Report - freegtaov.life/

Report Overview

Submitted URL
freegtaov.life/
IP
188.114.96.1
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-26 08:29:15
Access
public
Website Title
Online Store
Final URL
freegtaov.life/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
66

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
simracingsetup.com	unknown	2020-01-26	2020-03-30	2023-09-12	431 B	44 kB	104.21.42.5
ae01.alicdn.com	7254	2008-06-25	2015-11-26	2024-04-25	445 B	36 kB	47.246.44.250
images.footballfanatics.com	60149	1997-02-26	2012-06-23	2024-03-20	568 B	170 kB	184.24.44.122
pumpbiz.com	unknown	unknown	No data	No data	461 B	67 kB	104.26.2.84
static.bhphoto.com	38315	1995-08-17	2013-04-22	2024-03-01	402 B	93 kB	104.18.38.13
freegtaov.life	unknown	unknown	No data	No data	38 kB	2.9 MB	188.114.97.1
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-04-24	2.0 kB	170 kB	104.17.24.14
images.ctfassets.net	4623	2017-03-28	2017-09-20	2024-04-25	489 B	40 kB	143.204.55.77
www.fram.com	489732	1997-10-24	2012-11-12	2023-06-16	414 B	429 kB	209.126.24.176
academy.scene7.com	905083	2000-06-23	2019-10-22	2024-03-20	423 B	125 kB	23.73.2.80
thepounddropper.com	515522	unknown	2019-02-18	2023-03-14	437 B	1.5 MB	172.67.75.185
image.made-in-china.com	52499	1998-02-28	2012-07-25	2024-03-19	452 B	74 kB	172.64.144.96
s.yimg.com	375	1997-05-14	2012-05-21	2024-04-25	580 B	32 kB	188.125.94.204
i.pinimg.com	689	2010-05-29	2015-10-15	2024-04-24	850 B	289 kB	95.101.10.201
cdn.shortpixel.ai	33622	2018-07-14	2018-09-26	2024-04-25	499 B	72 kB	194.242.11.186
cdn.webshopapp.com	56723	2010-02-15	2017-02-02	2024-03-23	459 B	132 kB	104.17.156.30
i8.amplience.net	28799	2017-10-24	2019-03-14	2024-03-03	428 B	32 kB	104.18.32.90
weaponxmotorsports.com	unknown	unknown	No data	No data	456 B	66 kB	23.227.38.32
cl.scalperscompany.com	unknown	unknown	No data	No data	440 B	1.2 kB	23.227.38.32
sc04.alicdn.com	36125	2008-06-25	2016-08-16	2024-03-27	419 B	3.7 kB	23.36.77.179
images.meesho.com	227222	2015-10-17	2018-06-15	2024-02-16	420 B	47 kB	34.111.251.190

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-26	medium	freegtaov.life	Sinkholed
2024-04-26	medium	freegtaov.life	Sinkholed
2024-04-26	medium	freegtaov.life	Sinkholed
2024-04-26	medium	freegtaov.life	Sinkholed
2024-04-26	medium	freegtaov.life	Sinkholed
2024-04-26	medium	freegtaov.life	Sinkholed
2024-04-26	medium	freegtaov.life	Sinkholed
2024-04-26	medium	freegtaov.life	Sinkholed
2024-04-26	medium	freegtaov.life	Sinkholed
2024-04-26	medium	freegtaov.life	Sinkholed
2024-04-26	medium	freegtaov.life	Sinkholed
2024-04-26	medium	freegtaov.life	Sinkholed
2024-04-26	medium	freegtaov.life	Sinkholed
2024-04-26	medium	freegtaov.life	Sinkholed
2024-04-26	medium	freegtaov.life	Sinkholed
2024-04-26	medium	freegtaov.life	Sinkholed
2024-04-26	medium	freegtaov.life	Sinkholed
2024-04-26	medium	freegtaov.life	Sinkholed
2024-04-26	medium	freegtaov.life	Sinkholed
2024-04-26	medium	freegtaov.life	Sinkholed
2024-04-26	medium	freegtaov.life	Sinkholed
2024-04-26	medium	freegtaov.life	Sinkholed
2024-04-26	medium	freegtaov.life	Sinkholed
2024-04-26	medium	freegtaov.life	Sinkholed
2024-04-26	medium	freegtaov.life	Sinkholed
2024-04-26	medium	freegtaov.life	Sinkholed
2024-04-26	medium	freegtaov.life	Sinkholed
2024-04-26	medium	freegtaov.life	Sinkholed
2024-04-26	medium	freegtaov.life	Sinkholed
2024-04-26	medium	freegtaov.life	Sinkholed
2024-04-26	medium	freegtaov.life	Sinkholed
2024-04-26	medium	freegtaov.life	Sinkholed
2024-04-26	medium	freegtaov.life	Sinkholed

ThreatFox

No alerts detected

JavaScript (42)

	URL	Size	First Seen	Last Seen
	freegtaov.life/static/default/js/public.js	1.9 kB	2023-03-12	2024-05-05
Pretty URL freegtaov.life/static/default/js/public.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 22:29:02 Last Seen2024-05-05 05:12:55 Times Seen158 Hash 53ceae9d8b9f4372ad101d91439cdbb7 662fa3a84762aee5bcb1da67ebbe2e37b3eeb79e 535ee4fa0189e79bd9a7d6ae4aa466180c4ac5b82b47647482ddce74587ce249 Loading...

	unknown	512 B	2023-11-03	2024-04-26
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-03 12:56:23 Last Seen2024-04-26 10:29:29 Times Seen12 Hash e1f386d6516c0db1d3bc1f4b63a5ba81 f180277f3e5491d0597c6f7f009210e17dca75e9 3d26f6e0055061b50e149c0ad76b6b2f15bd0c4bee763be329b942014d1e4919 Loading...

	unknown	2.5 kB	2023-11-03	2024-04-26
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-03 12:56:23 Last Seen2024-04-26 10:29:29 Times Seen13 Hash f03f5b17ec5c6051671257ddd2018eea 7f74ad67e4db332f3c7ab88417f7449cba7240a2 f31054763242a40a799d3ef8c93394cbef4e71823ff46712c2678f59fb804ed0 Loading...

	unknown	110 B	2023-11-03	2024-04-26
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-03 12:56:23 Last Seen2024-04-26 10:29:29 Times Seen13 Hash 87ffe49bbe3e28294b4417fe23ce5521 5202ffee41d1006c44029ef4d5d163f4e9232e8c b3f130dc25bc52a1841a767266bcb48774163c509bb57af1e5d5354f1e41503a Loading...

	freegtaov.life/	543 B	2023-11-03	2024-05-05
Pretty URL freegtaov.life/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-03 12:56:23 Last Seen2024-05-05 05:12:54 Times Seen25 Hash 7522976f970077f1a808fe762a7e06a6 924a3e0922dd6d59d942f36e965a607a3720f992 d533860458eb73ade8fc419d1f6486297309665cb4edfb979f825493698079b1 Loading...

	freegtaov.life/traffic_statistics?gurl=	0 B	2023-03-07	2024-05-06
Pretty URL freegtaov.life/traffic_statistics?gurl= IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-06 13:02:27 Times Seen37377388 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	unknown	1.8 kB	2023-11-03	2024-04-26
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-03 12:56:23 Last Seen2024-04-26 10:29:29 Times Seen13 Hash 7704a6a42730b3a06f99b1706a8ec48f 2b194e3519a5e670607b7f7c9bbc56f009fa596d 57b0f3d1a13a48e5fc21a144b60aa82a37cf1b0e885e95b8ba2abd86832db09c Loading...

	unknown	138 B	2023-11-03	2024-05-05
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-03 12:56:23 Last Seen2024-05-05 05:12:54 Times Seen24 Hash 9a94ae7fe21fea8494e9bcf6bb519b06 a8fa90d1fcb4eb7ed3bf8ea1122cacd25a352819 5a70584b716034fe0ca13de7b57199ec25c237d545721601d151ef50d38e7bf9 Loading...

	cdnjs.cloudflare.com/ajax/libs/vant/2.12.48/vant.min.js	279 kB	2023-03-07	2024-05-05
Pretty URL cdnjs.cloudflare.com/ajax/libs/vant/2.12.48/vant.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:31 Last Seen2024-05-05 05:12:54 Times Seen262 Hash 0292da744fb4f768ae77370f868a674e 6dbafd633d187d11e2ef0a9a47044fd5646c70fb 068b71488c3a0d9ccf95e76a72a93678f9baf45786e87e0b2dc8f1be25f72468 Loading...

	freegtaov.life/	8.6 kB	2024-04-26	2024-04-26
Pretty URL freegtaov.life/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-26 10:29:29 Last Seen2024-04-26 10:29:29 Times Seen1 Hash 683837b06507a1014672088ee5d220a1 381e4157047c01ade2ffda1be54b92c5007902be b8597762446f750aba0c46bfd7f3878b5d1eb03eefc768dff49711cdbd1952a1 Loading...

	unknown	171 B	2024-04-26	2024-04-26
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-04-26 10:29:29 Last Seen2024-04-26 10:29:29 Times Seen1 Hash a59a0a508bcf3fcb6dadee09913433e6 08f4f5bb5d6e1ba8f1046573bb97b43fe2fbc9e4 b5c7d8f3def7863c915ef9ef8c4ea0abbe2b8ed287f178a86f623ca0e2e77179 Loading...

	unknown	138 B	2023-11-03	2024-05-05
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-03 12:56:23 Last Seen2024-05-05 05:12:54 Times Seen24 Hash 84b225eff2b105156f8078ed21ff8b64 41b652a36aa6a9952be991ef5114630019dd4336 67ad89b536424cc38a04ab343466949ddc40c946075fbc141cb0417aab44938d Loading...

	freegtaov.life/	9.2 kB	2024-04-26	2024-04-26
Pretty URL freegtaov.life/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-26 10:29:29 Last Seen2024-04-26 10:29:29 Times Seen1 Hash 7d427c35f207e19c5c695c0ce8952c05 1d728c2c41ad2275a53e2f6213a15d36035a1806 8e9e656b2787ad6cbefa0d74c13319b90a7e0460d05c79780371b1d920a30803 Loading...

	unknown	1.7 kB	2024-04-26	2024-04-26
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-04-26 10:29:29 Last Seen2024-04-26 10:29:29 Times Seen1 Hash c38dd0ebe33e86bff501b6e8ef76b756 2a4878444e445f6e6085374ab73293e01355021d 8f0f74e7a56af8478535ebfb5a4a59ca5c40facebcdbe367b26860163351158c Loading...

	freegtaov.life/	10 kB	2024-04-26	2024-04-26
Pretty URL freegtaov.life/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-26 10:29:29 Last Seen2024-04-26 10:29:29 Times Seen1 Hash 12baa1e2f206f756ea3ceb2149be5840 ed8418d3744afb426a621a3f6d1a7ae18f11e785 82d036e13ea899504992167ac5cd1f4302b168a55d6f542ffb9b6c25050c5aee Loading...

	cdnjs.cloudflare.com/ajax/libs/vue-resource/1.5.3/vue-resource.min.js	15 kB	2023-03-12	2024-05-05
Pretty URL cdnjs.cloudflare.com/ajax/libs/vue-resource/1.5.3/vue-resource.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 22:29:02 Last Seen2024-05-05 05:12:54 Times Seen268 Hash 5f4a59735ca9517d0478f395439bd517 f820c08cf114da8ec451e8eedc0da51dfcba5e02 ff5c4da48c495fd0e611aec47b2986097c0351d5e1a527ab1ea64085dcdcdbe9 Loading...

	unknown	127 B	2023-11-03	2024-05-05
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-03 12:56:23 Last Seen2024-05-05 05:12:54 Times Seen24 Hash 1225801b3453e88bd0f17598f771503d 719eeae87b92babb0c95818f127a6338d0b75fb4 ab185ce89cd85daed537ef8d8b22d2d52f8dcbcf118c0678f09f1d10be8fe846 Loading...

	unknown	172 B	2024-04-26	2024-04-26
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-04-26 10:29:29 Last Seen2024-04-26 10:29:29 Times Seen1 Hash f23829b19f06f1246ca36c5a889a1646 42d01ca30f5560e62dc45b4dd2e87e6108170524 df5dcfbddd45f12d44fc18c8f727872c40111e7791ab2348250fc1225b90a7d7 Loading...

	unknown	277 B	2023-11-03	2024-05-05
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-03 12:56:23 Last Seen2024-05-05 05:12:54 Times Seen25 Hash 41e226399cdec17fc2e96d116c516b8a fedba9c084bee281fbad5b60716c4b72f9a54d5f 07ff00fb8ac5e4ec6d4a8c14292826b9e9c597f949040337a7562b790634b130 Loading...

	freegtaov.life/	763 B	2024-04-26	2024-04-26
Pretty URL freegtaov.life/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-26 10:29:29 Last Seen2024-04-26 10:29:29 Times Seen1 Hash a5e5e9a7fcbef90fb5b43fb402aa27a7 33b4f0d223cb397fdbd04e7449394de20a370dc0 d641adb13aaaf79d4b116bc46ab5c1416601c2d309f462d860a7503c87725dcc Loading...

	freegtaov.life/	2.0 kB	2024-04-26	2024-04-26
Pretty URL freegtaov.life/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-26 10:29:29 Last Seen2024-04-26 10:29:29 Times Seen1 Hash 47f858a633acfd0298a33c573942a327 ba3aba093b75d2f79259317800d5c604516bf395 a2536cbe82ca0c039524b306192d1a5e27b6175b86d1c4c59ce1c3025bb83737 Loading...

	unknown	222 B	2024-04-26	2024-04-26
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-04-26 10:29:29 Last Seen2024-04-26 10:29:29 Times Seen1 Hash f76654e54bc5c288212596cd058281af a0f6a21e88b562684ad79fcfa45a162522f65910 94e6578d811cfde38e3edc5d8f80483f21e82c607481884c745219c58c3f3f69 Loading...

	unknown	50 B	2023-04-12	2024-05-06
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-12 00:31:29 Last Seen2024-05-06 05:51:03 Times Seen769 Hash 67a516f6876a6d5a6acd917aabe0571f 3cafb807a2d7fcf75a5092484795de52336ae1d0 cb909329532746539d41f5fe0c5f508bbf8191744c706dd5969753aa14948bc3 Loading...

	freegtaov.life/static/default/js/delighters.js	2.6 kB	2023-03-12	2024-05-05
Pretty URL freegtaov.life/static/default/js/delighters.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 22:29:02 Last Seen2024-05-05 05:12:55 Times Seen183 Hash cc31823856831d96acd96628fe1bc12c 4441d2792dc7fb9f54cde379cd6dd5085ae7af33 0636cf1e7380cd58da452b76c4f7d8d902d25c735188b56d005c73a127bae19d Loading...

	freegtaov.life/	79 B	2023-03-12	2024-05-05
Pretty URL freegtaov.life/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 22:29:02 Last Seen2024-05-05 05:12:54 Times Seen124 Hash a71ddf2ef16448b1a9a116c9969bb84a 38f0cfe879b01e50b2022a5b46ccebe972b57afa f81cdd71a100042bdbdd3a8d1fa89581bc7763e26f2ff6eb7bbefda85e9143a3 Loading...

	unknown	6.4 kB	2024-04-26	2024-04-26
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-04-26 10:29:29 Last Seen2024-04-26 10:29:29 Times Seen1 Hash 72e128bb764fde3e9a7c7fcaf6030e0f a0f966ec9577ab93db32b303d6fce2f24265ddb1 a9ea7c33c0e27e4802d64124c94dc0d88f787c440fb0f7bae42dcf9f505864c7 Loading...

	unknown	112 B	2023-11-03	2024-05-05
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-03 12:56:23 Last Seen2024-05-05 05:12:54 Times Seen25 Hash f4db1827fe4259b9dc5853871bc6045e 639adc0619832cd922f888b7a9dbdc35c9416ab0 88fa931d9cb6eb5bee5d361b3063bd8c3b1213e4c0e588a56a0a26f3ae9919e9 Loading...

	unknown	183 B	2024-04-26	2024-04-26
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-04-26 10:29:29 Last Seen2024-04-26 10:29:29 Times Seen1 Hash e7600a245439e370d11cedd51f676c94 f2c8a296ee983986799e062dee091f534e7419f8 aca8406b7bd19f8ac14cc01bb2c5c330f05d35d1c96a1ff5ec68c62b8aac7a01 Loading...

	unknown	868 B	2023-11-03	2024-05-05
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-03 12:56:23 Last Seen2024-05-05 05:12:54 Times Seen24 Hash 422bb6aa46f23a2a350068e2aac58762 0c814f0e50381800467b1d138913c05a19757304 6aafd2d65c2d12f8799c5a11f0d12ac110d33e18da9cf50b0e35a042a1302d43 Loading...

	freegtaov.life/static/market/js/jquery.min.js	84 kB	2023-03-07	2024-05-06
Pretty URL freegtaov.life/static/market/js/jquery.min.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-05-06 11:44:55 Times Seen14040 Hash e40ec2161fe7993196f23c8a07346306 afb90752e0a90c24b7f724faca86c5f3d15d1178 874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4 Loading...

	freegtaov.life/static/default/js/vue.min.js	94 kB	2023-03-07	2024-05-06
Pretty URL freegtaov.life/static/default/js/vue.min.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:40 Last Seen2024-05-06 10:08:38 Times Seen1208 Hash b21b8531847604ab5f2f5caaef51ba31 da8d7a59f4e6cc55ea58abec33ef9cebb9ba67c1 9174c425c445377df4562ad9165ea08fdf9433a808296d7de5f619791df10e17 Loading...

	unknown	2.1 kB	2024-04-26	2024-04-26
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-04-26 10:29:29 Last Seen2024-04-26 10:29:29 Times Seen1 Hash 07c5465e5acdc2910546e58a36693107 729ec47907a0525607031c238ebf2bf335d79d87 4b90942600b554be32139b89c65b7a8a49180a990d16b61bd81b3a5347373a1a Loading...

	cdnjs.cloudflare.com/ajax/libs/Swiper/8.3.2/swiper-bundle.js	338 kB	2023-03-07	2024-05-05
Pretty URL cdnjs.cloudflare.com/ajax/libs/Swiper/8.3.2/swiper-bundle.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:09 Last Seen2024-05-05 05:12:54 Times Seen261 Hash de581e420bf52d70e353080a13094ea8 7e727d99fea8c31c2f2e3173105d585ee3289d31 4eb89fcf77b0f8b3bb92ffae01f6a2773d836e9b15201337de8fe87e7e5c7fa5 Loading...

	unknown	169 B	2023-11-03	2024-05-05
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-03 12:56:23 Last Seen2024-05-05 05:12:54 Times Seen25 Hash ef210ca63758a5c527614ecb062779e6 a837e8e3690859da53f344a34707c998794eef21 2695864485c5f4a69cc03bb77c46e7890253bdeb6129a87d8158cda9b9fc5cbe Loading...

	freegtaov.life/	696 B	2023-03-12	2024-05-05
Pretty URL freegtaov.life/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 22:29:02 Last Seen2024-05-05 05:12:54 Times Seen124 Hash 207792bcff09eca0993cd75875f72095 1f602949e3de9dd8638601085791e25c6cc0acda ae57e93366c984a79002b078c27040993cd88c77218f277655fc031b6bb3e1d5 Loading...

	unknown	303 B	2023-11-03	2024-04-26
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-03 12:56:23 Last Seen2024-04-26 10:29:30 Times Seen13 Hash 28e6020b593ddcc1ed5f62e0875d7e48 170114850b2228b38f087530b9baf9370f285dcb f9579e2db05a7e4b072593dd0c4c5bb2aa3e0880c9dbc7524f8e0d1c2aace3fb Loading...

	unknown	290 B	2024-04-26	2024-04-26
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-04-26 10:29:30 Last Seen2024-04-26 10:29:30 Times Seen1 Hash 5052c97a113e3be78428e418e4c82bb4 df02042a3ed2b7ecf2e824a07e6ba591a71fa0cf 2c8dc78adf346fc82903160d88331255c9f044dbeca5d19f26a3c46267fb8a50 Loading...

	unknown	182 B	2024-04-26	2024-04-26
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-04-26 10:29:30 Last Seen2024-04-26 10:29:30 Times Seen1 Hash 8ef26bec5cbdec53a92c236c481b34ec b2c89c8f565c13e4c0c453cd86a3e5f1c05d4bf6 399ef787d71e2eaa5b955fdf673bb3fae085a4f6e6dc71ef245ad28633ad5d96 Loading...

	freegtaov.life/	151 B	2023-03-12	2024-05-05
Pretty URL freegtaov.life/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 22:29:02 Last Seen2024-05-05 05:12:54 Times Seen123 Hash 4cc479dfa9707e2f24a8e129c80429b6 a6e2c685240dd740b22e226767035173703473a4 120dbe66705b4abb82ad0b16aabbd8ff3acee9be1fdfc30e77a2557012a1181d Loading...

	unknown	196 B	2023-11-03	2024-04-26
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-03 12:56:23 Last Seen2024-04-26 10:29:30 Times Seen12 Hash f8b06030e548e75042f7c26c0c84d097 e2b10e072285222839f9ebdb755856958ae3ac41 518ffa43b97dee5b405cfbf0296f30301a1f447cc9704c0dd8f9acc124f7c379 Loading...

	unknown	117 B	2023-11-03	2024-04-26
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-03 12:56:23 Last Seen2024-04-26 10:29:30 Times Seen13 Hash e113009d6ff208b75e3a98b89de75953 97d6b22872399aaa7001d212e5b76a75cfe2f2df c043a2c23ff807b13df90c80fc323989cb7059ce59973b44c8afdf5cce2120aa Loading...

		Size	First Seen	Last Seen
	#1 Write - ea47d7a66d8152302cd901d56844cb81	72 B	2023-03-12	2024-05-05
Pretty Observations First Seen2023-03-12 22:29:02 Last Seen2024-05-05 05:12:54 Times Seen127 Hash ea47d7a66d8152302cd901d56844cb81 235d8306b2b513c8851d054491a83beb3e194f94 ee7229be5e00ebb674d9f12a2aba9d62130a20978a0c27162a984e32530a1d5f Loading...

HTTP Transactions (58)

URL IP Response Size

freegtaov.life/static/logo.png

188.114.97.1

200 OK

5.8 kB

URL GET HTTP/3
freegtaov.life/static/logo.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freegtaov.life/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreegtaov.life
Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47
ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT

File type
PNG image data, 240 x 80, 8-bit/color RGBA, non-interlaced
Size
5.8 kB (5811 bytes)
Hash
f12935b050ea09250470148a08554341
655023d8201a493dc0c881d98e73c9b81f994602
8909e47b3a395662a3ef846ede58b1e43ba05278f13f01bc82e7b75412c29f87

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/logo.png HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freegtaov.life/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImxZWHhQSnJMRjM2MTJvV2tpYVpaQXc9PSIsInZhbHVlIjoiY3I1T3JmRzJmeFl2Y2gzcGlmZkxBNGRCNHpNK0JXQlNRYU9HNkNZdmxxbitqVGNONEFSMCsrRmJESFdhd3dKcEx2MFpVejFCOXJkOWlaRVBUSm9jMDhpVjdqN05KQ1RIcGphQlVaaHlHd2FkSmZzSmVjZEhwb1ZpSExGc2RCSEkiLCJtYWMiOiIzMDVhMzJmMzJjODE5MWEyMTQ5ZTg1M2I1MWZhZGJiN2NlNjAyZDMxNjVlY2RlNzkzOTMzMTNiM2MyMjBlOGIzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1iSzJtcE1CWTdVUFg4UmFDSldKbVE9PSIsInZhbHVlIjoiTWVWS3F1WlFneG1OSDZtSjZTNk9tcWh5R1pKZzlhOThvQjVGV002RjQ5V3JRK3dNUHZ2eE92enVMeWtOcjFaUVBCUXEyY21xeVBRaEJuMkVldUNIUngrVWE3V0l6UjZYU1lFYnJiMjJhZ2V2eVpzSXJSdzh2bzhmY1dmblZHTXAiLCJtYWMiOiI0Zjg3OTNiYjAxZmM1MzI2MWFkYWQyYjE4ZWM4OTg0YWU5ZDQyODFmNDM4OTNkNTkzYTUyMjhhZWZlMDA3M2E3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 08:28:46 GMT
content-type: image/png
content-length: 5811
last-modified: Mon, 09 Oct 2023 06:18:37 GMT
etag: "16b3-607428f80f640"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2623
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DOkC2oqYnjLONBcFJMW%2BoCQQUfUhG%2BZ3eJ493YpQra3QZ9djyBvZ90%2BbzLtKNrYxMWN7%2BSvKLhP0oMvm8LQHzWV6i2iTydS9%2FsOMpLC363biwHbdTYiPy%2FgPeUikL06N9g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a533893978712b-OSL
alt-svc: h3=":443"; ma=86400

freegtaov.life/static/market/img/payment.png

188.114.97.1

200 OK

15 kB

URL GET HTTP/3
freegtaov.life/static/market/img/payment.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freegtaov.life/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreegtaov.life
Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47
ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT

File type
PNG image data, 342 x 26, 8-bit/color RGBA, non-interlaced
Size
15 kB (14874 bytes)
Hash
d9e27afb8d07e73a5d78c58219db8284
2c8e0b0821ae555b66a6d9ad9d3f3a97d8164f99
1567d764b3ee71f11f52d807789d9a970c60dd195b39f2b295d476308d76aeb3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/market/img/payment.png HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freegtaov.life/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImxZWHhQSnJMRjM2MTJvV2tpYVpaQXc9PSIsInZhbHVlIjoiY3I1T3JmRzJmeFl2Y2gzcGlmZkxBNGRCNHpNK0JXQlNRYU9HNkNZdmxxbitqVGNONEFSMCsrRmJESFdhd3dKcEx2MFpVejFCOXJkOWlaRVBUSm9jMDhpVjdqN05KQ1RIcGphQlVaaHlHd2FkSmZzSmVjZEhwb1ZpSExGc2RCSEkiLCJtYWMiOiIzMDVhMzJmMzJjODE5MWEyMTQ5ZTg1M2I1MWZhZGJiN2NlNjAyZDMxNjVlY2RlNzkzOTMzMTNiM2MyMjBlOGIzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1iSzJtcE1CWTdVUFg4UmFDSldKbVE9PSIsInZhbHVlIjoiTWVWS3F1WlFneG1OSDZtSjZTNk9tcWh5R1pKZzlhOThvQjVGV002RjQ5V3JRK3dNUHZ2eE92enVMeWtOcjFaUVBCUXEyY21xeVBRaEJuMkVldUNIUngrVWE3V0l6UjZYU1lFYnJiMjJhZ2V2eVpzSXJSdzh2bzhmY1dmblZHTXAiLCJtYWMiOiI0Zjg3OTNiYjAxZmM1MzI2MWFkYWQyYjE4ZWM4OTg0YWU5ZDQyODFmNDM4OTNkNTkzYTUyMjhhZWZlMDA3M2E3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 08:28:46 GMT
content-type: image/png
content-length: 14874
last-modified: Sat, 07 Oct 2023 06:20:27 GMT
etag: "3a1a-6071a5a6057e2"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2623
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7UjsCvH5%2FvgXUsBwlHCpOolNr0Oy6sOA%2BFFA32pyHXnT9yjSXCRo0siLrj0hIE0lN4VqnZ35%2BxC92xrEGmyjMKNM0WgzGMcBYvNrpe%2BYC2%2Fgk7DYSmJrfkBOMXGgx%2Bnj8A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a53389397c712b-OSL
alt-svc: h3=":443"; ma=86400

cdnjs.cloudflare.com/ajax/libs/vant/2.12.48/index.css

104.17.24.14

200 OK

38 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/vant/2.12.48/index.css
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freegtaov.life/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
38 kB (38108 bytes)
Hash
9a547188fa485f8ca9b2cc7d6d2524ef
7893335159a1f637eb24cd05aaba96ac156c7f65
897e513fc70a4e1759ceb06ed3c9348d036b36b724dc60d815f9f3124de6f433

HTTP Headers

GET /ajax/libs/vant/2.12.48/index.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:28:46 GMT
content-type: text/css; charset=utf-8
content-length: 38108
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "62b69136-94dc"
last-modified: Sat, 25 Jun 2022 04:38:14 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 129713
expires: Wed, 16 Apr 2025 08:28:46 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FhApiVocvF5mqoxQnlJ2NKAWRqKKc2BFblM543aUZpqqdtgMM1Q5BjwvRoDHUHDz1FJy%2FGJiWIPbbWzd%2F6kyk6T4Ij89jQ%2Bholi%2BMUgEYGStD0sMJY8RDY%2B7Fl%2BbGFUIt7cBHTMm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87a533896fb05696-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/vant/2.12.48/vant.min.js

104.17.24.14

200 OK

68 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/vant/2.12.48/vant.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freegtaov.life/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (57307)
Size
68 kB (67811 bytes)
Hash
0292da744fb4f768ae77370f868a674e
6dbafd633d187d11e2ef0a9a47044fd5646c70fb
068b71488c3a0d9ccf95e76a72a93678f9baf45786e87e0b2dc8f1be25f72468

HTTP Headers

GET /ajax/libs/vant/2.12.48/vant.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:28:46 GMT
content-type: application/javascript; charset=utf-8
content-length: 67811
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "62b69136-108e3"
last-modified: Sat, 25 Jun 2022 04:38:14 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1348365
expires: Wed, 16 Apr 2025 08:28:46 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DY9ZwCFKllzkLqymU3mjZ3V4hkEJsGmZ9g27Q0126wnBU7ga2Xt0agR0YTOGkKVsEdnJ7B8TmPD%2B6kF6Nc5FXpe6U8W2XNGfgcen3SMlSXuo6bJlwxRxoQLxKDf%2BwVN1CFfqhLXA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87a533897fc45696-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/vue-resource/1.5.3/vue-resource.min.js

104.17.24.14

200 OK

4.9 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/vue-resource/1.5.3/vue-resource.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freegtaov.life/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (14957)
Size
4.9 kB (4866 bytes)
Hash
5f4a59735ca9517d0478f395439bd517
f820c08cf114da8ec451e8eedc0da51dfcba5e02
ff5c4da48c495fd0e611aec47b2986097c0351d5e1a527ab1ea64085dcdcdbe9

HTTP Headers

GET /ajax/libs/vue-resource/1.5.3/vue-resource.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:28:46 GMT
content-type: application/javascript; charset=utf-8
content-length: 4866
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "60c785b9-1302"
last-modified: Mon, 14 Jun 2021 16:37:13 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 16084
expires: Wed, 16 Apr 2025 08:28:46 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wf8f2g6p5tglDDusWnylp63VucvGD8bS94%2FCv6RRaKDaikgzqwjxU7Ab%2Bu6zhOLzSWFSuBcWGA%2FhYGAnYxpkRkbwd9I3hZu5QEUlb5tlPMBnSyyLOIDb%2FEM6igJeu2Kog15cL8SE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87a533897fc35696-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/Swiper/8.3.2/swiper-bundle.min.css

104.17.24.14

200 OK

3.9 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/Swiper/8.3.2/swiper-bundle.min.css
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freegtaov.life/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (16213)
Size
3.9 kB (3945 bytes)
Hash
951eae8c8a442c2940c54d180301ed41
771518669a370d915adf0d207f2a22092a768cd1
4359643e1b6350bffd6e16d543603ea7b393855957e792ac7f9178a81ed0b14d

HTTP Headers

GET /ajax/libs/Swiper/8.3.2/swiper-bundle.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:28:46 GMT
content-type: text/css; charset=utf-8
content-length: 3945
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "62dffbc4-f69"
last-modified: Tue, 26 Jul 2022 14:35:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 15160
expires: Wed, 16 Apr 2025 08:28:46 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w%2FPctrXeXEsCm9RsmJb0%2BpzR9H9%2BXoWclcM%2FCRtcp1N8lH3gz%2FqLypxfiqXppJwFipEdQrgUJjeNbZI%2B5S3x%2Ft139UFMVdyhVUxLRKpW88PY5pDVdHAMUphkjPQeyk8Qq3EyigOD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87a533898fc65696-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/Swiper/8.3.2/swiper-bundle.js

104.17.24.14

200 OK

50 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/Swiper/8.3.2/swiper-bundle.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freegtaov.life/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text
Size
50 kB (49876 bytes)
Hash
de581e420bf52d70e353080a13094ea8
7e727d99fea8c31c2f2e3173105d585ee3289d31
4eb89fcf77b0f8b3bb92ffae01f6a2773d836e9b15201337de8fe87e7e5c7fa5

HTTP Headers

GET /ajax/libs/Swiper/8.3.2/swiper-bundle.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:28:46 GMT
content-type: application/javascript; charset=utf-8
content-length: 49876
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "62dffbc4-c2d4"
last-modified: Tue, 26 Jul 2022 14:35:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 8482485
expires: Wed, 16 Apr 2025 08:28:46 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qnl92oqUmx2ok%2FHbSyiNy5lWTdDgVFWpdIforuG1UDfOkZcgnStALsMiWrnaBSXh%2BqUjA7tU%2BTL2REWWRK618NLOD8dGxW31dU%2Bw08wLCJwREO4ruvExaInTXN7aJm70YD9qRHt9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87a533898fc75696-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

freegtaov.life/static/default/img/slide_homepage_1.jpeg

188.114.97.1

200 OK

214 kB

URL GET HTTP/3
freegtaov.life/static/default/img/slide_homepage_1.jpeg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freegtaov.life/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreegtaov.life
Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47
ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2021:05:12 14:10:12], baseline, precision 8, 1903x634, components 3
Size
214 kB (214103 bytes)
Hash
3d26f7692db8907822ed3505c70868f7
74fccb84f865369b53df3f25d777c069a6e89f2e
8e010e987884485474400823a163c12119b1bd9daf886d43253899aee7e71ed1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/default/img/slide_homepage_1.jpeg HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freegtaov.life/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImxZWHhQSnJMRjM2MTJvV2tpYVpaQXc9PSIsInZhbHVlIjoiY3I1T3JmRzJmeFl2Y2gzcGlmZkxBNGRCNHpNK0JXQlNRYU9HNkNZdmxxbitqVGNONEFSMCsrRmJESFdhd3dKcEx2MFpVejFCOXJkOWlaRVBUSm9jMDhpVjdqN05KQ1RIcGphQlVaaHlHd2FkSmZzSmVjZEhwb1ZpSExGc2RCSEkiLCJtYWMiOiIzMDVhMzJmMzJjODE5MWEyMTQ5ZTg1M2I1MWZhZGJiN2NlNjAyZDMxNjVlY2RlNzkzOTMzMTNiM2MyMjBlOGIzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1iSzJtcE1CWTdVUFg4UmFDSldKbVE9PSIsInZhbHVlIjoiTWVWS3F1WlFneG1OSDZtSjZTNk9tcWh5R1pKZzlhOThvQjVGV002RjQ5V3JRK3dNUHZ2eE92enVMeWtOcjFaUVBCUXEyY21xeVBRaEJuMkVldUNIUngrVWE3V0l6UjZYU1lFYnJiMjJhZ2V2eVpzSXJSdzh2bzhmY1dmblZHTXAiLCJtYWMiOiI0Zjg3OTNiYjAxZmM1MzI2MWFkYWQyYjE4ZWM4OTg0YWU5ZDQyODFmNDM4OTNkNTkzYTUyMjhhZWZlMDA3M2E3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 08:28:47 GMT
content-type: image/jpeg
content-length: 214103
last-modified: Sat, 07 Oct 2023 06:20:26 GMT
etag: "34457-6071a5a5dbbdb"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m%2BKo2P4K4sFUqcz9hB2dz9VB7ptSEWt8KWnL4qJQpG4h2Lqa9noeG0tvbuKcVPh3ifY0izbNyVb8mU65EjXPh2St7J0olwMfXWWIkFcXwtl3J9RsKOwiPZuXEDwZr68kkA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a533893979712b-OSL
alt-svc: h3=":443"; ma=86400

freegtaov.life/static/your/img/service.jpg

188.114.97.1

200 OK

127 kB

URL GET HTTP/3
freegtaov.life/static/your/img/service.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freegtaov.life/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreegtaov.life
Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47
ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 570x402, components 3
Size
127 kB (126971 bytes)
Hash
6894acf30e9989c857a5e16e63672fa2
e6ebc3536d436f1aa697e2aac0827ab87bdfc4b4
e47e5927563c41d710a8f0099f89098843e69c4289fa25445467ebe4b96559f9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/your/img/service.jpg HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freegtaov.life/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImxZWHhQSnJMRjM2MTJvV2tpYVpaQXc9PSIsInZhbHVlIjoiY3I1T3JmRzJmeFl2Y2gzcGlmZkxBNGRCNHpNK0JXQlNRYU9HNkNZdmxxbitqVGNONEFSMCsrRmJESFdhd3dKcEx2MFpVejFCOXJkOWlaRVBUSm9jMDhpVjdqN05KQ1RIcGphQlVaaHlHd2FkSmZzSmVjZEhwb1ZpSExGc2RCSEkiLCJtYWMiOiIzMDVhMzJmMzJjODE5MWEyMTQ5ZTg1M2I1MWZhZGJiN2NlNjAyZDMxNjVlY2RlNzkzOTMzMTNiM2MyMjBlOGIzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1iSzJtcE1CWTdVUFg4UmFDSldKbVE9PSIsInZhbHVlIjoiTWVWS3F1WlFneG1OSDZtSjZTNk9tcWh5R1pKZzlhOThvQjVGV002RjQ5V3JRK3dNUHZ2eE92enVMeWtOcjFaUVBCUXEyY21xeVBRaEJuMkVldUNIUngrVWE3V0l6UjZYU1lFYnJiMjJhZ2V2eVpzSXJSdzh2bzhmY1dmblZHTXAiLCJtYWMiOiI0Zjg3OTNiYjAxZmM1MzI2MWFkYWQyYjE4ZWM4OTg0YWU5ZDQyODFmNDM4OTNkNTkzYTUyMjhhZWZlMDA3M2E3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 08:28:47 GMT
content-type: image/jpeg
content-length: 126971
last-modified: Sat, 07 Oct 2023 06:20:27 GMT
etag: "1effb-6071a5a637ca4"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5jB6lT%2Bij3GD2ZWB5QzJqbB8BTImFg804oZNHacWJmVwY4phjJfImHsc7cT3vvCcCeoLC1l5JxXLLw3KBJfpBI%2FakmNCsBxfexExaBaEoARO3I1fpzQm0%2Fd7YnqCfHpTRg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a53389397a712b-OSL
alt-svc: h3=":443"; ma=86400

freegtaov.life/static/your/img/footer-bg.jpg

188.114.97.1

200 OK

171 kB

URL GET HTTP/3
freegtaov.life/static/your/img/footer-bg.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freegtaov.life/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreegtaov.life
Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47
ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x425, components 3
Size
171 kB (170800 bytes)
Hash
01aad85abef2e701361ee4ded47754e4
cc6770719c0b7639740145824e048f339340c0c7
73eb0994db66a8e45749f3fd6b0b5d32416d5654eb867f0bf9819a6cd65e8aba

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/your/img/footer-bg.jpg HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freegtaov.life/static/your/css/stylesheet.css
Cookie: XSRF-TOKEN=eyJpdiI6ImxZWHhQSnJMRjM2MTJvV2tpYVpaQXc9PSIsInZhbHVlIjoiY3I1T3JmRzJmeFl2Y2gzcGlmZkxBNGRCNHpNK0JXQlNRYU9HNkNZdmxxbitqVGNONEFSMCsrRmJESFdhd3dKcEx2MFpVejFCOXJkOWlaRVBUSm9jMDhpVjdqN05KQ1RIcGphQlVaaHlHd2FkSmZzSmVjZEhwb1ZpSExGc2RCSEkiLCJtYWMiOiIzMDVhMzJmMzJjODE5MWEyMTQ5ZTg1M2I1MWZhZGJiN2NlNjAyZDMxNjVlY2RlNzkzOTMzMTNiM2MyMjBlOGIzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1iSzJtcE1CWTdVUFg4UmFDSldKbVE9PSIsInZhbHVlIjoiTWVWS3F1WlFneG1OSDZtSjZTNk9tcWh5R1pKZzlhOThvQjVGV002RjQ5V3JRK3dNUHZ2eE92enVMeWtOcjFaUVBCUXEyY21xeVBRaEJuMkVldUNIUngrVWE3V0l6UjZYU1lFYnJiMjJhZ2V2eVpzSXJSdzh2bzhmY1dmblZHTXAiLCJtYWMiOiI0Zjg3OTNiYjAxZmM1MzI2MWFkYWQyYjE4ZWM4OTg0YWU5ZDQyODFmNDM4OTNkNTkzYTUyMjhhZWZlMDA3M2E3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 08:28:47 GMT
content-type: image/jpeg
content-length: 170800
last-modified: Sat, 07 Oct 2023 06:20:27 GMT
etag: "29b30-6071a5a636533"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2623
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G0Fy6sQTahckFV8jhr7qQy1BDIta3Que3%2FFpVmSSkNMkwkNKnjLDA1sNhkoTnM7ctluMk5B3KuukKB7WhLkk0s%2BfilOiu%2BHSZSIxGFiHnVkcXWSqgYq2URhTgQ8UdGgB3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a5338d8d49712b-OSL
alt-svc: h3=":443"; ma=86400

freegtaov.life/static/your/css/jquery-ui.min.css

188.114.97.1

200 OK

13 kB

URL GET HTTP/3
freegtaov.life/static/your/css/jquery-ui.min.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freegtaov.life/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreegtaov.life
Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47
ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT

File type
ASCII text, with very long lines (15129)
Size
13 kB (13412 bytes)
Hash
1f29bef8e189e09389ee650069da29d0
85ec0a5126e957e1f0596cf84010cf41e1fa321c
3d94f00ea8118cfa7a40019dd8696ebf16aebdd92f0ff5fec0411e97b8b7c44c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/your/css/jquery-ui.min.css HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freegtaov.life/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImxZWHhQSnJMRjM2MTJvV2tpYVpaQXc9PSIsInZhbHVlIjoiY3I1T3JmRzJmeFl2Y2gzcGlmZkxBNGRCNHpNK0JXQlNRYU9HNkNZdmxxbitqVGNONEFSMCsrRmJESFdhd3dKcEx2MFpVejFCOXJkOWlaRVBUSm9jMDhpVjdqN05KQ1RIcGphQlVaaHlHd2FkSmZzSmVjZEhwb1ZpSExGc2RCSEkiLCJtYWMiOiIzMDVhMzJmMzJjODE5MWEyMTQ5ZTg1M2I1MWZhZGJiN2NlNjAyZDMxNjVlY2RlNzkzOTMzMTNiM2MyMjBlOGIzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1iSzJtcE1CWTdVUFg4UmFDSldKbVE9PSIsInZhbHVlIjoiTWVWS3F1WlFneG1OSDZtSjZTNk9tcWh5R1pKZzlhOThvQjVGV002RjQ5V3JRK3dNUHZ2eE92enVMeWtOcjFaUVBCUXEyY21xeVBRaEJuMkVldUNIUngrVWE3V0l6UjZYU1lFYnJiMjJhZ2V2eVpzSXJSdzh2bzhmY1dmblZHTXAiLCJtYWMiOiI0Zjg3OTNiYjAxZmM1MzI2MWFkYWQyYjE4ZWM4OTg0YWU5ZDQyODFmNDM4OTNkNTkzYTUyMjhhZWZlMDA3M2E3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 08:28:46 GMT
content-type: text/css
last-modified: Sat, 07 Oct 2023 06:20:27 GMT
etag: W/"415a-6071a5a63326a-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2623
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=70WNjSMY0FQyuqGnnA7f9OApKoPptv8%2Bnz9irPhpzPd0AGUTls2FzfuVJ0E38FchkuZms6EOKZqu72HVI6HKxkdsWqTzF7vWk%2BN6plnn1E2ZWYdA%2FQABFLzy0r4zSAapIA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a533891959712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

freegtaov.life/static/market/js/jquery.min.js

188.114.97.1

200 OK

34 kB

URL GET HTTP/3
freegtaov.life/static/market/js/jquery.min.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freegtaov.life/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreegtaov.life
Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47
ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT

File type
JavaScript source, ASCII text, with very long lines (32061)
Size
34 kB (34465 bytes)
Hash
e40ec2161fe7993196f23c8a07346306
afb90752e0a90c24b7f724faca86c5f3d15d1178
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/market/js/jquery.min.js HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freegtaov.life/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImxZWHhQSnJMRjM2MTJvV2tpYVpaQXc9PSIsInZhbHVlIjoiY3I1T3JmRzJmeFl2Y2gzcGlmZkxBNGRCNHpNK0JXQlNRYU9HNkNZdmxxbitqVGNONEFSMCsrRmJESFdhd3dKcEx2MFpVejFCOXJkOWlaRVBUSm9jMDhpVjdqN05KQ1RIcGphQlVaaHlHd2FkSmZzSmVjZEhwb1ZpSExGc2RCSEkiLCJtYWMiOiIzMDVhMzJmMzJjODE5MWEyMTQ5ZTg1M2I1MWZhZGJiN2NlNjAyZDMxNjVlY2RlNzkzOTMzMTNiM2MyMjBlOGIzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1iSzJtcE1CWTdVUFg4UmFDSldKbVE9PSIsInZhbHVlIjoiTWVWS3F1WlFneG1OSDZtSjZTNk9tcWh5R1pKZzlhOThvQjVGV002RjQ5V3JRK3dNUHZ2eE92enVMeWtOcjFaUVBCUXEyY21xeVBRaEJuMkVldUNIUngrVWE3V0l6UjZYU1lFYnJiMjJhZ2V2eVpzSXJSdzh2bzhmY1dmblZHTXAiLCJtYWMiOiI0Zjg3OTNiYjAxZmM1MzI2MWFkYWQyYjE4ZWM4OTg0YWU5ZDQyODFmNDM4OTNkNTkzYTUyMjhhZWZlMDA3M2E3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 08:28:46 GMT
content-type: application/javascript
last-modified: Sat, 07 Oct 2023 06:20:27 GMT
etag: W/"14915-6071a5a60733b-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2623
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sZDdckAGfDks7Go4mdVxEk%2FtUI55p%2B0OqV7PNXLyFzNh9ff1ZaduvGIC%2BBlhWMdCHB1boXjtK1EPS%2Fuhi1UnWvT1sBdIWhTqfh5hm4fAzNNzH2kipTmDsrWOGzgZkAXpTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a53389195d712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

freegtaov.life/static/default/js/delighters.js

188.114.97.1

200 OK

5.2 kB

URL GET HTTP/3
freegtaov.life/static/default/js/delighters.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freegtaov.life/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreegtaov.life
Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47
ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT

File type
Unicode text, UTF-8 text
Size
5.2 kB (5188 bytes)
Hash
cc31823856831d96acd96628fe1bc12c
4441d2792dc7fb9f54cde379cd6dd5085ae7af33
0636cf1e7380cd58da452b76c4f7d8d902d25c735188b56d005c73a127bae19d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/default/js/delighters.js HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freegtaov.life/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImxZWHhQSnJMRjM2MTJvV2tpYVpaQXc9PSIsInZhbHVlIjoiY3I1T3JmRzJmeFl2Y2gzcGlmZkxBNGRCNHpNK0JXQlNRYU9HNkNZdmxxbitqVGNONEFSMCsrRmJESFdhd3dKcEx2MFpVejFCOXJkOWlaRVBUSm9jMDhpVjdqN05KQ1RIcGphQlVaaHlHd2FkSmZzSmVjZEhwb1ZpSExGc2RCSEkiLCJtYWMiOiIzMDVhMzJmMzJjODE5MWEyMTQ5ZTg1M2I1MWZhZGJiN2NlNjAyZDMxNjVlY2RlNzkzOTMzMTNiM2MyMjBlOGIzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1iSzJtcE1CWTdVUFg4UmFDSldKbVE9PSIsInZhbHVlIjoiTWVWS3F1WlFneG1OSDZtSjZTNk9tcWh5R1pKZzlhOThvQjVGV002RjQ5V3JRK3dNUHZ2eE92enVMeWtOcjFaUVBCUXEyY21xeVBRaEJuMkVldUNIUngrVWE3V0l6UjZYU1lFYnJiMjJhZ2V2eVpzSXJSdzh2bzhmY1dmblZHTXAiLCJtYWMiOiI0Zjg3OTNiYjAxZmM1MzI2MWFkYWQyYjE4ZWM4OTg0YWU5ZDQyODFmNDM4OTNkNTkzYTUyMjhhZWZlMDA3M2E3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 08:28:47 GMT
content-type: application/javascript
last-modified: Sat, 07 Oct 2023 06:20:26 GMT
etag: W/"a4b-6071a5a5dc794-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2624
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=owvOOWR6FLn85pCbYUELnVZzTvVU%2B2tmJp5zLUUi0l0G%2FS3%2FE6pbAZVkHnz41XAwyp9henKFn0gyrO92lGksMXrbKgyAx4mcIjPUPFxnVMgQwSU4ASZSwdNbMDjlwQQGww%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a5338c2bd9712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

images.ctfassets.net/2djrn56blv6r/7LIT43d1Cl41DLThqIq5vp/3997af2f6344408a9ddfecc1866e278d/Dog-Years-Chart.jpg?fm=webp&q=75&w=1920

143.204.55.77

200 OK

40 kB

URL GET HTTP/2
images.ctfassets.net/2djrn56blv6r/7LIT43d1Cl41DLThqIq5vp/3997af2f6344408a9ddfecc1866e278d/Dog-Years-Chart.jpg?fm=webp&q=75&w=1920
IP
143.204.55.77:443
ASN
#16509 AMAZON-02

Requested by
https://freegtaov.life/
Certificate
IssuerAmazon
Subjectimages.ctfassets.net
FingerprintB4:AD:54:1E:42:5A:BC:E5:5F:19:1A:F9:8B:06:8A:D3:F0:46:11:88
ValidityTue, 19 Dec 2023 00:00:00 GMT - Thu, 16 Jan 2025 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 800x800, Scaling: [none]x[none], YUV color, decoders should clamp
Size
40 kB (39982 bytes)
Hash
2582f2660d07d56976ebae7d8d145a1e
e996c507a3c3f53e0ebd149ef266248c6e088191
becaec3113440a309bd6b9263dff4effde1a44871344fcb29990c87972de3ac6

HTTP Headers

GET /2djrn56blv6r/7LIT43d1Cl41DLThqIq5vp/3997af2f6344408a9ddfecc1866e278d/Dog-Years-Chart.jpg?fm=webp&q=75&w=1920 HTTP/1.1
Host: images.ctfassets.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/webp
content-length: 39982
etag: "2582f2660d07d56976ebae7d8d145a1e"
last-modified: Mon, 15 Apr 2024 13:09:53 GMT
date: Fri, 26 Apr 2024 06:26:26 GMT
cache-control: max-age=31536000
server: Contentful Images API
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: K-Oonu-BVAaJOCryZhjXGEZdPhw_OsqIFSLDDgLFiwy0NyTw22iXvQ==
age: 7344
X-Firefox-Spdy: h2

cdn.shortpixel.ai/spai/q_lossy+w_977+to_webp+ret_img/thetechreviewer.com/wp-content/uploads//2016/05/Netgear20Nighthawk20X4s-9-1024x650.jpg

194.242.11.186

200 OK

71 kB

URL GET HTTP/2
cdn.shortpixel.ai/spai/q_lossy+w_977+to_webp+ret_img/thetechreviewer.com/wp-content/uploads//2016/05/Netgear20Nighthawk20X4s-9-1024x650.jpg
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://freegtaov.life/
Certificate
IssuerLet's Encrypt
Subjectcdn.shortpixel.ai
Fingerprint8D:F9:8F:AD:3B:D5:81:08:75:6C:F4:1B:CC:E1:FC:2A:5C:75:0D:1F
ValiditySat, 06 Apr 2024 15:08:39 GMT - Fri, 05 Jul 2024 15:08:38 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, comment: "Compressed by jpeg-recompress", baseline, precision 8, 1024x650, components 3
Size
71 kB (70699 bytes)
Hash
ac4070fde3d09d88d08b3c1c75245fe0
d38a99d5f90c6759fcdea10dff790700d11d2c00
d81c2e26c20f42b6af2991c6a9598afbb08c4f170641ea3292c8ae5ea17e706c

HTTP Headers

GET /spai/q_lossy+w_977+to_webp+ret_img/thetechreviewer.com/wp-content/uploads//2016/05/Netgear20Nighthawk20X4s-9-1024x650.jpg HTTP/1.1
Host: cdn.shortpixel.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:28:50 GMT
content-type: image/webp
content-length: 70699
server: BunnyCDN-NO1-830
cdn-pullzone: 257218
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000, s-maxage=604800
etag: 5f25f11ef2747c5aea4cd2e80a6263d9
expires: Sat, 26 Apr 2025 08:28:50 GMT
pragma: cache
cdn-cachedat: 04/26/2024 08:28:50
link: <https://thetechreviewer.com/wp-content/uploads//2016/05/Netgear20Nighthawk20X4s-9-1024x650.jpg>; rel="canonical"
cdn-tag: 553269; Domain: thetechreviewer.com; 200
xtag-sp-debug: SLT: 0.011
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: a9200ba3744cd11c04b63739152275bf
cdn-cache: MISS
X-Firefox-Spdy: h2

simracingsetup.com/wp-content/uploads/2022/04/Fanatec-CSL-DD-Design.jpg

104.21.42.5

200 OK

43 kB

URL GET HTTP/2
simracingsetup.com/wp-content/uploads/2022/04/Fanatec-CSL-DD-Design.jpg
IP
104.21.42.5:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freegtaov.life/
Certificate
IssuerLet's Encrypt
Subjectsimracingsetup.com
Fingerprint2C:73:46:ED:7F:45:6D:BD:71:B3:96:14:6A:A9:2F:2C:54:D0:9B:A4
ValidityThu, 07 Mar 2024 19:06:57 GMT - Wed, 05 Jun 2024 19:06:56 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 1280x720, components 3
Size
43 kB (43137 bytes)
Hash
c9e7ea5026b81a87cf0582c17a0c1fb0
1b1a9d11b1436973c16511c7126c9f8d0848c0f0
85ea83d3d6d87d0c2051f858220410cf51f249f921cdfa2eb1f841c323ce2e36

HTTP Headers

GET /wp-content/uploads/2022/04/Fanatec-CSL-DD-Design.jpg HTTP/1.1
Host: simracingsetup.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:28:50 GMT
content-type: image/jpeg
content-length: 43137
cache-control: public, max-age=31536000
expires: Mon, 24 Jun 2024 08:29:25 GMT
last-modified: Tue, 19 Apr 2022 13:51:05 GMT
etag: "a881-625ebe49-e0564405cdfe2327;;;"
vary: User-Agent, Accept-Encoding
wpx: 1
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 86365
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zQb%2FDHRN4EDXfvI0lbFfFZpbojuOkbMb9drH%2F08qcIR2ysRuq%2FuxQy2oxQSVXZou9ivLQnu99CHOo15muVnbMKJFrFdz3hXm2OOxJ26m8enwPhauWYOH8aOOuN2%2FF6RDOnVgfj0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a5339d8bfe56a9-OSL
X-Firefox-Spdy: h2

cdn.webshopapp.com/shops/125574/files/426226750/essence-lash-princess-false-lash-effect-mascara.jpg

104.17.156.30

200 OK

131 kB

URL GET HTTP/2
cdn.webshopapp.com/shops/125574/files/426226750/essence-lash-princess-false-lash-effect-mascara.jpg
IP
104.17.156.30:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freegtaov.life/
Certificate
IssuerCloudflare, Inc.
Subjectwebshopapp.com
FingerprintDF:2B:5A:79:AC:4C:C9:7F:B5:52:E6:41:19:28:30:C4:9F:F0:DE:27
ValidityWed, 27 Dec 2023 00:00:00 GMT - Thu, 26 Dec 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 866x871, components 3
Size
131 kB (130963 bytes)
Hash
f462ecf751645a1bd3f7c2af6063ee81
fd480392d68f02aa4e45830b76295c5e8e8b08b3
0239a7b936e70b111631a2600018dbdef224a921162f14b2af79fe2f5ce0ad71

HTTP Headers

GET /shops/125574/files/426226750/essence-lash-princess-false-lash-effect-mascara.jpg HTTP/1.1
Host: cdn.webshopapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:28:50 GMT
content-type: image/jpeg
content-length: 130963
cache-control: public, max-age=31536000
x-amz-server-side-encryption: AES256
x-envoy-upstream-service-time: 79
access-control-allow-origin: *
last-modified: Mon, 20 Mar 2023 12:12:59 GMT
x-content-type-options: nosniff
x-request-id: 3d8bf71649abbd9ccfd1aba038d95fc4
x-resource-id: file:207160198
x-runtime: 0.021920
x-xss-protection: 1; mode=block
cf-cache-status: MISS
expires: Sat, 26 Apr 2025 08:28:50 GMT
accept-ranges: bytes
set-cookie: __cf_bm=y8hJVZcSLa.ninMZVhiynxA_HAbDY6DNWxjgMJxMiik-1714120130-1.0.1.1-00Er1Ktg4PdvcrpHrBFXrrKaiQAxCfbUbPLWVjzB8tdwxGWp9ViDnY5..Bm2MX7UA4R6pzcAaDRXGJuGE4C9Sw; path=/; expires=Fri, 26-Apr-24 08:58:50 GMT; domain=.webshopapp.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 87a5339d1ada7131-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

i8.amplience.net/s/scvl/144460_308637_SET/2?fmt=auto&$webPdpProduct$

104.18.32.90

200 OK

31 kB

URL GET HTTP/2
i8.amplience.net/s/scvl/144460_308637_SET/2?fmt=auto&$webPdpProduct$
IP
104.18.32.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freegtaov.life/
Certificate
IssuerDigiCert Inc
Subjecta.sni.dm.amplience.net
FingerprintAD:98:39:C7:A2:7D:13:0B:C9:7A:29:4E:21:E4:C6:81:74:E4:25:83
ValidityTue, 29 Aug 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT

File type
ISO Media, AVIF Image
Size
31 kB (31329 bytes)
Hash
c98c10491462d86e34ddc7e1bd59fe91
eab0f236bf5d13c3b95a7f2d48a2bab657b6057b
177274f1b896597413b05e144dc4c2d783a754dd9f5d822f9895d4869546e83a

HTTP Headers

GET /s/scvl/144460_308637_SET/2?fmt=auto&$webPdpProduct$ HTTP/1.1
Host: i8.amplience.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:28:50 GMT
content-type: image/avif
content-length: 31329
cf-ray: 87a5339e4e855691-OSL
cf-cache-status: MISS
accept-ranges: bytes
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=1800
last-modified: Fri, 26 Apr 2024 08:28:50 GMT
vary: Accept-Encoding
edge-cache-tag: mA5RSQ4wr,WWwde7iQa,_F3Qnaiz2,HrbwLGq9P,2nzkQBCSx,1yrG5ILA3
edge-control: max-age=86400
x-amp-cf-worker: true
x-amp-published: Wed, 30 Nov 2022 22:03:43 GMT
x-amp-source-height: 1130
x-amp-source-width: 1333
x-amp-srv: CF
x-frame-options: DENY
x-req-id: EBzP2CXhPf
x-xss-protection: 1; mode=block
server: cloudflare
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

weaponxmotorsports.com/cdn/shop/products/450-401007-na1600.1581141140_grande_2x.jpg?v=1582332373

23.227.38.32

200 OK

64 kB

URL GET HTTP/2
weaponxmotorsports.com/cdn/shop/products/450-401007-na1600.1581141140_grande_2x.jpg?v=1582332373
IP
23.227.38.32:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freegtaov.life/
Certificate
IssuerLet's Encrypt
Subjectweaponxmotorsports.com
FingerprintEC:13:2B:03:12:79:8D:A1:E8:17:1E:1B:DA:22:0E:3D:8B:BF:22:AB
ValiditySat, 20 Apr 2024 12:33:10 GMT - Fri, 19 Jul 2024 12:33:09 GMT

File type
RIFF (little-endian) data, Web/P image
Size
64 kB (64530 bytes)
Hash
4806b6f3ed4e6bca64cd74a0ae28d286
cee2280e10c104fb040238f55c7735dbbe016fd4
c681f1c69482d04f6d98b317b714e806e5c325228f6d80dfd9082a4e3128fb6c

HTTP Headers

GET /cdn/shop/products/450-401007-na1600.1581141140_grande_2x.jpg?v=1582332373 HTTP/1.1
Host: weaponxmotorsports.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:28:50 GMT
content-type: image/webp
content-length: 64530
x-sorting-hat-podid: 245
x-sorting-hat-shopid: 1838297
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
source-length: 170297
source-type: image/jpeg
timing-allow-origin: *
vary: Accept, Accept-Encoding
x-content-type-options: nosniff
x-request-id: 442cd2c9-aa6e-4ae4-b1b8-14965171d8ce-1714069923
x-xss-protection: 1; mode=block
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-dc: gcp-us-central1,gcp-us-central1
last-modified: Thu, 25 Apr 2024 18:32:04 GMT
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EWHwDNGgQ%2BYlAQBFKmGi5xVEDpYbxBGRRUUAbr%2FiRyyorcwDetVhFXRqMIjZesOvVm2E0eiifmO36DYmTfZavtvexaxLHYBzhcahWV3kA8Xz5AOc1D0phTaiwA6ZXHcxT9MF%2FO71lKs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=479.300, imageryFetch;dur=70.456, imageryProcess;dur=408.155;desc="image", cfRequestDuration;dur=200.999975
x-permitted-cross-domain-policies: none
x-download-options: noopen
server: cloudflare
cf-ray: 87a5339e29c692b5-CPH
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ae01.alicdn.com/kf/HTB1boEPpruWBuNjSszgq6z8jVXad.jpg?width=1000&height=1000&hash=2000

47.246.44.250

200 OK

35 kB

URL GET HTTP/2
ae01.alicdn.com/kf/HTB1boEPpruWBuNjSszgq6z8jVXad.jpg?width=1000&height=1000&hash=2000
IP
47.246.44.250:443
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

Requested by
https://freegtaov.life/
Certificate
IssuerGlobalSign nv-sa
Subject*.tbcdn.cn
Fingerprint29:04:BE:E6:49:30:F7:DC:C0:BE:56:8F:B4:AC:24:9B:50:1A:F7:E2
ValidityTue, 26 Dec 2023 03:36:04 GMT - Tue, 30 Jul 2024 02:26:11 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1000x1000, Scaling: [none]x[none], YUV color, decoders should clamp
Size
35 kB (35044 bytes)
Hash
830829f2e9c95ccdd21eb098c68913a6
33b6e678fb872223b8d6d378aa3bd8f6ccc8b934
1a4c6dc32f724357dcc713c8c63dd59b3b8b549666b12b5dcd52096bbe59d408

HTTP Headers

GET /kf/HTB1boEPpruWBuNjSszgq6z8jVXad.jpg?width=1000&height=1000&hash=2000 HTTP/1.1
Host: ae01.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Tengine
content-type: image/webp
content-length: 35044
date: Fri, 26 Apr 2024 08:28:50 GMT
traceid: 2ff62ca617141201301901104e
last-modified: Thu, 03 Mar 2022 12:05:46 GMT
cache-control: max-age=86400000
access-control-allow-origin: *
eagleeye-traceid: 2ff62ca617141201301901104e
strict-transport-security: max-age=0
timing-allow-origin: *, *
ali-swift-global-savetime: 1714120130
via: cache15.l2de2[288,288,200-0,M], cache25.l2de2[289,0], ens-cache1.se2[312,311,200-0,M], ens-cache18.se2[313,0]
age: 0
x-cache: MISS TCP_MISS dirn:-2:-2
x-swift-savetime: Fri, 26 Apr 2024 08:28:50 GMT
x-swift-cachetime: 31104000
cdn-type: alibaba
eagleid: 2ff62ca617141201301901104e
X-Firefox-Spdy: h2

freegtaov.life/api/item/random?num=12&name=hot

188.114.97.1

200 OK

49 kB

URL GET HTTP/3
freegtaov.life/api/item/random?num=12&name=hot
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freegtaov.life/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreegtaov.life
Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47
ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT

File type
JSON text data
Size
49 kB (48859 bytes)
Hash
f729b549d21ca34d97cdc984baa84cde
d62fe833a72318070c2d6bc66c799ad8d900f5f2
334430d2ae05c01295e3c53bb2526fc063ba11a7e515faa99326dc9d84a1dacf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/item/random?num=12&name=hot HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freegtaov.life/
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImxZWHhQSnJMRjM2MTJvV2tpYVpaQXc9PSIsInZhbHVlIjoiY3I1T3JmRzJmeFl2Y2gzcGlmZkxBNGRCNHpNK0JXQlNRYU9HNkNZdmxxbitqVGNONEFSMCsrRmJESFdhd3dKcEx2MFpVejFCOXJkOWlaRVBUSm9jMDhpVjdqN05KQ1RIcGphQlVaaHlHd2FkSmZzSmVjZEhwb1ZpSExGc2RCSEkiLCJtYWMiOiIzMDVhMzJmMzJjODE5MWEyMTQ5ZTg1M2I1MWZhZGJiN2NlNjAyZDMxNjVlY2RlNzkzOTMzMTNiM2MyMjBlOGIzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1iSzJtcE1CWTdVUFg4UmFDSldKbVE9PSIsInZhbHVlIjoiTWVWS3F1WlFneG1OSDZtSjZTNk9tcWh5R1pKZzlhOThvQjVGV002RjQ5V3JRK3dNUHZ2eE92enVMeWtOcjFaUVBCUXEyY21xeVBRaEJuMkVldUNIUngrVWE3V0l6UjZYU1lFYnJiMjJhZ2V2eVpzSXJSdzh2bzhmY1dmblZHTXAiLCJtYWMiOiI0Zjg3OTNiYjAxZmM1MzI2MWFkYWQyYjE4ZWM4OTg0YWU5ZDQyODFmNDM4OTNkNTkzYTUyMjhhZWZlMDA3M2E3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 08:28:50 GMT
content-type: application/json
cache-control: no-cache, private
x-ratelimit-limit: 60
x-ratelimit-remaining: 57
access-control-allow-origin: *
set-cookie: laravel_session=eyJpdiI6ImYyUHlBK0RySHR4NmxwYmVqVzVGalE9PSIsInZhbHVlIjoiMk83eGIzYytMNlJBZWpBczJBWm9NSmFSUHhqbFBtUXlvWStGdFJxNlFBQnp3aUJadEtGVitvN2t3MHFYMytkTHJhaVJadU94dXBUazNNYS9zREtYMUZGamEvTXZ4YUZEWDVuSUNOczVpaFNnTk9LRW9BRHNjZHVWbXNuRnNwU0kiLCJtYWMiOiI4YmEwNzZjODZhNmU1M2YxZDgzNGE4NzVmMTk4MjU2YTk5MTg5OWI2MWVkMGMwNWM3YzdkNzg0N2E4MmZlNDg4IiwidGFnIjoiIn0%3D; expires=Fri, 26-Apr-2024 10:28:50 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R9LHUgfpMilvZMUmgHpq9rtraigskD7aq0LjgiigDVr5Jdq3Qn4cKoIH6JcQZhgnZOqILeR%2Fvponyo1wSv9AtbeJ8FZPSnxIr%2BFlP7n6dPGIGk%2BJIh0W7PuG4Pdi17JVUw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a5338d2cfa712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

freegtaov.life/traffic_statistics?gurl=

188.114.97.1

200 OK

2.7 kB

URL GET HTTP/3
freegtaov.life/traffic_statistics?gurl=
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freegtaov.life/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreegtaov.life
Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47
ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT

File type
data
Size
2.7 kB (2728 bytes)
Hash
4d099a9fc7aafeee6b4afb7ee97ba05c
69a063f93eea790a297293f7791794a874aab7ae
6cab4c6ce6158ad3a0442256afe33eeeaa3e9b940f1189055fc3defa692ce302

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /traffic_statistics?gurl= HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freegtaov.life/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImxZWHhQSnJMRjM2MTJvV2tpYVpaQXc9PSIsInZhbHVlIjoiY3I1T3JmRzJmeFl2Y2gzcGlmZkxBNGRCNHpNK0JXQlNRYU9HNkNZdmxxbitqVGNONEFSMCsrRmJESFdhd3dKcEx2MFpVejFCOXJkOWlaRVBUSm9jMDhpVjdqN05KQ1RIcGphQlVaaHlHd2FkSmZzSmVjZEhwb1ZpSExGc2RCSEkiLCJtYWMiOiIzMDVhMzJmMzJjODE5MWEyMTQ5ZTg1M2I1MWZhZGJiN2NlNjAyZDMxNjVlY2RlNzkzOTMzMTNiM2MyMjBlOGIzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1iSzJtcE1CWTdVUFg4UmFDSldKbVE9PSIsInZhbHVlIjoiTWVWS3F1WlFneG1OSDZtSjZTNk9tcWh5R1pKZzlhOThvQjVGV002RjQ5V3JRK3dNUHZ2eE92enVMeWtOcjFaUVBCUXEyY21xeVBRaEJuMkVldUNIUngrVWE3V0l6UjZYU1lFYnJiMjJhZ2V2eVpzSXJSdzh2bzhmY1dmblZHTXAiLCJtYWMiOiI0Zjg3OTNiYjAxZmM1MzI2MWFkYWQyYjE4ZWM4OTg0YWU5ZDQyODFmNDM4OTNkNTkzYTUyMjhhZWZlMDA3M2E3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 08:28:48 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6Im94NElBeExqenFPU25zVTFjSHhrTmc9PSIsInZhbHVlIjoiUXp0MVJIb2hKUlIydEpCUTN1bC9xbFc1Vkd0MU4yTUlxeXB1Y25pa05MdzB4Z2p6QUpxZ201OW5uanFVY0RoQ0VCeU4zQzFtQnQvVU05SmRpRU4rdmwrRXpWREtvbDNKaWo4Y29kamIyQXEraWJrczQydlJvMGY4VENkaGtwZ0giLCJtYWMiOiIzMDc5ZDgwZDg0NTQxY2EwN2Q5ODMyNWYzMTM0ZDFlNDU5NjY2ZGJkZjFlMjJlYjAzZDdkOTRmODdmYzhlZGRlIiwidGFnIjoiIn0%3D; expires=Fri, 26-Apr-2024 10:28:48 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6IjZtc1RUd2FBdlpBM3UybkVPNkRKYlE9PSIsInZhbHVlIjoieFpENnJkM3UyRGhwTkN3VXBsSjNoU2xxWDYwUU9SVjZ5dEtTd3Q4WExHelRzZHA2NlAreHduNFdmcHhzQXl1MXpweFVmcURSTnAyYzI0cmlQaHBNNSt6WkN4eWh1NlQrT0s3UTUrTFVDTVRoQlhSRzBUZmorVlN0NUx0dlJJdWoiLCJtYWMiOiI0OWVkNTJjYWVkNzA4ZTY0ZDAxMmQ4MmU0OWQwZjc3YmMwNmZlODgyMGUyNDE3ZTg3OWUwNDljMzg1MGI0NGJkIiwidGFnIjoiIn0%3D; expires=Fri, 26-Apr-2024 10:28:48 GMT; Max-Age=7200; path=/; httponly; samesite=lax
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B7yVFinr7kwupuWwsTiAt8EL3VUwJ8dFeYt2bDKahR9owacO5ZL17dqdRKgQ%2FnEh5PhZsKD7Ewac%2Fra31hYLW5Htg6hJS3LfUNGktmV0MNRJIVNBLXfJ64GzrSe3i4jIhw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a5338d6d2f712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

image.made-in-china.com/2f0j00RoWiYSHGJVlc/Men-Jean-Skinny-Slim-Fashion-Low-Price-Pants.webp

172.64.144.96

200 OK

73 kB

URL GET HTTP/2
image.made-in-china.com/2f0j00RoWiYSHGJVlc/Men-Jean-Skinny-Slim-Fashion-Low-Price-Pants.webp
IP
172.64.144.96:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freegtaov.life/
Certificate
IssuerDigiCert Inc
Subject*.made-in-china.com
Fingerprint08:A6:EC:AC:16:3B:C8:79:4D:B7:4C:06:2D:AA:88:7D:12:94:C5:AD
ValidityMon, 21 Aug 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 789x895, Scaling: [none]x[none], YUV color, decoders should clamp
Size
73 kB (72958 bytes)
Hash
79ad7cc016f0279060b80a452b6f17c6
3ff1ab7077522270647943bdec1e75c435eab520
769203b93bb56125734607e8db440b0011b963ae7afac85856b08417597095b2

HTTP Headers

GET /2f0j00RoWiYSHGJVlc/Men-Jean-Skinny-Slim-Fashion-Low-Price-Pants.webp HTTP/1.1
Host: image.made-in-china.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:28:50 GMT
content-type: image/webp
content-length: 72958
last-modified: Wed, 17 Nov 2021 05:27:07 GMT
expires: Fri, 28 Sep 2970 06:00:00 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
origin-agent-cluster: ?0
cf-cache-status: HIT
cache-control: public, max-age=29866224670
accept-ranges: bytes
set-cookie: __cf_bm=6_gS7ZlkYHqguTlHgaKu_srXL1LD4mNT8324TNDpyds-1714120130-1.0.1.1-xc8w_6CkGLWqbjbK6SXqKc345of9fHNq3cSGLCQ6iRtiIaObJAHy3zwa53a542wA_Pen3UhRYDnzykeBZ81SUg; path=/; expires=Fri, 26-Apr-24 08:58:50 GMT; domain=.image.made-in-china.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a5339daadcb4f4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

freegtaov.life/static/your/css/bootstrap.min.css

188.114.97.1

200 OK

86 kB

URL GET HTTP/3
freegtaov.life/static/your/css/bootstrap.min.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freegtaov.life/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreegtaov.life
Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47
ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT

File type
ASCII text, with very long lines (65371)
Size
86 kB (85931 bytes)
Hash
3fc294a6e2e1cdcc652fc702f0ecda80
87fdf5f58d2bc3bd19940403f33a2a7f9869c446
ff95d530a782ce6fa179cd74b1da4a39764e9405666f5aaeed2f34aa9c66ce66

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/your/css/bootstrap.min.css HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freegtaov.life/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImxZWHhQSnJMRjM2MTJvV2tpYVpaQXc9PSIsInZhbHVlIjoiY3I1T3JmRzJmeFl2Y2gzcGlmZkxBNGRCNHpNK0JXQlNRYU9HNkNZdmxxbitqVGNONEFSMCsrRmJESFdhd3dKcEx2MFpVejFCOXJkOWlaRVBUSm9jMDhpVjdqN05KQ1RIcGphQlVaaHlHd2FkSmZzSmVjZEhwb1ZpSExGc2RCSEkiLCJtYWMiOiIzMDVhMzJmMzJjODE5MWEyMTQ5ZTg1M2I1MWZhZGJiN2NlNjAyZDMxNjVlY2RlNzkzOTMzMTNiM2MyMjBlOGIzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1iSzJtcE1CWTdVUFg4UmFDSldKbVE9PSIsInZhbHVlIjoiTWVWS3F1WlFneG1OSDZtSjZTNk9tcWh5R1pKZzlhOThvQjVGV002RjQ5V3JRK3dNUHZ2eE92enVMeWtOcjFaUVBCUXEyY21xeVBRaEJuMkVldUNIUngrVWE3V0l6UjZYU1lFYnJiMjJhZ2V2eVpzSXJSdzh2bzhmY1dmblZHTXAiLCJtYWMiOiI0Zjg3OTNiYjAxZmM1MzI2MWFkYWQyYjE4ZWM4OTg0YWU5ZDQyODFmNDM4OTNkNTkzYTUyMjhhZWZlMDA3M2E3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 08:28:46 GMT
content-type: text/css
last-modified: Sat, 07 Oct 2023 06:20:27 GMT
etag: W/"1d2d4-6071a5a631711-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2623
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ER%2FbAW%2FAyLnJTD770wI07frSE8RgjqP4hUqoOTlfbywof%2BEoql%2BJV19Molo65hH7IdZNQJgobEpv0HyFUaQyR2xDAULGOv6nfwl9YpNgc%2BKPqOD7rzzM%2B14z1l5tFOEwLw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a533891946712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.fram.com/media/wysiwyg/products-heavyduty_new2.png

209.126.24.176

200 OK

428 kB

URL GET HTTP/2
www.fram.com/media/wysiwyg/products-heavyduty_new2.png
IP
209.126.24.176:443
ASN
#36444 NEXCESS-NET

Requested by
https://freegtaov.life/
Certificate
IssuerLet's Encrypt
Subjectfdbcd10a5c.nxcli.io
FingerprintB3:99:C1:0E:15:6F:3F:A4:83:FA:34:10:FB:8B:5E:B4:06:09:F7:8F
ValidityFri, 12 Apr 2024 06:36:32 GMT - Thu, 11 Jul 2024 06:36:31 GMT

File type
PNG image data, 1200 x 526, 8-bit/color RGBA, non-interlaced
Size
428 kB (428342 bytes)
Hash
7d4af197bc815f098a4f24578cd5fbe3
faa080ca9fb30a395292c08730ac85899bd4620b
49929e685c113dad6651d7fc29a9c702ba0f24ad022df94f212cb34120df268f

HTTP Headers

GET /media/wysiwyg/products-heavyduty_new2.png HTTP/1.1
Host: www.fram.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 08:28:50 GMT
content-type: image/png
content-length: 428342
last-modified: Mon, 03 Apr 2023 19:54:06 GMT
etag: "68936-5f873ebe2f380"
cache-control: max-age=31536000, public
expires: Sat, 26 Apr 2025 08:28:50 GMT
x-frame-options: SAMEORIGIN
x-cache-nxaccel: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

images.footballfanatics.com/florida-state-seminoles/mens-nike-garnet/gold-florida-state-seminoles-air-zoom-pegasus-36-running-shoes_pi3377000_altimages_ff_3377044-9d06e315938281abf153alt5_full.jpg?_hv=2&w=900

184.24.44.122

200 OK

169 kB

URL GET HTTP/2
images.footballfanatics.com/florida-state-seminoles/mens-nike-garnet/gold-florida-state-seminoles-air-zoom-pegasus-36-running-shoes_pi3377000_altimages_ff_3377044-9d06e315938281abf153alt5_full.jpg?_hv=2&w=900
IP
184.24.44.122:443
ASN
#16625 AKAMAI-AS

Requested by
https://freegtaov.life/
Certificate
IssuerDigiCert Inc
Subjectwww.footballfanatics.com
FingerprintFD:BE:02:B3:C6:BD:86:56:AE:4C:12:52:45:58:BF:FE:B0:97:21:68
ValidityFri, 15 Dec 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 900x900, Scaling: [none]x[none], YUV color, decoders should clamp
Size
169 kB (169438 bytes)
Hash
e3a8dadfc21c971bcf98f47f98cdb1f7
42573a571bb00e20cac741d7b1c6a6ae3bdfc958
7b08688756ba78d3374fca2bf75ad0e3e00f70ba65d0bc12dfcf57d20c1e18d8

HTTP Headers

GET /florida-state-seminoles/mens-nike-garnet/gold-florida-state-seminoles-air-zoom-pegasus-36-running-shoes_pi3377000_altimages_ff_3377044-9d06e315938281abf153alt5_full.jpg?_hv=2&w=900 HTTP/1.1
Host: images.footballfanatics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
etag: "14b0e9891b74874cc9732e52aa9b76fd"
last-modified: Fri, 19 Apr 2024 04:29:07 GMT
server: Akamai Image Manager
content-length: 169438
content-type: image/webp
cache-control: private, no-transform, max-age=30916915
expires: Sat, 19 Apr 2025 04:30:45 GMT
date: Fri, 26 Apr 2024 08:28:50 GMT
timing-allow-origin: *
frg-ct: pid_3377044, hv2
inurl: 3377000/altimages/ff_3377044-9d06e315938281abf153alt5_full.jpg
akamai-grn: 0.27772117.1714120130.10d3ba0e
X-Firefox-Spdy: h2

freegtaov.life/

188.114.97.1

200 OK

1.5 MB

URL User Request GET HTTP/2
freegtaov.life/
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectfreegtaov.life
Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47
ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT

File type
HTML document, Unicode text, UTF-8 text
Size
1.5 MB (1467487 bytes)
Hash
bf029c2557b79ecf0841eedb8ccfc10e
798f4505bcf22f46275322ad72ac0577bfd44397
11484a97b78b31a40d137fff09b92f643e088e959cdfa7829975904ef6810224

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:28:46 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6ImxZWHhQSnJMRjM2MTJvV2tpYVpaQXc9PSIsInZhbHVlIjoiY3I1T3JmRzJmeFl2Y2gzcGlmZkxBNGRCNHpNK0JXQlNRYU9HNkNZdmxxbitqVGNONEFSMCsrRmJESFdhd3dKcEx2MFpVejFCOXJkOWlaRVBUSm9jMDhpVjdqN05KQ1RIcGphQlVaaHlHd2FkSmZzSmVjZEhwb1ZpSExGc2RCSEkiLCJtYWMiOiIzMDVhMzJmMzJjODE5MWEyMTQ5ZTg1M2I1MWZhZGJiN2NlNjAyZDMxNjVlY2RlNzkzOTMzMTNiM2MyMjBlOGIzIiwidGFnIjoiIn0%3D; expires=Fri, 26-Apr-2024 10:28:46 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6Ik1iSzJtcE1CWTdVUFg4UmFDSldKbVE9PSIsInZhbHVlIjoiTWVWS3F1WlFneG1OSDZtSjZTNk9tcWh5R1pKZzlhOThvQjVGV002RjQ5V3JRK3dNUHZ2eE92enVMeWtOcjFaUVBCUXEyY21xeVBRaEJuMkVldUNIUngrVWE3V0l6UjZYU1lFYnJiMjJhZ2V2eVpzSXJSdzh2bzhmY1dmblZHTXAiLCJtYWMiOiI0Zjg3OTNiYjAxZmM1MzI2MWFkYWQyYjE4ZWM4OTg0YWU5ZDQyODFmNDM4OTNkNTkzYTUyMjhhZWZlMDA3M2E3IiwidGFnIjoiIn0%3D; expires=Fri, 26-Apr-2024 10:28:46 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EHxk0MLZqtVb2Rd93kTPiXJs8aHJIiFFtJZDmDc1g%2BvqKbBMJQQmDS36DlFjDRhdLee2UU4%2BjOwf8%2B8wYSgQVzi8yqxNS%2BL%2BvBRxHjam5chYNcvAQrVzWCAWoZ%2BYRHBlOg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a533856e39569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

freegtaov.life/static/default/img/20220514153821.png

188.114.97.1

200 OK

15 kB

URL GET HTTP/3
freegtaov.life/static/default/img/20220514153821.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freegtaov.life/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreegtaov.life
Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47
ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT

File type
PNG image data, 245 x 222, 8-bit/color RGBA, non-interlaced
Size
15 kB (15411 bytes)
Hash
3ecbb8f543b70888626038f8cf81f227
a9bf6388621ba59e09e59e58713e8abfc04e5ff3
2214e58d7962a38491fb50f2f641b869917fba48120c02e5f207b5c9025326f8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/default/img/20220514153821.png HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freegtaov.life/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Im94NElBeExqenFPU25zVTFjSHhrTmc9PSIsInZhbHVlIjoiUXp0MVJIb2hKUlIydEpCUTN1bC9xbFc1Vkd0MU4yTUlxeXB1Y25pa05MdzB4Z2p6QUpxZ201OW5uanFVY0RoQ0VCeU4zQzFtQnQvVU05SmRpRU4rdmwrRXpWREtvbDNKaWo4Y29kamIyQXEraWJrczQydlJvMGY4VENkaGtwZ0giLCJtYWMiOiIzMDc5ZDgwZDg0NTQxY2EwN2Q5ODMyNWYzMTM0ZDFlNDU5NjY2ZGJkZjFlMjJlYjAzZDdkOTRmODdmYzhlZGRlIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNjbzNYKzhDOXBIcnZXSGI4QjB1NXc9PSIsInZhbHVlIjoieVVjeXI5U01kYjNoRUZ5NVhKeE5saEhpTy9ETEVXTGQxREREZ3J3RzM3WlY4dE9qWDFnYzJDc2ptOUU5anpCUnpuQ2U0ZDFLMDVWL3d1Z0Z1aERITXR4TUZuOHN6aFFDTmJRcCtjVEIwQXQ4blBnZWtVM1ZUeHZ2VmcxR0U0bmMiLCJtYWMiOiJkZGNiNjg3ZmI4MGJlNjFkZjMzMWZlYjRlNGMwYzgwMzc3MDUyNWQ2MTdkMjYyMjZkMzA4NDJiMzVmOTc3ZTk1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 08:28:51 GMT
content-type: image/png
content-length: 15411
last-modified: Sat, 07 Oct 2023 06:20:26 GMT
etag: "3c33-6071a5a5d9c9b"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2%2BZv8ViUto8VAKz6Vj3oS9TLaq6ENfaXi0MdSq%2BDAwrFoLatCO0AUpGQOo9QVsBoD2rY%2FdC2RFRmTi842hKPZbKTZOFHs3UW3rj%2FzZjvDThIJpGSQvLKAC84beIjYmwWDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a533a4d988712b-OSL
alt-svc: h3=":443"; ma=86400

freegtaov.life/static/your/css/css.css

188.114.97.1

200 OK

125 kB

URL GET HTTP/3
freegtaov.life/static/your/css/css.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freegtaov.life/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreegtaov.life
Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47
ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT

File type
JSON text data
Size
125 kB (124724 bytes)
Hash
a44c87b0d55afacf14c8327af92e948e
3ccbcb7c5e0d553ce51030580dec3732eb477f9d
a0587eb4f330926619e867180d0f81a594dde4e75ddd471d2f1414024c9163ab

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/your/css/css.css HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freegtaov.life/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImxZWHhQSnJMRjM2MTJvV2tpYVpaQXc9PSIsInZhbHVlIjoiY3I1T3JmRzJmeFl2Y2gzcGlmZkxBNGRCNHpNK0JXQlNRYU9HNkNZdmxxbitqVGNONEFSMCsrRmJESFdhd3dKcEx2MFpVejFCOXJkOWlaRVBUSm9jMDhpVjdqN05KQ1RIcGphQlVaaHlHd2FkSmZzSmVjZEhwb1ZpSExGc2RCSEkiLCJtYWMiOiIzMDVhMzJmMzJjODE5MWEyMTQ5ZTg1M2I1MWZhZGJiN2NlNjAyZDMxNjVlY2RlNzkzOTMzMTNiM2MyMjBlOGIzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1iSzJtcE1CWTdVUFg4UmFDSldKbVE9PSIsInZhbHVlIjoiTWVWS3F1WlFneG1OSDZtSjZTNk9tcWh5R1pKZzlhOThvQjVGV002RjQ5V3JRK3dNUHZ2eE92enVMeWtOcjFaUVBCUXEyY21xeVBRaEJuMkVldUNIUngrVWE3V0l6UjZYU1lFYnJiMjJhZ2V2eVpzSXJSdzh2bzhmY1dmblZHTXAiLCJtYWMiOiI0Zjg3OTNiYjAxZmM1MzI2MWFkYWQyYjE4ZWM4OTg0YWU5ZDQyODFmNDM4OTNkNTkzYTUyMjhhZWZlMDA3M2E3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 08:28:47 GMT
content-type: application/json
cache-control: no-cache, private
vary: Accept-Encoding
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IpqZiqICuqYTm9hOQzYkNCBrbZ9Aps9JFAOkoaKL%2Bi1x9KF%2B6PiOivDYHzzFZQAwqHeqEJlboEPOzQHheT9Fc2QxFJibx1bSohL7%2Fx%2B7FAnKP3AvU%2BcuuSgdfbtYIN1XSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a533891943712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

s.yimg.com/uu/api/res/1.2/m1ez.BQIyHvL3rEWbePs0A--~B/Zmk9ZmlsbDtoPTU4Mzt3PTg3NTthcHBpZD15dGFjaHlvbg--/https://media-mbst-pub-ue1.s3.amazonaws.com/creatr-uploaded-images/2020-11/1fa5a901-1fee-11eb-b6fd-ecc1bfdbf55f.cf.jpg

188.125.94.204

200 OK

30 kB

URL GET HTTP/2
s.yimg.com/uu/api/res/1.2/m1ez.BQIyHvL3rEWbePs0A--~B/Zmk9ZmlsbDtoPTU4Mzt3PTg3NTthcHBpZD15dGFjaHlvbg--/https://media-mbst-pub-ue1.s3.amazonaws.com/creatr-uploaded-images/2020-11/1fa5a901-1fee-11eb-b6fd-ecc1bfdbf55f.cf.jpg
IP
188.125.94.204:443
ASN
#10310 YAHOO-1

Requested by
https://freegtaov.life/
Certificate
IssuerDigiCert Inc
Subject*.fantasysports.yahoo.com
FingerprintF9:49:E1:CC:DE:98:74:FF:9B:DF:28:DC:D8:43:B9:82:99:B1:60:DB
ValidityTue, 02 Apr 2024 00:00:00 GMT - Wed, 22 May 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 240x240, segment length 16, baseline, precision 8, 875x583, components 3
Size
30 kB (30229 bytes)
Hash
5d385035e5aca90d9920426e8d909857
ee58b7bef5fc9e7d011ee5ce8056e8b28a7ee6cc
00f38406448e5b8bbf7622197d2cf99b8052f88c66d800abb8b7bcb5f5ec04a1

HTTP Headers

GET /uu/api/res/1.2/m1ez.BQIyHvL3rEWbePs0A--~B/Zmk9ZmlsbDtoPTU4Mzt3PTg3NTthcHBpZD15dGFjaHlvbg--/https://media-mbst-pub-ue1.s3.amazonaws.com/creatr-uploaded-images/2020-11/1fa5a901-1fee-11eb-b6fd-ecc1bfdbf55f.cf.jpg HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-length: 30229
content-type: image/jpeg
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-control: public, max-age=2592000
cache-tag: 458654330127004280489406358919984643071,313624950358692257074198336009949820652,ae7a14591aaf8d474cdb3f92111c923e
edge-cache-tag: 458654330127004280489406358919984643071,313624950358692257074198336009949820652,ae7a14591aaf8d474cdb3f92111c923e
etag: "5d385035e5aca90d9920426e8d909857"
expiration: expiry-date="Sun, 25 Aug 2024 00:00:00 GMT", rule-id="delete fetch for mysterio after 180 days"
last-modified: Mon, 26 Feb 2024 19:55:25 GMT
server: ATS
surrogate-reporting: width=875,height=583,bytes=30229,owidth=1800,oheight=1200,obytes=326989,ef=(1,13,17,21,22,23,30)
timing-allow-origin: *
accept-ranges: bytes
date: Fri, 26 Apr 2024 08:28:51 GMT
x-served-by: cache-lga21978-LGA
x-cache: Miss from cloudfront, HIT
x-cache-hits: 0
x-timer: S1714120132.660267,VS0,VE1
age: 0
strict-transport-security: max-age=31536000
cld_cache: Miss from cloudfront, HIT
cld_hits: 0
cld_by: cache-lga21978-LGA
cld_latency: 1
referrer-policy: no-referrer-when-downgrade
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

freegtaov.life/api/item/getImageUrl?url=https%253A%252F%252Fcl.scalperscompany.com%252Fcdn%252Fshop%252Fproducts%252F37665-CREAM-P-2_900x.jpg%253Fv%253D1686902741

188.114.97.1

200 OK

131 kB

URL GET HTTP/3
freegtaov.life/api/item/getImageUrl?url=https%253A%252F%252Fcl.scalperscompany.com%252Fcdn%252Fshop%252Fproducts%252F37665-CREAM-P-2_900x.jpg%253Fv%253D1686902741
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freegtaov.life/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreegtaov.life
Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47
ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT

File type
JSON text data
Size
131 kB (130672 bytes)
Hash
ec61c31a44a0c0104e6d5311cf4ae339
1848acc365a85a7a3e06aac5226ad1182035c0cb
2776ea4bef8595a3ca3100fb8c6908f0e1a629b22595d8807a0fa5ace82f15fe

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/item/getImageUrl?url=https%253A%252F%252Fcl.scalperscompany.com%252Fcdn%252Fshop%252Fproducts%252F37665-CREAM-P-2_900x.jpg%253Fv%253D1686902741 HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freegtaov.life/
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Im94NElBeExqenFPU25zVTFjSHhrTmc9PSIsInZhbHVlIjoiUXp0MVJIb2hKUlIydEpCUTN1bC9xbFc1Vkd0MU4yTUlxeXB1Y25pa05MdzB4Z2p6QUpxZ201OW5uanFVY0RoQ0VCeU4zQzFtQnQvVU05SmRpRU4rdmwrRXpWREtvbDNKaWo4Y29kamIyQXEraWJrczQydlJvMGY4VENkaGtwZ0giLCJtYWMiOiIzMDc5ZDgwZDg0NTQxY2EwN2Q5ODMyNWYzMTM0ZDFlNDU5NjY2ZGJkZjFlMjJlYjAzZDdkOTRmODdmYzhlZGRlIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjA2OC9BaFA3WEt4VHNWTFhINVgvZGc9PSIsInZhbHVlIjoidk1hOUZhOWJLTFpkU213cW42blJmSjF6TnhTdU52Qmg4YWRYVmxKb2xEdC96ZHhZMEdJQW1MMHlBZlRYSUt3Sm9DK1FnWWRtSkhwbW9rY2g4TXBXZmJoK3hNRXUzVVFZeDdyK1lRUS84NjNVSjFCRGFxOUJucW1aUWVNdnkrcnAiLCJtYWMiOiJhMTk5M2FlNzI4MWU1ODhiZjliMTcyYmI2MzRkZDE4MjcwOWMxMTdmYWRlMGNlY2Q4NDA2MzdkMWY1ZmFkY2Y4IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 08:28:51 GMT
content-type: application/json
cache-control: no-cache, private
x-ratelimit-limit: 60
x-ratelimit-remaining: 58
access-control-allow-origin: *
set-cookie: laravel_session=eyJpdiI6IlNjbzNYKzhDOXBIcnZXSGI4QjB1NXc9PSIsInZhbHVlIjoieVVjeXI5U01kYjNoRUZ5NVhKeE5saEhpTy9ETEVXTGQxREREZ3J3RzM3WlY4dE9qWDFnYzJDc2ptOUU5anpCUnpuQ2U0ZDFLMDVWL3d1Z0Z1aERITXR4TUZuOHN6aFFDTmJRcCtjVEIwQXQ4blBnZWtVM1ZUeHZ2VmcxR0U0bmMiLCJtYWMiOiJkZGNiNjg3ZmI4MGJlNjFkZjMzMWZlYjRlNGMwYzgwMzc3MDUyNWQ2MTdkMjYyMjZkMzA4NDJiMzVmOTc3ZTk1IiwidGFnIjoiIn0%3D; expires=Fri, 26-Apr-2024 10:28:51 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IAYWDhKZg9YD5XH%2FOE%2BCqUYun52vB89NCTRZcZTkKbGUt%2BVplgads%2Bb3nYchDges36DWsLzIi5a8LoxkB5HuL8lisLO506b0iN1rB3l6tW7Iacct5UtwzkjQNVbf2hhPHw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a5339f7cae712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

i.pinimg.com/1200x/20/cb/6e/20cb6e997a2b8b538b8f41096bf1b2ed.jpg

95.101.10.201

200 OK

158 kB

URL GET HTTP/2
i.pinimg.com/1200x/20/cb/6e/20cb6e997a2b8b538b8f41096bf1b2ed.jpg
IP
95.101.10.201:443
ASN
#20940 Akamai International B.V.

Requested by
https://freegtaov.life/
Certificate
IssuerDigiCert Inc
Subjecti2.pinimg.com
Fingerprint1C:5F:46:F7:91:91:1C:69:DD:8D:F6:5A:F9:26:61:14:36:A4:0A:E4
ValidityTue, 23 Apr 2024 00:00:00 GMT - Thu, 15 May 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1080x1080, components 3
Size
158 kB (157762 bytes)
Hash
30f67be5289574e01c974dc990f21692
59e2d7d272e06d4301b43f4fbc2dbdd6d70f0d94
8abc5496c2f8d53fff52db5bb26443db8a3770c0da5c4e7660c4ba9e178aebb3

HTTP Headers

GET /1200x/20/cb/6e/20cb6e997a2b8b538b8f41096bf1b2ed.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
etag: "30f67be5289574e01c974dc990f21692"
accept-ranges: bytes
content-type: image/jpeg
content-length: 157762
alt-svc: h3=":443"; ma=600
x-pinterest-cache-status-v2: Miss
akamai-grn: 0.c50a655f.1714120131.9399bae
vary: Origin
cache-control: immutable, max-age=31536000
x-cdn: akamai
X-Firefox-Spdy: h2

freegtaov.life/api/item/secondCate

188.114.97.1

200 OK

688 B

URL GET HTTP/3
freegtaov.life/api/item/secondCate
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freegtaov.life/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreegtaov.life
Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47
ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (782), with no line terminators
Size
688 B (688 bytes)
Hash
f6092bfefdf2b82626b5e13f12917bf1
6f2fd6f9bbed0f5ed37722fdb1d17e435fd72996
38bbc4d037525e55c609e4fa45742c3a0e428b047ac99b71ef528e96304e45b7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/item/secondCate HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freegtaov.life/
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImxZWHhQSnJMRjM2MTJvV2tpYVpaQXc9PSIsInZhbHVlIjoiY3I1T3JmRzJmeFl2Y2gzcGlmZkxBNGRCNHpNK0JXQlNRYU9HNkNZdmxxbitqVGNONEFSMCsrRmJESFdhd3dKcEx2MFpVejFCOXJkOWlaRVBUSm9jMDhpVjdqN05KQ1RIcGphQlVaaHlHd2FkSmZzSmVjZEhwb1ZpSExGc2RCSEkiLCJtYWMiOiIzMDVhMzJmMzJjODE5MWEyMTQ5ZTg1M2I1MWZhZGJiN2NlNjAyZDMxNjVlY2RlNzkzOTMzMTNiM2MyMjBlOGIzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1iSzJtcE1CWTdVUFg4UmFDSldKbVE9PSIsInZhbHVlIjoiTWVWS3F1WlFneG1OSDZtSjZTNk9tcWh5R1pKZzlhOThvQjVGV002RjQ5V3JRK3dNUHZ2eE92enVMeWtOcjFaUVBCUXEyY21xeVBRaEJuMkVldUNIUngrVWE3V0l6UjZYU1lFYnJiMjJhZ2V2eVpzSXJSdzh2bzhmY1dmblZHTXAiLCJtYWMiOiI0Zjg3OTNiYjAxZmM1MzI2MWFkYWQyYjE4ZWM4OTg0YWU5ZDQyODFmNDM4OTNkNTkzYTUyMjhhZWZlMDA3M2E3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 08:28:48 GMT
content-type: application/json
cache-control: no-cache, private
x-ratelimit-limit: 60
x-ratelimit-remaining: 58
access-control-allow-origin: *
set-cookie: laravel_session=eyJpdiI6IlZPaWdnMDRBR3kzeTFOL0V4YW5BK3c9PSIsInZhbHVlIjoiNVJxdmpOb1U2YXkvMHIycmFPck1SZitWaHpnOHZ5dWN2YXRZV29NT0FOZWlyWHNOd01namRRZlEvdktjTEpEZFF5REU2MjNYTGJ1Kytrd0hMMCtydVV2MkJsWFVlWDZnamxHcnBhN0ZoOU8va2ZjTjJYTllDdEQ4ZkFVQ0d5eG8iLCJtYWMiOiI3YzYxYzU0ZmYxNTYxOTYzMmY0MjJjN2ZlYjRiYWU4ZjA4Y2E5NWJmZDk3NzcxODZjZmI0NjAyZGY3Njk5MTgwIiwidGFnIjoiIn0%3D; expires=Fri, 26-Apr-2024 10:28:47 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e4I6zQKwyuYrRzWdhGO3pkunzZBTAGWV8W6NIOrzsHeH2QHq0d2ksMPqAVtoX6mFc9GQMDHqPl6mdbqZdqRALifMu1cIW3NJtwv75RxDCkMvkx6ykeVpxRlCETcK%2BgAKTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a5338c5c08712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

freegtaov.life/api/cart/index

188.114.97.1

200 OK

139 B

URL GET HTTP/3
freegtaov.life/api/cart/index
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freegtaov.life/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreegtaov.life
Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47
ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
139 B (139 bytes)
Hash
44f293d1057e83d64adbd382f9753c0c
64b4ac33d19337d1a099cf6f41cacbf95d017ac6
e0b1b9c0ec1aa8b305e8ee8c3f3946d9de911e5b0d29b9a80dfe128ce623fa13

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/cart/index HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freegtaov.life/
Authorization: 
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImxZWHhQSnJMRjM2MTJvV2tpYVpaQXc9PSIsInZhbHVlIjoiY3I1T3JmRzJmeFl2Y2gzcGlmZkxBNGRCNHpNK0JXQlNRYU9HNkNZdmxxbitqVGNONEFSMCsrRmJESFdhd3dKcEx2MFpVejFCOXJkOWlaRVBUSm9jMDhpVjdqN05KQ1RIcGphQlVaaHlHd2FkSmZzSmVjZEhwb1ZpSExGc2RCSEkiLCJtYWMiOiIzMDVhMzJmMzJjODE5MWEyMTQ5ZTg1M2I1MWZhZGJiN2NlNjAyZDMxNjVlY2RlNzkzOTMzMTNiM2MyMjBlOGIzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1iSzJtcE1CWTdVUFg4UmFDSldKbVE9PSIsInZhbHVlIjoiTWVWS3F1WlFneG1OSDZtSjZTNk9tcWh5R1pKZzlhOThvQjVGV002RjQ5V3JRK3dNUHZ2eE92enVMeWtOcjFaUVBCUXEyY21xeVBRaEJuMkVldUNIUngrVWE3V0l6UjZYU1lFYnJiMjJhZ2V2eVpzSXJSdzh2bzhmY1dmblZHTXAiLCJtYWMiOiI0Zjg3OTNiYjAxZmM1MzI2MWFkYWQyYjE4ZWM4OTg0YWU5ZDQyODFmNDM4OTNkNTkzYTUyMjhhZWZlMDA3M2E3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 08:28:47 GMT
content-type: application/json
cache-control: no-cache, private
x-ratelimit-limit: 60
x-ratelimit-remaining: 59
access-control-allow-origin: *
set-cookie: laravel_session=eyJpdiI6Inpadnh4R2E4TitGZWsyYWtwQ29uV2c9PSIsInZhbHVlIjoieTBlMmRHcGFFRHJvWm15SVlBTHNIVnJ2K0F5YU9EZE50Qk1KOGF3Q1pMcTBMQ2RWUHpzb3dEUGFCZmkrQUlTT3RuMlRxNWQvUjZQbjFOUk90Vm9NZytYcm1TV0wwb1JqbWdFcTd3bGdMMk9kY1BRa1FtT0lEOTZnL29yOUVTeFEiLCJtYWMiOiJjOGMyZTgzZTA0ODAzNjc5NjI4YzRlMjcwNDczZGUxZDExZjMyN2M3M2YxYmM0Mjg1Y2VhYmExM2FiMWMwNTU1IiwidGFnIjoiIn0%3D; expires=Fri, 26-Apr-2024 10:28:47 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ichyxWwRqzmr9wI86yIQyQ%2BCrwzwv66cPpiwSrIALTyG4QhCWkge47pgZAmPc7%2FAHf4pc9TvWHYzBeylPwlE%2B6MVSBZLvhbJbd9HdtJnMIHpIOG8Lnireu%2B2p6Nzk3F5Lg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a5338c5c0c712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

pumpbiz.com/media/catalog/product/cache/2b45e97eb9b1f32d773dd48515e6e7f9/d/a/darley_ak301-10hpd.jpg

104.26.2.84

200 OK

66 kB

URL GET HTTP/2
pumpbiz.com/media/catalog/product/cache/2b45e97eb9b1f32d773dd48515e6e7f9/d/a/darley_ak301-10hpd.jpg
IP
104.26.2.84:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freegtaov.life/
Certificate
IssuerGoogle Trust Services LLC
Subjectpumpbiz.com
Fingerprint70:35:F8:86:5A:69:43:F0:D3:06:7A:1E:DC:E6:39:49:2C:5E:AF:75
ValidityFri, 26 Apr 2024 01:26:15 GMT - Thu, 25 Jul 2024 01:26:14 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x800, components 1
Size
66 kB (66016 bytes)
Hash
306a62b3f0dd02425a95fc56f2333428
538e52b21c9887f887c0f58eda74bf49c649ff57
745526af6f0beca9c8d4f4d85e5f0a6d4cb5d1a60ef435188bf0e7322b69abed

HTTP Headers

GET /media/catalog/product/cache/2b45e97eb9b1f32d773dd48515e6e7f9/d/a/darley_ak301-10hpd.jpg HTTP/1.1
Host: pumpbiz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:28:50 GMT
content-type: image/jpeg
content-length: 66016
last-modified: Wed, 13 Apr 2022 13:09:50 GMT
etag: "6256cb9e-101e0"
expires: Sat, 26 Apr 2025 08:28:50 GMT
cache-control: public, max-age=31536000
x-frame-options: SAMEORIGIN
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=anOiw5%2F7GGCQoOuwj8JdewB6oV4kr1qK%2F%2F1jOI9TFEO39D57aEHtYmyxqrxuerYTv7sXi5eR1kFrxx9ky4IRSCUHIC72D%2FgiiEdq4ffc08VjGAMuUk8zj7yo2dg%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a5339db9ec56ae-OSL
X-Firefox-Spdy: h2

cl.scalperscompany.com/cdn/shop/products/37665-CREAM-P-2_900x.jpg?v=1686902741

23.227.38.32

404 Not Found

0 B

URL GET HTTP/2
cl.scalperscompany.com/cdn/shop/products/37665-CREAM-P-2_900x.jpg?v=1686902741
IP
23.227.38.32:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freegtaov.life/
Certificate
IssuerLet's Encrypt
Subjectcl.scalperscompany.com
FingerprintC8:21:88:3E:83:E0:76:EF:5C:F3:7F:7D:B8:12:C6:F6:B1:36:D3:4E
ValiditySat, 20 Apr 2024 06:58:02 GMT - Fri, 19 Jul 2024 06:58:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cdn/shop/products/37665-CREAM-P-2_900x.jpg?v=1686902741 HTTP/1.1
Host: cl.scalperscompany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Fri, 26 Apr 2024 08:28:50 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-sorting-hat-podid: 156
x-sorting-hat-shopid: 42170712221
access-control-allow-origin: *
cache-control: public, max-age=30
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: 0133865a-a522-4a89-a258-70ad63598e24-1714120130
x-xss-protection: 1; mode=block
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-dc: gcp-us-central1,gcp-us-east1
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KHT37zFnKqdENg80ETtic9E3Adcn4qvbf%2BIWnyOePXAADn2z0xj5pYjN4fAuFqMTeOJ8YNTZZm5U8%2Fru01C8LWdSQragoaO2nnS6SPvB%2FKBPGQvrbs9sVJ%2FdPv7TZF%2FEMqzFf%2BfBWDc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=20.949, imageryFetch;dur=20.711, cfRequestDuration;dur=240.999937
x-permitted-cross-domain-policies: none
x-download-options: noopen
server: cloudflare
cf-ray: 87a5339dcf4792d0-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

freegtaov.life/static/default/js/vue.min.js

188.114.97.1

200 OK

94 kB

URL GET HTTP/3
freegtaov.life/static/default/js/vue.min.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freegtaov.life/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreegtaov.life
Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47
ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT

File type
JavaScript source, ASCII text, with very long lines (65449)
Size
94 kB (94151 bytes)
Hash
b21b8531847604ab5f2f5caaef51ba31
da8d7a59f4e6cc55ea58abec33ef9cebb9ba67c1
9174c425c445377df4562ad9165ea08fdf9433a808296d7de5f619791df10e17

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/default/js/vue.min.js HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freegtaov.life/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImxZWHhQSnJMRjM2MTJvV2tpYVpaQXc9PSIsInZhbHVlIjoiY3I1T3JmRzJmeFl2Y2gzcGlmZkxBNGRCNHpNK0JXQlNRYU9HNkNZdmxxbitqVGNONEFSMCsrRmJESFdhd3dKcEx2MFpVejFCOXJkOWlaRVBUSm9jMDhpVjdqN05KQ1RIcGphQlVaaHlHd2FkSmZzSmVjZEhwb1ZpSExGc2RCSEkiLCJtYWMiOiIzMDVhMzJmMzJjODE5MWEyMTQ5ZTg1M2I1MWZhZGJiN2NlNjAyZDMxNjVlY2RlNzkzOTMzMTNiM2MyMjBlOGIzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1iSzJtcE1CWTdVUFg4UmFDSldKbVE9PSIsInZhbHVlIjoiTWVWS3F1WlFneG1OSDZtSjZTNk9tcWh5R1pKZzlhOThvQjVGV002RjQ5V3JRK3dNUHZ2eE92enVMeWtOcjFaUVBCUXEyY21xeVBRaEJuMkVldUNIUngrVWE3V0l6UjZYU1lFYnJiMjJhZ2V2eVpzSXJSdzh2bzhmY1dmblZHTXAiLCJtYWMiOiI0Zjg3OTNiYjAxZmM1MzI2MWFkYWQyYjE4ZWM4OTg0YWU5ZDQyODFmNDM4OTNkNTkzYTUyMjhhZWZlMDA3M2E3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 08:28:46 GMT
content-type: application/javascript
last-modified: Sat, 07 Oct 2023 06:20:26 GMT
etag: W/"16fc7-6071a5a5ddf04-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2623
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5jfMLy2DoeaOHlRHqLBXuHiwQL6ogW%2F2dei6PLek5keF3bk6YR8dOn%2FpU%2Fl%2B57ce9yEkF5E%2FQ5%2B2V%2FxaziYx%2BzXVRfGANUNdVx1PCK43r9pX1udWu4MuVDaX6XrzHJYg9g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a533893968712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

i.pinimg.com/1200x/20/43/b4/2043b4b7a67e6aabdad482cb5339b251.jpg

95.101.10.201

200 OK

131 kB

URL GET HTTP/2
i.pinimg.com/1200x/20/43/b4/2043b4b7a67e6aabdad482cb5339b251.jpg
IP
95.101.10.201:443
ASN
#20940 Akamai International B.V.

Requested by
https://freegtaov.life/
Certificate
IssuerDigiCert Inc
Subjecti2.pinimg.com
Fingerprint1C:5F:46:F7:91:91:1C:69:DD:8D:F6:5A:F9:26:61:14:36:A4:0A:E4
ValidityTue, 23 Apr 2024 00:00:00 GMT - Thu, 15 May 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 741x1800, components 3
Size
131 kB (130631 bytes)
Hash
78e0cdb674a73308470dd29f34fb3292
1a2f99ae096ce73bb81bf561f24446e12458866d
f44718028723db79233c8c8cc404d8105457849ce15e24a106bb058514b01a92

HTTP Headers

GET /1200x/20/43/b4/2043b4b7a67e6aabdad482cb5339b251.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
etag: "78e0cdb674a73308470dd29f34fb3292"
accept-ranges: bytes
content-type: image/jpeg
content-length: 130631
x-pinterest-cache-status-v2: Miss
akamai-grn: 0.c50a655f.1714120131.9399baf
vary: Origin
cache-control: immutable, max-age=31536000
x-cdn: akamai
X-Firefox-Spdy: h2

freegtaov.life/static/your/css/font/fontawesome-webfont.woff2?v=4.7.0

188.114.97.1

200 OK

77 kB

URL GET HTTP/3
freegtaov.life/static/your/css/font/fontawesome-webfont.woff2?v=4.7.0
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freegtaov.life/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreegtaov.life
Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47
ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/your/css/font/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://freegtaov.life/static/your/css/font-awesome.min.css
Cookie: XSRF-TOKEN=eyJpdiI6ImxZWHhQSnJMRjM2MTJvV2tpYVpaQXc9PSIsInZhbHVlIjoiY3I1T3JmRzJmeFl2Y2gzcGlmZkxBNGRCNHpNK0JXQlNRYU9HNkNZdmxxbitqVGNONEFSMCsrRmJESFdhd3dKcEx2MFpVejFCOXJkOWlaRVBUSm9jMDhpVjdqN05KQ1RIcGphQlVaaHlHd2FkSmZzSmVjZEhwb1ZpSExGc2RCSEkiLCJtYWMiOiIzMDVhMzJmMzJjODE5MWEyMTQ5ZTg1M2I1MWZhZGJiN2NlNjAyZDMxNjVlY2RlNzkzOTMzMTNiM2MyMjBlOGIzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1iSzJtcE1CWTdVUFg4UmFDSldKbVE9PSIsInZhbHVlIjoiTWVWS3F1WlFneG1OSDZtSjZTNk9tcWh5R1pKZzlhOThvQjVGV002RjQ5V3JRK3dNUHZ2eE92enVMeWtOcjFaUVBCUXEyY21xeVBRaEJuMkVldUNIUngrVWE3V0l6UjZYU1lFYnJiMjJhZ2V2eVpzSXJSdzh2bzhmY1dmblZHTXAiLCJtYWMiOiI0Zjg3OTNiYjAxZmM1MzI2MWFkYWQyYjE4ZWM4OTg0YWU5ZDQyODFmNDM4OTNkNTkzYTUyMjhhZWZlMDA3M2E3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 08:28:47 GMT
content-type: font/woff2
last-modified: Sat, 07 Oct 2023 06:20:27 GMT
etag: W/"12d68-6071a5a6326b2-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2623
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5IpqOBlmfYVIB1EhjXHjQMS8xpqY%2BZ0Fwu9J0idbHuUVk95D2feRApQaMdEESzY1Br0l3Ah7Sj%2BZy4aKGgikBudVn6L9sOTs8GO1Oaej3R96XKqsPto%2FkNaeLFUQyzxyLw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a5338ccc6d712b-OSL
alt-svc: h3=":443"; ma=86400

sc04.alicdn.com/kf/H459f36891de84ef2a095573ce68e7475v.jpg

23.36.77.179

200 OK

2.7 kB

URL GET HTTP/2
sc04.alicdn.com/kf/H459f36891de84ef2a095573ce68e7475v.jpg
IP
23.36.77.179:443
ASN
#20940 Akamai International B.V.

Requested by
https://freegtaov.life/
Certificate
IssuerDigiCert Inc
Subject*.alicdn.com
Fingerprint1E:21:1C:70:DA:C9:05:2B:07:37:C6:AB:46:71:94:44:60:7C:E1:CB
ValiditySun, 10 Sep 2023 00:00:00 GMT - Tue, 10 Sep 2024 23:59:59 GMT

File type
ISO Media, AVIF Image
Size
2.7 kB (2727 bytes)
Hash
71d80bbb38dc7d8afd57663524ff7908
d26e500c08c116534cccddbc5b8ff7995c7a16f6
3824c9b05b23350fb6d9599c153414150c71fff46a37f1791968d254f5a9d3c9

HTTP Headers

GET /kf/H459f36891de84ef2a095573ce68e7475v.jpg HTTP/1.1
Host: sc04.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Tengine
content-type: image/avif
content-length: 2727
traceid: 2ff617a017141201304357510e
last-modified: Mon, 11 Apr 2022 08:18:19 GMT
access-control-allow-origin: *
strict-transport-security: max-age=0
eagleid: 2ff617a017141201304357510e, 2ff617a017141201304357510e
server-timing: rt;dur=0.229,eagleid;desc=2ff617a017141201304357510e
access-control-allow-headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, DELETE
access-control-allow-credentials: true
ali-swift-global-savetime: 1714120130
x-swift-savetime: Fri, 26 Apr 2024 08:28:50 GMT
x-swift-cachetime: 86400000
cache-control: max-age=86400000
expires: Thu, 21 Jan 2027 08:28:50 GMT
date: Fri, 26 Apr 2024 08:28:50 GMT
alt-svc: h3=":443"; ma=2592000
network_info: NO_OSLO_50304
served-from: 23.36.77.175
timing-allow-origin: *, *, *
X-Firefox-Spdy: h2

academy.scene7.com/is/image/academy/10241458?$pdp-gallery-ng$

23.73.2.80

200 OK

125 kB

URL GET HTTP/2
academy.scene7.com/is/image/academy/10241458?$pdp-gallery-ng$
IP
23.73.2.80:443
ASN
#20940 Akamai International B.V.

Requested by
https://freegtaov.life/
Certificate
IssuerDigiCert Inc
Subject*.scene7.com
FingerprintBB:DE:0F:7F:21:60:31:67:C0:1D:84:48:F0:6C:A7:3D:F3:CD:CA:D9
ValiditySun, 26 Nov 2023 00:00:00 GMT - Tue, 26 Nov 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1320x1320, Scaling: [none]x[none], YUV color, decoders should clamp
Size
125 kB (124660 bytes)
Hash
ad949623e30e3c65ae37f7f18a696382
6237f172d0264399931d0c718bed02d9b18f9894
cbc9fa28993bbf04a94e154791e67d06325f35645800c24d208416221436a16f

HTTP Headers

GET /is/image/academy/10241458?$pdp-gallery-ng$ HTTP/1.1
Host: academy.scene7.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/webp
content-length: 124660
access-control-allow-origin: *
last-modified: Sun, 25 Feb 2024 17:02:17 GMT
etag: "ad949623e30e3c65ae37f7f18a696382"
x-adobe-smart-imaging: 3442
x-adobe-assetlist: QlpoOTFBWSZTWWgNaOwAAASbgAAA9kAACi4CACAgADFMAAEExMAaflRUP8PFUF5vC7kinChINAa0dgA=
x-adobe-modifierlist: QlpoOTFBWSZTWfPflLwAAAADgAAKv2f+hCAAUKADEaaaNCJ6iek2QnonpPUBsQXMYfwqltqeIavK2q3oJQa8B5GKeshMSTIs7+n2LOIEC8GpoVXnRuaNfxdyRThQkPPflLw=
server: Unknown
strict-transport-security: max-age=31536000; includeSubDomains
expires: Fri, 26 Apr 2024 18:28:50 GMT
date: Fri, 26 Apr 2024 08:28:50 GMT
x-akamai-cache: Miss
akamai-grn: 0.50014917.1714120130.a012d8f
X-Firefox-Spdy: h2

freegtaov.life/static/your/css/swiper.min.css

188.114.97.1

200 OK

18 kB

URL GET HTTP/3
freegtaov.life/static/your/css/swiper.min.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freegtaov.life/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreegtaov.life
Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47
ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT

File type
ASCII text, with very long lines (17459)
Size
18 kB (17759 bytes)
Hash
6af34d0737ad0ca608111771cf74cc79
15d0417baa08a741c6aee19fdfbf4813635f98f8
47b0e7129add982c0e394f0dfa8d9621e6c9e4126859b26e1ad25c18def0d812

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/your/css/swiper.min.css HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freegtaov.life/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImxZWHhQSnJMRjM2MTJvV2tpYVpaQXc9PSIsInZhbHVlIjoiY3I1T3JmRzJmeFl2Y2gzcGlmZkxBNGRCNHpNK0JXQlNRYU9HNkNZdmxxbitqVGNONEFSMCsrRmJESFdhd3dKcEx2MFpVejFCOXJkOWlaRVBUSm9jMDhpVjdqN05KQ1RIcGphQlVaaHlHd2FkSmZzSmVjZEhwb1ZpSExGc2RCSEkiLCJtYWMiOiIzMDVhMzJmMzJjODE5MWEyMTQ5ZTg1M2I1MWZhZGJiN2NlNjAyZDMxNjVlY2RlNzkzOTMzMTNiM2MyMjBlOGIzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1iSzJtcE1CWTdVUFg4UmFDSldKbVE9PSIsInZhbHVlIjoiTWVWS3F1WlFneG1OSDZtSjZTNk9tcWh5R1pKZzlhOThvQjVGV002RjQ5V3JRK3dNUHZ2eE92enVMeWtOcjFaUVBCUXEyY21xeVBRaEJuMkVldUNIUngrVWE3V0l6UjZYU1lFYnJiMjJhZ2V2eVpzSXJSdzh2bzhmY1dmblZHTXAiLCJtYWMiOiI0Zjg3OTNiYjAxZmM1MzI2MWFkYWQyYjE4ZWM4OTg0YWU5ZDQyODFmNDM4OTNkNTkzYTUyMjhhZWZlMDA3M2E3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 08:28:46 GMT
content-type: text/css
last-modified: Sat, 07 Oct 2023 06:20:27 GMT
etag: W/"455f-6071a5a633652-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2623
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3FMbLxMwouhG4gCW%2Fs4AIBAXYh%2FcCnJLVHpQ%2Fx4%2Ff67I3lsQw%2BqJI5RoGg8%2B2FeXXQg1PnI1N1vMXBDh2b20hWOf3r3WkJ5Pl36ii3fEOuwFb%2BAI33zhI4z5IbwF0G%2Fwzw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a533891955712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

freegtaov.life/static/default/css/iconfont.css

188.114.97.1

200 OK

1.4 kB

URL GET HTTP/3
freegtaov.life/static/default/css/iconfont.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freegtaov.life/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreegtaov.life
Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47
ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT

File type
ASCII text, with very long lines (1543), with no line terminators
Size
1.4 kB (1372 bytes)
Hash
090f72d902afd1175acf4cad9f14c475
570ba183720b7f40f15601d0d4321a6ad819fcf2
29b84aaf9a3d5b98b8f77db96a21f11fd83bf97cc140f3e7ff41735aba555187

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/default/css/iconfont.css HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freegtaov.life/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImxZWHhQSnJMRjM2MTJvV2tpYVpaQXc9PSIsInZhbHVlIjoiY3I1T3JmRzJmeFl2Y2gzcGlmZkxBNGRCNHpNK0JXQlNRYU9HNkNZdmxxbitqVGNONEFSMCsrRmJESFdhd3dKcEx2MFpVejFCOXJkOWlaRVBUSm9jMDhpVjdqN05KQ1RIcGphQlVaaHlHd2FkSmZzSmVjZEhwb1ZpSExGc2RCSEkiLCJtYWMiOiIzMDVhMzJmMzJjODE5MWEyMTQ5ZTg1M2I1MWZhZGJiN2NlNjAyZDMxNjVlY2RlNzkzOTMzMTNiM2MyMjBlOGIzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1iSzJtcE1CWTdVUFg4UmFDSldKbVE9PSIsInZhbHVlIjoiTWVWS3F1WlFneG1OSDZtSjZTNk9tcWh5R1pKZzlhOThvQjVGV002RjQ5V3JRK3dNUHZ2eE92enVMeWtOcjFaUVBCUXEyY21xeVBRaEJuMkVldUNIUngrVWE3V0l6UjZYU1lFYnJiMjJhZ2V2eVpzSXJSdzh2bzhmY1dmblZHTXAiLCJtYWMiOiI0Zjg3OTNiYjAxZmM1MzI2MWFkYWQyYjE4ZWM4OTg0YWU5ZDQyODFmNDM4OTNkNTkzYTUyMjhhZWZlMDA3M2E3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 08:28:46 GMT
content-type: text/css
last-modified: Sat, 07 Oct 2023 06:20:26 GMT
etag: W/"55c-6071a5a5d852a-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2623
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b02Ou4if8IGkJtVbHk26TEU%2BZDP6N8yiUSu7TaihXUDUIXWbB7sXume3UNjwOVu5tmLD3o2W0fVRkPCGNSfW8I040kD8sLvmApHPYQQ%2B%2F5rgXkFnHrlomnhXTRHytA80SQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a533892960712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

freegtaov.life/api/item/random?num=8&name=hot

188.114.97.1

200 OK

3.1 kB

URL GET HTTP/3
freegtaov.life/api/item/random?num=8&name=hot
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freegtaov.life/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreegtaov.life
Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47
ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (3363), with no line terminators
Size
3.1 kB (3054 bytes)
Hash
4b1062ab164ede284bb624e44539c4bb
2192bc89255ed66338b6ded572faf3f8a9121fc7
508c39c0f086ffb401948ae8715763ce81c7e7d6dc031ed82985c8bc4f1ed6c7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/item/random?num=8&name=hot HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freegtaov.life/
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImxZWHhQSnJMRjM2MTJvV2tpYVpaQXc9PSIsInZhbHVlIjoiY3I1T3JmRzJmeFl2Y2gzcGlmZkxBNGRCNHpNK0JXQlNRYU9HNkNZdmxxbitqVGNONEFSMCsrRmJESFdhd3dKcEx2MFpVejFCOXJkOWlaRVBUSm9jMDhpVjdqN05KQ1RIcGphQlVaaHlHd2FkSmZzSmVjZEhwb1ZpSExGc2RCSEkiLCJtYWMiOiIzMDVhMzJmMzJjODE5MWEyMTQ5ZTg1M2I1MWZhZGJiN2NlNjAyZDMxNjVlY2RlNzkzOTMzMTNiM2MyMjBlOGIzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1iSzJtcE1CWTdVUFg4UmFDSldKbVE9PSIsInZhbHVlIjoiTWVWS3F1WlFneG1OSDZtSjZTNk9tcWh5R1pKZzlhOThvQjVGV002RjQ5V3JRK3dNUHZ2eE92enVMeWtOcjFaUVBCUXEyY21xeVBRaEJuMkVldUNIUngrVWE3V0l6UjZYU1lFYnJiMjJhZ2V2eVpzSXJSdzh2bzhmY1dmblZHTXAiLCJtYWMiOiI0Zjg3OTNiYjAxZmM1MzI2MWFkYWQyYjE4ZWM4OTg0YWU5ZDQyODFmNDM4OTNkNTkzYTUyMjhhZWZlMDA3M2E3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 08:28:50 GMT
content-type: application/json
cache-control: no-cache, private
x-ratelimit-limit: 60
x-ratelimit-remaining: 59
access-control-allow-origin: *
set-cookie: laravel_session=eyJpdiI6IjA2OC9BaFA3WEt4VHNWTFhINVgvZGc9PSIsInZhbHVlIjoidk1hOUZhOWJLTFpkU213cW42blJmSjF6TnhTdU52Qmg4YWRYVmxKb2xEdC96ZHhZMEdJQW1MMHlBZlRYSUt3Sm9DK1FnWWRtSkhwbW9rY2g4TXBXZmJoK3hNRXUzVVFZeDdyK1lRUS84NjNVSjFCRGFxOUJucW1aUWVNdnkrcnAiLCJtYWMiOiJhMTk5M2FlNzI4MWU1ODhiZjliMTcyYmI2MzRkZDE4MjcwOWMxMTdmYWRlMGNlY2Q4NDA2MzdkMWY1ZmFkY2Y4IiwidGFnIjoiIn0%3D; expires=Fri, 26-Apr-2024 10:28:50 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q5fzAHx%2BpOUEknJxbQod75KSPtS6YYR8bSNXoWAaTaI%2BpRrHgYdW3nYbpoUGWjRSI%2B53ZMmCm54UZRS5vPjm2fbhKlPV4V9X%2BJM%2BRt%2FSDYo1oVYk8V1qmiuz19kdvJCaWA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a5338d2cf1712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

images.meesho.com/images/products/280902011/abcgx_512.webp

34.111.251.190

200 OK

47 kB

URL GET HTTP/2
images.meesho.com/images/products/280902011/abcgx_512.webp
IP
34.111.251.190:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://freegtaov.life/
Certificate
IssuerGoDaddy.com, Inc.
Subject*.meesho.com
Fingerprint58:9F:09:3D:E1:6D:02:E6:46:1E:B0:F2:8F:C6:88:AD:33:A6:D3:D7
ValidityWed, 31 May 2023 11:10:21 GMT - Tue, 04 Jun 2024 10:18:23 GMT

File type
RIFF (little-endian) data, Web/P image
Size
47 kB (46646 bytes)
Hash
26d677172529cbcd29d20d9e6fc024a8
f23c58abbd360515e91d2d6d04a784c9f8b6d1e8
d82a086b431185e86199896814db50207979f0f4e9b4b70d19744d12d7006e08

HTTP Headers

GET /images/products/280902011/abcgx_512.webp HTTP/1.1
Host: images.meesho.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: max-age=31536000
content-type: image/webp
etag: CMeC36jq8IQDEAE=
last-modified: Wed, 13 Mar 2024 08:34:36 GMT
x-cloud-trace-context: ba923f593107b98846472618a159961d
date: Fri, 26 Apr 2024 08:28:50 GMT
server: Google Frontend
content-length: 46646
via: 1.1 google
x-cache-hit: miss
x-cache-id: ARN-e8c60de5
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

freegtaov.life/static/your/css/animate.css

188.114.97.1

200 OK

58 kB

URL GET HTTP/3
freegtaov.life/static/your/css/animate.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freegtaov.life/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreegtaov.life
Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47
ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT

File type
ASCII text, with very long lines (460)
Size
58 kB (58273 bytes)
Hash
77a5c1c68584ef4f63535fd1b8f9ea8a
d0700bd7ef9ef7b5c17f7ae46930dabb23e18f81
a8b27255a12c6f055e0df480753920dbfda0f4057f0d701b5d715e03a550a46b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/your/css/animate.css HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freegtaov.life/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImxZWHhQSnJMRjM2MTJvV2tpYVpaQXc9PSIsInZhbHVlIjoiY3I1T3JmRzJmeFl2Y2gzcGlmZkxBNGRCNHpNK0JXQlNRYU9HNkNZdmxxbitqVGNONEFSMCsrRmJESFdhd3dKcEx2MFpVejFCOXJkOWlaRVBUSm9jMDhpVjdqN05KQ1RIcGphQlVaaHlHd2FkSmZzSmVjZEhwb1ZpSExGc2RCSEkiLCJtYWMiOiIzMDVhMzJmMzJjODE5MWEyMTQ5ZTg1M2I1MWZhZGJiN2NlNjAyZDMxNjVlY2RlNzkzOTMzMTNiM2MyMjBlOGIzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1iSzJtcE1CWTdVUFg4UmFDSldKbVE9PSIsInZhbHVlIjoiTWVWS3F1WlFneG1OSDZtSjZTNk9tcWh5R1pKZzlhOThvQjVGV002RjQ5V3JRK3dNUHZ2eE92enVMeWtOcjFaUVBCUXEyY21xeVBRaEJuMkVldUNIUngrVWE3V0l6UjZYU1lFYnJiMjJhZ2V2eVpzSXJSdzh2bzhmY1dmblZHTXAiLCJtYWMiOiI0Zjg3OTNiYjAxZmM1MzI2MWFkYWQyYjE4ZWM4OTg0YWU5ZDQyODFmNDM4OTNkNTkzYTUyMjhhZWZlMDA3M2E3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 08:28:46 GMT
content-type: text/css
last-modified: Sat, 07 Oct 2023 06:20:27 GMT
etag: W/"e3a1-6071a5a631329-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2623
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NKhcJs3ConumU41XoErlDH%2FfsNhcf%2Bs5XWzsSw552%2BLYwwz4QQVvdNOYDu2wgGbMZEMpUYPkWKsM5NHa92iTA%2Fjl0%2FA6p3rSKHFSBaMDe9hzWXJTUHi7Rj%2B3o7YbJUhG6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a533891953712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

freegtaov.life/static/your/css/lightbox.css

188.114.97.1

200 OK

3.5 kB

URL GET HTTP/3
freegtaov.life/static/your/css/lightbox.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freegtaov.life/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreegtaov.life
Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47
ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT

File type
ASCII text, with very long lines (3638), with no line terminators
Size
3.5 kB (3470 bytes)
Hash
313f1bf7c27b92bf95c8c5a09456017b
8cbc95754b0ca2df9ca15484a994a1a9989db819
b0ac5f3e113197f2a22d84177033a0e586247ada4ec1d0427137fb2a15b144af

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/your/css/lightbox.css HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freegtaov.life/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImxZWHhQSnJMRjM2MTJvV2tpYVpaQXc9PSIsInZhbHVlIjoiY3I1T3JmRzJmeFl2Y2gzcGlmZkxBNGRCNHpNK0JXQlNRYU9HNkNZdmxxbitqVGNONEFSMCsrRmJESFdhd3dKcEx2MFpVejFCOXJkOWlaRVBUSm9jMDhpVjdqN05KQ1RIcGphQlVaaHlHd2FkSmZzSmVjZEhwb1ZpSExGc2RCSEkiLCJtYWMiOiIzMDVhMzJmMzJjODE5MWEyMTQ5ZTg1M2I1MWZhZGJiN2NlNjAyZDMxNjVlY2RlNzkzOTMzMTNiM2MyMjBlOGIzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1iSzJtcE1CWTdVUFg4UmFDSldKbVE9PSIsInZhbHVlIjoiTWVWS3F1WlFneG1OSDZtSjZTNk9tcWh5R1pKZzlhOThvQjVGV002RjQ5V3JRK3dNUHZ2eE92enVMeWtOcjFaUVBCUXEyY21xeVBRaEJuMkVldUNIUngrVWE3V0l6UjZYU1lFYnJiMjJhZ2V2eVpzSXJSdzh2bzhmY1dmblZHTXAiLCJtYWMiOiI0Zjg3OTNiYjAxZmM1MzI2MWFkYWQyYjE4ZWM4OTg0YWU5ZDQyODFmNDM4OTNkNTkzYTUyMjhhZWZlMDA3M2E3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 08:28:46 GMT
content-type: text/css
last-modified: Sat, 07 Oct 2023 06:20:27 GMT
etag: W/"d8e-6071a5a63326a-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2623
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6v1n8MKRFZlT1K70JQ5qW8CNsuCC2qAag%2Bojkwb7vTMAhacNBbuQwMm7dgmPu5QzE3PRWciXtUxohqVf81Oegffe1x71D9C7TR8KtTwor%2FRMpw26pFscE%2FiiW2bQMSXYxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a533891947712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

thepounddropper.com/wp-content/uploads/2021/12/Peppermint-Bark-Feature-.jpg

172.67.75.185

200 OK

1.5 MB

URL GET HTTP/2
thepounddropper.com/wp-content/uploads/2021/12/Peppermint-Bark-Feature-.jpg
IP
172.67.75.185:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freegtaov.life/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint87:05:91:94:96:5F:91:19:18:CD:A0:F7:4B:18:47:C5:EF:5F:AE:F9
ValiditySat, 01 Jul 2023 00:00:00 GMT - Sun, 30 Jun 2024 23:59:59 GMT

File type

Size
1.5 MB (1458383 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-content/uploads/2021/12/Peppermint-Bark-Feature-.jpg HTTP/1.1
Host: thepounddropper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:28:50 GMT
content-type: image/jpeg
content-length: 1458383
x-frame-options: SAMEORIGIN
last-modified: Mon, 06 Dec 2021 21:47:49 GMT
cache-control: public, max-age=31536000
expires: max-age=A10368000, public
content-security-policy: block-all-mixed-content
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n5szSyBMiDJAi5cbyMfedCC7WXdk%2Byt3gnS%2F9Nlup1Jbr8%2FvSN40oKIvhfYV1%2BU2Ng2Pz%2BPmPfX6Xf8Qz2cdh897IpDB6E1KUqCx%2FrIGxdjL%2BS2Cj6g8gqgnhknsToRtLSEy5gY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a5339d8ef656bf-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

freegtaov.life/static/your/css/opencart.css

188.114.97.1

200 OK

1.9 kB

URL GET HTTP/3
freegtaov.life/static/your/css/opencart.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freegtaov.life/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreegtaov.life
Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47
ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT

File type
ASCII text, with very long lines (2076), with no line terminators
Size
1.9 kB (1916 bytes)
Hash
c3539f75f7ceb88a42d224dc60e8fd25
1c27dadef4cf7199db95b8b3d2792107858e6fb3
dfdd02b5f0a91b0588510b93165d45f9d12c3478835ed93c6ca00c4a2f9a7df7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/your/css/opencart.css HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freegtaov.life/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImxZWHhQSnJMRjM2MTJvV2tpYVpaQXc9PSIsInZhbHVlIjoiY3I1T3JmRzJmeFl2Y2gzcGlmZkxBNGRCNHpNK0JXQlNRYU9HNkNZdmxxbitqVGNONEFSMCsrRmJESFdhd3dKcEx2MFpVejFCOXJkOWlaRVBUSm9jMDhpVjdqN05KQ1RIcGphQlVaaHlHd2FkSmZzSmVjZEhwb1ZpSExGc2RCSEkiLCJtYWMiOiIzMDVhMzJmMzJjODE5MWEyMTQ5ZTg1M2I1MWZhZGJiN2NlNjAyZDMxNjVlY2RlNzkzOTMzMTNiM2MyMjBlOGIzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1iSzJtcE1CWTdVUFg4UmFDSldKbVE9PSIsInZhbHVlIjoiTWVWS3F1WlFneG1OSDZtSjZTNk9tcWh5R1pKZzlhOThvQjVGV002RjQ5V3JRK3dNUHZ2eE92enVMeWtOcjFaUVBCUXEyY21xeVBRaEJuMkVldUNIUngrVWE3V0l6UjZYU1lFYnJiMjJhZ2V2eVpzSXJSdzh2bzhmY1dmblZHTXAiLCJtYWMiOiI0Zjg3OTNiYjAxZmM1MzI2MWFkYWQyYjE4ZWM4OTg0YWU5ZDQyODFmNDM4OTNkNTkzYTUyMjhhZWZlMDA3M2E3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 08:28:46 GMT
content-type: text/css
last-modified: Sat, 07 Oct 2023 06:20:27 GMT
etag: W/"77c-6071a5a63326a-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2623
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a3Yvwa168eljOAXWIa20x65iQgm3ryGYYJ6ZpEHArBeJLIKz0XnBy7CqQwiWTyQnBLdZNKlOb465RMqFUHl%2BEjah71Bl1mxPFj4Q6Mh1XTSj7KfGnsor2nB%2F%2FDfiqFbnvA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a533891958712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

static.bhphoto.com/images/fb/1700874.jpg

104.18.38.13

200 OK

92 kB

URL GET HTTP/2
static.bhphoto.com/images/fb/1700874.jpg
IP
104.18.38.13:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freegtaov.life/
Certificate
IssuerLet's Encrypt
Subjectbhphoto.com
FingerprintE1:D2:D2:86:8C:6C:64:4D:BE:68:16:71:26:18:7A:4D:BE:C8:3D:4E
ValidityMon, 25 Mar 2024 22:28:35 GMT - Sun, 23 Jun 2024 22:28:34 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1200x630, components 3
Size
92 kB (92175 bytes)
Hash
2320343ee39adaf75429639d12c3032a
2c8b8db006deec346a89f1c50789b5c5963d2507
e82be3e10e318ab55790a178a075cacd7ad48d8163a3735e86b8349c9e88c6f3

HTTP Headers

GET /images/fb/1700874.jpg HTTP/1.1
Host: static.bhphoto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:28:50 GMT
content-type: image/jpeg
cf-ray: 87a5339daf9156a4-OSL
cf-cache-status: MISS
cache-control: public, max-age=31536000
etag: "628295e1-1680f"
last-modified: Mon, 16 May 2022 18:20:17 GMT
vary: Accept-Encoding
set-cookie: __cf_bm=ij5e9s0gVVeyzI86irCM_v31lVgfWsjrPxtkhaVYF5Q-1714120130-1.0.1.1-IaE9dARxXrASD1osc5rMmdxSSrKAynrofyOoL0txE5IsXqVVc66AhqgrMXoaTEKqjIv5q2xKLHkymjzJMDAVP7.0kNJhHkLAgf.4ba2v_ms; path=/; expires=Fri, 26-Apr-24 08:58:50 GMT; domain=.bhphoto.com; HttpOnly; Secure; SameSite=None
__cfruid=025fcd0336c7b23e08ae467f7aa0c189f8fb6f3f-1714120130; path=/; domain=.bhphoto.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2

freegtaov.life/static/your/css/owl.carousel.min.css

188.114.97.1

200 OK

2.9 kB

URL GET HTTP/3
freegtaov.life/static/your/css/owl.carousel.min.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freegtaov.life/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreegtaov.life
Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47
ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT

File type
ASCII text, with very long lines (2943), with no line terminators
Size
2.9 kB (2936 bytes)
Hash
4d4667e9d189e4986f510490969ec75c
cf8ab378a96e61b92571e9f0927e54bb89bed195
5110a28a79fceab8d0800452b37b74ab88d659fd6e34ab89d6247c0c8a3117ad

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/your/css/owl.carousel.min.css HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freegtaov.life/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImxZWHhQSnJMRjM2MTJvV2tpYVpaQXc9PSIsInZhbHVlIjoiY3I1T3JmRzJmeFl2Y2gzcGlmZkxBNGRCNHpNK0JXQlNRYU9HNkNZdmxxbitqVGNONEFSMCsrRmJESFdhd3dKcEx2MFpVejFCOXJkOWlaRVBUSm9jMDhpVjdqN05KQ1RIcGphQlVaaHlHd2FkSmZzSmVjZEhwb1ZpSExGc2RCSEkiLCJtYWMiOiIzMDVhMzJmMzJjODE5MWEyMTQ5ZTg1M2I1MWZhZGJiN2NlNjAyZDMxNjVlY2RlNzkzOTMzMTNiM2MyMjBlOGIzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1iSzJtcE1CWTdVUFg4UmFDSldKbVE9PSIsInZhbHVlIjoiTWVWS3F1WlFneG1OSDZtSjZTNk9tcWh5R1pKZzlhOThvQjVGV002RjQ5V3JRK3dNUHZ2eE92enVMeWtOcjFaUVBCUXEyY21xeVBRaEJuMkVldUNIUngrVWE3V0l6UjZYU1lFYnJiMjJhZ2V2eVpzSXJSdzh2bzhmY1dmblZHTXAiLCJtYWMiOiI0Zjg3OTNiYjAxZmM1MzI2MWFkYWQyYjE4ZWM4OTg0YWU5ZDQyODFmNDM4OTNkNTkzYTUyMjhhZWZlMDA3M2E3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 08:28:46 GMT
content-type: text/css
last-modified: Sat, 07 Oct 2023 06:20:27 GMT
etag: W/"b78-6071a5a63326a-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2623
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ulwsTdzGbqlQZFNUondX7MQvLOskqtspb1OZ7VHgb3BQaQjfsE6m86bXnQjg3DyWN6W5k4BWrCqEqZW73OUZbB9crpe3wG36tv6kQUFc8ARYXztWzB9YIMGBDytuDcFmiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a533891949712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

freegtaov.life/static/your/css/stylesheet.css

188.114.97.1

200 OK

92 kB

URL GET HTTP/3
freegtaov.life/static/your/css/stylesheet.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freegtaov.life/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreegtaov.life
Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47
ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (529)
Size
92 kB (91491 bytes)
Hash
9a06a247e039b7a8e36cc1059d7c5c39
4a42d4ebcf871ec3ac45c47eb1110462616f2390
8cab6c22f51f0c08736e6ef55849ad723519a715a79568b749f9123a074878b4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/your/css/stylesheet.css HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freegtaov.life/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImxZWHhQSnJMRjM2MTJvV2tpYVpaQXc9PSIsInZhbHVlIjoiY3I1T3JmRzJmeFl2Y2gzcGlmZkxBNGRCNHpNK0JXQlNRYU9HNkNZdmxxbitqVGNONEFSMCsrRmJESFdhd3dKcEx2MFpVejFCOXJkOWlaRVBUSm9jMDhpVjdqN05KQ1RIcGphQlVaaHlHd2FkSmZzSmVjZEhwb1ZpSExGc2RCSEkiLCJtYWMiOiIzMDVhMzJmMzJjODE5MWEyMTQ5ZTg1M2I1MWZhZGJiN2NlNjAyZDMxNjVlY2RlNzkzOTMzMTNiM2MyMjBlOGIzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1iSzJtcE1CWTdVUFg4UmFDSldKbVE9PSIsInZhbHVlIjoiTWVWS3F1WlFneG1OSDZtSjZTNk9tcWh5R1pKZzlhOThvQjVGV002RjQ5V3JRK3dNUHZ2eE92enVMeWtOcjFaUVBCUXEyY21xeVBRaEJuMkVldUNIUngrVWE3V0l6UjZYU1lFYnJiMjJhZ2V2eVpzSXJSdzh2bzhmY1dmblZHTXAiLCJtYWMiOiI0Zjg3OTNiYjAxZmM1MzI2MWFkYWQyYjE4ZWM4OTg0YWU5ZDQyODFmNDM4OTNkNTkzYTUyMjhhZWZlMDA3M2E3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 08:28:46 GMT
content-type: text/css
last-modified: Sat, 07 Oct 2023 06:20:27 GMT
etag: W/"16563-6071a5a633652-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2623
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eh6GWxO3kl2oBnaoR6GCkg1fI1jSzSevbqu%2BlbQk2DIJiYsfdpGZxu1fxIV9rvtHb6HzTMMKII%2F2WBKKgvTxIMQu%2BbZVCCfr0ruKT1k%2FNpzstAQDWc046J7Axmg%2FEkc%2FOA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a533891950712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

freegtaov.life/static/default/js/public.js

188.114.97.1

200 OK

1.9 kB

URL GET HTTP/3
freegtaov.life/static/default/js/public.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freegtaov.life/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreegtaov.life
Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47
ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (1900), with no line terminators
Size
1.9 kB (1903 bytes)
Hash
51c8cad5196fedebda08621dea5c6405
5edaf17734119cf9985a4c1474bbde7eb801de35
13d077ad8e2e39537edac3359ea189cc9dd414f7a939e19950e22d7f7bcb1d34

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/default/js/public.js HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freegtaov.life/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImxZWHhQSnJMRjM2MTJvV2tpYVpaQXc9PSIsInZhbHVlIjoiY3I1T3JmRzJmeFl2Y2gzcGlmZkxBNGRCNHpNK0JXQlNRYU9HNkNZdmxxbitqVGNONEFSMCsrRmJESFdhd3dKcEx2MFpVejFCOXJkOWlaRVBUSm9jMDhpVjdqN05KQ1RIcGphQlVaaHlHd2FkSmZzSmVjZEhwb1ZpSExGc2RCSEkiLCJtYWMiOiIzMDVhMzJmMzJjODE5MWEyMTQ5ZTg1M2I1MWZhZGJiN2NlNjAyZDMxNjVlY2RlNzkzOTMzMTNiM2MyMjBlOGIzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1iSzJtcE1CWTdVUFg4UmFDSldKbVE9PSIsInZhbHVlIjoiTWVWS3F1WlFneG1OSDZtSjZTNk9tcWh5R1pKZzlhOThvQjVGV002RjQ5V3JRK3dNUHZ2eE92enVMeWtOcjFaUVBCUXEyY21xeVBRaEJuMkVldUNIUngrVWE3V0l6UjZYU1lFYnJiMjJhZ2V2eVpzSXJSdzh2bzhmY1dmblZHTXAiLCJtYWMiOiI0Zjg3OTNiYjAxZmM1MzI2MWFkYWQyYjE4ZWM4OTg0YWU5ZDQyODFmNDM4OTNkNTkzYTUyMjhhZWZlMDA3M2E3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 08:28:46 GMT
content-type: application/javascript
last-modified: Sat, 07 Oct 2023 06:20:26 GMT
etag: W/"76f-6071a5a5dcf64-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2623
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fwyBY7ryq5WazQ12CBQm5J%2FCN6824IRVDKB3bXgnMEd96aKIbpYbRybfhqZNir6X%2BX6L4KEDJGZxMfApoRPULJa53%2FpRYbgj%2FUyK78PdA4h%2BQ8hqvGxw0glx2J0J3Q2jgg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a533893969712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

freegtaov.life/static/your/css/font-awesome.min.css

188.114.97.1

200 OK

31 kB

URL GET HTTP/3
freegtaov.life/static/your/css/font-awesome.min.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freegtaov.life/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreegtaov.life
Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47
ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT

File type
ASCII text, with very long lines (30813)
Size
31 kB (30976 bytes)
Hash
ba098bc004de79c602b8a80093ecfb6d
07e2a0eae9e2a64f753638b5281b878b586f054d
ad6ed6588f8299f92680d0b1e7d3103621f713060409ac419094140e6fdaeb84

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/your/css/font-awesome.min.css HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freegtaov.life/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImxZWHhQSnJMRjM2MTJvV2tpYVpaQXc9PSIsInZhbHVlIjoiY3I1T3JmRzJmeFl2Y2gzcGlmZkxBNGRCNHpNK0JXQlNRYU9HNkNZdmxxbitqVGNONEFSMCsrRmJESFdhd3dKcEx2MFpVejFCOXJkOWlaRVBUSm9jMDhpVjdqN05KQ1RIcGphQlVaaHlHd2FkSmZzSmVjZEhwb1ZpSExGc2RCSEkiLCJtYWMiOiIzMDVhMzJmMzJjODE5MWEyMTQ5ZTg1M2I1MWZhZGJiN2NlNjAyZDMxNjVlY2RlNzkzOTMzMTNiM2MyMjBlOGIzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1iSzJtcE1CWTdVUFg4UmFDSldKbVE9PSIsInZhbHVlIjoiTWVWS3F1WlFneG1OSDZtSjZTNk9tcWh5R1pKZzlhOThvQjVGV002RjQ5V3JRK3dNUHZ2eE92enVMeWtOcjFaUVBCUXEyY21xeVBRaEJuMkVldUNIUngrVWE3V0l6UjZYU1lFYnJiMjJhZ2V2eVpzSXJSdzh2bzhmY1dmblZHTXAiLCJtYWMiOiI0Zjg3OTNiYjAxZmM1MzI2MWFkYWQyYjE4ZWM4OTg0YWU5ZDQyODFmNDM4OTNkNTkzYTUyMjhhZWZlMDA3M2E3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 08:28:46 GMT
content-type: text/css
last-modified: Sat, 07 Oct 2023 06:20:27 GMT
etag: W/"7900-6071a5a631711-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2623
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9bNs%2F%2BSIlF3aqTzlDLaMRyjUzy0VSOs8A6E18D8dwZAx%2Fb%2BBLjtEO70%2FmjHFX2mr8oWCf7cw%2Fr73wxIQ1LVruNB5cjKAKuBwU6n5olDlz4z%2BRZqxp%2F0jv4aUfzPrNE06RA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a533891945712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

freegtaov.life/static/your/css/owl.theme.default.min.css

188.114.97.1

200 OK

936 B

URL GET HTTP/3
freegtaov.life/static/your/css/owl.theme.default.min.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freegtaov.life/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreegtaov.life
Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47
ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT

File type
ASCII text, with very long lines (941), with no line terminators
Size
936 B (936 bytes)
Hash
e781dd464fc6867934d0e6d39e490437
e5097e41900eab39cfba063f915261f09c96288f
c7872c41846b478f0977ef824a1ccc08911439c4c29a6055725cb5c8190fc872

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/your/css/owl.theme.default.min.css HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freegtaov.life/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImxZWHhQSnJMRjM2MTJvV2tpYVpaQXc9PSIsInZhbHVlIjoiY3I1T3JmRzJmeFl2Y2gzcGlmZkxBNGRCNHpNK0JXQlNRYU9HNkNZdmxxbitqVGNONEFSMCsrRmJESFdhd3dKcEx2MFpVejFCOXJkOWlaRVBUSm9jMDhpVjdqN05KQ1RIcGphQlVaaHlHd2FkSmZzSmVjZEhwb1ZpSExGc2RCSEkiLCJtYWMiOiIzMDVhMzJmMzJjODE5MWEyMTQ5ZTg1M2I1MWZhZGJiN2NlNjAyZDMxNjVlY2RlNzkzOTMzMTNiM2MyMjBlOGIzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1iSzJtcE1CWTdVUFg4UmFDSldKbVE9PSIsInZhbHVlIjoiTWVWS3F1WlFneG1OSDZtSjZTNk9tcWh5R1pKZzlhOThvQjVGV002RjQ5V3JRK3dNUHZ2eE92enVMeWtOcjFaUVBCUXEyY21xeVBRaEJuMkVldUNIUngrVWE3V0l6UjZYU1lFYnJiMjJhZ2V2eVpzSXJSdzh2bzhmY1dmblZHTXAiLCJtYWMiOiI0Zjg3OTNiYjAxZmM1MzI2MWFkYWQyYjE4ZWM4OTg0YWU5ZDQyODFmNDM4OTNkNTkzYTUyMjhhZWZlMDA3M2E3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 08:28:46 GMT
content-type: text/css
last-modified: Sat, 07 Oct 2023 06:20:27 GMT
etag: W/"3a8-6071a5a63326a-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2623
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lYey6NLOD%2BWIQvOTmZ7mXOpWdrh1zYEUQcXEvbElWTLbhDzAwjWWoyyd8fJx3awlicerQ6xMZuToUjr0uxnmwqHTuzPNnnffmnjqklpoH%2BJISWMsD%2B8%2FierhiPVpH3WG3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a53389194b712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

freegtaov.life/static/store/css/checkout.css

188.114.97.1

200 OK

4.8 kB

URL GET HTTP/3
freegtaov.life/static/store/css/checkout.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freegtaov.life/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreegtaov.life
Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47
ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT

File type
ASCII text, with very long lines (5046), with no line terminators
Size
4.8 kB (4824 bytes)
Hash
78004bf5e334b836b476f48fcb42d6b2
1b118f3acfd8329b2219397946fbdcdd2eb8a8a1
36ec4ba8f16410525a9046d41eab8c0acb179340bed5d10a795edb52fc899bb0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/store/css/checkout.css HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freegtaov.life/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImxZWHhQSnJMRjM2MTJvV2tpYVpaQXc9PSIsInZhbHVlIjoiY3I1T3JmRzJmeFl2Y2gzcGlmZkxBNGRCNHpNK0JXQlNRYU9HNkNZdmxxbitqVGNONEFSMCsrRmJESFdhd3dKcEx2MFpVejFCOXJkOWlaRVBUSm9jMDhpVjdqN05KQ1RIcGphQlVaaHlHd2FkSmZzSmVjZEhwb1ZpSExGc2RCSEkiLCJtYWMiOiIzMDVhMzJmMzJjODE5MWEyMTQ5ZTg1M2I1MWZhZGJiN2NlNjAyZDMxNjVlY2RlNzkzOTMzMTNiM2MyMjBlOGIzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1iSzJtcE1CWTdVUFg4UmFDSldKbVE9PSIsInZhbHVlIjoiTWVWS3F1WlFneG1OSDZtSjZTNk9tcWh5R1pKZzlhOThvQjVGV002RjQ5V3JRK3dNUHZ2eE92enVMeWtOcjFaUVBCUXEyY21xeVBRaEJuMkVldUNIUngrVWE3V0l6UjZYU1lFYnJiMjJhZ2V2eVpzSXJSdzh2bzhmY1dmblZHTXAiLCJtYWMiOiI0Zjg3OTNiYjAxZmM1MzI2MWFkYWQyYjE4ZWM4OTg0YWU5ZDQyODFmNDM4OTNkNTkzYTUyMjhhZWZlMDA3M2E3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 08:28:46 GMT
content-type: text/css
last-modified: Sat, 07 Oct 2023 06:20:27 GMT
etag: W/"12d8-6071a5a61cb02-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2623
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x4jFfeTO6pHbZVOq36PM%2FQC%2FQTHsx26G2qwO2O%2FHUYp5zTzw8JEkTvZ5qcrQAgEqLn3H%2F%2Fsy9bvKDzM%2BfwF4RI4PcGp%2FGdLj2aBaW8wQTdcFCZnavreEGGUesVFf58oNjA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a53389195c712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

freegtaov.life/favicon.ico

188.114.97.1

200 OK

61 B

URL GET HTTP/3
freegtaov.life/favicon.ico
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freegtaov.life/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreegtaov.life
Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47
ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
61 B (61 bytes)
Hash
2d963171282c4de9d6969472b23e47e3
1ea3d4ba9fe4b01b4edf5b7dcd20ac246d2187d8
87ed5a5a37969aa977d6f4fc16ae7a094bc1abc454307e011b65036646b4d3ab

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freegtaov.life/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Im94NElBeExqenFPU25zVTFjSHhrTmc9PSIsInZhbHVlIjoiUXp0MVJIb2hKUlIydEpCUTN1bC9xbFc1Vkd0MU4yTUlxeXB1Y25pa05MdzB4Z2p6QUpxZ201OW5uanFVY0RoQ0VCeU4zQzFtQnQvVU05SmRpRU4rdmwrRXpWREtvbDNKaWo4Y29kamIyQXEraWJrczQydlJvMGY4VENkaGtwZ0giLCJtYWMiOiIzMDc5ZDgwZDg0NTQxY2EwN2Q5ODMyNWYzMTM0ZDFlNDU5NjY2ZGJkZjFlMjJlYjAzZDdkOTRmODdmYzhlZGRlIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjZtc1RUd2FBdlpBM3UybkVPNkRKYlE9PSIsInZhbHVlIjoieFpENnJkM3UyRGhwTkN3VXBsSjNoU2xxWDYwUU9SVjZ5dEtTd3Q4WExHelRzZHA2NlAreHduNFdmcHhzQXl1MXpweFVmcURSTnAyYzI0cmlQaHBNNSt6WkN4eWh1NlQrT0s3UTUrTFVDTVRoQlhSRzBUZmorVlN0NUx0dlJJdWoiLCJtYWMiOiI0OWVkNTJjYWVkNzA4ZTY0ZDAxMmQ4MmU0OWQwZjc3YmMwNmZlODgyMGUyNDE3ZTg3OWUwNDljMzg1MGI0NGJkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 08:28:48 GMT
content-type: application/json
cache-control: no-cache, private
vary: Accept-Encoding
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C25YoZ58AGFPrGhBqwTkDEJK%2BXmU1SIfLPytZHX8tEbiqPvRaosaKdUnf2L9EJgsPtHtPZ9yOAkavLBKJwmx5XoIjODxLLKbB8c4nolFmGUIsNgmuHLzotZUz%2F2QFcLY2g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a53392192d712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

freegtaov.life/static/your/css/magnific-popup.css

188.114.97.1

200 OK

7.7 kB

URL GET HTTP/3
freegtaov.life/static/your/css/magnific-popup.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freegtaov.life/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreegtaov.life
Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47
ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT

File type
ASCII text, with very long lines (8049), with no line terminators
Size
7.7 kB (7686 bytes)
Hash
ff38520855bf32e67380f0c900e6e71a
33dbded62e37764281e0d5bcc38e48d77760a20d
7b5d633f10e5f270180f5fd9198be0406dfeed30a183f142f3b657fe3c4c6d1b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/your/css/magnific-popup.css HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freegtaov.life/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImxZWHhQSnJMRjM2MTJvV2tpYVpaQXc9PSIsInZhbHVlIjoiY3I1T3JmRzJmeFl2Y2gzcGlmZkxBNGRCNHpNK0JXQlNRYU9HNkNZdmxxbitqVGNONEFSMCsrRmJESFdhd3dKcEx2MFpVejFCOXJkOWlaRVBUSm9jMDhpVjdqN05KQ1RIcGphQlVaaHlHd2FkSmZzSmVjZEhwb1ZpSExGc2RCSEkiLCJtYWMiOiIzMDVhMzJmMzJjODE5MWEyMTQ5ZTg1M2I1MWZhZGJiN2NlNjAyZDMxNjVlY2RlNzkzOTMzMTNiM2MyMjBlOGIzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1iSzJtcE1CWTdVUFg4UmFDSldKbVE9PSIsInZhbHVlIjoiTWVWS3F1WlFneG1OSDZtSjZTNk9tcWh5R1pKZzlhOThvQjVGV002RjQ5V3JRK3dNUHZ2eE92enVMeWtOcjFaUVBCUXEyY21xeVBRaEJuMkVldUNIUngrVWE3V0l6UjZYU1lFYnJiMjJhZ2V2eVpzSXJSdzh2bzhmY1dmblZHTXAiLCJtYWMiOiI0Zjg3OTNiYjAxZmM1MzI2MWFkYWQyYjE4ZWM4OTg0YWU5ZDQyODFmNDM4OTNkNTkzYTUyMjhhZWZlMDA3M2E3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 08:28:46 GMT
content-type: text/css
last-modified: Sat, 07 Oct 2023 06:20:27 GMT
etag: W/"1e06-6071a5a63326a-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2623
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b5%2FpFQW51HkcVGwUK9LLyNiyjQmJBLrFILHRbpU%2FRrREbOg7NtCsbb%2FJ59fobioT2xhulkdiJs6RAzRJNtDY0Dam1A36h%2F%2F5R6ASGF8ZcOpk73o7cDhgqrOoIbWThUEFBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a53389194d712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (42)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations