| f5447.site/images/ajax-loader.gif |  104.21.79.50 | 200 OK | 6.8 kB |
URL f5447.site/images/ajax-loader.gif IP104.21.79.50:0
File typeGIF image data, version 89a, 66 x 66 Hash14c56c5a40e61aea738e46b66d4d8c90 cf1984f3fd7d0e74809b2a4ee8c1e3b5d262c6f0 f8108128bdee3905d17f3a0530131258b40ff53cf07e80b39a1ca671efe19f9f
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /images/ajax-loader.gif HTTP/1.1
Host: f5447.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 12 Nov 2024 13:41:52 GMT
content-type: image/gif
content-length: 6820
last-modified: Tue, 12 May 2020 15:11:28 GMT
etag: "1aa4-5a574e0b2fe1a"
x-frame-options: DENY
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: *
access-control-allow-credentials: true
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nuiQjH069ra1bwMmBRoDT6VcKra3kkuWTJPG7UsG7yt7OWmeYSnHqjo6rLNAriIPp8Vd0PpFX6SmuhXjWRNTgI38vfQWLDtCd5ht6%2BValtk%2FQVjz%2FRvu%2BDa2GJgf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8e16f1298e4956bf-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=10832&sent=11&recv=6&lost=0&retrans=0&sent_bytes=4044&recv_bytes=1082&delivery_rate=71322&cwnd=12000&unsent_bytes=0&cid=95e7184c2d50f157&ts=404&x=1", cfHdrFlush;dur=0
|
|
| www.linkbux.com/track?pid=LB00002044&mid=7306&url=http%3A%2F%2Fwww.blinkist.com%2F&uid=13&uid=6b3f721f1dddd1e4b2c5a7d5fb3bde11&utm_source=doaff&utm_medium=affiliate&utm_campaign=doaff&utm_content=doaff |  163.181.1.231 | 200 OK | 500 B |
URL User Request GET HTTP/1.1www.linkbux.com/track?pid=LB00002044&mid=7306&url=http%3A%2F%2Fwww.blinkist.com%2F&uid=13&uid=6b3f721f1dddd1e4b2c5a7d5fb3bde11&utm_source=doaff&utm_medium=affiliate&utm_campaign=doaff&utm_content=doaff IP163.181.1.231:443 ASN#24429 Zhejiang Taobao Network Co.,Ltd
CertificateIssuerDigiCert, Inc. Subject*.linkbux.com FingerprintD9:8F:9A:AE:D8:42:D1:6E:85:C3:74:0F:A0:0F:07:95:56:A2:62:1A ValidityWed, 10 Jul 2024 00:00:00 GMT - Sun, 10 Aug 2025 23:59:59 GMT
File typeHTML document, ASCII text Hash517f7cc56bf14f4787c049642859daee be2d1427439e06beaaa5c64943b0643a2009c260 ebc5e328abb588cc2c081d1f469b4eba4393a400000b3bf07b1d0bd4ad08d8ae
GET /track?pid=LB00002044&mid=7306&url=http%3A%2F%2Fwww.blinkist.com%2F&uid=13&uid=6b3f721f1dddd1e4b2c5a7d5fb3bde11&utm_source=doaff&utm_medium=affiliate&utm_campaign=doaff&utm_content=doaff HTTP/1.1
Host: www.linkbux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Tue, 12 Nov 2024 13:41:53 GMT
Vary: Accept-Encoding
Set-Cookie: discuz_2132_saltkey=ZKJ01zOq; expires=Thu, 12-Dec-2024 13:41:52 GMT; Max-Age=2591999; path=/; httponly
discuz_2132_lang=en; path=/
discuz_2132_lang=en; path=/
Content-Encoding: gzip
Via: cache29.l2us2[136,0], cache9.ru6[308,0]
Timing-Allow-Origin: *
EagleId: a3b5019d17314189128213659e
|
|
| blinkist-us.pxf.io/c/2334778/1371125/16450?u=http%3A%2F%2Fwww.blinkist.com%2F&subId1=lb_4367tti&sharedid=https%3A%2F%2Fwww.doaffiliate.net%2F |  35.201.76.231 | 302 Found | 367 B |
URL User Request GET HTTP/2blinkist-us.pxf.io/c/2334778/1371125/16450?u=http%3A%2F%2Fwww.blinkist.com%2F&subId1=lb_4367tti&sharedid=https%3A%2F%2Fwww.doaffiliate.net%2F IP35.201.76.231:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
CertificateIssuerSectigo Limited Subject*.pxf.io FingerprintCE:A1:CC:B4:2A:68:CA:B0:AE:E0:C3:62:52:F3:B1:01:8C:E1:74:97 ValidityWed, 26 Jun 2024 00:00:00 GMT - Thu, 24 Jul 2025 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (366) Hashf07be18ddd5f66d1532d2258a8baad61 fcb9e296e900bcab8a7baa6031f9fdb4b3be06f5 d26dbd70d5dc1a395c380d32ea677d41a0dfa4ccfcca44459a368710c347595b
GET /c/2334778/1371125/16450?u=http%3A%2F%2Fwww.blinkist.com%2F&subId1=lb_4367tti&sharedid=https%3A%2F%2Fwww.doaffiliate.net%2F HTTP/1.1
Host: blinkist-us.pxf.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.linkbux.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
expires: Tue, 12 Nov 2024 13:41:53 GMT
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
timing-allow-origin: *
location: https://www.ojrq.net/p/?return=https%3A%2F%2Fblinkist-us.pxf.io%2Fc%2F2334778%2F1371125%2F16450%3Fu%3Dhttp%253A%252F%252Fwww.blinkist.com%252F%26subId1%3Dlb_4367tti%26sharedid%3Dhttps%253A%252F%252Fwww.doaffiliate.net%252F%26level%3D1%26srcref%3Dhttps%253A%252F%252Fwww.linkbux.com%252F&cid=16450&tpsync=yes&auth=581084651952f28a
content-type: text/html; charset=utf-8
content-length: 367
date: Tue, 12 Nov 2024 13:41:53 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.ojrq.net/p/?return=https%3A%2F%2Fblinkist-us.pxf.io%2Fc%2F2334778%2F1371125%2F16450%3Fu%3Dhttp%253A%252F%252Fwww.blinkist.com%252F%26subId1%3Dlb_4367tti%26sharedid%3Dhttps%253A%252F%252Fwww.doaffiliate.net%252F%26level%3D1%26srcref%3Dhttps%253A%252F%252Fwww.linkbux.com%252F&cid=16450&tpsync=yes&auth=581084651952f28a | 34.95.127.121 | 302 Found | 0 B |
URL User Request GET HTTP/2www.ojrq.net/p/?return=https%3A%2F%2Fblinkist-us.pxf.io%2Fc%2F2334778%2F1371125%2F16450%3Fu%3Dhttp%253A%252F%252Fwww.blinkist.com%252F%26subId1%3Dlb_4367tti%26sharedid%3Dhttps%253A%252F%252Fwww.doaffiliate.net%252F%26level%3D1%26srcref%3Dhttps%253A%252F%252Fwww.linkbux.com%252F&cid=16450&tpsync=yes&auth=581084651952f28a IP34.95.127.121:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
CertificateIssuerSectigo Limited Subject*.ojrq.net Fingerprint97:D7:0B:77:AE:68:07:46:71:AF:99:54:E2:0F:B9:53:DB:36:39:5E ValidityTue, 12 Dec 2023 00:00:00 GMT - Tue, 07 Jan 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/?return=https%3A%2F%2Fblinkist-us.pxf.io%2Fc%2F2334778%2F1371125%2F16450%3Fu%3Dhttp%253A%252F%252Fwww.blinkist.com%252F%26subId1%3Dlb_4367tti%26sharedid%3Dhttps%253A%252F%252Fwww.doaffiliate.net%252F%26level%3D1%26srcref%3Dhttps%253A%252F%252Fwww.linkbux.com%252F&cid=16450&tpsync=yes&auth=581084651952f28a HTTP/1.1
Host: www.ojrq.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.linkbux.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
expires: Tue, 12 Nov 2024 13:41:53 GMT
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
timing-allow-origin: *
set-cookie: brwsr=e0882a23-a0fb-11ef-be89-ff8a8562075d; Domain=.ojrq.net; Path=/; Secure; Max-Age=62208000; Expires=Mon, 2 Nov 2026 13:41:53 GMT; HttpOnly; SameSite=None
location: https://blinkist-us.pxf.io/c/2334778/1371125/16450?u=http%3A%2F%2Fwww.blinkist.com%2F&subId1=lb_4367tti&sharedid=https%3A%2F%2Fwww.doaffiliate.net%2F&level=1&srcref=https%3A%2F%2Fwww.linkbux.com%2F&brwsr=e0882a23-a0fb-11ef-be89-ff8a8562075d&brwsrsig=QWmzfpUu5Qql0-XRhTRdNSBXxmITTc
content-length: 0
date: Tue, 12 Nov 2024 13:41:53 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| blinkist-us.pxf.io/c/2334778/1371125/16450?u=http%3A%2F%2Fwww.blinkist.com%2F&subId1=lb_4367tti&sharedid=https%3A%2F%2Fwww.doaffiliate.net%2F&level=1&srcref=https%3A%2F%2Fwww.linkbux.com%2F&brwsr=e0882a23-a0fb-11ef-be89-ff8a8562075d&brwsrsig=QWmzfpUu5Qql0-XRhTRdNSBXxmITTc | 35.201.76.231 | 302 Found | 425 B |
URL User Request GET HTTP/3blinkist-us.pxf.io/c/2334778/1371125/16450?u=http%3A%2F%2Fwww.blinkist.com%2F&subId1=lb_4367tti&sharedid=https%3A%2F%2Fwww.doaffiliate.net%2F&level=1&srcref=https%3A%2F%2Fwww.linkbux.com%2F&brwsr=e0882a23-a0fb-11ef-be89-ff8a8562075d&brwsrsig=QWmzfpUu5Qql0-XRhTRdNSBXxmITTc IP35.201.76.231:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
CertificateIssuerSectigo Limited Subject*.pxf.io FingerprintCE:A1:CC:B4:2A:68:CA:B0:AE:E0:C3:62:52:F3:B1:01:8C:E1:74:97 ValidityWed, 26 Jun 2024 00:00:00 GMT - Thu, 24 Jul 2025 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (424) Hashb4901f51e050fa774f192e31e0b082d5 64b8980238792d965875de34ff47d4f068a64d6a 16a438f5b642b117dbe4bbcf921f39d06716f14d5357c2aad2950a85668d2ddb
GET /c/2334778/1371125/16450?u=http%3A%2F%2Fwww.blinkist.com%2F&subId1=lb_4367tti&sharedid=https%3A%2F%2Fwww.doaffiliate.net%2F&level=1&srcref=https%3A%2F%2Fwww.linkbux.com%2F&brwsr=e0882a23-a0fb-11ef-be89-ff8a8562075d&brwsrsig=QWmzfpUu5Qql0-XRhTRdNSBXxmITTc HTTP/1.1
Host: blinkist-us.pxf.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.linkbux.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
expires: Tue, 12 Nov 2024 13:41:53 GMT
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
timing-allow-origin: *
set-cookie: brwsr=e0882a23-a0fb-11ef-be89-ff8a8562075d; Domain=.pxf.io; Path=/; Secure; Max-Age=62208000; Expires=Mon, 2 Nov 2026 13:41:53 GMT; HttpOnly; SameSite=None
location: https://blinkist.redirect.partnercentric.net/?campaign=2334778&source=Blinkist_Impact&u=https%3A%2F%2Fwww.blinkist.com%2Fcoupon%2Fkeeplearning_blackfriday24_affiliate_60%3Firclickid%3DX2U2MrWz7xyKT%253ARS-WUlu0FFUkCTtM21D1MORM0%26irgwc%3D1%26utm_medium%3Dpaid%26utm_campaign%3D2334778%26utm_source%3DImpact%26utm_term%3DOnline%2520Tracking%2520Link%26utm_content%3D16450%26show_login%3D1
content-type: text/html; charset=utf-8
content-length: 425
date: Tue, 12 Nov 2024 13:41:53 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| blinkist.redirect.partnercentric.net/?campaign=2334778&source=Blinkist_Impact&u=https%3A%2F%2Fwww.blinkist.com%2Fcoupon%2Fkeeplearning_blackfriday24_affiliate_60%3Firclickid%3DX2U2MrWz7xyKT%253ARS-WUlu0FFUkCTtM21D1MORM0%26irgwc%3D1%26utm_medium%3Dpaid%26utm_campaign%3D2334778%26utm_source%3DImpact%26utm_term%3DOnline%2520Tracking%2520Link%26utm_content%3D16450%26show_login%3D1 | 35.175.166.205 | 302 Found | 0 B |
URL User Request GET HTTP/2blinkist.redirect.partnercentric.net/?campaign=2334778&source=Blinkist_Impact&u=https%3A%2F%2Fwww.blinkist.com%2Fcoupon%2Fkeeplearning_blackfriday24_affiliate_60%3Firclickid%3DX2U2MrWz7xyKT%253ARS-WUlu0FFUkCTtM21D1MORM0%26irgwc%3D1%26utm_medium%3Dpaid%26utm_campaign%3D2334778%26utm_source%3DImpact%26utm_term%3DOnline%2520Tracking%2520Link%26utm_content%3D16450%26show_login%3D1 IP35.175.166.205:443
CertificateIssuerAmazon Subject*.redirect.partnercentric.net FingerprintB3:76:8B:62:37:D1:17:B6:D8:43:29:89:57:71:30:6E:08:37:1E:D0 ValidityThu, 07 Mar 2024 00:00:00 GMT - Sat, 05 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?campaign=2334778&source=Blinkist_Impact&u=https%3A%2F%2Fwww.blinkist.com%2Fcoupon%2Fkeeplearning_blackfriday24_affiliate_60%3Firclickid%3DX2U2MrWz7xyKT%253ARS-WUlu0FFUkCTtM21D1MORM0%26irgwc%3D1%26utm_medium%3Dpaid%26utm_campaign%3D2334778%26utm_source%3DImpact%26utm_term%3DOnline%2520Tracking%2520Link%26utm_content%3D16450%26show_login%3D1 HTTP/1.1
Host: blinkist.redirect.partnercentric.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.linkbux.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Tue, 12 Nov 2024 13:41:54 GMT
content-length: 0
location: https://www.google.com/404
x-forwarded-for: 91.90.42.154
apigw-requestid: BIstYhr3oAMEVuQ=
X-Firefox-Spdy: h2
|
|
| | 142.250.74.164 | 404 Not Found | 1.6 kB |
URL User Request GET HTTP/2IP142.250.74.164:443
CertificateIssuerGoogle Trust Services Subjectwww.google.com Fingerprint89:16:76:18:E5:01:7F:81:3A:FF:98:1C:88:CE:42:2D:C1:01:6B:DF ValidityMon, 07 Oct 2024 08:26:36 GMT - Mon, 30 Dec 2024 08:26:35 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (1136) Hasheedc418e44c986823cb7d61274416834 ecce6db88ead74446bdbdede37152688ea73d344 c3d40562984207ca4629d46c875d119e200efb45bbf270eba900fce4262bfe9f
GET /404 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.linkbux.com/
DNT: 1
Connection: keep-alive
Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
referrer-policy: no-referrer
content-length: 1564
date: Tue, 12 Nov 2024 13:41:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.google.com/images/errors/robot.png | 142.250.74.164 | 200 OK | 6.3 kB |
URL GET HTTP/2www.google.com/images/errors/robot.png IP142.250.74.164:443
Requested byhttps://www.google.com/404 CertificateIssuerGoogle Trust Services Subjectwww.google.com Fingerprint89:16:76:18:E5:01:7F:81:3A:FF:98:1C:88:CE:42:2D:C1:01:6B:DF ValidityMon, 07 Oct 2024 08:26:36 GMT - Mon, 30 Dec 2024 08:26:35 GMT
File typePNG image data, 171 x 213, 8-bit colormap, non-interlaced Hash4c9acf280b47cef7def3fc91a34c7ffe c32bb847daf52117ab93b723d7c57d8b1e75d36b 5f9fc5b3fbddf0e72c5c56cdcfc81c6e10c617d70b1b93fbe1e4679a8797bff7
GET /images/errors/robot.png HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 6327
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 08 Nov 2024 18:53:15 GMT
expires: Sat, 08 Nov 2025 18:53:15 GMT
cache-control: public, max-age=31536000
age: 326919
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png | 142.250.74.164 | 200 OK | 3.2 kB |
URL GET HTTP/2www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png IP142.250.74.164:443
Requested byhttps://www.google.com/404 CertificateIssuerGoogle Trust Services Subjectwww.google.com Fingerprint89:16:76:18:E5:01:7F:81:3A:FF:98:1C:88:CE:42:2D:C1:01:6B:DF ValidityMon, 07 Oct 2024 08:26:36 GMT - Mon, 30 Dec 2024 08:26:35 GMT
File typePNG image data, 150 x 54, 8-bit/color RGBA, non-interlaced Hash9d73b3aa30bce9d8f166de5178ae4338 d0cbc46850d8ed54625a3b2b01a2c31f37977e75 dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139
GET /images/branding/googlelogo/1x/googlelogo_color_150x54dp.png HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 3170
date: Tue, 12 Nov 2024 13:41:54 GMT
expires: Tue, 12 Nov 2024 13:41:54 GMT
cache-control: private, max-age=31536000
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.google.com/favicon.ico | 142.250.74.164 | 200 OK | 1.5 kB |
URL GET HTTP/3www.google.com/favicon.ico IP142.250.74.164:443
Requested byhttps://www.google.com/404 CertificateIssuerGoogle Trust Services Subject*.google.com Fingerprint8A:FD:2E:CF:C6:37:BB:86:75:C1:A8:96:34:2A:A2:19:13:ED:3B:80 ValidityMon, 07 Oct 2024 08:23:38 GMT - Mon, 30 Dec 2024 08:23:37 GMT
File typeMS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel Hashf3418a443e7d841097c714d69ec4bcb8 49263695f6b0cdd72f45cf1b775e660fdc36c606 6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770
GET /favicon.ico HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1494
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 12 Nov 2024 01:25:22 GMT
expires: Wed, 20 Nov 2024 01:25:22 GMT
cache-control: public, max-age=691200
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
content-type: image/x-icon
vary: Accept-Encoding
age: 44192
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| f5447.site/blinkist.com/puvf5/1?d_data1\=24111026b6260b63946e04 | 104.21.79.50 | 200 OK | 2.8 kB |
URL User Request GET HTTP/2f5447.site/blinkist.com/puvf5/1?d_data1\=24111026b6260b63946e04 IP104.21.79.50:443
CertificateIssuerGoogle Trust Services Subjectf5447.site Fingerprint57:6E:48:8C:B5:64:7C:C5:19:82:14:78:1B:B3:D7:83:4A:56:E6:C1 ValidityWed, 25 Sep 2024 20:13:45 GMT - Tue, 24 Dec 2024 20:13:44 GMT
File typeHTML document, ASCII text, with very long lines (2869), with no line terminators Hash72fa673d9d4605323388d30529a7197e 4d7b8e07a2b906dcc4fc4fb4136824c7946737b6 221560b29dd8b3a6745b06a929f55f70ab39f25fc4dace851c1fdee074a630da
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /blinkist.com/puvf5/1?d_data1\=24111026b6260b63946e04 HTTP/1.1
Host: f5447.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 12 Nov 2024 13:41:51 GMT
content-type: text/html; charset=UTF-8
set-cookie: doaff_visitor=6b3f721f1dddd1e4b2c5a7d5fb3bde11; expires=Mon, 07-Nov-2044 13:41:51 GMT; Max-Age=630720000; path=/blinkist.com
vary: Accept-Encoding
x-frame-options: DENY
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: *
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DkpoJpF5g7eqEU4zvN2WqArXhjxQStnFLM9cSiLjzOV8ZXKaXTCEGxjNOvKN3TehuCslDZRPqeGyFHLskgdnvDSLYoEfoNUvK8ga%2FAnu5%2FTVviwb9q6roCl%2FGQl1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8e16f126fdec56c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=12706&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3196&recv_bytes=1152&delivery_rate=590217&cwnd=254&unsent_bytes=0&cid=dea9fd1d612c1cf9&ts=108&x=0"
X-Firefox-Spdy: h2
|
|