXFScHpza0RlQkFSNTkyV0dEU2VXTzlzbXdkck95VTRUT1puc0xxMjkrOVJKOUFOVTArQkxLQ0UxeVZNR29manA4V3kiLCJtYWMiOiJkOTgzMDBlYjllNzE2MjZkMGYzM2NiNDI2NjQ0ODMzODNlMDMxZTcwNzhhMDc0YzQ5MDU3NmQ1ZWE0MjVlNTFhIiwidGFnIjoiIn0%3D; ab=1; av=0; _ga_LGP09V2C4S=GS1.1.1722797812.1.0.1722797812.0.0.0; _ga=GA1.1.387028790.1722797813; prefetchAd_7296461=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Aug 2024 18:56:55 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.3.9
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6InRyaGYxVkVRbzFoNm5saHg3YjgvWmc9PSIsInZhbHVlIjoiSGpkRUQzdjZXcFlVUFlJV3AxVUovZVVEakpYUnpUTjYvV3o0OFdjSVNZcUQ4OUVkZDd1VFc0OWltZWxKN0xjMXVEVWlkWkRyTWt2S24zd3cwWnIrbkNhaEQ2YWd1MG9uUmY3QnlNdFhJZW04VkRzTVlLY3JLcldYVnF6N2ltenEiLCJtYWMiOiI3MGFiMDJkZWZhZGJkZmY1MGFhYTM2MTNiMDlkMGFmN2NiODVhMTY4ODk0YTU4NmFjYWRjZDZiYmMxYzU5N2U2IiwidGFnIjoiIn0%3D; expires=Sun, 04 Aug 2024 20:56:55 GMT; Max-Age=7200; path=/; samesite=lax; secure
combo_list_hq_session=eyJpdiI6IkhoWGpKb28zSUVHTE5PU1N3WG51bmc9PSIsInZhbHVlIjoib0hwcDhnZ2tGV2VnUDlJamU4ckZHZ09jSURPQU54VVNEZGtoVlZQeU1ZbjdZaFFWRVdveHNtR080d0dlcU1pRFVjd3c0Y0lWcWlqckRDS1ovd0VMc2RNV0toQXJOekRoU3E0TElENVNoVmJNYk5xRmdZRUV5dWZBUE1xb2NNMVYiLCJtYWMiOiI2ODEwZWJjZmViM2Y0M2Y5MWE4NDZhNmY3OWJjOTExYjU3Yzk0MGY4ZjAxZGQ2OGYxYzQ0ZDExYjg2MmRmNGQxIiwidGFnIjoiIn0%3D; expires=Sun, 04 Aug 2024 20:56:55 GMT; Max-Age=7200; path=/; httponly; samesite=lax; secure
vary: Accept-Encoding,User-Agent,User-Agent
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qBsWuJuF56rdK70zl%2BZGtwUWfZWIS7obu7eFpBOOJYackcZbXL%2BBz2Si6gCEJHvxogMthLOHpYfXiEZY92XHiPcRD7hGtAtYnVAsYlrtFAylsmbeXUAnpyt6It%2FAKEYzWavQaw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ae0c528bc6056ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET fonts.googleapis.com/css?family=Nunito:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i%7CRoboto+Slab:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i%7CNoto+Sans+Old+Italic:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i&display=swap

142.250.74.106

200 OK

51 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Nunito:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i%7CRoboto+Slab:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i%7CNoto+Sans+Old+Italic:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintC4:3F:12:39:D2:EC:4C:2C:1C:0A:A6:18:8E:2A:97:2C:D8:C2:7E:AF
ValidityTue, 30 Jul 2024 12:49:45 GMT - Tue, 22 Oct 2024 12:49:44 GMT

File type
ASCII text
Size
51 kB (51353 bytes)
Hash
2d3e580fd5cfa2669b44761c8c698998
b0acf152d53856649f3b44898a52b20dac356ba2
a385b4da58aaf690112f767b61a83779960632c780f858d12ca0630ce3a32a01

HTTP Headers

GET /css?family=Nunito:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i%7CRoboto+Slab:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i%7CNoto+Sans+Old+Italic:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.combolist.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 04 Aug 2024 18:56:52 GMT
date: Sun, 04 Aug 2024 18:56:52 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET pertawee.net/3bT/27mJf/universal.min.js?v=3.1.544

139.45.197.251

200 OK

87 kB

URL GET HTTP/2
pertawee.net/3bT/27mJf/universal.min.js?v=3.1.544
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Certificate
IssuerLet's Encrypt
Subjectpertawee.net
Fingerprint0D:D3:16:0E:17:21:36:5A:48:8C:F7:9A:C6:5E:3D:78:EB:97:EC:07
ValiditySat, 03 Aug 2024 04:37:07 GMT - Fri, 01 Nov 2024 04:37:06 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
87 kB (87190 bytes)
Hash
1787430d434417b2d794558ebb0aee4e
afb3e6b88c5a7c609f87974fb7dc74b2d526f633
d13c2d8b4b1b7fdcb79dcf0886af09764c8320e303a861cff5f03ccbde1f1d82

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /3bT/27mJf/universal.min.js?v=3.1.544 HTTP/1.1
Host: pertawee.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.combolist.xyz/
Origin: https://www.combolist.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 04 Aug 2024 18:56:52 GMT
content-type: application/javascript
last-modified: Thu, 01 Aug 2024 09:03:15 GMT
etag: W/"66ab4f53-15496"
access-control-allow-origin: https://www.combolist.xyz
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

GET www.combolist.xyz/14m-netherlands-combo-list-fresh-294

172.67.196.90

200 OK

33 kB

URL User Request GET HTTP/2
www.combolist.xyz/14m-netherlands-combo-list-fresh-294
IP
172.67.196.90:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectcombolist.xyz
FingerprintFB:F5:31:3B:55:BD:EE:68:FE:C6:72:0F:55:CD:FA:60:0C:7E:B1:34
ValidityMon, 22 Jul 2024 10:34:14 GMT - Sun, 20 Oct 2024 10:34:13 GMT

File type

Size
33 kB (32781 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /14m-netherlands-combo-list-fresh-294 HTTP/1.1
Host: www.combolist.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 04 Aug 2024 18:56:51 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.3.9
set-cookie: visitor=eyJpdiI6ImxENDhuMXdmbG1XYk1CVDZnTDdzOUE9PSIsInZhbHVlIjoiOTl5bVNaRG1hNVV4aEVOa1ZHelN5L2JhWU0xZmVVamwvbGN5aUg5OTFRQ3hnYzhRZDRwTjdna04wT3F6allIMyIsIm1hYyI6IjY2OThmMjEwMzYzNTE4MTRhMDJiZTdiMmZiMzEzMmRiZDA3MGExMjY2Y2ZiMWU3MzM3N2RiOGJkNGVkY2Q3ZmMiLCJ0YWciOiIifQ%3D%3D; path=/; HttpOnly; secure
XSRF-TOKEN=eyJpdiI6IldhS2gvc2h4ZWtMaEJERGxjUHhQREE9PSIsInZhbHVlIjoieUE2MjgrOGJmQnJNajN1VnBJbjUvM3FhaGduNTEwKy9xQUZnQkVyVWEwazFOeVhXM294MURlNWdTdU9EN1M0WXFEMmhWemsrSTd3c0IvRk9VWXlmM3hwUW1mRkFrZ3JwdWdHVGZoZy9PWW1xTVVVa3g4L1MyalZERDQzNFFoNE4iLCJtYWMiOiIwNDA5MGExZmJhMWFiMGEwMjgyOTc2MGYxMTJmYTYzZDVlMDliY2FjNzM3MWEzM2IzZTcyODkwNGM0ZmVmMTJiIiwidGFnIjoiIn0%3D; expires=Sun, 04 Aug 2024 20:56:51 GMT; Max-Age=7200; path=/; samesite=lax; secure
combo_list_hq_session=eyJpdiI6InlRdG9ORlptYVhPQk84UnYxbHE5OUE9PSIsInZhbHVlIjoiNFpyT3l3a0M5cWhZenYvZVRaZitxSFoxUjFFeTRyeTN2Ym1FU0tCeUp2R1NPV2FoRXBpb3hXR2k0OVNSVXFScHpza0RlQkFSNTkyV0dEU2VXTzlzbXdkck95VTRUT1puc0xxMjkrOVJKOUFOVTArQkxLQ0UxeVZNR29manA4V3kiLCJtYWMiOiJkOTgzMDBlYjllNzE2MjZkMGYzM2NiNDI2NjQ0ODMzODNlMDMxZTcwNzhhMDc0YzQ5MDU3NmQ1ZWE0MjVlNTFhIiwidGFnIjoiIn0%3D; expires=Sun, 04 Aug 2024 20:56:51 GMT; Max-Age=7200; path=/; httponly; samesite=lax; secure
cache-control: no-cache, private
x-frame-options: SAMEORIGIN,SAMEORIGIN
vary: Accept-Encoding,User-Agent,User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZoisewRcJ5YAi3wc2hBKEjyLMHS9stC37NQYNEG9QoVgdQUnD6LBz5kCTGrClrkRAoEzsVKT%2BAV5M8j0Bu7bgH7xgsY6Wmq1tk6thkaA6H7RqXsBuHWlWXdFHPNIULrz%2FwKXGg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ae0c5104ddc5687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.combolist.xyz/assets/img/combo%20lis.png

172.67.196.90

200 OK

191 kB

URL GET HTTP/3
www.combolist.xyz/assets/img/combo%20lis.png
IP
172.67.196.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Certificate
IssuerGoogle Trust Services
Subjectcombolist.xyz
FingerprintFB:F5:31:3B:55:BD:EE:68:FE:C6:72:0F:55:CD:FA:60:0C:7E:B1:34
ValidityMon, 22 Jul 2024 10:34:14 GMT - Sun, 20 Oct 2024 10:34:13 GMT

File type
PNG image data, 1090 x 1080, 8-bit/color RGBA, non-interlaced
Size
191 kB (190733 bytes)
Hash
df5cfe458595749e0c9455a689f2879a
625e7825ad5bae8ddc01b84beaf61d37ba214d95
1adae657ef5925cdcb3686803895aa40f257e8273b42326026e0bf03f133cd84

HTTP Headers

GET /assets/img/combo%20lis.png HTTP/1.1
Host: www.combolist.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Cookie: visitor=eyJpdiI6ImxENDhuMXdmbG1XYk1CVDZnTDdzOUE9PSIsInZhbHVlIjoiOTl5bVNaRG1hNVV4aEVOa1ZHelN5L2JhWU0xZmVVamwvbGN5aUg5OTFRQ3hnYzhRZDRwTjdna04wT3F6allIMyIsIm1hYyI6IjY2OThmMjEwMzYzNTE4MTRhMDJiZTdiMmZiMzEzMmRiZDA3MGExMjY2Y2ZiMWU3MzM3N2RiOGJkNGVkY2Q3ZmMiLCJ0YWciOiIifQ%3D%3D; XSRF-TOKEN=eyJpdiI6IldhS2gvc2h4ZWtMaEJERGxjUHhQREE9PSIsInZhbHVlIjoieUE2MjgrOGJmQnJNajN1VnBJbjUvM3FhaGduNTEwKy9xQUZnQkVyVWEwazFOeVhXM294MURlNWdTdU9EN1M0WXFEMmhWemsrSTd3c0IvRk9VWXlmM3hwUW1mRkFrZ3JwdWdHVGZoZy9PWW1xTVVVa3g4L1MyalZERDQzNFFoNE4iLCJtYWMiOiIwNDA5MGExZmJhMWFiMGEwMjgyOTc2MGYxMTJmYTYzZDVlMDliY2FjNzM3MWEzM2IzZTcyODkwNGM0ZmVmMTJiIiwidGFnIjoiIn0%3D; combo_list_hq_session=eyJpdiI6InlRdG9ORlptYVhPQk84UnYxbHE5OUE9PSIsInZhbHVlIjoiNFpyT3l3a0M5cWhZenYvZVRaZitxSFoxUjFFeTRyeTN2Ym1FU0tCeUp2R1NPV2FoRXBpb3hXR2k0OVNSVXFScHpza0RlQkFSNTkyV0dEU2VXTzlzbXdkck95VTRUT1puc0xxMjkrOVJKOUFOVTArQkxLQ0UxeVZNR29manA4V3kiLCJtYWMiOiJkOTgzMDBlYjllNzE2MjZkMGYzM2NiNDI2NjQ0ODMzODNlMDMxZTcwNzhhMDc0YzQ5MDU3NmQ1ZWE0MjVlNTFhIiwidGFnIjoiIn0%3D; ab=1; av=0; _ga_LGP09V2C4S=GS1.1.1722797812.1.0.1722797812.0.0.0; _ga=GA1.1.387028790.1722797813; prefetchAd_7296461=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 04 Aug 2024 18:56:54 GMT
content-type: image/png
content-length: 190733
cache-control: public, max-age=31536000
expires: Mon, 04 Aug 2025 18:56:54 GMT
last-modified: Mon, 18 Dec 2023 19:30:11 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PrKU1ANPAamO19nWvEgRsaV9QdCq9DdmTMI87nAZ64fevKkEHYGMVYYf8tQYGYQNwFmnE6KpWWzL5cCeqp7FMCJ6yjDmVC7VH8lk2q0dRCAPj%2Fzkx8IcFRUxXnr4puPSadi4%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ae0c522fc9656ca-OSL
alt-svc: h3=":443"; ma=86400

GET cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5.15.4/webfonts/fa-regular-400.woff2

104.18.187.31

200 OK

13 kB

URL GET HTTP/3
cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5.15.4/webfonts/fa-regular-400.woff2
IP
104.18.187.31:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Certificate
IssuerSectigo Limited
Subject*.jsdelivr.net
Fingerprint74:7A:63:DF:06:27:1E:52:8C:E8:0D:AD:1F:89:98:B5:EB:2D:49:EE
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 13224, version 331.-31196
Size
13 kB (13224 bytes)
Hash
b91d376b8d7646d671cd820950d5f7f1
13517529affa39e2585c591acae6dc336b6aa917
e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca

HTTP Headers

GET /npm/@fortawesome/fontawesome-free@5.15.4/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.combolist.xyz
DNT: 1
Connection: keep-alive
Referer: https://cdn.jsdelivr.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 04 Aug 2024 18:56:52 GMT
content-type: font/woff2
content-length: 13224
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 5.15.4
x-jsd-version-type: version
etag: W/"33a8-E1F1Ka/6OeJYXFkayubcM2tqqRc"
x-served-by: cache-fra-etou8220128-FRA, cache-lga21952-LGA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 2624185
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vwwb7z5RSIZ3QnS6ix0YBI71BNFIlS3bc7QBe2lTO9tJVgnkfQfpTxFkDE3LlX9e0stasTOFJaUf6LapWL7gxD309WeUEs8NJ7qOLp7dKRTl%2FK2vg5%2BnUmB4irWgfTpdhkg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ae0c51848ea56b1-OSL

GET www.combolist.xyz/uploads/2024/08/1722646117-1712299824-1703221411-combo-lis-1024x615.png

172.67.196.90

200 OK

164 kB

URL GET HTTP/3
www.combolist.xyz/uploads/2024/08/1722646117-1712299824-1703221411-combo-lis-1024x615.png
IP
172.67.196.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Certificate
IssuerGoogle Trust Services
Subjectcombolist.xyz
FingerprintFB:F5:31:3B:55:BD:EE:68:FE:C6:72:0F:55:CD:FA:60:0C:7E:B1:34
ValidityMon, 22 Jul 2024 10:34:14 GMT - Sun, 20 Oct 2024 10:34:13 GMT

File type
PNG image data, 1024 x 615, 8-bit/color RGBA, non-interlaced
Size
164 kB (163846 bytes)
Hash
19b3d4a37b4a915c719d8f01766cf01c
e9922af7237d8d4d131f67805237f039c36327e4
f617fa4a6e272f308cd444934c7f7604d1d821e32d074b99510ed9dc74efe23b

HTTP Headers

GET /uploads/2024/08/1722646117-1712299824-1703221411-combo-lis-1024x615.png HTTP/1.1
Host: www.combolist.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Cookie: visitor=eyJpdiI6ImxENDhuMXdmbG1XYk1CVDZnTDdzOUE9PSIsInZhbHVlIjoiOTl5bVNaRG1hNVV4aEVOa1ZHelN5L2JhWU0xZmVVamwvbGN5aUg5OTFRQ3hnYzhRZDRwTjdna04wT3F6allIMyIsIm1hYyI6IjY2OThmMjEwMzYzNTE4MTRhMDJiZTdiMmZiMzEzMmRiZDA3MGExMjY2Y2ZiMWU3MzM3N2RiOGJkNGVkY2Q3ZmMiLCJ0YWciOiIifQ%3D%3D; XSRF-TOKEN=eyJpdiI6IldhS2gvc2h4ZWtMaEJERGxjUHhQREE9PSIsInZhbHVlIjoieUE2MjgrOGJmQnJNajN1VnBJbjUvM3FhaGduNTEwKy9xQUZnQkVyVWEwazFOeVhXM294MURlNWdTdU9EN1M0WXFEMmhWemsrSTd3c0IvRk9VWXlmM3hwUW1mRkFrZ3JwdWdHVGZoZy9PWW1xTVVVa3g4L1MyalZERDQzNFFoNE4iLCJtYWMiOiIwNDA5MGExZmJhMWFiMGEwMjgyOTc2MGYxMTJmYTYzZDVlMDliY2FjNzM3MWEzM2IzZTcyODkwNGM0ZmVmMTJiIiwidGFnIjoiIn0%3D; combo_list_hq_session=eyJpdiI6InlRdG9ORlptYVhPQk84UnYxbHE5OUE9PSIsInZhbHVlIjoiNFpyT3l3a0M5cWhZenYvZVRaZitxSFoxUjFFeTRyeTN2Ym1FU0tCeUp2R1NPV2FoRXBpb3hXR2k0OVNSVXFScHpza0RlQkFSNTkyV0dEU2VXTzlzbXdkck95VTRUT1puc0xxMjkrOVJKOUFOVTArQkxLQ0UxeVZNR29manA4V3kiLCJtYWMiOiJkOTgzMDBlYjllNzE2MjZkMGYzM2NiNDI2NjQ0ODMzODNlMDMxZTcwNzhhMDc0YzQ5MDU3NmQ1ZWE0MjVlNTFhIiwidGFnIjoiIn0%3D; ab=1; av=0; _ga_LGP09V2C4S=GS1.1.1722797812.1.0.1722797812.0.0.0; _ga=GA1.1.387028790.1722797813
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 04 Aug 2024 18:56:53 GMT
content-type: image/png
content-length: 163846
cache-control: public, max-age=31536000
expires: Mon, 04 Aug 2025 18:56:53 GMT
last-modified: Sat, 03 Aug 2024 00:48:38 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MR3VC99Za9uUiscdO%2Bsey2PzjU%2FF%2BoXz3kXicBGBjDoAf7FXkM6l0OhRiIjuBb2JPAjonBoJO4ccS941NOf4K1RYeB7rUGJJVx%2BqYmxl04NsS1sj9Q9BelYF1aI5NvfDGjK2fQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ae0c51b1a4c56ca-OSL
alt-svc: h3=":443"; ma=86400

GET fonts.googleapis.com/css?family=Roboto+Slab:100,300,400,700|Nunito:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i&display=swap

142.250.74.106

200 OK

34 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto+Slab:100,300,400,700|Nunito:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintC4:3F:12:39:D2:EC:4C:2C:1C:0A:A6:18:8E:2A:97:2C:D8:C2:7E:AF
ValidityTue, 30 Jul 2024 12:49:45 GMT - Tue, 22 Oct 2024 12:49:44 GMT

File type
ASCII text
Size
34 kB (34513 bytes)
Hash
a68d26c13407f5069fda08c17f04653e
0d2dd56bfc649b4f870b26e022fa599cb0a4ecb6
af3f8ef812438025f1acbd3676b604f24854f631e31d3507c922c35dec196d6f

HTTP Headers

GET /css?family=Roboto+Slab:100,300,400,700|Nunito:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.combolist.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 04 Aug 2024 18:56:52 GMT
date: Sun, 04 Aug 2024 18:56:52 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET www.combolist.xyz/assets/js/app.js?v=3.3.0

172.67.196.90

200 OK

35 kB

URL GET HTTP/3
www.combolist.xyz/assets/js/app.js?v=3.3.0
IP
172.67.196.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Certificate
IssuerGoogle Trust Services
Subjectcombolist.xyz
FingerprintFB:F5:31:3B:55:BD:EE:68:FE:C6:72:0F:55:CD:FA:60:0C:7E:B1:34
ValidityMon, 22 Jul 2024 10:34:14 GMT - Sun, 20 Oct 2024 10:34:13 GMT

File type
JavaScript source, ASCII text
Size
35 kB (35156 bytes)
Hash
0218b4cea237370e2297935af60e657c
86d7435073c1b42d0cfd752b13062e018185e51a
091e9ed03690763eb2d8fddf089e1b88b5a68c83c7259b7e99352d9b33374ff3

HTTP Headers

GET /assets/js/app.js?v=3.3.0 HTTP/1.1
Host: www.combolist.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Cookie: visitor=eyJpdiI6ImxENDhuMXdmbG1XYk1CVDZnTDdzOUE9PSIsInZhbHVlIjoiOTl5bVNaRG1hNVV4aEVOa1ZHelN5L2JhWU0xZmVVamwvbGN5aUg5OTFRQ3hnYzhRZDRwTjdna04wT3F6allIMyIsIm1hYyI6IjY2OThmMjEwMzYzNTE4MTRhMDJiZTdiMmZiMzEzMmRiZDA3MGExMjY2Y2ZiMWU3MzM3N2RiOGJkNGVkY2Q3ZmMiLCJ0YWciOiIifQ%3D%3D; XSRF-TOKEN=eyJpdiI6IldhS2gvc2h4ZWtMaEJERGxjUHhQREE9PSIsInZhbHVlIjoieUE2MjgrOGJmQnJNajN1VnBJbjUvM3FhaGduNTEwKy9xQUZnQkVyVWEwazFOeVhXM294MURlNWdTdU9EN1M0WXFEMmhWemsrSTd3c0IvRk9VWXlmM3hwUW1mRkFrZ3JwdWdHVGZoZy9PWW1xTVVVa3g4L1MyalZERDQzNFFoNE4iLCJtYWMiOiIwNDA5MGExZmJhMWFiMGEwMjgyOTc2MGYxMTJmYTYzZDVlMDliY2FjNzM3MWEzM2IzZTcyODkwNGM0ZmVmMTJiIiwidGFnIjoiIn0%3D; combo_list_hq_session=eyJpdiI6InlRdG9ORlptYVhPQk84UnYxbHE5OUE9PSIsInZhbHVlIjoiNFpyT3l3a0M5cWhZenYvZVRaZitxSFoxUjFFeTRyeTN2Ym1FU0tCeUp2R1NPV2FoRXBpb3hXR2k0OVNSVXFScHpza0RlQkFSNTkyV0dEU2VXTzlzbXdkck95VTRUT1puc0xxMjkrOVJKOUFOVTArQkxLQ0UxeVZNR29manA4V3kiLCJtYWMiOiJkOTgzMDBlYjllNzE2MjZkMGYzM2NiNDI2NjQ0ODMzODNlMDMxZTcwNzhhMDc0YzQ5MDU3NmQ1ZWE0MjVlNTFhIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 04 Aug 2024 18:56:52 GMT
content-type: text/javascript
cache-control: public, max-age=31536000
expires: Mon, 04 Aug 2025 18:56:52 GMT
last-modified: Thu, 02 Feb 2023 21:22:36 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=juA3pjA9Ha8n1DlMX3Vl3P3zu9aLlG9mlwWG28JoGKNgTiSfQkvevUtObuEZDCnqOFTnBWRVDvuN%2FAyNF1eNU4RlXw%2BDXrBUaxio0TzO75%2FqOOpEhBlOOeT3YGDUtCl7OeBgvA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ae0c515199556ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET pertawee.net/act/files/tag.min.js?z=7001884

139.45.197.251

200 OK

30 kB

URL GET HTTP/2
pertawee.net/act/files/tag.min.js?z=7001884
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Certificate
IssuerLet's Encrypt
Subjectpertawee.net
Fingerprint0D:D3:16:0E:17:21:36:5A:48:8C:F7:9A:C6:5E:3D:78:EB:97:EC:07
ValiditySat, 03 Aug 2024 04:37:07 GMT - Fri, 01 Nov 2024 04:37:06 GMT

File type
JavaScript source, ASCII text, with very long lines (29821), with no line terminators
Size
30 kB (29821 bytes)
Hash
a0c4346a4ec72027390b33f9b000a28d
9e35e54f2fcb282630d839562228b90b2d6b72c3
e13bd2ec761cdce0696af4a649c569b2657ff778b6c9380d0d41760ef2d30d7e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /act/files/tag.min.js?z=7001884 HTTP/1.1
Host: pertawee.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.combolist.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 04 Aug 2024 18:56:52 GMT
content-type: application/javascript
last-modified: Thu, 01 Aug 2024 09:03:14 GMT
etag: W/"66ab4f52-747d"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

GET www.combolist.xyz/assets/js/ads.js

172.67.196.90

200 OK

191 B

URL GET HTTP/3
www.combolist.xyz/assets/js/ads.js
IP
172.67.196.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Certificate
IssuerGoogle Trust Services
Subjectcombolist.xyz
FingerprintFB:F5:31:3B:55:BD:EE:68:FE:C6:72:0F:55:CD:FA:60:0C:7E:B1:34
ValidityMon, 22 Jul 2024 10:34:14 GMT - Sun, 20 Oct 2024 10:34:13 GMT

File type
ASCII text, with no line terminators
Size
191 B (191 bytes)
Hash
17787a2eab84e597896283209c237ef4
8f981359046b81a2c99061fc68d7a6d214fc98bc
347f6365abfcb020615486b3d7e0a6021a507bc720e5fc70efb8bacce6a160ca

HTTP Headers

GET /assets/js/ads.js HTTP/1.1
Host: www.combolist.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.combolist.xyz/14m-netherlands-combo-list-fresh-294
Cookie: visitor=eyJpdiI6ImxENDhuMXdmbG1XYk1CVDZnTDdzOUE9PSIsInZhbHVlIjoiOTl5bVNaRG1hNVV4aEVOa1ZHelN5L2JhWU0xZmVVamwvbGN5aUg5OTFRQ3hnYzhRZDRwTjdna04wT3F6allIMyIsIm1hYyI6IjY2OThmMjEwMzYzNTE4MTRhMDJiZTdiMmZiMzEzMmRiZDA3MGExMjY2Y2ZiMWU3MzM3N2RiOGJkNGVkY2Q3ZmMiLCJ0YWciOiIifQ%3D%3D; XSRF-TOKEN=eyJpdiI6IldhS2gvc2h4ZWtMaEJERGxjUHhQREE9PSIsInZhbHVlIjoieUE2MjgrOGJmQnJNajN1VnBJbjUvM3FhaGduNTEwKy9xQUZnQkVyVWEwazFOeVhXM294MURlNWdTdU9EN1M0WXFEMmhWemsrSTd3c0IvRk9VWXlmM3hwUW1mRkFrZ3JwdWdHVGZoZy9PWW1xTVVVa3g4L1MyalZERDQzNFFoNE4iLCJtYWMiOiIwNDA5MGExZmJhMWFiMGEwMjgyOTc2MGYxMTJmYTYzZDVlMDliY2FjNzM3MWEzM2IzZTcyODkwNGM0ZmVmMTJiIiwidGFnIjoiIn0%3D; combo_list_hq_session=eyJpdiI6InlRdG9ORlptYVhPQk84UnYxbHE5OUE9PSIsInZhbHVlIjoiNFpyT3l3a0M5cWhZenYvZVRaZitxSFoxUjFFeTRyeTN2Ym1FU0tCeUp2R1NPV2FoRXBpb3hXR2k0OVNSVXFScHpza0RlQkFSNTkyV0dEU2VXTzlzbXdkck95VTRUT1puc0xxMjkrOVJKOUFOVTArQkxLQ0UxeVZNR29manA4V3kiLCJtYWMiOiJkOTgzMDBlYjllNzE2MjZkMGYzM2NiNDI2NjQ0ODMzODNlMDMxZTcwNzhhMDc0YzQ5MDU3NmQ1ZWE0MjVlNTFhIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 04 Aug 2024 18:56:52 GMT
content-type: text/javascript
cache-control: public, max-age=31536000
expires: Tue, 29 Jul 2025 05:22:38 GMT
last-modified: Thu, 02 Feb 2023 21:22:36 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 567254
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CSwqPp5U0lAbtpgpxxP4lwikWjp%2BPw6jHUdpDpq45Z9z9vqXvS6b6ZXgFgJEml0v33Cu6LcpIiARqSvnSj87YegfBVK0W%2BxkYXTV1HRYNM4np74Xlm5sLQ7nNudHRewKoWyzzA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ae0c515199356ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (28)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN