| freegtaov.life/static/logo.png | 188.114.97.1 | 200 OK | 5.8 kB |
URL GET HTTP/3freegtaov.life/static/logo.png IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectfreegtaov.life Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47 ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT
File typePNG image data, 240 x 80, 8-bit/color RGBA, non-interlaced Hashf12935b050ea09250470148a08554341 655023d8201a493dc0c881d98e73c9b81f994602 8909e47b3a395662a3ef846ede58b1e43ba05278f13f01bc82e7b75412c29f87
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/logo.png HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freegtaov.life/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImxZWHhQSnJMRjM2MTJvV2tpYVpaQXc9PSIsInZhbHVlIjoiY3I1T3JmRzJmeFl2Y2gzcGlmZkxBNGRCNHpNK0JXQlNRYU9HNkNZdmxxbitqVGNONEFSMCsrRmJESFdhd3dKcEx2MFpVejFCOXJkOWlaRVBUSm9jMDhpVjdqN05KQ1RIcGphQlVaaHlHd2FkSmZzSmVjZEhwb1ZpSExGc2RCSEkiLCJtYWMiOiIzMDVhMzJmMzJjODE5MWEyMTQ5ZTg1M2I1MWZhZGJiN2NlNjAyZDMxNjVlY2RlNzkzOTMzMTNiM2MyMjBlOGIzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1iSzJtcE1CWTdVUFg4UmFDSldKbVE9PSIsInZhbHVlIjoiTWVWS3F1WlFneG1OSDZtSjZTNk9tcWh5R1pKZzlhOThvQjVGV002RjQ5V3JRK3dNUHZ2eE92enVMeWtOcjFaUVBCUXEyY21xeVBRaEJuMkVldUNIUngrVWE3V0l6UjZYU1lFYnJiMjJhZ2V2eVpzSXJSdzh2bzhmY1dmblZHTXAiLCJtYWMiOiI0Zjg3OTNiYjAxZmM1MzI2MWFkYWQyYjE4ZWM4OTg0YWU5ZDQyODFmNDM4OTNkNTkzYTUyMjhhZWZlMDA3M2E3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 08:28:46 GMT
content-type: image/png
content-length: 5811
last-modified: Mon, 09 Oct 2023 06:18:37 GMT
etag: "16b3-607428f80f640"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2623
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DOkC2oqYnjLONBcFJMW%2BoCQQUfUhG%2BZ3eJ493YpQra3QZ9djyBvZ90%2BbzLtKNrYxMWN7%2BSvKLhP0oMvm8LQHzWV6i2iTydS9%2FsOMpLC363biwHbdTYiPy%2FgPeUikL06N9g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a533893978712b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| freegtaov.life/static/market/img/payment.png | 188.114.97.1 | 200 OK | 15 kB |
URL GET HTTP/3freegtaov.life/static/market/img/payment.png IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectfreegtaov.life Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47 ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT
File typePNG image data, 342 x 26, 8-bit/color RGBA, non-interlaced Hashd9e27afb8d07e73a5d78c58219db8284 2c8e0b0821ae555b66a6d9ad9d3f3a97d8164f99 1567d764b3ee71f11f52d807789d9a970c60dd195b39f2b295d476308d76aeb3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/market/img/payment.png HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freegtaov.life/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImxZWHhQSnJMRjM2MTJvV2tpYVpaQXc9PSIsInZhbHVlIjoiY3I1T3JmRzJmeFl2Y2gzcGlmZkxBNGRCNHpNK0JXQlNRYU9HNkNZdmxxbitqVGNONEFSMCsrRmJESFdhd3dKcEx2MFpVejFCOXJkOWlaRVBUSm9jMDhpVjdqN05KQ1RIcGphQlVaaHlHd2FkSmZzSmVjZEhwb1ZpSExGc2RCSEkiLCJtYWMiOiIzMDVhMzJmMzJjODE5MWEyMTQ5ZTg1M2I1MWZhZGJiN2NlNjAyZDMxNjVlY2RlNzkzOTMzMTNiM2MyMjBlOGIzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1iSzJtcE1CWTdVUFg4UmFDSldKbVE9PSIsInZhbHVlIjoiTWVWS3F1WlFneG1OSDZtSjZTNk9tcWh5R1pKZzlhOThvQjVGV002RjQ5V3JRK3dNUHZ2eE92enVMeWtOcjFaUVBCUXEyY21xeVBRaEJuMkVldUNIUngrVWE3V0l6UjZYU1lFYnJiMjJhZ2V2eVpzSXJSdzh2bzhmY1dmblZHTXAiLCJtYWMiOiI0Zjg3OTNiYjAxZmM1MzI2MWFkYWQyYjE4ZWM4OTg0YWU5ZDQyODFmNDM4OTNkNTkzYTUyMjhhZWZlMDA3M2E3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 08:28:46 GMT
content-type: image/png
content-length: 14874
last-modified: Sat, 07 Oct 2023 06:20:27 GMT
etag: "3a1a-6071a5a6057e2"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2623
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7UjsCvH5%2FvgXUsBwlHCpOolNr0Oy6sOA%2BFFA32pyHXnT9yjSXCRo0siLrj0hIE0lN4VqnZ35%2BxC92xrEGmyjMKNM0WgzGMcBYvNrpe%2BYC2%2Fgk7DYSmJrfkBOMXGgx%2Bnj8A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a53389397c712b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdnjs.cloudflare.com/ajax/libs/vant/2.12.48/index.css | 104.17.24.14 | 200 OK | 38 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/vant/2.12.48/index.css IP104.17.24.14:443
CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hash9a547188fa485f8ca9b2cc7d6d2524ef 7893335159a1f637eb24cd05aaba96ac156c7f65 897e513fc70a4e1759ceb06ed3c9348d036b36b724dc60d815f9f3124de6f433
GET /ajax/libs/vant/2.12.48/index.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:28:46 GMT
content-type: text/css; charset=utf-8
content-length: 38108
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "62b69136-94dc"
last-modified: Sat, 25 Jun 2022 04:38:14 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 129713
expires: Wed, 16 Apr 2025 08:28:46 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FhApiVocvF5mqoxQnlJ2NKAWRqKKc2BFblM543aUZpqqdtgMM1Q5BjwvRoDHUHDz1FJy%2FGJiWIPbbWzd%2F6kyk6T4Ij89jQ%2Bholi%2BMUgEYGStD0sMJY8RDY%2B7Fl%2BbGFUIt7cBHTMm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87a533896fb05696-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/vant/2.12.48/vant.min.js | 104.17.24.14 | 200 OK | 68 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/vant/2.12.48/vant.min.js IP104.17.24.14:443
CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (57307) Hash0292da744fb4f768ae77370f868a674e 6dbafd633d187d11e2ef0a9a47044fd5646c70fb 068b71488c3a0d9ccf95e76a72a93678f9baf45786e87e0b2dc8f1be25f72468
GET /ajax/libs/vant/2.12.48/vant.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:28:46 GMT
content-type: application/javascript; charset=utf-8
content-length: 67811
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "62b69136-108e3"
last-modified: Sat, 25 Jun 2022 04:38:14 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1348365
expires: Wed, 16 Apr 2025 08:28:46 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DY9ZwCFKllzkLqymU3mjZ3V4hkEJsGmZ9g27Q0126wnBU7ga2Xt0agR0YTOGkKVsEdnJ7B8TmPD%2B6kF6Nc5FXpe6U8W2XNGfgcen3SMlSXuo6bJlwxRxoQLxKDf%2BwVN1CFfqhLXA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87a533897fc45696-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/vue-resource/1.5.3/vue-resource.min.js | 104.17.24.14 | 200 OK | 4.9 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/vue-resource/1.5.3/vue-resource.min.js IP104.17.24.14:443
CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (14957) Hash5f4a59735ca9517d0478f395439bd517 f820c08cf114da8ec451e8eedc0da51dfcba5e02 ff5c4da48c495fd0e611aec47b2986097c0351d5e1a527ab1ea64085dcdcdbe9
GET /ajax/libs/vue-resource/1.5.3/vue-resource.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:28:46 GMT
content-type: application/javascript; charset=utf-8
content-length: 4866
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "60c785b9-1302"
last-modified: Mon, 14 Jun 2021 16:37:13 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 16084
expires: Wed, 16 Apr 2025 08:28:46 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wf8f2g6p5tglDDusWnylp63VucvGD8bS94%2FCv6RRaKDaikgzqwjxU7Ab%2Bu6zhOLzSWFSuBcWGA%2FhYGAnYxpkRkbwd9I3hZu5QEUlb5tlPMBnSyyLOIDb%2FEM6igJeu2Kog15cL8SE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87a533897fc35696-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/Swiper/8.3.2/swiper-bundle.min.css | 104.17.24.14 | 200 OK | 3.9 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/Swiper/8.3.2/swiper-bundle.min.css IP104.17.24.14:443
CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (16213) Hash951eae8c8a442c2940c54d180301ed41 771518669a370d915adf0d207f2a22092a768cd1 4359643e1b6350bffd6e16d543603ea7b393855957e792ac7f9178a81ed0b14d
GET /ajax/libs/Swiper/8.3.2/swiper-bundle.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:28:46 GMT
content-type: text/css; charset=utf-8
content-length: 3945
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "62dffbc4-f69"
last-modified: Tue, 26 Jul 2022 14:35:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 15160
expires: Wed, 16 Apr 2025 08:28:46 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w%2FPctrXeXEsCm9RsmJb0%2BpzR9H9%2BXoWclcM%2FCRtcp1N8lH3gz%2FqLypxfiqXppJwFipEdQrgUJjeNbZI%2B5S3x%2Ft139UFMVdyhVUxLRKpW88PY5pDVdHAMUphkjPQeyk8Qq3EyigOD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87a533898fc65696-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/Swiper/8.3.2/swiper-bundle.js | 104.17.24.14 | 200 OK | 50 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/Swiper/8.3.2/swiper-bundle.js IP104.17.24.14:443
CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text Hashde581e420bf52d70e353080a13094ea8 7e727d99fea8c31c2f2e3173105d585ee3289d31 4eb89fcf77b0f8b3bb92ffae01f6a2773d836e9b15201337de8fe87e7e5c7fa5
GET /ajax/libs/Swiper/8.3.2/swiper-bundle.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:28:46 GMT
content-type: application/javascript; charset=utf-8
content-length: 49876
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "62dffbc4-c2d4"
last-modified: Tue, 26 Jul 2022 14:35:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 8482485
expires: Wed, 16 Apr 2025 08:28:46 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qnl92oqUmx2ok%2FHbSyiNy5lWTdDgVFWpdIforuG1UDfOkZcgnStALsMiWrnaBSXh%2BqUjA7tU%2BTL2REWWRK618NLOD8dGxW31dU%2Bw08wLCJwREO4ruvExaInTXN7aJm70YD9qRHt9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87a533898fc75696-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| freegtaov.life/static/default/img/slide_homepage_1.jpeg | 188.114.97.1 | 200 OK | 214 kB |
URL GET HTTP/3freegtaov.life/static/default/img/slide_homepage_1.jpeg IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectfreegtaov.life Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47 ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2021:05:12 14:10:12], baseline, precision 8, 1903x634, components 3 Size214 kB (214103 bytes) Hash3d26f7692db8907822ed3505c70868f7 74fccb84f865369b53df3f25d777c069a6e89f2e 8e010e987884485474400823a163c12119b1bd9daf886d43253899aee7e71ed1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/default/img/slide_homepage_1.jpeg HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freegtaov.life/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImxZWHhQSnJMRjM2MTJvV2tpYVpaQXc9PSIsInZhbHVlIjoiY3I1T3JmRzJmeFl2Y2gzcGlmZkxBNGRCNHpNK0JXQlNRYU9HNkNZdmxxbitqVGNONEFSMCsrRmJESFdhd3dKcEx2MFpVejFCOXJkOWlaRVBUSm9jMDhpVjdqN05KQ1RIcGphQlVaaHlHd2FkSmZzSmVjZEhwb1ZpSExGc2RCSEkiLCJtYWMiOiIzMDVhMzJmMzJjODE5MWEyMTQ5ZTg1M2I1MWZhZGJiN2NlNjAyZDMxNjVlY2RlNzkzOTMzMTNiM2MyMjBlOGIzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1iSzJtcE1CWTdVUFg4UmFDSldKbVE9PSIsInZhbHVlIjoiTWVWS3F1WlFneG1OSDZtSjZTNk9tcWh5R1pKZzlhOThvQjVGV002RjQ5V3JRK3dNUHZ2eE92enVMeWtOcjFaUVBCUXEyY21xeVBRaEJuMkVldUNIUngrVWE3V0l6UjZYU1lFYnJiMjJhZ2V2eVpzSXJSdzh2bzhmY1dmblZHTXAiLCJtYWMiOiI0Zjg3OTNiYjAxZmM1MzI2MWFkYWQyYjE4ZWM4OTg0YWU5ZDQyODFmNDM4OTNkNTkzYTUyMjhhZWZlMDA3M2E3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 08:28:47 GMT
content-type: image/jpeg
content-length: 214103
last-modified: Sat, 07 Oct 2023 06:20:26 GMT
etag: "34457-6071a5a5dbbdb"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m%2BKo2P4K4sFUqcz9hB2dz9VB7ptSEWt8KWnL4qJQpG4h2Lqa9noeG0tvbuKcVPh3ifY0izbNyVb8mU65EjXPh2St7J0olwMfXWWIkFcXwtl3J9RsKOwiPZuXEDwZr68kkA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a533893979712b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| freegtaov.life/static/your/img/service.jpg | 188.114.97.1 | 200 OK | 127 kB |
URL GET HTTP/3freegtaov.life/static/your/img/service.jpg IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectfreegtaov.life Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47 ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 570x402, components 3 Size127 kB (126971 bytes) Hash6894acf30e9989c857a5e16e63672fa2 e6ebc3536d436f1aa697e2aac0827ab87bdfc4b4 e47e5927563c41d710a8f0099f89098843e69c4289fa25445467ebe4b96559f9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/your/img/service.jpg HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freegtaov.life/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImxZWHhQSnJMRjM2MTJvV2tpYVpaQXc9PSIsInZhbHVlIjoiY3I1T3JmRzJmeFl2Y2gzcGlmZkxBNGRCNHpNK0JXQlNRYU9HNkNZdmxxbitqVGNONEFSMCsrRmJESFdhd3dKcEx2MFpVejFCOXJkOWlaRVBUSm9jMDhpVjdqN05KQ1RIcGphQlVaaHlHd2FkSmZzSmVjZEhwb1ZpSExGc2RCSEkiLCJtYWMiOiIzMDVhMzJmMzJjODE5MWEyMTQ5ZTg1M2I1MWZhZGJiN2NlNjAyZDMxNjVlY2RlNzkzOTMzMTNiM2MyMjBlOGIzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1iSzJtcE1CWTdVUFg4UmFDSldKbVE9PSIsInZhbHVlIjoiTWVWS3F1WlFneG1OSDZtSjZTNk9tcWh5R1pKZzlhOThvQjVGV002RjQ5V3JRK3dNUHZ2eE92enVMeWtOcjFaUVBCUXEyY21xeVBRaEJuMkVldUNIUngrVWE3V0l6UjZYU1lFYnJiMjJhZ2V2eVpzSXJSdzh2bzhmY1dmblZHTXAiLCJtYWMiOiI0Zjg3OTNiYjAxZmM1MzI2MWFkYWQyYjE4ZWM4OTg0YWU5ZDQyODFmNDM4OTNkNTkzYTUyMjhhZWZlMDA3M2E3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 08:28:47 GMT
content-type: image/jpeg
content-length: 126971
last-modified: Sat, 07 Oct 2023 06:20:27 GMT
etag: "1effb-6071a5a637ca4"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5jB6lT%2Bij3GD2ZWB5QzJqbB8BTImFg804oZNHacWJmVwY4phjJfImHsc7cT3vvCcCeoLC1l5JxXLLw3KBJfpBI%2FakmNCsBxfexExaBaEoARO3I1fpzQm0%2Fd7YnqCfHpTRg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a53389397a712b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| freegtaov.life/static/your/img/footer-bg.jpg | 188.114.97.1 | 200 OK | 171 kB |
URL GET HTTP/3freegtaov.life/static/your/img/footer-bg.jpg IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectfreegtaov.life Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47 ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x425, components 3 Size171 kB (170800 bytes) Hash01aad85abef2e701361ee4ded47754e4 cc6770719c0b7639740145824e048f339340c0c7 73eb0994db66a8e45749f3fd6b0b5d32416d5654eb867f0bf9819a6cd65e8aba
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/your/img/footer-bg.jpg HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freegtaov.life/static/your/css/stylesheet.css
Cookie: XSRF-TOKEN=eyJpdiI6ImxZWHhQSnJMRjM2MTJvV2tpYVpaQXc9PSIsInZhbHVlIjoiY3I1T3JmRzJmeFl2Y2gzcGlmZkxBNGRCNHpNK0JXQlNRYU9HNkNZdmxxbitqVGNONEFSMCsrRmJESFdhd3dKcEx2MFpVejFCOXJkOWlaRVBUSm9jMDhpVjdqN05KQ1RIcGphQlVaaHlHd2FkSmZzSmVjZEhwb1ZpSExGc2RCSEkiLCJtYWMiOiIzMDVhMzJmMzJjODE5MWEyMTQ5ZTg1M2I1MWZhZGJiN2NlNjAyZDMxNjVlY2RlNzkzOTMzMTNiM2MyMjBlOGIzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1iSzJtcE1CWTdVUFg4UmFDSldKbVE9PSIsInZhbHVlIjoiTWVWS3F1WlFneG1OSDZtSjZTNk9tcWh5R1pKZzlhOThvQjVGV002RjQ5V3JRK3dNUHZ2eE92enVMeWtOcjFaUVBCUXEyY21xeVBRaEJuMkVldUNIUngrVWE3V0l6UjZYU1lFYnJiMjJhZ2V2eVpzSXJSdzh2bzhmY1dmblZHTXAiLCJtYWMiOiI0Zjg3OTNiYjAxZmM1MzI2MWFkYWQyYjE4ZWM4OTg0YWU5ZDQyODFmNDM4OTNkNTkzYTUyMjhhZWZlMDA3M2E3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 08:28:47 GMT
content-type: image/jpeg
content-length: 170800
last-modified: Sat, 07 Oct 2023 06:20:27 GMT
etag: "29b30-6071a5a636533"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2623
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G0Fy6sQTahckFV8jhr7qQy1BDIta3Que3%2FFpVmSSkNMkwkNKnjLDA1sNhkoTnM7ctluMk5B3KuukKB7WhLkk0s%2BfilOiu%2BHSZSIxGFiHnVkcXWSqgYq2URhTgQ8UdGgB3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a5338d8d49712b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| freegtaov.life/static/your/css/jquery-ui.min.css | 188.114.97.1 | 200 OK | 13 kB |
URL GET HTTP/3freegtaov.life/static/your/css/jquery-ui.min.css IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectfreegtaov.life Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47 ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT
File typeASCII text, with very long lines (15129) Hash1f29bef8e189e09389ee650069da29d0 85ec0a5126e957e1f0596cf84010cf41e1fa321c 3d94f00ea8118cfa7a40019dd8696ebf16aebdd92f0ff5fec0411e97b8b7c44c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/your/css/jquery-ui.min.css HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freegtaov.life/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImxZWHhQSnJMRjM2MTJvV2tpYVpaQXc9PSIsInZhbHVlIjoiY3I1T3JmRzJmeFl2Y2gzcGlmZkxBNGRCNHpNK0JXQlNRYU9HNkNZdmxxbitqVGNONEFSMCsrRmJESFdhd3dKcEx2MFpVejFCOXJkOWlaRVBUSm9jMDhpVjdqN05KQ1RIcGphQlVaaHlHd2FkSmZzSmVjZEhwb1ZpSExGc2RCSEkiLCJtYWMiOiIzMDVhMzJmMzJjODE5MWEyMTQ5ZTg1M2I1MWZhZGJiN2NlNjAyZDMxNjVlY2RlNzkzOTMzMTNiM2MyMjBlOGIzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1iSzJtcE1CWTdVUFg4UmFDSldKbVE9PSIsInZhbHVlIjoiTWVWS3F1WlFneG1OSDZtSjZTNk9tcWh5R1pKZzlhOThvQjVGV002RjQ5V3JRK3dNUHZ2eE92enVMeWtOcjFaUVBCUXEyY21xeVBRaEJuMkVldUNIUngrVWE3V0l6UjZYU1lFYnJiMjJhZ2V2eVpzSXJSdzh2bzhmY1dmblZHTXAiLCJtYWMiOiI0Zjg3OTNiYjAxZmM1MzI2MWFkYWQyYjE4ZWM4OTg0YWU5ZDQyODFmNDM4OTNkNTkzYTUyMjhhZWZlMDA3M2E3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 08:28:46 GMT
content-type: text/css
last-modified: Sat, 07 Oct 2023 06:20:27 GMT
etag: W/"415a-6071a5a63326a-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2623
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=70WNjSMY0FQyuqGnnA7f9OApKoPptv8%2Bnz9irPhpzPd0AGUTls2FzfuVJ0E38FchkuZms6EOKZqu72HVI6HKxkdsWqTzF7vWk%2BN6plnn1E2ZWYdA%2FQABFLzy0r4zSAapIA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a533891959712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freegtaov.life/static/market/js/jquery.min.js | 188.114.97.1 | 200 OK | 34 kB |
URL GET HTTP/3freegtaov.life/static/market/js/jquery.min.js IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectfreegtaov.life Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47 ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT
File typeJavaScript source, ASCII text, with very long lines (32061) Hashe40ec2161fe7993196f23c8a07346306 afb90752e0a90c24b7f724faca86c5f3d15d1178 874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/market/js/jquery.min.js HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freegtaov.life/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImxZWHhQSnJMRjM2MTJvV2tpYVpaQXc9PSIsInZhbHVlIjoiY3I1T3JmRzJmeFl2Y2gzcGlmZkxBNGRCNHpNK0JXQlNRYU9HNkNZdmxxbitqVGNONEFSMCsrRmJESFdhd3dKcEx2MFpVejFCOXJkOWlaRVBUSm9jMDhpVjdqN05KQ1RIcGphQlVaaHlHd2FkSmZzSmVjZEhwb1ZpSExGc2RCSEkiLCJtYWMiOiIzMDVhMzJmMzJjODE5MWEyMTQ5ZTg1M2I1MWZhZGJiN2NlNjAyZDMxNjVlY2RlNzkzOTMzMTNiM2MyMjBlOGIzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1iSzJtcE1CWTdVUFg4UmFDSldKbVE9PSIsInZhbHVlIjoiTWVWS3F1WlFneG1OSDZtSjZTNk9tcWh5R1pKZzlhOThvQjVGV002RjQ5V3JRK3dNUHZ2eE92enVMeWtOcjFaUVBCUXEyY21xeVBRaEJuMkVldUNIUngrVWE3V0l6UjZYU1lFYnJiMjJhZ2V2eVpzSXJSdzh2bzhmY1dmblZHTXAiLCJtYWMiOiI0Zjg3OTNiYjAxZmM1MzI2MWFkYWQyYjE4ZWM4OTg0YWU5ZDQyODFmNDM4OTNkNTkzYTUyMjhhZWZlMDA3M2E3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 08:28:46 GMT
content-type: application/javascript
last-modified: Sat, 07 Oct 2023 06:20:27 GMT
etag: W/"14915-6071a5a60733b-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2623
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sZDdckAGfDks7Go4mdVxEk%2FtUI55p%2B0OqV7PNXLyFzNh9ff1ZaduvGIC%2BBlhWMdCHB1boXjtK1EPS%2Fuhi1UnWvT1sBdIWhTqfh5hm4fAzNNzH2kipTmDsrWOGzgZkAXpTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a53389195d712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freegtaov.life/static/default/js/delighters.js | 188.114.97.1 | 200 OK | 5.2 kB |
URL GET HTTP/3freegtaov.life/static/default/js/delighters.js IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectfreegtaov.life Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47 ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT
Hashcc31823856831d96acd96628fe1bc12c 4441d2792dc7fb9f54cde379cd6dd5085ae7af33 0636cf1e7380cd58da452b76c4f7d8d902d25c735188b56d005c73a127bae19d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/default/js/delighters.js HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freegtaov.life/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImxZWHhQSnJMRjM2MTJvV2tpYVpaQXc9PSIsInZhbHVlIjoiY3I1T3JmRzJmeFl2Y2gzcGlmZkxBNGRCNHpNK0JXQlNRYU9HNkNZdmxxbitqVGNONEFSMCsrRmJESFdhd3dKcEx2MFpVejFCOXJkOWlaRVBUSm9jMDhpVjdqN05KQ1RIcGphQlVaaHlHd2FkSmZzSmVjZEhwb1ZpSExGc2RCSEkiLCJtYWMiOiIzMDVhMzJmMzJjODE5MWEyMTQ5ZTg1M2I1MWZhZGJiN2NlNjAyZDMxNjVlY2RlNzkzOTMzMTNiM2MyMjBlOGIzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1iSzJtcE1CWTdVUFg4UmFDSldKbVE9PSIsInZhbHVlIjoiTWVWS3F1WlFneG1OSDZtSjZTNk9tcWh5R1pKZzlhOThvQjVGV002RjQ5V3JRK3dNUHZ2eE92enVMeWtOcjFaUVBCUXEyY21xeVBRaEJuMkVldUNIUngrVWE3V0l6UjZYU1lFYnJiMjJhZ2V2eVpzSXJSdzh2bzhmY1dmblZHTXAiLCJtYWMiOiI0Zjg3OTNiYjAxZmM1MzI2MWFkYWQyYjE4ZWM4OTg0YWU5ZDQyODFmNDM4OTNkNTkzYTUyMjhhZWZlMDA3M2E3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 08:28:47 GMT
content-type: application/javascript
last-modified: Sat, 07 Oct 2023 06:20:26 GMT
etag: W/"a4b-6071a5a5dc794-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2624
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=owvOOWR6FLn85pCbYUELnVZzTvVU%2B2tmJp5zLUUi0l0G%2FS3%2FE6pbAZVkHnz41XAwyp9henKFn0gyrO92lGksMXrbKgyAx4mcIjPUPFxnVMgQwSU4ASZSwdNbMDjlwQQGww%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a5338c2bd9712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| images.ctfassets.net/2djrn56blv6r/7LIT43d1Cl41DLThqIq5vp/3997af2f6344408a9ddfecc1866e278d/Dog-Years-Chart.jpg?fm=webp&q=75&w=1920 | 143.204.55.77 | 200 OK | 40 kB |
URL GET HTTP/2images.ctfassets.net/2djrn56blv6r/7LIT43d1Cl41DLThqIq5vp/3997af2f6344408a9ddfecc1866e278d/Dog-Years-Chart.jpg?fm=webp&q=75&w=1920 IP143.204.55.77:443
CertificateIssuerAmazon Subjectimages.ctfassets.net FingerprintB4:AD:54:1E:42:5A:BC:E5:5F:19:1A:F9:8B:06:8A:D3:F0:46:11:88 ValidityTue, 19 Dec 2023 00:00:00 GMT - Thu, 16 Jan 2025 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 800x800, Scaling: [none]x[none], YUV color, decoders should clamp Hash2582f2660d07d56976ebae7d8d145a1e e996c507a3c3f53e0ebd149ef266248c6e088191 becaec3113440a309bd6b9263dff4effde1a44871344fcb29990c87972de3ac6
GET /2djrn56blv6r/7LIT43d1Cl41DLThqIq5vp/3997af2f6344408a9ddfecc1866e278d/Dog-Years-Chart.jpg?fm=webp&q=75&w=1920 HTTP/1.1
Host: images.ctfassets.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/webp
content-length: 39982
etag: "2582f2660d07d56976ebae7d8d145a1e"
last-modified: Mon, 15 Apr 2024 13:09:53 GMT
date: Fri, 26 Apr 2024 06:26:26 GMT
cache-control: max-age=31536000
server: Contentful Images API
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: K-Oonu-BVAaJOCryZhjXGEZdPhw_OsqIFSLDDgLFiwy0NyTw22iXvQ==
age: 7344
X-Firefox-Spdy: h2
|
|
| cdn.shortpixel.ai/spai/q_lossy+w_977+to_webp+ret_img/thetechreviewer.com/wp-content/uploads//2016/05/Netgear20Nighthawk20X4s-9-1024x650.jpg | 194.242.11.186 | 200 OK | 71 kB |
URL GET HTTP/2cdn.shortpixel.ai/spai/q_lossy+w_977+to_webp+ret_img/thetechreviewer.com/wp-content/uploads//2016/05/Netgear20Nighthawk20X4s-9-1024x650.jpg IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
CertificateIssuerLet's Encrypt Subjectcdn.shortpixel.ai Fingerprint8D:F9:8F:AD:3B:D5:81:08:75:6C:F4:1B:CC:E1:FC:2A:5C:75:0D:1F ValiditySat, 06 Apr 2024 15:08:39 GMT - Fri, 05 Jul 2024 15:08:38 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, comment: "Compressed by jpeg-recompress", baseline, precision 8, 1024x650, components 3 Hashac4070fde3d09d88d08b3c1c75245fe0 d38a99d5f90c6759fcdea10dff790700d11d2c00 d81c2e26c20f42b6af2991c6a9598afbb08c4f170641ea3292c8ae5ea17e706c
GET /spai/q_lossy+w_977+to_webp+ret_img/thetechreviewer.com/wp-content/uploads//2016/05/Netgear20Nighthawk20X4s-9-1024x650.jpg HTTP/1.1
Host: cdn.shortpixel.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:28:50 GMT
content-type: image/webp
content-length: 70699
server: BunnyCDN-NO1-830
cdn-pullzone: 257218
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000, s-maxage=604800
etag: 5f25f11ef2747c5aea4cd2e80a6263d9
expires: Sat, 26 Apr 2025 08:28:50 GMT
pragma: cache
cdn-cachedat: 04/26/2024 08:28:50
link: <https://thetechreviewer.com/wp-content/uploads//2016/05/Netgear20Nighthawk20X4s-9-1024x650.jpg>; rel="canonical"
cdn-tag: 553269; Domain: thetechreviewer.com; 200
xtag-sp-debug: SLT: 0.011
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: a9200ba3744cd11c04b63739152275bf
cdn-cache: MISS
X-Firefox-Spdy: h2
|
|
| simracingsetup.com/wp-content/uploads/2022/04/Fanatec-CSL-DD-Design.jpg | 104.21.42.5 | 200 OK | 43 kB |
URL GET HTTP/2simracingsetup.com/wp-content/uploads/2022/04/Fanatec-CSL-DD-Design.jpg IP104.21.42.5:443
CertificateIssuerLet's Encrypt Subjectsimracingsetup.com Fingerprint2C:73:46:ED:7F:45:6D:BD:71:B3:96:14:6A:A9:2F:2C:54:D0:9B:A4 ValidityThu, 07 Mar 2024 19:06:57 GMT - Wed, 05 Jun 2024 19:06:56 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 1280x720, components 3 Hashc9e7ea5026b81a87cf0582c17a0c1fb0 1b1a9d11b1436973c16511c7126c9f8d0848c0f0 85ea83d3d6d87d0c2051f858220410cf51f249f921cdfa2eb1f841c323ce2e36
GET /wp-content/uploads/2022/04/Fanatec-CSL-DD-Design.jpg HTTP/1.1
Host: simracingsetup.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:28:50 GMT
content-type: image/jpeg
content-length: 43137
cache-control: public, max-age=31536000
expires: Mon, 24 Jun 2024 08:29:25 GMT
last-modified: Tue, 19 Apr 2022 13:51:05 GMT
etag: "a881-625ebe49-e0564405cdfe2327;;;"
vary: User-Agent, Accept-Encoding
wpx: 1
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 86365
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zQb%2FDHRN4EDXfvI0lbFfFZpbojuOkbMb9drH%2F08qcIR2ysRuq%2FuxQy2oxQSVXZou9ivLQnu99CHOo15muVnbMKJFrFdz3hXm2OOxJ26m8enwPhauWYOH8aOOuN2%2FF6RDOnVgfj0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a5339d8bfe56a9-OSL
X-Firefox-Spdy: h2
|
|
| cdn.webshopapp.com/shops/125574/files/426226750/essence-lash-princess-false-lash-effect-mascara.jpg | 104.17.156.30 | 200 OK | 131 kB |
URL GET HTTP/2cdn.webshopapp.com/shops/125574/files/426226750/essence-lash-princess-false-lash-effect-mascara.jpg IP104.17.156.30:443
CertificateIssuerCloudflare, Inc. Subjectwebshopapp.com FingerprintDF:2B:5A:79:AC:4C:C9:7F:B5:52:E6:41:19:28:30:C4:9F:F0:DE:27 ValidityWed, 27 Dec 2023 00:00:00 GMT - Thu, 26 Dec 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 866x871, components 3 Size131 kB (130963 bytes) Hashf462ecf751645a1bd3f7c2af6063ee81 fd480392d68f02aa4e45830b76295c5e8e8b08b3 0239a7b936e70b111631a2600018dbdef224a921162f14b2af79fe2f5ce0ad71
GET /shops/125574/files/426226750/essence-lash-princess-false-lash-effect-mascara.jpg HTTP/1.1
Host: cdn.webshopapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:28:50 GMT
content-type: image/jpeg
content-length: 130963
cache-control: public, max-age=31536000
x-amz-server-side-encryption: AES256
x-envoy-upstream-service-time: 79
access-control-allow-origin: *
last-modified: Mon, 20 Mar 2023 12:12:59 GMT
x-content-type-options: nosniff
x-request-id: 3d8bf71649abbd9ccfd1aba038d95fc4
x-resource-id: file:207160198
x-runtime: 0.021920
x-xss-protection: 1; mode=block
cf-cache-status: MISS
expires: Sat, 26 Apr 2025 08:28:50 GMT
accept-ranges: bytes
set-cookie: __cf_bm=y8hJVZcSLa.ninMZVhiynxA_HAbDY6DNWxjgMJxMiik-1714120130-1.0.1.1-00Er1Ktg4PdvcrpHrBFXrrKaiQAxCfbUbPLWVjzB8tdwxGWp9ViDnY5..Bm2MX7UA4R6pzcAaDRXGJuGE4C9Sw; path=/; expires=Fri, 26-Apr-24 08:58:50 GMT; domain=.webshopapp.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 87a5339d1ada7131-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| i8.amplience.net/s/scvl/144460_308637_SET/2?fmt=auto&$webPdpProduct$ | 104.18.32.90 | 200 OK | 31 kB |
URL GET HTTP/2i8.amplience.net/s/scvl/144460_308637_SET/2?fmt=auto&$webPdpProduct$ IP104.18.32.90:443
CertificateIssuerDigiCert Inc Subjecta.sni.dm.amplience.net FingerprintAD:98:39:C7:A2:7D:13:0B:C9:7A:29:4E:21:E4:C6:81:74:E4:25:83 ValidityTue, 29 Aug 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
Hashc98c10491462d86e34ddc7e1bd59fe91 eab0f236bf5d13c3b95a7f2d48a2bab657b6057b 177274f1b896597413b05e144dc4c2d783a754dd9f5d822f9895d4869546e83a
GET /s/scvl/144460_308637_SET/2?fmt=auto&$webPdpProduct$ HTTP/1.1
Host: i8.amplience.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:28:50 GMT
content-type: image/avif
content-length: 31329
cf-ray: 87a5339e4e855691-OSL
cf-cache-status: MISS
accept-ranges: bytes
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=1800
last-modified: Fri, 26 Apr 2024 08:28:50 GMT
vary: Accept-Encoding
edge-cache-tag: mA5RSQ4wr,WWwde7iQa,_F3Qnaiz2,HrbwLGq9P,2nzkQBCSx,1yrG5ILA3
edge-control: max-age=86400
x-amp-cf-worker: true
x-amp-published: Wed, 30 Nov 2022 22:03:43 GMT
x-amp-source-height: 1130
x-amp-source-width: 1333
x-amp-srv: CF
x-frame-options: DENY
x-req-id: EBzP2CXhPf
x-xss-protection: 1; mode=block
server: cloudflare
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| weaponxmotorsports.com/cdn/shop/products/450-401007-na1600.1581141140_grande_2x.jpg?v=1582332373 | 23.227.38.32 | 200 OK | 64 kB |
URL GET HTTP/2weaponxmotorsports.com/cdn/shop/products/450-401007-na1600.1581141140_grande_2x.jpg?v=1582332373 IP23.227.38.32:443
CertificateIssuerLet's Encrypt Subjectweaponxmotorsports.com FingerprintEC:13:2B:03:12:79:8D:A1:E8:17:1E:1B:DA:22:0E:3D:8B:BF:22:AB ValiditySat, 20 Apr 2024 12:33:10 GMT - Fri, 19 Jul 2024 12:33:09 GMT
File typeRIFF (little-endian) data, Web/P image Hash4806b6f3ed4e6bca64cd74a0ae28d286 cee2280e10c104fb040238f55c7735dbbe016fd4 c681f1c69482d04f6d98b317b714e806e5c325228f6d80dfd9082a4e3128fb6c
GET /cdn/shop/products/450-401007-na1600.1581141140_grande_2x.jpg?v=1582332373 HTTP/1.1
Host: weaponxmotorsports.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:28:50 GMT
content-type: image/webp
content-length: 64530
x-sorting-hat-podid: 245
x-sorting-hat-shopid: 1838297
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
source-length: 170297
source-type: image/jpeg
timing-allow-origin: *
vary: Accept, Accept-Encoding
x-content-type-options: nosniff
x-request-id: 442cd2c9-aa6e-4ae4-b1b8-14965171d8ce-1714069923
x-xss-protection: 1; mode=block
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-dc: gcp-us-central1,gcp-us-central1
last-modified: Thu, 25 Apr 2024 18:32:04 GMT
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EWHwDNGgQ%2BYlAQBFKmGi5xVEDpYbxBGRRUUAbr%2FiRyyorcwDetVhFXRqMIjZesOvVm2E0eiifmO36DYmTfZavtvexaxLHYBzhcahWV3kA8Xz5AOc1D0phTaiwA6ZXHcxT9MF%2FO71lKs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=479.300, imageryFetch;dur=70.456, imageryProcess;dur=408.155;desc="image", cfRequestDuration;dur=200.999975
x-permitted-cross-domain-policies: none
x-download-options: noopen
server: cloudflare
cf-ray: 87a5339e29c692b5-CPH
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ae01.alicdn.com/kf/HTB1boEPpruWBuNjSszgq6z8jVXad.jpg?width=1000&height=1000&hash=2000 | 47.246.44.250 | 200 OK | 35 kB |
URL GET HTTP/2ae01.alicdn.com/kf/HTB1boEPpruWBuNjSszgq6z8jVXad.jpg?width=1000&height=1000&hash=2000 IP47.246.44.250:443 ASN#24429 Zhejiang Taobao Network Co.,Ltd
CertificateIssuerGlobalSign nv-sa Subject*.tbcdn.cn Fingerprint29:04:BE:E6:49:30:F7:DC:C0:BE:56:8F:B4:AC:24:9B:50:1A:F7:E2 ValidityTue, 26 Dec 2023 03:36:04 GMT - Tue, 30 Jul 2024 02:26:11 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1000x1000, Scaling: [none]x[none], YUV color, decoders should clamp Hash830829f2e9c95ccdd21eb098c68913a6 33b6e678fb872223b8d6d378aa3bd8f6ccc8b934 1a4c6dc32f724357dcc713c8c63dd59b3b8b549666b12b5dcd52096bbe59d408
GET /kf/HTB1boEPpruWBuNjSszgq6z8jVXad.jpg?width=1000&height=1000&hash=2000 HTTP/1.1
Host: ae01.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
content-type: image/webp
content-length: 35044
date: Fri, 26 Apr 2024 08:28:50 GMT
traceid: 2ff62ca617141201301901104e
last-modified: Thu, 03 Mar 2022 12:05:46 GMT
cache-control: max-age=86400000
access-control-allow-origin: *
eagleeye-traceid: 2ff62ca617141201301901104e
strict-transport-security: max-age=0
timing-allow-origin: *, *
ali-swift-global-savetime: 1714120130
via: cache15.l2de2[288,288,200-0,M], cache25.l2de2[289,0], ens-cache1.se2[312,311,200-0,M], ens-cache18.se2[313,0]
age: 0
x-cache: MISS TCP_MISS dirn:-2:-2
x-swift-savetime: Fri, 26 Apr 2024 08:28:50 GMT
x-swift-cachetime: 31104000
cdn-type: alibaba
eagleid: 2ff62ca617141201301901104e
X-Firefox-Spdy: h2
|
|
| freegtaov.life/api/item/random?num=12&name=hot | 188.114.97.1 | 200 OK | 49 kB |
URL GET HTTP/3freegtaov.life/api/item/random?num=12&name=hot IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectfreegtaov.life Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47 ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT
Hashf729b549d21ca34d97cdc984baa84cde d62fe833a72318070c2d6bc66c799ad8d900f5f2 334430d2ae05c01295e3c53bb2526fc063ba11a7e515faa99326dc9d84a1dacf
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /api/item/random?num=12&name=hot HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freegtaov.life/
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImxZWHhQSnJMRjM2MTJvV2tpYVpaQXc9PSIsInZhbHVlIjoiY3I1T3JmRzJmeFl2Y2gzcGlmZkxBNGRCNHpNK0JXQlNRYU9HNkNZdmxxbitqVGNONEFSMCsrRmJESFdhd3dKcEx2MFpVejFCOXJkOWlaRVBUSm9jMDhpVjdqN05KQ1RIcGphQlVaaHlHd2FkSmZzSmVjZEhwb1ZpSExGc2RCSEkiLCJtYWMiOiIzMDVhMzJmMzJjODE5MWEyMTQ5ZTg1M2I1MWZhZGJiN2NlNjAyZDMxNjVlY2RlNzkzOTMzMTNiM2MyMjBlOGIzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1iSzJtcE1CWTdVUFg4UmFDSldKbVE9PSIsInZhbHVlIjoiTWVWS3F1WlFneG1OSDZtSjZTNk9tcWh5R1pKZzlhOThvQjVGV002RjQ5V3JRK3dNUHZ2eE92enVMeWtOcjFaUVBCUXEyY21xeVBRaEJuMkVldUNIUngrVWE3V0l6UjZYU1lFYnJiMjJhZ2V2eVpzSXJSdzh2bzhmY1dmblZHTXAiLCJtYWMiOiI0Zjg3OTNiYjAxZmM1MzI2MWFkYWQyYjE4ZWM4OTg0YWU5ZDQyODFmNDM4OTNkNTkzYTUyMjhhZWZlMDA3M2E3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 08:28:50 GMT
content-type: application/json
cache-control: no-cache, private
x-ratelimit-limit: 60
x-ratelimit-remaining: 57
access-control-allow-origin: *
set-cookie: laravel_session=eyJpdiI6ImYyUHlBK0RySHR4NmxwYmVqVzVGalE9PSIsInZhbHVlIjoiMk83eGIzYytMNlJBZWpBczJBWm9NSmFSUHhqbFBtUXlvWStGdFJxNlFBQnp3aUJadEtGVitvN2t3MHFYMytkTHJhaVJadU94dXBUazNNYS9zREtYMUZGamEvTXZ4YUZEWDVuSUNOczVpaFNnTk9LRW9BRHNjZHVWbXNuRnNwU0kiLCJtYWMiOiI4YmEwNzZjODZhNmU1M2YxZDgzNGE4NzVmMTk4MjU2YTk5MTg5OWI2MWVkMGMwNWM3YzdkNzg0N2E4MmZlNDg4IiwidGFnIjoiIn0%3D; expires=Fri, 26-Apr-2024 10:28:50 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R9LHUgfpMilvZMUmgHpq9rtraigskD7aq0LjgiigDVr5Jdq3Qn4cKoIH6JcQZhgnZOqILeR%2Fvponyo1wSv9AtbeJ8FZPSnxIr%2BFlP7n6dPGIGk%2BJIh0W7PuG4Pdi17JVUw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a5338d2cfa712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freegtaov.life/traffic_statistics?gurl= | 188.114.97.1 | 200 OK | 2.7 kB |
URL GET HTTP/3freegtaov.life/traffic_statistics?gurl= IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectfreegtaov.life Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47 ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT
Hash4d099a9fc7aafeee6b4afb7ee97ba05c 69a063f93eea790a297293f7791794a874aab7ae 6cab4c6ce6158ad3a0442256afe33eeeaa3e9b940f1189055fc3defa692ce302
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /traffic_statistics?gurl= HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freegtaov.life/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImxZWHhQSnJMRjM2MTJvV2tpYVpaQXc9PSIsInZhbHVlIjoiY3I1T3JmRzJmeFl2Y2gzcGlmZkxBNGRCNHpNK0JXQlNRYU9HNkNZdmxxbitqVGNONEFSMCsrRmJESFdhd3dKcEx2MFpVejFCOXJkOWlaRVBUSm9jMDhpVjdqN05KQ1RIcGphQlVaaHlHd2FkSmZzSmVjZEhwb1ZpSExGc2RCSEkiLCJtYWMiOiIzMDVhMzJmMzJjODE5MWEyMTQ5ZTg1M2I1MWZhZGJiN2NlNjAyZDMxNjVlY2RlNzkzOTMzMTNiM2MyMjBlOGIzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1iSzJtcE1CWTdVUFg4UmFDSldKbVE9PSIsInZhbHVlIjoiTWVWS3F1WlFneG1OSDZtSjZTNk9tcWh5R1pKZzlhOThvQjVGV002RjQ5V3JRK3dNUHZ2eE92enVMeWtOcjFaUVBCUXEyY21xeVBRaEJuMkVldUNIUngrVWE3V0l6UjZYU1lFYnJiMjJhZ2V2eVpzSXJSdzh2bzhmY1dmblZHTXAiLCJtYWMiOiI0Zjg3OTNiYjAxZmM1MzI2MWFkYWQyYjE4ZWM4OTg0YWU5ZDQyODFmNDM4OTNkNTkzYTUyMjhhZWZlMDA3M2E3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 08:28:48 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6Im94NElBeExqenFPU25zVTFjSHhrTmc9PSIsInZhbHVlIjoiUXp0MVJIb2hKUlIydEpCUTN1bC9xbFc1Vkd0MU4yTUlxeXB1Y25pa05MdzB4Z2p6QUpxZ201OW5uanFVY0RoQ0VCeU4zQzFtQnQvVU05SmRpRU4rdmwrRXpWREtvbDNKaWo4Y29kamIyQXEraWJrczQydlJvMGY4VENkaGtwZ0giLCJtYWMiOiIzMDc5ZDgwZDg0NTQxY2EwN2Q5ODMyNWYzMTM0ZDFlNDU5NjY2ZGJkZjFlMjJlYjAzZDdkOTRmODdmYzhlZGRlIiwidGFnIjoiIn0%3D; expires=Fri, 26-Apr-2024 10:28:48 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6IjZtc1RUd2FBdlpBM3UybkVPNkRKYlE9PSIsInZhbHVlIjoieFpENnJkM3UyRGhwTkN3VXBsSjNoU2xxWDYwUU9SVjZ5dEtTd3Q4WExHelRzZHA2NlAreHduNFdmcHhzQXl1MXpweFVmcURSTnAyYzI0cmlQaHBNNSt6WkN4eWh1NlQrT0s3UTUrTFVDTVRoQlhSRzBUZmorVlN0NUx0dlJJdWoiLCJtYWMiOiI0OWVkNTJjYWVkNzA4ZTY0ZDAxMmQ4MmU0OWQwZjc3YmMwNmZlODgyMGUyNDE3ZTg3OWUwNDljMzg1MGI0NGJkIiwidGFnIjoiIn0%3D; expires=Fri, 26-Apr-2024 10:28:48 GMT; Max-Age=7200; path=/; httponly; samesite=lax
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B7yVFinr7kwupuWwsTiAt8EL3VUwJ8dFeYt2bDKahR9owacO5ZL17dqdRKgQ%2FnEh5PhZsKD7Ewac%2Fra31hYLW5Htg6hJS3LfUNGktmV0MNRJIVNBLXfJ64GzrSe3i4jIhw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a5338d6d2f712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| image.made-in-china.com/2f0j00RoWiYSHGJVlc/Men-Jean-Skinny-Slim-Fashion-Low-Price-Pants.webp | 172.64.144.96 | 200 OK | 73 kB |
URL GET HTTP/2image.made-in-china.com/2f0j00RoWiYSHGJVlc/Men-Jean-Skinny-Slim-Fashion-Low-Price-Pants.webp IP172.64.144.96:443
CertificateIssuerDigiCert Inc Subject*.made-in-china.com Fingerprint08:A6:EC:AC:16:3B:C8:79:4D:B7:4C:06:2D:AA:88:7D:12:94:C5:AD ValidityMon, 21 Aug 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 789x895, Scaling: [none]x[none], YUV color, decoders should clamp Hash79ad7cc016f0279060b80a452b6f17c6 3ff1ab7077522270647943bdec1e75c435eab520 769203b93bb56125734607e8db440b0011b963ae7afac85856b08417597095b2
GET /2f0j00RoWiYSHGJVlc/Men-Jean-Skinny-Slim-Fashion-Low-Price-Pants.webp HTTP/1.1
Host: image.made-in-china.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:28:50 GMT
content-type: image/webp
content-length: 72958
last-modified: Wed, 17 Nov 2021 05:27:07 GMT
expires: Fri, 28 Sep 2970 06:00:00 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
origin-agent-cluster: ?0
cf-cache-status: HIT
cache-control: public, max-age=29866224670
accept-ranges: bytes
set-cookie: __cf_bm=6_gS7ZlkYHqguTlHgaKu_srXL1LD4mNT8324TNDpyds-1714120130-1.0.1.1-xc8w_6CkGLWqbjbK6SXqKc345of9fHNq3cSGLCQ6iRtiIaObJAHy3zwa53a542wA_Pen3UhRYDnzykeBZ81SUg; path=/; expires=Fri, 26-Apr-24 08:58:50 GMT; domain=.image.made-in-china.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a5339daadcb4f4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| freegtaov.life/static/your/css/bootstrap.min.css | 188.114.97.1 | 200 OK | 86 kB |
URL GET HTTP/3freegtaov.life/static/your/css/bootstrap.min.css IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectfreegtaov.life Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47 ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT
File typeASCII text, with very long lines (65371) Hash3fc294a6e2e1cdcc652fc702f0ecda80 87fdf5f58d2bc3bd19940403f33a2a7f9869c446 ff95d530a782ce6fa179cd74b1da4a39764e9405666f5aaeed2f34aa9c66ce66
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/your/css/bootstrap.min.css HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freegtaov.life/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImxZWHhQSnJMRjM2MTJvV2tpYVpaQXc9PSIsInZhbHVlIjoiY3I1T3JmRzJmeFl2Y2gzcGlmZkxBNGRCNHpNK0JXQlNRYU9HNkNZdmxxbitqVGNONEFSMCsrRmJESFdhd3dKcEx2MFpVejFCOXJkOWlaRVBUSm9jMDhpVjdqN05KQ1RIcGphQlVaaHlHd2FkSmZzSmVjZEhwb1ZpSExGc2RCSEkiLCJtYWMiOiIzMDVhMzJmMzJjODE5MWEyMTQ5ZTg1M2I1MWZhZGJiN2NlNjAyZDMxNjVlY2RlNzkzOTMzMTNiM2MyMjBlOGIzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1iSzJtcE1CWTdVUFg4UmFDSldKbVE9PSIsInZhbHVlIjoiTWVWS3F1WlFneG1OSDZtSjZTNk9tcWh5R1pKZzlhOThvQjVGV002RjQ5V3JRK3dNUHZ2eE92enVMeWtOcjFaUVBCUXEyY21xeVBRaEJuMkVldUNIUngrVWE3V0l6UjZYU1lFYnJiMjJhZ2V2eVpzSXJSdzh2bzhmY1dmblZHTXAiLCJtYWMiOiI0Zjg3OTNiYjAxZmM1MzI2MWFkYWQyYjE4ZWM4OTg0YWU5ZDQyODFmNDM4OTNkNTkzYTUyMjhhZWZlMDA3M2E3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 08:28:46 GMT
content-type: text/css
last-modified: Sat, 07 Oct 2023 06:20:27 GMT
etag: W/"1d2d4-6071a5a631711-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2623
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ER%2FbAW%2FAyLnJTD770wI07frSE8RgjqP4hUqoOTlfbywof%2BEoql%2BJV19Molo65hH7IdZNQJgobEpv0HyFUaQyR2xDAULGOv6nfwl9YpNgc%2BKPqOD7rzzM%2B14z1l5tFOEwLw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a533891946712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.fram.com/media/wysiwyg/products-heavyduty_new2.png | 209.126.24.176 | 200 OK | 428 kB |
URL GET HTTP/2www.fram.com/media/wysiwyg/products-heavyduty_new2.png IP209.126.24.176:443
CertificateIssuerLet's Encrypt Subjectfdbcd10a5c.nxcli.io FingerprintB3:99:C1:0E:15:6F:3F:A4:83:FA:34:10:FB:8B:5E:B4:06:09:F7:8F ValidityFri, 12 Apr 2024 06:36:32 GMT - Thu, 11 Jul 2024 06:36:31 GMT
File typePNG image data, 1200 x 526, 8-bit/color RGBA, non-interlaced Size428 kB (428342 bytes) Hash7d4af197bc815f098a4f24578cd5fbe3 faa080ca9fb30a395292c08730ac85899bd4620b 49929e685c113dad6651d7fc29a9c702ba0f24ad022df94f212cb34120df268f
GET /media/wysiwyg/products-heavyduty_new2.png HTTP/1.1
Host: www.fram.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 08:28:50 GMT
content-type: image/png
content-length: 428342
last-modified: Mon, 03 Apr 2023 19:54:06 GMT
etag: "68936-5f873ebe2f380"
cache-control: max-age=31536000, public
expires: Sat, 26 Apr 2025 08:28:50 GMT
x-frame-options: SAMEORIGIN
x-cache-nxaccel: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| images.footballfanatics.com/florida-state-seminoles/mens-nike-garnet/gold-florida-state-seminoles-air-zoom-pegasus-36-running-shoes_pi3377000_altimages_ff_3377044-9d06e315938281abf153alt5_full.jpg?_hv=2&w=900 | 184.24.44.122 | 200 OK | 169 kB |
URL GET HTTP/2images.footballfanatics.com/florida-state-seminoles/mens-nike-garnet/gold-florida-state-seminoles-air-zoom-pegasus-36-running-shoes_pi3377000_altimages_ff_3377044-9d06e315938281abf153alt5_full.jpg?_hv=2&w=900 IP184.24.44.122:443
CertificateIssuerDigiCert Inc Subjectwww.footballfanatics.com FingerprintFD:BE:02:B3:C6:BD:86:56:AE:4C:12:52:45:58:BF:FE:B0:97:21:68 ValidityFri, 15 Dec 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 900x900, Scaling: [none]x[none], YUV color, decoders should clamp Size169 kB (169438 bytes) Hashe3a8dadfc21c971bcf98f47f98cdb1f7 42573a571bb00e20cac741d7b1c6a6ae3bdfc958 7b08688756ba78d3374fca2bf75ad0e3e00f70ba65d0bc12dfcf57d20c1e18d8
GET /florida-state-seminoles/mens-nike-garnet/gold-florida-state-seminoles-air-zoom-pegasus-36-running-shoes_pi3377000_altimages_ff_3377044-9d06e315938281abf153alt5_full.jpg?_hv=2&w=900 HTTP/1.1
Host: images.footballfanatics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
etag: "14b0e9891b74874cc9732e52aa9b76fd"
last-modified: Fri, 19 Apr 2024 04:29:07 GMT
server: Akamai Image Manager
content-length: 169438
content-type: image/webp
cache-control: private, no-transform, max-age=30916915
expires: Sat, 19 Apr 2025 04:30:45 GMT
date: Fri, 26 Apr 2024 08:28:50 GMT
timing-allow-origin: *
frg-ct: pid_3377044, hv2
inurl: 3377000/altimages/ff_3377044-9d06e315938281abf153alt5_full.jpg
akamai-grn: 0.27772117.1714120130.10d3ba0e
X-Firefox-Spdy: h2
|
|
| | 188.114.97.1 | 200 OK | 1.5 MB |
URL User Request GET HTTP/2IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectfreegtaov.life Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47 ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT
File typeHTML document, Unicode text, UTF-8 text Size1.5 MB (1467487 bytes) Hashbf029c2557b79ecf0841eedb8ccfc10e 798f4505bcf22f46275322ad72ac0577bfd44397 11484a97b78b31a40d137fff09b92f643e088e959cdfa7829975904ef6810224
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:28:46 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6ImxZWHhQSnJMRjM2MTJvV2tpYVpaQXc9PSIsInZhbHVlIjoiY3I1T3JmRzJmeFl2Y2gzcGlmZkxBNGRCNHpNK0JXQlNRYU9HNkNZdmxxbitqVGNONEFSMCsrRmJESFdhd3dKcEx2MFpVejFCOXJkOWlaRVBUSm9jMDhpVjdqN05KQ1RIcGphQlVaaHlHd2FkSmZzSmVjZEhwb1ZpSExGc2RCSEkiLCJtYWMiOiIzMDVhMzJmMzJjODE5MWEyMTQ5ZTg1M2I1MWZhZGJiN2NlNjAyZDMxNjVlY2RlNzkzOTMzMTNiM2MyMjBlOGIzIiwidGFnIjoiIn0%3D; expires=Fri, 26-Apr-2024 10:28:46 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6Ik1iSzJtcE1CWTdVUFg4UmFDSldKbVE9PSIsInZhbHVlIjoiTWVWS3F1WlFneG1OSDZtSjZTNk9tcWh5R1pKZzlhOThvQjVGV002RjQ5V3JRK3dNUHZ2eE92enVMeWtOcjFaUVBCUXEyY21xeVBRaEJuMkVldUNIUngrVWE3V0l6UjZYU1lFYnJiMjJhZ2V2eVpzSXJSdzh2bzhmY1dmblZHTXAiLCJtYWMiOiI0Zjg3OTNiYjAxZmM1MzI2MWFkYWQyYjE4ZWM4OTg0YWU5ZDQyODFmNDM4OTNkNTkzYTUyMjhhZWZlMDA3M2E3IiwidGFnIjoiIn0%3D; expires=Fri, 26-Apr-2024 10:28:46 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EHxk0MLZqtVb2Rd93kTPiXJs8aHJIiFFtJZDmDc1g%2BvqKbBMJQQmDS36DlFjDRhdLee2UU4%2BjOwf8%2B8wYSgQVzi8yqxNS%2BL%2BvBRxHjam5chYNcvAQrVzWCAWoZ%2BYRHBlOg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a533856e39569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| freegtaov.life/static/default/img/20220514153821.png | 188.114.97.1 | 200 OK | 15 kB |
URL GET HTTP/3freegtaov.life/static/default/img/20220514153821.png IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectfreegtaov.life Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47 ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT
File typePNG image data, 245 x 222, 8-bit/color RGBA, non-interlaced Hash3ecbb8f543b70888626038f8cf81f227 a9bf6388621ba59e09e59e58713e8abfc04e5ff3 2214e58d7962a38491fb50f2f641b869917fba48120c02e5f207b5c9025326f8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/default/img/20220514153821.png HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freegtaov.life/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Im94NElBeExqenFPU25zVTFjSHhrTmc9PSIsInZhbHVlIjoiUXp0MVJIb2hKUlIydEpCUTN1bC9xbFc1Vkd0MU4yTUlxeXB1Y25pa05MdzB4Z2p6QUpxZ201OW5uanFVY0RoQ0VCeU4zQzFtQnQvVU05SmRpRU4rdmwrRXpWREtvbDNKaWo4Y29kamIyQXEraWJrczQydlJvMGY4VENkaGtwZ0giLCJtYWMiOiIzMDc5ZDgwZDg0NTQxY2EwN2Q5ODMyNWYzMTM0ZDFlNDU5NjY2ZGJkZjFlMjJlYjAzZDdkOTRmODdmYzhlZGRlIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNjbzNYKzhDOXBIcnZXSGI4QjB1NXc9PSIsInZhbHVlIjoieVVjeXI5U01kYjNoRUZ5NVhKeE5saEhpTy9ETEVXTGQxREREZ3J3RzM3WlY4dE9qWDFnYzJDc2ptOUU5anpCUnpuQ2U0ZDFLMDVWL3d1Z0Z1aERITXR4TUZuOHN6aFFDTmJRcCtjVEIwQXQ4blBnZWtVM1ZUeHZ2VmcxR0U0bmMiLCJtYWMiOiJkZGNiNjg3ZmI4MGJlNjFkZjMzMWZlYjRlNGMwYzgwMzc3MDUyNWQ2MTdkMjYyMjZkMzA4NDJiMzVmOTc3ZTk1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 08:28:51 GMT
content-type: image/png
content-length: 15411
last-modified: Sat, 07 Oct 2023 06:20:26 GMT
etag: "3c33-6071a5a5d9c9b"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2%2BZv8ViUto8VAKz6Vj3oS9TLaq6ENfaXi0MdSq%2BDAwrFoLatCO0AUpGQOo9QVsBoD2rY%2FdC2RFRmTi842hKPZbKTZOFHs3UW3rj%2FzZjvDThIJpGSQvLKAC84beIjYmwWDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a533a4d988712b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| freegtaov.life/static/your/css/css.css | 188.114.97.1 | 200 OK | 125 kB |
URL GET HTTP/3freegtaov.life/static/your/css/css.css IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectfreegtaov.life Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47 ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT
Size125 kB (124724 bytes) Hasha44c87b0d55afacf14c8327af92e948e 3ccbcb7c5e0d553ce51030580dec3732eb477f9d a0587eb4f330926619e867180d0f81a594dde4e75ddd471d2f1414024c9163ab
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/your/css/css.css HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freegtaov.life/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImxZWHhQSnJMRjM2MTJvV2tpYVpaQXc9PSIsInZhbHVlIjoiY3I1T3JmRzJmeFl2Y2gzcGlmZkxBNGRCNHpNK0JXQlNRYU9HNkNZdmxxbitqVGNONEFSMCsrRmJESFdhd3dKcEx2MFpVejFCOXJkOWlaRVBUSm9jMDhpVjdqN05KQ1RIcGphQlVaaHlHd2FkSmZzSmVjZEhwb1ZpSExGc2RCSEkiLCJtYWMiOiIzMDVhMzJmMzJjODE5MWEyMTQ5ZTg1M2I1MWZhZGJiN2NlNjAyZDMxNjVlY2RlNzkzOTMzMTNiM2MyMjBlOGIzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1iSzJtcE1CWTdVUFg4UmFDSldKbVE9PSIsInZhbHVlIjoiTWVWS3F1WlFneG1OSDZtSjZTNk9tcWh5R1pKZzlhOThvQjVGV002RjQ5V3JRK3dNUHZ2eE92enVMeWtOcjFaUVBCUXEyY21xeVBRaEJuMkVldUNIUngrVWE3V0l6UjZYU1lFYnJiMjJhZ2V2eVpzSXJSdzh2bzhmY1dmblZHTXAiLCJtYWMiOiI0Zjg3OTNiYjAxZmM1MzI2MWFkYWQyYjE4ZWM4OTg0YWU5ZDQyODFmNDM4OTNkNTkzYTUyMjhhZWZlMDA3M2E3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 08:28:47 GMT
content-type: application/json
cache-control: no-cache, private
vary: Accept-Encoding
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IpqZiqICuqYTm9hOQzYkNCBrbZ9Aps9JFAOkoaKL%2Bi1x9KF%2B6PiOivDYHzzFZQAwqHeqEJlboEPOzQHheT9Fc2QxFJibx1bSohL7%2Fx%2B7FAnKP3AvU%2BcuuSgdfbtYIN1XSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a533891943712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| s.yimg.com/uu/api/res/1.2/m1ez.BQIyHvL3rEWbePs0A--~B/Zmk9ZmlsbDtoPTU4Mzt3PTg3NTthcHBpZD15dGFjaHlvbg--/https://media-mbst-pub-ue1.s3.amazonaws.com/creatr-uploaded-images/2020-11/1fa5a901-1fee-11eb-b6fd-ecc1bfdbf55f.cf.jpg | 188.125.94.204 | 200 OK | 30 kB |
URL GET HTTP/2s.yimg.com/uu/api/res/1.2/m1ez.BQIyHvL3rEWbePs0A--~B/Zmk9ZmlsbDtoPTU4Mzt3PTg3NTthcHBpZD15dGFjaHlvbg--/https://media-mbst-pub-ue1.s3.amazonaws.com/creatr-uploaded-images/2020-11/1fa5a901-1fee-11eb-b6fd-ecc1bfdbf55f.cf.jpg IP188.125.94.204:443
CertificateIssuerDigiCert Inc Subject*.fantasysports.yahoo.com FingerprintF9:49:E1:CC:DE:98:74:FF:9B:DF:28:DC:D8:43:B9:82:99:B1:60:DB ValidityTue, 02 Apr 2024 00:00:00 GMT - Wed, 22 May 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 240x240, segment length 16, baseline, precision 8, 875x583, components 3 Hash5d385035e5aca90d9920426e8d909857 ee58b7bef5fc9e7d011ee5ce8056e8b28a7ee6cc 00f38406448e5b8bbf7622197d2cf99b8052f88c66d800abb8b7bcb5f5ec04a1
GET /uu/api/res/1.2/m1ez.BQIyHvL3rEWbePs0A--~B/Zmk9ZmlsbDtoPTU4Mzt3PTg3NTthcHBpZD15dGFjaHlvbg--/https://media-mbst-pub-ue1.s3.amazonaws.com/creatr-uploaded-images/2020-11/1fa5a901-1fee-11eb-b6fd-ecc1bfdbf55f.cf.jpg HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 30229
content-type: image/jpeg
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-control: public, max-age=2592000
cache-tag: 458654330127004280489406358919984643071,313624950358692257074198336009949820652,ae7a14591aaf8d474cdb3f92111c923e
edge-cache-tag: 458654330127004280489406358919984643071,313624950358692257074198336009949820652,ae7a14591aaf8d474cdb3f92111c923e
etag: "5d385035e5aca90d9920426e8d909857"
expiration: expiry-date="Sun, 25 Aug 2024 00:00:00 GMT", rule-id="delete fetch for mysterio after 180 days"
last-modified: Mon, 26 Feb 2024 19:55:25 GMT
server: ATS
surrogate-reporting: width=875,height=583,bytes=30229,owidth=1800,oheight=1200,obytes=326989,ef=(1,13,17,21,22,23,30)
timing-allow-origin: *
accept-ranges: bytes
date: Fri, 26 Apr 2024 08:28:51 GMT
x-served-by: cache-lga21978-LGA
x-cache: Miss from cloudfront, HIT
x-cache-hits: 0
x-timer: S1714120132.660267,VS0,VE1
age: 0
strict-transport-security: max-age=31536000
cld_cache: Miss from cloudfront, HIT
cld_hits: 0
cld_by: cache-lga21978-LGA
cld_latency: 1
referrer-policy: no-referrer-when-downgrade
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| freegtaov.life/api/item/getImageUrl?url=https%253A%252F%252Fcl.scalperscompany.com%252Fcdn%252Fshop%252Fproducts%252F37665-CREAM-P-2_900x.jpg%253Fv%253D1686902741 | 188.114.97.1 | 200 OK | 131 kB |
URL GET HTTP/3freegtaov.life/api/item/getImageUrl?url=https%253A%252F%252Fcl.scalperscompany.com%252Fcdn%252Fshop%252Fproducts%252F37665-CREAM-P-2_900x.jpg%253Fv%253D1686902741 IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectfreegtaov.life Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47 ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT
Size131 kB (130672 bytes) Hashec61c31a44a0c0104e6d5311cf4ae339 1848acc365a85a7a3e06aac5226ad1182035c0cb 2776ea4bef8595a3ca3100fb8c6908f0e1a629b22595d8807a0fa5ace82f15fe
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /api/item/getImageUrl?url=https%253A%252F%252Fcl.scalperscompany.com%252Fcdn%252Fshop%252Fproducts%252F37665-CREAM-P-2_900x.jpg%253Fv%253D1686902741 HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freegtaov.life/
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Im94NElBeExqenFPU25zVTFjSHhrTmc9PSIsInZhbHVlIjoiUXp0MVJIb2hKUlIydEpCUTN1bC9xbFc1Vkd0MU4yTUlxeXB1Y25pa05MdzB4Z2p6QUpxZ201OW5uanFVY0RoQ0VCeU4zQzFtQnQvVU05SmRpRU4rdmwrRXpWREtvbDNKaWo4Y29kamIyQXEraWJrczQydlJvMGY4VENkaGtwZ0giLCJtYWMiOiIzMDc5ZDgwZDg0NTQxY2EwN2Q5ODMyNWYzMTM0ZDFlNDU5NjY2ZGJkZjFlMjJlYjAzZDdkOTRmODdmYzhlZGRlIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjA2OC9BaFA3WEt4VHNWTFhINVgvZGc9PSIsInZhbHVlIjoidk1hOUZhOWJLTFpkU213cW42blJmSjF6TnhTdU52Qmg4YWRYVmxKb2xEdC96ZHhZMEdJQW1MMHlBZlRYSUt3Sm9DK1FnWWRtSkhwbW9rY2g4TXBXZmJoK3hNRXUzVVFZeDdyK1lRUS84NjNVSjFCRGFxOUJucW1aUWVNdnkrcnAiLCJtYWMiOiJhMTk5M2FlNzI4MWU1ODhiZjliMTcyYmI2MzRkZDE4MjcwOWMxMTdmYWRlMGNlY2Q4NDA2MzdkMWY1ZmFkY2Y4IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 08:28:51 GMT
content-type: application/json
cache-control: no-cache, private
x-ratelimit-limit: 60
x-ratelimit-remaining: 58
access-control-allow-origin: *
set-cookie: laravel_session=eyJpdiI6IlNjbzNYKzhDOXBIcnZXSGI4QjB1NXc9PSIsInZhbHVlIjoieVVjeXI5U01kYjNoRUZ5NVhKeE5saEhpTy9ETEVXTGQxREREZ3J3RzM3WlY4dE9qWDFnYzJDc2ptOUU5anpCUnpuQ2U0ZDFLMDVWL3d1Z0Z1aERITXR4TUZuOHN6aFFDTmJRcCtjVEIwQXQ4blBnZWtVM1ZUeHZ2VmcxR0U0bmMiLCJtYWMiOiJkZGNiNjg3ZmI4MGJlNjFkZjMzMWZlYjRlNGMwYzgwMzc3MDUyNWQ2MTdkMjYyMjZkMzA4NDJiMzVmOTc3ZTk1IiwidGFnIjoiIn0%3D; expires=Fri, 26-Apr-2024 10:28:51 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IAYWDhKZg9YD5XH%2FOE%2BCqUYun52vB89NCTRZcZTkKbGUt%2BVplgads%2Bb3nYchDges36DWsLzIi5a8LoxkB5HuL8lisLO506b0iN1rB3l6tW7Iacct5UtwzkjQNVbf2hhPHw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a5339f7cae712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| i.pinimg.com/1200x/20/cb/6e/20cb6e997a2b8b538b8f41096bf1b2ed.jpg | 95.101.10.201 | 200 OK | 158 kB |
URL GET HTTP/2i.pinimg.com/1200x/20/cb/6e/20cb6e997a2b8b538b8f41096bf1b2ed.jpg IP95.101.10.201:443 ASN#20940 Akamai International B.V.
CertificateIssuerDigiCert Inc Subjecti2.pinimg.com Fingerprint1C:5F:46:F7:91:91:1C:69:DD:8D:F6:5A:F9:26:61:14:36:A4:0A:E4 ValidityTue, 23 Apr 2024 00:00:00 GMT - Thu, 15 May 2025 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1080x1080, components 3 Size158 kB (157762 bytes) Hash30f67be5289574e01c974dc990f21692 59e2d7d272e06d4301b43f4fbc2dbdd6d70f0d94 8abc5496c2f8d53fff52db5bb26443db8a3770c0da5c4e7660c4ba9e178aebb3
GET /1200x/20/cb/6e/20cb6e997a2b8b538b8f41096bf1b2ed.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
etag: "30f67be5289574e01c974dc990f21692"
accept-ranges: bytes
content-type: image/jpeg
content-length: 157762
alt-svc: h3=":443"; ma=600
x-pinterest-cache-status-v2: Miss
akamai-grn: 0.c50a655f.1714120131.9399bae
vary: Origin
cache-control: immutable, max-age=31536000
x-cdn: akamai
X-Firefox-Spdy: h2
|
|
| freegtaov.life/api/item/secondCate | 188.114.97.1 | 200 OK | 688 B |
URL GET HTTP/3freegtaov.life/api/item/secondCate IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectfreegtaov.life Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47 ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (782), with no line terminators Hashf6092bfefdf2b82626b5e13f12917bf1 6f2fd6f9bbed0f5ed37722fdb1d17e435fd72996 38bbc4d037525e55c609e4fa45742c3a0e428b047ac99b71ef528e96304e45b7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /api/item/secondCate HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freegtaov.life/
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImxZWHhQSnJMRjM2MTJvV2tpYVpaQXc9PSIsInZhbHVlIjoiY3I1T3JmRzJmeFl2Y2gzcGlmZkxBNGRCNHpNK0JXQlNRYU9HNkNZdmxxbitqVGNONEFSMCsrRmJESFdhd3dKcEx2MFpVejFCOXJkOWlaRVBUSm9jMDhpVjdqN05KQ1RIcGphQlVaaHlHd2FkSmZzSmVjZEhwb1ZpSExGc2RCSEkiLCJtYWMiOiIzMDVhMzJmMzJjODE5MWEyMTQ5ZTg1M2I1MWZhZGJiN2NlNjAyZDMxNjVlY2RlNzkzOTMzMTNiM2MyMjBlOGIzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1iSzJtcE1CWTdVUFg4UmFDSldKbVE9PSIsInZhbHVlIjoiTWVWS3F1WlFneG1OSDZtSjZTNk9tcWh5R1pKZzlhOThvQjVGV002RjQ5V3JRK3dNUHZ2eE92enVMeWtOcjFaUVBCUXEyY21xeVBRaEJuMkVldUNIUngrVWE3V0l6UjZYU1lFYnJiMjJhZ2V2eVpzSXJSdzh2bzhmY1dmblZHTXAiLCJtYWMiOiI0Zjg3OTNiYjAxZmM1MzI2MWFkYWQyYjE4ZWM4OTg0YWU5ZDQyODFmNDM4OTNkNTkzYTUyMjhhZWZlMDA3M2E3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 08:28:48 GMT
content-type: application/json
cache-control: no-cache, private
x-ratelimit-limit: 60
x-ratelimit-remaining: 58
access-control-allow-origin: *
set-cookie: laravel_session=eyJpdiI6IlZPaWdnMDRBR3kzeTFOL0V4YW5BK3c9PSIsInZhbHVlIjoiNVJxdmpOb1U2YXkvMHIycmFPck1SZitWaHpnOHZ5dWN2YXRZV29NT0FOZWlyWHNOd01namRRZlEvdktjTEpEZFF5REU2MjNYTGJ1Kytrd0hMMCtydVV2MkJsWFVlWDZnamxHcnBhN0ZoOU8va2ZjTjJYTllDdEQ4ZkFVQ0d5eG8iLCJtYWMiOiI3YzYxYzU0ZmYxNTYxOTYzMmY0MjJjN2ZlYjRiYWU4ZjA4Y2E5NWJmZDk3NzcxODZjZmI0NjAyZGY3Njk5MTgwIiwidGFnIjoiIn0%3D; expires=Fri, 26-Apr-2024 10:28:47 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e4I6zQKwyuYrRzWdhGO3pkunzZBTAGWV8W6NIOrzsHeH2QHq0d2ksMPqAVtoX6mFc9GQMDHqPl6mdbqZdqRALifMu1cIW3NJtwv75RxDCkMvkx6ykeVpxRlCETcK%2BgAKTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a5338c5c08712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freegtaov.life/api/cart/index | 188.114.97.1 | 200 OK | 139 B |
URL GET HTTP/3freegtaov.life/api/cart/index IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectfreegtaov.life Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47 ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash44f293d1057e83d64adbd382f9753c0c 64b4ac33d19337d1a099cf6f41cacbf95d017ac6 e0b1b9c0ec1aa8b305e8ee8c3f3946d9de911e5b0d29b9a80dfe128ce623fa13
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /api/cart/index HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freegtaov.life/
Authorization:
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImxZWHhQSnJMRjM2MTJvV2tpYVpaQXc9PSIsInZhbHVlIjoiY3I1T3JmRzJmeFl2Y2gzcGlmZkxBNGRCNHpNK0JXQlNRYU9HNkNZdmxxbitqVGNONEFSMCsrRmJESFdhd3dKcEx2MFpVejFCOXJkOWlaRVBUSm9jMDhpVjdqN05KQ1RIcGphQlVaaHlHd2FkSmZzSmVjZEhwb1ZpSExGc2RCSEkiLCJtYWMiOiIzMDVhMzJmMzJjODE5MWEyMTQ5ZTg1M2I1MWZhZGJiN2NlNjAyZDMxNjVlY2RlNzkzOTMzMTNiM2MyMjBlOGIzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1iSzJtcE1CWTdVUFg4UmFDSldKbVE9PSIsInZhbHVlIjoiTWVWS3F1WlFneG1OSDZtSjZTNk9tcWh5R1pKZzlhOThvQjVGV002RjQ5V3JRK3dNUHZ2eE92enVMeWtOcjFaUVBCUXEyY21xeVBRaEJuMkVldUNIUngrVWE3V0l6UjZYU1lFYnJiMjJhZ2V2eVpzSXJSdzh2bzhmY1dmblZHTXAiLCJtYWMiOiI0Zjg3OTNiYjAxZmM1MzI2MWFkYWQyYjE4ZWM4OTg0YWU5ZDQyODFmNDM4OTNkNTkzYTUyMjhhZWZlMDA3M2E3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 08:28:47 GMT
content-type: application/json
cache-control: no-cache, private
x-ratelimit-limit: 60
x-ratelimit-remaining: 59
access-control-allow-origin: *
set-cookie: laravel_session=eyJpdiI6Inpadnh4R2E4TitGZWsyYWtwQ29uV2c9PSIsInZhbHVlIjoieTBlMmRHcGFFRHJvWm15SVlBTHNIVnJ2K0F5YU9EZE50Qk1KOGF3Q1pMcTBMQ2RWUHpzb3dEUGFCZmkrQUlTT3RuMlRxNWQvUjZQbjFOUk90Vm9NZytYcm1TV0wwb1JqbWdFcTd3bGdMMk9kY1BRa1FtT0lEOTZnL29yOUVTeFEiLCJtYWMiOiJjOGMyZTgzZTA0ODAzNjc5NjI4YzRlMjcwNDczZGUxZDExZjMyN2M3M2YxYmM0Mjg1Y2VhYmExM2FiMWMwNTU1IiwidGFnIjoiIn0%3D; expires=Fri, 26-Apr-2024 10:28:47 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ichyxWwRqzmr9wI86yIQyQ%2BCrwzwv66cPpiwSrIALTyG4QhCWkge47pgZAmPc7%2FAHf4pc9TvWHYzBeylPwlE%2B6MVSBZLvhbJbd9HdtJnMIHpIOG8Lnireu%2B2p6Nzk3F5Lg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a5338c5c0c712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| pumpbiz.com/media/catalog/product/cache/2b45e97eb9b1f32d773dd48515e6e7f9/d/a/darley_ak301-10hpd.jpg | 104.26.2.84 | 200 OK | 66 kB |
URL GET HTTP/2pumpbiz.com/media/catalog/product/cache/2b45e97eb9b1f32d773dd48515e6e7f9/d/a/darley_ak301-10hpd.jpg IP104.26.2.84:443
CertificateIssuerGoogle Trust Services LLC Subjectpumpbiz.com Fingerprint70:35:F8:86:5A:69:43:F0:D3:06:7A:1E:DC:E6:39:49:2C:5E:AF:75 ValidityFri, 26 Apr 2024 01:26:15 GMT - Thu, 25 Jul 2024 01:26:14 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x800, components 1 Hash306a62b3f0dd02425a95fc56f2333428 538e52b21c9887f887c0f58eda74bf49c649ff57 745526af6f0beca9c8d4f4d85e5f0a6d4cb5d1a60ef435188bf0e7322b69abed
GET /media/catalog/product/cache/2b45e97eb9b1f32d773dd48515e6e7f9/d/a/darley_ak301-10hpd.jpg HTTP/1.1
Host: pumpbiz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:28:50 GMT
content-type: image/jpeg
content-length: 66016
last-modified: Wed, 13 Apr 2022 13:09:50 GMT
etag: "6256cb9e-101e0"
expires: Sat, 26 Apr 2025 08:28:50 GMT
cache-control: public, max-age=31536000
x-frame-options: SAMEORIGIN
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=anOiw5%2F7GGCQoOuwj8JdewB6oV4kr1qK%2F%2F1jOI9TFEO39D57aEHtYmyxqrxuerYTv7sXi5eR1kFrxx9ky4IRSCUHIC72D%2FgiiEdq4ffc08VjGAMuUk8zj7yo2dg%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a5339db9ec56ae-OSL
X-Firefox-Spdy: h2
|
|
| cl.scalperscompany.com/cdn/shop/products/37665-CREAM-P-2_900x.jpg?v=1686902741 | 23.227.38.32 | 404 Not Found | 0 B |
URL GET HTTP/2cl.scalperscompany.com/cdn/shop/products/37665-CREAM-P-2_900x.jpg?v=1686902741 IP23.227.38.32:443
CertificateIssuerLet's Encrypt Subjectcl.scalperscompany.com FingerprintC8:21:88:3E:83:E0:76:EF:5C:F3:7F:7D:B8:12:C6:F6:B1:36:D3:4E ValiditySat, 20 Apr 2024 06:58:02 GMT - Fri, 19 Jul 2024 06:58:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn/shop/products/37665-CREAM-P-2_900x.jpg?v=1686902741 HTTP/1.1
Host: cl.scalperscompany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Fri, 26 Apr 2024 08:28:50 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-sorting-hat-podid: 156
x-sorting-hat-shopid: 42170712221
access-control-allow-origin: *
cache-control: public, max-age=30
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: 0133865a-a522-4a89-a258-70ad63598e24-1714120130
x-xss-protection: 1; mode=block
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-dc: gcp-us-central1,gcp-us-east1
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KHT37zFnKqdENg80ETtic9E3Adcn4qvbf%2BIWnyOePXAADn2z0xj5pYjN4fAuFqMTeOJ8YNTZZm5U8%2Fru01C8LWdSQragoaO2nnS6SPvB%2FKBPGQvrbs9sVJ%2FdPv7TZF%2FEMqzFf%2BfBWDc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=20.949, imageryFetch;dur=20.711, cfRequestDuration;dur=240.999937
x-permitted-cross-domain-policies: none
x-download-options: noopen
server: cloudflare
cf-ray: 87a5339dcf4792d0-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| freegtaov.life/static/default/js/vue.min.js | 188.114.97.1 | 200 OK | 94 kB |
URL GET HTTP/3freegtaov.life/static/default/js/vue.min.js IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectfreegtaov.life Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47 ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT
File typeJavaScript source, ASCII text, with very long lines (65449) Hashb21b8531847604ab5f2f5caaef51ba31 da8d7a59f4e6cc55ea58abec33ef9cebb9ba67c1 9174c425c445377df4562ad9165ea08fdf9433a808296d7de5f619791df10e17
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/default/js/vue.min.js HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freegtaov.life/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImxZWHhQSnJMRjM2MTJvV2tpYVpaQXc9PSIsInZhbHVlIjoiY3I1T3JmRzJmeFl2Y2gzcGlmZkxBNGRCNHpNK0JXQlNRYU9HNkNZdmxxbitqVGNONEFSMCsrRmJESFdhd3dKcEx2MFpVejFCOXJkOWlaRVBUSm9jMDhpVjdqN05KQ1RIcGphQlVaaHlHd2FkSmZzSmVjZEhwb1ZpSExGc2RCSEkiLCJtYWMiOiIzMDVhMzJmMzJjODE5MWEyMTQ5ZTg1M2I1MWZhZGJiN2NlNjAyZDMxNjVlY2RlNzkzOTMzMTNiM2MyMjBlOGIzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1iSzJtcE1CWTdVUFg4UmFDSldKbVE9PSIsInZhbHVlIjoiTWVWS3F1WlFneG1OSDZtSjZTNk9tcWh5R1pKZzlhOThvQjVGV002RjQ5V3JRK3dNUHZ2eE92enVMeWtOcjFaUVBCUXEyY21xeVBRaEJuMkVldUNIUngrVWE3V0l6UjZYU1lFYnJiMjJhZ2V2eVpzSXJSdzh2bzhmY1dmblZHTXAiLCJtYWMiOiI0Zjg3OTNiYjAxZmM1MzI2MWFkYWQyYjE4ZWM4OTg0YWU5ZDQyODFmNDM4OTNkNTkzYTUyMjhhZWZlMDA3M2E3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 08:28:46 GMT
content-type: application/javascript
last-modified: Sat, 07 Oct 2023 06:20:26 GMT
etag: W/"16fc7-6071a5a5ddf04-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2623
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5jfMLy2DoeaOHlRHqLBXuHiwQL6ogW%2F2dei6PLek5keF3bk6YR8dOn%2FpU%2Fl%2B57ce9yEkF5E%2FQ5%2B2V%2FxaziYx%2BzXVRfGANUNdVx1PCK43r9pX1udWu4MuVDaX6XrzHJYg9g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a533893968712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| i.pinimg.com/1200x/20/43/b4/2043b4b7a67e6aabdad482cb5339b251.jpg | 95.101.10.201 | 200 OK | 131 kB |
URL GET HTTP/2i.pinimg.com/1200x/20/43/b4/2043b4b7a67e6aabdad482cb5339b251.jpg IP95.101.10.201:443 ASN#20940 Akamai International B.V.
CertificateIssuerDigiCert Inc Subjecti2.pinimg.com Fingerprint1C:5F:46:F7:91:91:1C:69:DD:8D:F6:5A:F9:26:61:14:36:A4:0A:E4 ValidityTue, 23 Apr 2024 00:00:00 GMT - Thu, 15 May 2025 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 741x1800, components 3 Size131 kB (130631 bytes) Hash78e0cdb674a73308470dd29f34fb3292 1a2f99ae096ce73bb81bf561f24446e12458866d f44718028723db79233c8c8cc404d8105457849ce15e24a106bb058514b01a92
GET /1200x/20/43/b4/2043b4b7a67e6aabdad482cb5339b251.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
etag: "78e0cdb674a73308470dd29f34fb3292"
accept-ranges: bytes
content-type: image/jpeg
content-length: 130631
x-pinterest-cache-status-v2: Miss
akamai-grn: 0.c50a655f.1714120131.9399baf
vary: Origin
cache-control: immutable, max-age=31536000
x-cdn: akamai
X-Firefox-Spdy: h2
|
|
| freegtaov.life/static/your/css/font/fontawesome-webfont.woff2?v=4.7.0 | 188.114.97.1 | 200 OK | 77 kB |
URL GET HTTP/3freegtaov.life/static/your/css/font/fontawesome-webfont.woff2?v=4.7.0 IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectfreegtaov.life Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47 ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 77160, version 4.459 Hashaf7ae505a9eed503f8b8e6982036873e d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/your/css/font/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://freegtaov.life/static/your/css/font-awesome.min.css
Cookie: XSRF-TOKEN=eyJpdiI6ImxZWHhQSnJMRjM2MTJvV2tpYVpaQXc9PSIsInZhbHVlIjoiY3I1T3JmRzJmeFl2Y2gzcGlmZkxBNGRCNHpNK0JXQlNRYU9HNkNZdmxxbitqVGNONEFSMCsrRmJESFdhd3dKcEx2MFpVejFCOXJkOWlaRVBUSm9jMDhpVjdqN05KQ1RIcGphQlVaaHlHd2FkSmZzSmVjZEhwb1ZpSExGc2RCSEkiLCJtYWMiOiIzMDVhMzJmMzJjODE5MWEyMTQ5ZTg1M2I1MWZhZGJiN2NlNjAyZDMxNjVlY2RlNzkzOTMzMTNiM2MyMjBlOGIzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1iSzJtcE1CWTdVUFg4UmFDSldKbVE9PSIsInZhbHVlIjoiTWVWS3F1WlFneG1OSDZtSjZTNk9tcWh5R1pKZzlhOThvQjVGV002RjQ5V3JRK3dNUHZ2eE92enVMeWtOcjFaUVBCUXEyY21xeVBRaEJuMkVldUNIUngrVWE3V0l6UjZYU1lFYnJiMjJhZ2V2eVpzSXJSdzh2bzhmY1dmblZHTXAiLCJtYWMiOiI0Zjg3OTNiYjAxZmM1MzI2MWFkYWQyYjE4ZWM4OTg0YWU5ZDQyODFmNDM4OTNkNTkzYTUyMjhhZWZlMDA3M2E3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 08:28:47 GMT
content-type: font/woff2
last-modified: Sat, 07 Oct 2023 06:20:27 GMT
etag: W/"12d68-6071a5a6326b2-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2623
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5IpqOBlmfYVIB1EhjXHjQMS8xpqY%2BZ0Fwu9J0idbHuUVk95D2feRApQaMdEESzY1Br0l3Ah7Sj%2BZy4aKGgikBudVn6L9sOTs8GO1Oaej3R96XKqsPto%2FkNaeLFUQyzxyLw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a5338ccc6d712b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sc04.alicdn.com/kf/H459f36891de84ef2a095573ce68e7475v.jpg | 23.36.77.179 | 200 OK | 2.7 kB |
URL GET HTTP/2sc04.alicdn.com/kf/H459f36891de84ef2a095573ce68e7475v.jpg IP23.36.77.179:443 ASN#20940 Akamai International B.V.
CertificateIssuerDigiCert Inc Subject*.alicdn.com Fingerprint1E:21:1C:70:DA:C9:05:2B:07:37:C6:AB:46:71:94:44:60:7C:E1:CB ValiditySun, 10 Sep 2023 00:00:00 GMT - Tue, 10 Sep 2024 23:59:59 GMT
Hash71d80bbb38dc7d8afd57663524ff7908 d26e500c08c116534cccddbc5b8ff7995c7a16f6 3824c9b05b23350fb6d9599c153414150c71fff46a37f1791968d254f5a9d3c9
GET /kf/H459f36891de84ef2a095573ce68e7475v.jpg HTTP/1.1
Host: sc04.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
content-type: image/avif
content-length: 2727
traceid: 2ff617a017141201304357510e
last-modified: Mon, 11 Apr 2022 08:18:19 GMT
access-control-allow-origin: *
strict-transport-security: max-age=0
eagleid: 2ff617a017141201304357510e, 2ff617a017141201304357510e
server-timing: rt;dur=0.229,eagleid;desc=2ff617a017141201304357510e
access-control-allow-headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, DELETE
access-control-allow-credentials: true
ali-swift-global-savetime: 1714120130
x-swift-savetime: Fri, 26 Apr 2024 08:28:50 GMT
x-swift-cachetime: 86400000
cache-control: max-age=86400000
expires: Thu, 21 Jan 2027 08:28:50 GMT
date: Fri, 26 Apr 2024 08:28:50 GMT
alt-svc: h3=":443"; ma=2592000
network_info: NO_OSLO_50304
served-from: 23.36.77.175
timing-allow-origin: *, *, *
X-Firefox-Spdy: h2
|
|
| academy.scene7.com/is/image/academy/10241458?$pdp-gallery-ng$ | 23.73.2.80 | 200 OK | 125 kB |
URL GET HTTP/2academy.scene7.com/is/image/academy/10241458?$pdp-gallery-ng$ IP23.73.2.80:443 ASN#20940 Akamai International B.V.
CertificateIssuerDigiCert Inc Subject*.scene7.com FingerprintBB:DE:0F:7F:21:60:31:67:C0:1D:84:48:F0:6C:A7:3D:F3:CD:CA:D9 ValiditySun, 26 Nov 2023 00:00:00 GMT - Tue, 26 Nov 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1320x1320, Scaling: [none]x[none], YUV color, decoders should clamp Size125 kB (124660 bytes) Hashad949623e30e3c65ae37f7f18a696382 6237f172d0264399931d0c718bed02d9b18f9894 cbc9fa28993bbf04a94e154791e67d06325f35645800c24d208416221436a16f
GET /is/image/academy/10241458?$pdp-gallery-ng$ HTTP/1.1
Host: academy.scene7.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/webp
content-length: 124660
access-control-allow-origin: *
last-modified: Sun, 25 Feb 2024 17:02:17 GMT
etag: "ad949623e30e3c65ae37f7f18a696382"
x-adobe-smart-imaging: 3442
x-adobe-assetlist: QlpoOTFBWSZTWWgNaOwAAASbgAAA9kAACi4CACAgADFMAAEExMAaflRUP8PFUF5vC7kinChINAa0dgA=
x-adobe-modifierlist: QlpoOTFBWSZTWfPflLwAAAADgAAKv2f+hCAAUKADEaaaNCJ6iek2QnonpPUBsQXMYfwqltqeIavK2q3oJQa8B5GKeshMSTIs7+n2LOIEC8GpoVXnRuaNfxdyRThQkPPflLw=
server: Unknown
strict-transport-security: max-age=31536000; includeSubDomains
expires: Fri, 26 Apr 2024 18:28:50 GMT
date: Fri, 26 Apr 2024 08:28:50 GMT
x-akamai-cache: Miss
akamai-grn: 0.50014917.1714120130.a012d8f
X-Firefox-Spdy: h2
|
|
| freegtaov.life/static/your/css/swiper.min.css | 188.114.97.1 | 200 OK | 18 kB |
URL GET HTTP/3freegtaov.life/static/your/css/swiper.min.css IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectfreegtaov.life Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47 ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT
File typeASCII text, with very long lines (17459) Hash6af34d0737ad0ca608111771cf74cc79 15d0417baa08a741c6aee19fdfbf4813635f98f8 47b0e7129add982c0e394f0dfa8d9621e6c9e4126859b26e1ad25c18def0d812
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/your/css/swiper.min.css HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freegtaov.life/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImxZWHhQSnJMRjM2MTJvV2tpYVpaQXc9PSIsInZhbHVlIjoiY3I1T3JmRzJmeFl2Y2gzcGlmZkxBNGRCNHpNK0JXQlNRYU9HNkNZdmxxbitqVGNONEFSMCsrRmJESFdhd3dKcEx2MFpVejFCOXJkOWlaRVBUSm9jMDhpVjdqN05KQ1RIcGphQlVaaHlHd2FkSmZzSmVjZEhwb1ZpSExGc2RCSEkiLCJtYWMiOiIzMDVhMzJmMzJjODE5MWEyMTQ5ZTg1M2I1MWZhZGJiN2NlNjAyZDMxNjVlY2RlNzkzOTMzMTNiM2MyMjBlOGIzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1iSzJtcE1CWTdVUFg4UmFDSldKbVE9PSIsInZhbHVlIjoiTWVWS3F1WlFneG1OSDZtSjZTNk9tcWh5R1pKZzlhOThvQjVGV002RjQ5V3JRK3dNUHZ2eE92enVMeWtOcjFaUVBCUXEyY21xeVBRaEJuMkVldUNIUngrVWE3V0l6UjZYU1lFYnJiMjJhZ2V2eVpzSXJSdzh2bzhmY1dmblZHTXAiLCJtYWMiOiI0Zjg3OTNiYjAxZmM1MzI2MWFkYWQyYjE4ZWM4OTg0YWU5ZDQyODFmNDM4OTNkNTkzYTUyMjhhZWZlMDA3M2E3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 08:28:46 GMT
content-type: text/css
last-modified: Sat, 07 Oct 2023 06:20:27 GMT
etag: W/"455f-6071a5a633652-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2623
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3FMbLxMwouhG4gCW%2Fs4AIBAXYh%2FcCnJLVHpQ%2Fx4%2Ff67I3lsQw%2BqJI5RoGg8%2B2FeXXQg1PnI1N1vMXBDh2b20hWOf3r3WkJ5Pl36ii3fEOuwFb%2BAI33zhI4z5IbwF0G%2Fwzw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a533891955712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freegtaov.life/static/default/css/iconfont.css | 188.114.97.1 | 200 OK | 1.4 kB |
URL GET HTTP/3freegtaov.life/static/default/css/iconfont.css IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectfreegtaov.life Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47 ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT
File typeASCII text, with very long lines (1543), with no line terminators Hash090f72d902afd1175acf4cad9f14c475 570ba183720b7f40f15601d0d4321a6ad819fcf2 29b84aaf9a3d5b98b8f77db96a21f11fd83bf97cc140f3e7ff41735aba555187
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/default/css/iconfont.css HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freegtaov.life/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImxZWHhQSnJMRjM2MTJvV2tpYVpaQXc9PSIsInZhbHVlIjoiY3I1T3JmRzJmeFl2Y2gzcGlmZkxBNGRCNHpNK0JXQlNRYU9HNkNZdmxxbitqVGNONEFSMCsrRmJESFdhd3dKcEx2MFpVejFCOXJkOWlaRVBUSm9jMDhpVjdqN05KQ1RIcGphQlVaaHlHd2FkSmZzSmVjZEhwb1ZpSExGc2RCSEkiLCJtYWMiOiIzMDVhMzJmMzJjODE5MWEyMTQ5ZTg1M2I1MWZhZGJiN2NlNjAyZDMxNjVlY2RlNzkzOTMzMTNiM2MyMjBlOGIzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1iSzJtcE1CWTdVUFg4UmFDSldKbVE9PSIsInZhbHVlIjoiTWVWS3F1WlFneG1OSDZtSjZTNk9tcWh5R1pKZzlhOThvQjVGV002RjQ5V3JRK3dNUHZ2eE92enVMeWtOcjFaUVBCUXEyY21xeVBRaEJuMkVldUNIUngrVWE3V0l6UjZYU1lFYnJiMjJhZ2V2eVpzSXJSdzh2bzhmY1dmblZHTXAiLCJtYWMiOiI0Zjg3OTNiYjAxZmM1MzI2MWFkYWQyYjE4ZWM4OTg0YWU5ZDQyODFmNDM4OTNkNTkzYTUyMjhhZWZlMDA3M2E3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 08:28:46 GMT
content-type: text/css
last-modified: Sat, 07 Oct 2023 06:20:26 GMT
etag: W/"55c-6071a5a5d852a-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2623
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b02Ou4if8IGkJtVbHk26TEU%2BZDP6N8yiUSu7TaihXUDUIXWbB7sXume3UNjwOVu5tmLD3o2W0fVRkPCGNSfW8I040kD8sLvmApHPYQQ%2B%2F5rgXkFnHrlomnhXTRHytA80SQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a533892960712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freegtaov.life/api/item/random?num=8&name=hot | 188.114.97.1 | 200 OK | 3.1 kB |
URL GET HTTP/3freegtaov.life/api/item/random?num=8&name=hot IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectfreegtaov.life Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47 ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (3363), with no line terminators Hash4b1062ab164ede284bb624e44539c4bb 2192bc89255ed66338b6ded572faf3f8a9121fc7 508c39c0f086ffb401948ae8715763ce81c7e7d6dc031ed82985c8bc4f1ed6c7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /api/item/random?num=8&name=hot HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freegtaov.life/
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImxZWHhQSnJMRjM2MTJvV2tpYVpaQXc9PSIsInZhbHVlIjoiY3I1T3JmRzJmeFl2Y2gzcGlmZkxBNGRCNHpNK0JXQlNRYU9HNkNZdmxxbitqVGNONEFSMCsrRmJESFdhd3dKcEx2MFpVejFCOXJkOWlaRVBUSm9jMDhpVjdqN05KQ1RIcGphQlVaaHlHd2FkSmZzSmVjZEhwb1ZpSExGc2RCSEkiLCJtYWMiOiIzMDVhMzJmMzJjODE5MWEyMTQ5ZTg1M2I1MWZhZGJiN2NlNjAyZDMxNjVlY2RlNzkzOTMzMTNiM2MyMjBlOGIzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1iSzJtcE1CWTdVUFg4UmFDSldKbVE9PSIsInZhbHVlIjoiTWVWS3F1WlFneG1OSDZtSjZTNk9tcWh5R1pKZzlhOThvQjVGV002RjQ5V3JRK3dNUHZ2eE92enVMeWtOcjFaUVBCUXEyY21xeVBRaEJuMkVldUNIUngrVWE3V0l6UjZYU1lFYnJiMjJhZ2V2eVpzSXJSdzh2bzhmY1dmblZHTXAiLCJtYWMiOiI0Zjg3OTNiYjAxZmM1MzI2MWFkYWQyYjE4ZWM4OTg0YWU5ZDQyODFmNDM4OTNkNTkzYTUyMjhhZWZlMDA3M2E3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 08:28:50 GMT
content-type: application/json
cache-control: no-cache, private
x-ratelimit-limit: 60
x-ratelimit-remaining: 59
access-control-allow-origin: *
set-cookie: laravel_session=eyJpdiI6IjA2OC9BaFA3WEt4VHNWTFhINVgvZGc9PSIsInZhbHVlIjoidk1hOUZhOWJLTFpkU213cW42blJmSjF6TnhTdU52Qmg4YWRYVmxKb2xEdC96ZHhZMEdJQW1MMHlBZlRYSUt3Sm9DK1FnWWRtSkhwbW9rY2g4TXBXZmJoK3hNRXUzVVFZeDdyK1lRUS84NjNVSjFCRGFxOUJucW1aUWVNdnkrcnAiLCJtYWMiOiJhMTk5M2FlNzI4MWU1ODhiZjliMTcyYmI2MzRkZDE4MjcwOWMxMTdmYWRlMGNlY2Q4NDA2MzdkMWY1ZmFkY2Y4IiwidGFnIjoiIn0%3D; expires=Fri, 26-Apr-2024 10:28:50 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q5fzAHx%2BpOUEknJxbQod75KSPtS6YYR8bSNXoWAaTaI%2BpRrHgYdW3nYbpoUGWjRSI%2B53ZMmCm54UZRS5vPjm2fbhKlPV4V9X%2BJM%2BRt%2FSDYo1oVYk8V1qmiuz19kdvJCaWA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a5338d2cf1712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| images.meesho.com/images/products/280902011/abcgx_512.webp | 34.111.251.190 | 200 OK | 47 kB |
URL GET HTTP/2images.meesho.com/images/products/280902011/abcgx_512.webp IP34.111.251.190:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
CertificateIssuerGoDaddy.com, Inc. Subject*.meesho.com Fingerprint58:9F:09:3D:E1:6D:02:E6:46:1E:B0:F2:8F:C6:88:AD:33:A6:D3:D7 ValidityWed, 31 May 2023 11:10:21 GMT - Tue, 04 Jun 2024 10:18:23 GMT
File typeRIFF (little-endian) data, Web/P image Hash26d677172529cbcd29d20d9e6fc024a8 f23c58abbd360515e91d2d6d04a784c9f8b6d1e8 d82a086b431185e86199896814db50207979f0f4e9b4b70d19744d12d7006e08
GET /images/products/280902011/abcgx_512.webp HTTP/1.1
Host: images.meesho.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=31536000
content-type: image/webp
etag: CMeC36jq8IQDEAE=
last-modified: Wed, 13 Mar 2024 08:34:36 GMT
x-cloud-trace-context: ba923f593107b98846472618a159961d
date: Fri, 26 Apr 2024 08:28:50 GMT
server: Google Frontend
content-length: 46646
via: 1.1 google
x-cache-hit: miss
x-cache-id: ARN-e8c60de5
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| freegtaov.life/static/your/css/animate.css | 188.114.97.1 | 200 OK | 58 kB |
URL GET HTTP/3freegtaov.life/static/your/css/animate.css IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectfreegtaov.life Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47 ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT
File typeASCII text, with very long lines (460) Hash77a5c1c68584ef4f63535fd1b8f9ea8a d0700bd7ef9ef7b5c17f7ae46930dabb23e18f81 a8b27255a12c6f055e0df480753920dbfda0f4057f0d701b5d715e03a550a46b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/your/css/animate.css HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freegtaov.life/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImxZWHhQSnJMRjM2MTJvV2tpYVpaQXc9PSIsInZhbHVlIjoiY3I1T3JmRzJmeFl2Y2gzcGlmZkxBNGRCNHpNK0JXQlNRYU9HNkNZdmxxbitqVGNONEFSMCsrRmJESFdhd3dKcEx2MFpVejFCOXJkOWlaRVBUSm9jMDhpVjdqN05KQ1RIcGphQlVaaHlHd2FkSmZzSmVjZEhwb1ZpSExGc2RCSEkiLCJtYWMiOiIzMDVhMzJmMzJjODE5MWEyMTQ5ZTg1M2I1MWZhZGJiN2NlNjAyZDMxNjVlY2RlNzkzOTMzMTNiM2MyMjBlOGIzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1iSzJtcE1CWTdVUFg4UmFDSldKbVE9PSIsInZhbHVlIjoiTWVWS3F1WlFneG1OSDZtSjZTNk9tcWh5R1pKZzlhOThvQjVGV002RjQ5V3JRK3dNUHZ2eE92enVMeWtOcjFaUVBCUXEyY21xeVBRaEJuMkVldUNIUngrVWE3V0l6UjZYU1lFYnJiMjJhZ2V2eVpzSXJSdzh2bzhmY1dmblZHTXAiLCJtYWMiOiI0Zjg3OTNiYjAxZmM1MzI2MWFkYWQyYjE4ZWM4OTg0YWU5ZDQyODFmNDM4OTNkNTkzYTUyMjhhZWZlMDA3M2E3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 08:28:46 GMT
content-type: text/css
last-modified: Sat, 07 Oct 2023 06:20:27 GMT
etag: W/"e3a1-6071a5a631329-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2623
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NKhcJs3ConumU41XoErlDH%2FfsNhcf%2Bs5XWzsSw552%2BLYwwz4QQVvdNOYDu2wgGbMZEMpUYPkWKsM5NHa92iTA%2Fjl0%2FA6p3rSKHFSBaMDe9hzWXJTUHi7Rj%2B3o7YbJUhG6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a533891953712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freegtaov.life/static/your/css/lightbox.css | 188.114.97.1 | 200 OK | 3.5 kB |
URL GET HTTP/3freegtaov.life/static/your/css/lightbox.css IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectfreegtaov.life Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47 ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT
File typeASCII text, with very long lines (3638), with no line terminators Hash313f1bf7c27b92bf95c8c5a09456017b 8cbc95754b0ca2df9ca15484a994a1a9989db819 b0ac5f3e113197f2a22d84177033a0e586247ada4ec1d0427137fb2a15b144af
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/your/css/lightbox.css HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freegtaov.life/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImxZWHhQSnJMRjM2MTJvV2tpYVpaQXc9PSIsInZhbHVlIjoiY3I1T3JmRzJmeFl2Y2gzcGlmZkxBNGRCNHpNK0JXQlNRYU9HNkNZdmxxbitqVGNONEFSMCsrRmJESFdhd3dKcEx2MFpVejFCOXJkOWlaRVBUSm9jMDhpVjdqN05KQ1RIcGphQlVaaHlHd2FkSmZzSmVjZEhwb1ZpSExGc2RCSEkiLCJtYWMiOiIzMDVhMzJmMzJjODE5MWEyMTQ5ZTg1M2I1MWZhZGJiN2NlNjAyZDMxNjVlY2RlNzkzOTMzMTNiM2MyMjBlOGIzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1iSzJtcE1CWTdVUFg4UmFDSldKbVE9PSIsInZhbHVlIjoiTWVWS3F1WlFneG1OSDZtSjZTNk9tcWh5R1pKZzlhOThvQjVGV002RjQ5V3JRK3dNUHZ2eE92enVMeWtOcjFaUVBCUXEyY21xeVBRaEJuMkVldUNIUngrVWE3V0l6UjZYU1lFYnJiMjJhZ2V2eVpzSXJSdzh2bzhmY1dmblZHTXAiLCJtYWMiOiI0Zjg3OTNiYjAxZmM1MzI2MWFkYWQyYjE4ZWM4OTg0YWU5ZDQyODFmNDM4OTNkNTkzYTUyMjhhZWZlMDA3M2E3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 08:28:46 GMT
content-type: text/css
last-modified: Sat, 07 Oct 2023 06:20:27 GMT
etag: W/"d8e-6071a5a63326a-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2623
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6v1n8MKRFZlT1K70JQ5qW8CNsuCC2qAag%2Bojkwb7vTMAhacNBbuQwMm7dgmPu5QzE3PRWciXtUxohqVf81Oegffe1x71D9C7TR8KtTwor%2FRMpw26pFscE%2FiiW2bQMSXYxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a533891947712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| thepounddropper.com/wp-content/uploads/2021/12/Peppermint-Bark-Feature-.jpg | 172.67.75.185 | 200 OK | 1.5 MB |
URL GET HTTP/2thepounddropper.com/wp-content/uploads/2021/12/Peppermint-Bark-Feature-.jpg IP172.67.75.185:443
CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint87:05:91:94:96:5F:91:19:18:CD:A0:F7:4B:18:47:C5:EF:5F:AE:F9 ValiditySat, 01 Jul 2023 00:00:00 GMT - Sun, 30 Jun 2024 23:59:59 GMT
Size1.5 MB (1458383 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/uploads/2021/12/Peppermint-Bark-Feature-.jpg HTTP/1.1
Host: thepounddropper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:28:50 GMT
content-type: image/jpeg
content-length: 1458383
x-frame-options: SAMEORIGIN
last-modified: Mon, 06 Dec 2021 21:47:49 GMT
cache-control: public, max-age=31536000
expires: max-age=A10368000, public
content-security-policy: block-all-mixed-content
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n5szSyBMiDJAi5cbyMfedCC7WXdk%2Byt3gnS%2F9Nlup1Jbr8%2FvSN40oKIvhfYV1%2BU2Ng2Pz%2BPmPfX6Xf8Qz2cdh897IpDB6E1KUqCx%2FrIGxdjL%2BS2Cj6g8gqgnhknsToRtLSEy5gY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a5339d8ef656bf-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| freegtaov.life/static/your/css/opencart.css | 188.114.97.1 | 200 OK | 1.9 kB |
URL GET HTTP/3freegtaov.life/static/your/css/opencart.css IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectfreegtaov.life Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47 ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT
File typeASCII text, with very long lines (2076), with no line terminators Hashc3539f75f7ceb88a42d224dc60e8fd25 1c27dadef4cf7199db95b8b3d2792107858e6fb3 dfdd02b5f0a91b0588510b93165d45f9d12c3478835ed93c6ca00c4a2f9a7df7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/your/css/opencart.css HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freegtaov.life/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImxZWHhQSnJMRjM2MTJvV2tpYVpaQXc9PSIsInZhbHVlIjoiY3I1T3JmRzJmeFl2Y2gzcGlmZkxBNGRCNHpNK0JXQlNRYU9HNkNZdmxxbitqVGNONEFSMCsrRmJESFdhd3dKcEx2MFpVejFCOXJkOWlaRVBUSm9jMDhpVjdqN05KQ1RIcGphQlVaaHlHd2FkSmZzSmVjZEhwb1ZpSExGc2RCSEkiLCJtYWMiOiIzMDVhMzJmMzJjODE5MWEyMTQ5ZTg1M2I1MWZhZGJiN2NlNjAyZDMxNjVlY2RlNzkzOTMzMTNiM2MyMjBlOGIzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1iSzJtcE1CWTdVUFg4UmFDSldKbVE9PSIsInZhbHVlIjoiTWVWS3F1WlFneG1OSDZtSjZTNk9tcWh5R1pKZzlhOThvQjVGV002RjQ5V3JRK3dNUHZ2eE92enVMeWtOcjFaUVBCUXEyY21xeVBRaEJuMkVldUNIUngrVWE3V0l6UjZYU1lFYnJiMjJhZ2V2eVpzSXJSdzh2bzhmY1dmblZHTXAiLCJtYWMiOiI0Zjg3OTNiYjAxZmM1MzI2MWFkYWQyYjE4ZWM4OTg0YWU5ZDQyODFmNDM4OTNkNTkzYTUyMjhhZWZlMDA3M2E3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 08:28:46 GMT
content-type: text/css
last-modified: Sat, 07 Oct 2023 06:20:27 GMT
etag: W/"77c-6071a5a63326a-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2623
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a3Yvwa168eljOAXWIa20x65iQgm3ryGYYJ6ZpEHArBeJLIKz0XnBy7CqQwiWTyQnBLdZNKlOb465RMqFUHl%2BEjah71Bl1mxPFj4Q6Mh1XTSj7KfGnsor2nB%2F%2FDfiqFbnvA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a533891958712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| static.bhphoto.com/images/fb/1700874.jpg | 104.18.38.13 | 200 OK | 92 kB |
URL GET HTTP/2static.bhphoto.com/images/fb/1700874.jpg IP104.18.38.13:443
CertificateIssuerLet's Encrypt Subjectbhphoto.com FingerprintE1:D2:D2:86:8C:6C:64:4D:BE:68:16:71:26:18:7A:4D:BE:C8:3D:4E ValidityMon, 25 Mar 2024 22:28:35 GMT - Sun, 23 Jun 2024 22:28:34 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1200x630, components 3 Hash2320343ee39adaf75429639d12c3032a 2c8b8db006deec346a89f1c50789b5c5963d2507 e82be3e10e318ab55790a178a075cacd7ad48d8163a3735e86b8349c9e88c6f3
GET /images/fb/1700874.jpg HTTP/1.1
Host: static.bhphoto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 08:28:50 GMT
content-type: image/jpeg
cf-ray: 87a5339daf9156a4-OSL
cf-cache-status: MISS
cache-control: public, max-age=31536000
etag: "628295e1-1680f"
last-modified: Mon, 16 May 2022 18:20:17 GMT
vary: Accept-Encoding
set-cookie: __cf_bm=ij5e9s0gVVeyzI86irCM_v31lVgfWsjrPxtkhaVYF5Q-1714120130-1.0.1.1-IaE9dARxXrASD1osc5rMmdxSSrKAynrofyOoL0txE5IsXqVVc66AhqgrMXoaTEKqjIv5q2xKLHkymjzJMDAVP7.0kNJhHkLAgf.4ba2v_ms; path=/; expires=Fri, 26-Apr-24 08:58:50 GMT; domain=.bhphoto.com; HttpOnly; Secure; SameSite=None
__cfruid=025fcd0336c7b23e08ae467f7aa0c189f8fb6f3f-1714120130; path=/; domain=.bhphoto.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
|
|
| freegtaov.life/static/your/css/owl.carousel.min.css | 188.114.97.1 | 200 OK | 2.9 kB |
URL GET HTTP/3freegtaov.life/static/your/css/owl.carousel.min.css IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectfreegtaov.life Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47 ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT
File typeASCII text, with very long lines (2943), with no line terminators Hash4d4667e9d189e4986f510490969ec75c cf8ab378a96e61b92571e9f0927e54bb89bed195 5110a28a79fceab8d0800452b37b74ab88d659fd6e34ab89d6247c0c8a3117ad
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/your/css/owl.carousel.min.css HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freegtaov.life/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImxZWHhQSnJMRjM2MTJvV2tpYVpaQXc9PSIsInZhbHVlIjoiY3I1T3JmRzJmeFl2Y2gzcGlmZkxBNGRCNHpNK0JXQlNRYU9HNkNZdmxxbitqVGNONEFSMCsrRmJESFdhd3dKcEx2MFpVejFCOXJkOWlaRVBUSm9jMDhpVjdqN05KQ1RIcGphQlVaaHlHd2FkSmZzSmVjZEhwb1ZpSExGc2RCSEkiLCJtYWMiOiIzMDVhMzJmMzJjODE5MWEyMTQ5ZTg1M2I1MWZhZGJiN2NlNjAyZDMxNjVlY2RlNzkzOTMzMTNiM2MyMjBlOGIzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1iSzJtcE1CWTdVUFg4UmFDSldKbVE9PSIsInZhbHVlIjoiTWVWS3F1WlFneG1OSDZtSjZTNk9tcWh5R1pKZzlhOThvQjVGV002RjQ5V3JRK3dNUHZ2eE92enVMeWtOcjFaUVBCUXEyY21xeVBRaEJuMkVldUNIUngrVWE3V0l6UjZYU1lFYnJiMjJhZ2V2eVpzSXJSdzh2bzhmY1dmblZHTXAiLCJtYWMiOiI0Zjg3OTNiYjAxZmM1MzI2MWFkYWQyYjE4ZWM4OTg0YWU5ZDQyODFmNDM4OTNkNTkzYTUyMjhhZWZlMDA3M2E3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 08:28:46 GMT
content-type: text/css
last-modified: Sat, 07 Oct 2023 06:20:27 GMT
etag: W/"b78-6071a5a63326a-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2623
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ulwsTdzGbqlQZFNUondX7MQvLOskqtspb1OZ7VHgb3BQaQjfsE6m86bXnQjg3DyWN6W5k4BWrCqEqZW73OUZbB9crpe3wG36tv6kQUFc8ARYXztWzB9YIMGBDytuDcFmiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a533891949712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freegtaov.life/static/your/css/stylesheet.css | 188.114.97.1 | 200 OK | 92 kB |
URL GET HTTP/3freegtaov.life/static/your/css/stylesheet.css IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectfreegtaov.life Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47 ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (529) Hash9a06a247e039b7a8e36cc1059d7c5c39 4a42d4ebcf871ec3ac45c47eb1110462616f2390 8cab6c22f51f0c08736e6ef55849ad723519a715a79568b749f9123a074878b4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/your/css/stylesheet.css HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freegtaov.life/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImxZWHhQSnJMRjM2MTJvV2tpYVpaQXc9PSIsInZhbHVlIjoiY3I1T3JmRzJmeFl2Y2gzcGlmZkxBNGRCNHpNK0JXQlNRYU9HNkNZdmxxbitqVGNONEFSMCsrRmJESFdhd3dKcEx2MFpVejFCOXJkOWlaRVBUSm9jMDhpVjdqN05KQ1RIcGphQlVaaHlHd2FkSmZzSmVjZEhwb1ZpSExGc2RCSEkiLCJtYWMiOiIzMDVhMzJmMzJjODE5MWEyMTQ5ZTg1M2I1MWZhZGJiN2NlNjAyZDMxNjVlY2RlNzkzOTMzMTNiM2MyMjBlOGIzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1iSzJtcE1CWTdVUFg4UmFDSldKbVE9PSIsInZhbHVlIjoiTWVWS3F1WlFneG1OSDZtSjZTNk9tcWh5R1pKZzlhOThvQjVGV002RjQ5V3JRK3dNUHZ2eE92enVMeWtOcjFaUVBCUXEyY21xeVBRaEJuMkVldUNIUngrVWE3V0l6UjZYU1lFYnJiMjJhZ2V2eVpzSXJSdzh2bzhmY1dmblZHTXAiLCJtYWMiOiI0Zjg3OTNiYjAxZmM1MzI2MWFkYWQyYjE4ZWM4OTg0YWU5ZDQyODFmNDM4OTNkNTkzYTUyMjhhZWZlMDA3M2E3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 08:28:46 GMT
content-type: text/css
last-modified: Sat, 07 Oct 2023 06:20:27 GMT
etag: W/"16563-6071a5a633652-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2623
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eh6GWxO3kl2oBnaoR6GCkg1fI1jSzSevbqu%2BlbQk2DIJiYsfdpGZxu1fxIV9rvtHb6HzTMMKII%2F2WBKKgvTxIMQu%2BbZVCCfr0ruKT1k%2FNpzstAQDWc046J7Axmg%2FEkc%2FOA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a533891950712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freegtaov.life/static/default/js/public.js | 188.114.97.1 | 200 OK | 1.9 kB |
URL GET HTTP/3freegtaov.life/static/default/js/public.js IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectfreegtaov.life Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47 ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (1900), with no line terminators Hash51c8cad5196fedebda08621dea5c6405 5edaf17734119cf9985a4c1474bbde7eb801de35 13d077ad8e2e39537edac3359ea189cc9dd414f7a939e19950e22d7f7bcb1d34
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/default/js/public.js HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freegtaov.life/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImxZWHhQSnJMRjM2MTJvV2tpYVpaQXc9PSIsInZhbHVlIjoiY3I1T3JmRzJmeFl2Y2gzcGlmZkxBNGRCNHpNK0JXQlNRYU9HNkNZdmxxbitqVGNONEFSMCsrRmJESFdhd3dKcEx2MFpVejFCOXJkOWlaRVBUSm9jMDhpVjdqN05KQ1RIcGphQlVaaHlHd2FkSmZzSmVjZEhwb1ZpSExGc2RCSEkiLCJtYWMiOiIzMDVhMzJmMzJjODE5MWEyMTQ5ZTg1M2I1MWZhZGJiN2NlNjAyZDMxNjVlY2RlNzkzOTMzMTNiM2MyMjBlOGIzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1iSzJtcE1CWTdVUFg4UmFDSldKbVE9PSIsInZhbHVlIjoiTWVWS3F1WlFneG1OSDZtSjZTNk9tcWh5R1pKZzlhOThvQjVGV002RjQ5V3JRK3dNUHZ2eE92enVMeWtOcjFaUVBCUXEyY21xeVBRaEJuMkVldUNIUngrVWE3V0l6UjZYU1lFYnJiMjJhZ2V2eVpzSXJSdzh2bzhmY1dmblZHTXAiLCJtYWMiOiI0Zjg3OTNiYjAxZmM1MzI2MWFkYWQyYjE4ZWM4OTg0YWU5ZDQyODFmNDM4OTNkNTkzYTUyMjhhZWZlMDA3M2E3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 08:28:46 GMT
content-type: application/javascript
last-modified: Sat, 07 Oct 2023 06:20:26 GMT
etag: W/"76f-6071a5a5dcf64-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2623
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fwyBY7ryq5WazQ12CBQm5J%2FCN6824IRVDKB3bXgnMEd96aKIbpYbRybfhqZNir6X%2BX6L4KEDJGZxMfApoRPULJa53%2FpRYbgj%2FUyK78PdA4h%2BQ8hqvGxw0glx2J0J3Q2jgg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a533893969712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freegtaov.life/static/your/css/font-awesome.min.css | 188.114.97.1 | 200 OK | 31 kB |
URL GET HTTP/3freegtaov.life/static/your/css/font-awesome.min.css IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectfreegtaov.life Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47 ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT
File typeASCII text, with very long lines (30813) Hashba098bc004de79c602b8a80093ecfb6d 07e2a0eae9e2a64f753638b5281b878b586f054d ad6ed6588f8299f92680d0b1e7d3103621f713060409ac419094140e6fdaeb84
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/your/css/font-awesome.min.css HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freegtaov.life/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImxZWHhQSnJMRjM2MTJvV2tpYVpaQXc9PSIsInZhbHVlIjoiY3I1T3JmRzJmeFl2Y2gzcGlmZkxBNGRCNHpNK0JXQlNRYU9HNkNZdmxxbitqVGNONEFSMCsrRmJESFdhd3dKcEx2MFpVejFCOXJkOWlaRVBUSm9jMDhpVjdqN05KQ1RIcGphQlVaaHlHd2FkSmZzSmVjZEhwb1ZpSExGc2RCSEkiLCJtYWMiOiIzMDVhMzJmMzJjODE5MWEyMTQ5ZTg1M2I1MWZhZGJiN2NlNjAyZDMxNjVlY2RlNzkzOTMzMTNiM2MyMjBlOGIzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1iSzJtcE1CWTdVUFg4UmFDSldKbVE9PSIsInZhbHVlIjoiTWVWS3F1WlFneG1OSDZtSjZTNk9tcWh5R1pKZzlhOThvQjVGV002RjQ5V3JRK3dNUHZ2eE92enVMeWtOcjFaUVBCUXEyY21xeVBRaEJuMkVldUNIUngrVWE3V0l6UjZYU1lFYnJiMjJhZ2V2eVpzSXJSdzh2bzhmY1dmblZHTXAiLCJtYWMiOiI0Zjg3OTNiYjAxZmM1MzI2MWFkYWQyYjE4ZWM4OTg0YWU5ZDQyODFmNDM4OTNkNTkzYTUyMjhhZWZlMDA3M2E3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 08:28:46 GMT
content-type: text/css
last-modified: Sat, 07 Oct 2023 06:20:27 GMT
etag: W/"7900-6071a5a631711-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2623
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9bNs%2F%2BSIlF3aqTzlDLaMRyjUzy0VSOs8A6E18D8dwZAx%2Fb%2BBLjtEO70%2FmjHFX2mr8oWCf7cw%2Fr73wxIQ1LVruNB5cjKAKuBwU6n5olDlz4z%2BRZqxp%2F0jv4aUfzPrNE06RA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a533891945712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freegtaov.life/static/your/css/owl.theme.default.min.css | 188.114.97.1 | 200 OK | 936 B |
URL GET HTTP/3freegtaov.life/static/your/css/owl.theme.default.min.css IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectfreegtaov.life Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47 ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT
File typeASCII text, with very long lines (941), with no line terminators Hashe781dd464fc6867934d0e6d39e490437 e5097e41900eab39cfba063f915261f09c96288f c7872c41846b478f0977ef824a1ccc08911439c4c29a6055725cb5c8190fc872
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/your/css/owl.theme.default.min.css HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freegtaov.life/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImxZWHhQSnJMRjM2MTJvV2tpYVpaQXc9PSIsInZhbHVlIjoiY3I1T3JmRzJmeFl2Y2gzcGlmZkxBNGRCNHpNK0JXQlNRYU9HNkNZdmxxbitqVGNONEFSMCsrRmJESFdhd3dKcEx2MFpVejFCOXJkOWlaRVBUSm9jMDhpVjdqN05KQ1RIcGphQlVaaHlHd2FkSmZzSmVjZEhwb1ZpSExGc2RCSEkiLCJtYWMiOiIzMDVhMzJmMzJjODE5MWEyMTQ5ZTg1M2I1MWZhZGJiN2NlNjAyZDMxNjVlY2RlNzkzOTMzMTNiM2MyMjBlOGIzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1iSzJtcE1CWTdVUFg4UmFDSldKbVE9PSIsInZhbHVlIjoiTWVWS3F1WlFneG1OSDZtSjZTNk9tcWh5R1pKZzlhOThvQjVGV002RjQ5V3JRK3dNUHZ2eE92enVMeWtOcjFaUVBCUXEyY21xeVBRaEJuMkVldUNIUngrVWE3V0l6UjZYU1lFYnJiMjJhZ2V2eVpzSXJSdzh2bzhmY1dmblZHTXAiLCJtYWMiOiI0Zjg3OTNiYjAxZmM1MzI2MWFkYWQyYjE4ZWM4OTg0YWU5ZDQyODFmNDM4OTNkNTkzYTUyMjhhZWZlMDA3M2E3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 08:28:46 GMT
content-type: text/css
last-modified: Sat, 07 Oct 2023 06:20:27 GMT
etag: W/"3a8-6071a5a63326a-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2623
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lYey6NLOD%2BWIQvOTmZ7mXOpWdrh1zYEUQcXEvbElWTLbhDzAwjWWoyyd8fJx3awlicerQ6xMZuToUjr0uxnmwqHTuzPNnnffmnjqklpoH%2BJISWMsD%2B8%2FierhiPVpH3WG3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a53389194b712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freegtaov.life/static/store/css/checkout.css | 188.114.97.1 | 200 OK | 4.8 kB |
URL GET HTTP/3freegtaov.life/static/store/css/checkout.css IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectfreegtaov.life Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47 ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT
File typeASCII text, with very long lines (5046), with no line terminators Hash78004bf5e334b836b476f48fcb42d6b2 1b118f3acfd8329b2219397946fbdcdd2eb8a8a1 36ec4ba8f16410525a9046d41eab8c0acb179340bed5d10a795edb52fc899bb0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/store/css/checkout.css HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freegtaov.life/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImxZWHhQSnJMRjM2MTJvV2tpYVpaQXc9PSIsInZhbHVlIjoiY3I1T3JmRzJmeFl2Y2gzcGlmZkxBNGRCNHpNK0JXQlNRYU9HNkNZdmxxbitqVGNONEFSMCsrRmJESFdhd3dKcEx2MFpVejFCOXJkOWlaRVBUSm9jMDhpVjdqN05KQ1RIcGphQlVaaHlHd2FkSmZzSmVjZEhwb1ZpSExGc2RCSEkiLCJtYWMiOiIzMDVhMzJmMzJjODE5MWEyMTQ5ZTg1M2I1MWZhZGJiN2NlNjAyZDMxNjVlY2RlNzkzOTMzMTNiM2MyMjBlOGIzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1iSzJtcE1CWTdVUFg4UmFDSldKbVE9PSIsInZhbHVlIjoiTWVWS3F1WlFneG1OSDZtSjZTNk9tcWh5R1pKZzlhOThvQjVGV002RjQ5V3JRK3dNUHZ2eE92enVMeWtOcjFaUVBCUXEyY21xeVBRaEJuMkVldUNIUngrVWE3V0l6UjZYU1lFYnJiMjJhZ2V2eVpzSXJSdzh2bzhmY1dmblZHTXAiLCJtYWMiOiI0Zjg3OTNiYjAxZmM1MzI2MWFkYWQyYjE4ZWM4OTg0YWU5ZDQyODFmNDM4OTNkNTkzYTUyMjhhZWZlMDA3M2E3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 08:28:46 GMT
content-type: text/css
last-modified: Sat, 07 Oct 2023 06:20:27 GMT
etag: W/"12d8-6071a5a61cb02-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2623
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x4jFfeTO6pHbZVOq36PM%2FQC%2FQTHsx26G2qwO2O%2FHUYp5zTzw8JEkTvZ5qcrQAgEqLn3H%2F%2Fsy9bvKDzM%2BfwF4RI4PcGp%2FGdLj2aBaW8wQTdcFCZnavreEGGUesVFf58oNjA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a53389195c712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freegtaov.life/favicon.ico | 188.114.97.1 | 200 OK | 61 B |
URL GET HTTP/3freegtaov.life/favicon.ico IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectfreegtaov.life Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47 ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash2d963171282c4de9d6969472b23e47e3 1ea3d4ba9fe4b01b4edf5b7dcd20ac246d2187d8 87ed5a5a37969aa977d6f4fc16ae7a094bc1abc454307e011b65036646b4d3ab
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freegtaov.life/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Im94NElBeExqenFPU25zVTFjSHhrTmc9PSIsInZhbHVlIjoiUXp0MVJIb2hKUlIydEpCUTN1bC9xbFc1Vkd0MU4yTUlxeXB1Y25pa05MdzB4Z2p6QUpxZ201OW5uanFVY0RoQ0VCeU4zQzFtQnQvVU05SmRpRU4rdmwrRXpWREtvbDNKaWo4Y29kamIyQXEraWJrczQydlJvMGY4VENkaGtwZ0giLCJtYWMiOiIzMDc5ZDgwZDg0NTQxY2EwN2Q5ODMyNWYzMTM0ZDFlNDU5NjY2ZGJkZjFlMjJlYjAzZDdkOTRmODdmYzhlZGRlIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjZtc1RUd2FBdlpBM3UybkVPNkRKYlE9PSIsInZhbHVlIjoieFpENnJkM3UyRGhwTkN3VXBsSjNoU2xxWDYwUU9SVjZ5dEtTd3Q4WExHelRzZHA2NlAreHduNFdmcHhzQXl1MXpweFVmcURSTnAyYzI0cmlQaHBNNSt6WkN4eWh1NlQrT0s3UTUrTFVDTVRoQlhSRzBUZmorVlN0NUx0dlJJdWoiLCJtYWMiOiI0OWVkNTJjYWVkNzA4ZTY0ZDAxMmQ4MmU0OWQwZjc3YmMwNmZlODgyMGUyNDE3ZTg3OWUwNDljMzg1MGI0NGJkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 08:28:48 GMT
content-type: application/json
cache-control: no-cache, private
vary: Accept-Encoding
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C25YoZ58AGFPrGhBqwTkDEJK%2BXmU1SIfLPytZHX8tEbiqPvRaosaKdUnf2L9EJgsPtHtPZ9yOAkavLBKJwmx5XoIjODxLLKbB8c4nolFmGUIsNgmuHLzotZUz%2F2QFcLY2g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a53392192d712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freegtaov.life/static/your/css/magnific-popup.css | 188.114.97.1 | 200 OK | 7.7 kB |
URL GET HTTP/3freegtaov.life/static/your/css/magnific-popup.css IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectfreegtaov.life Fingerprint41:71:E6:80:85:A3:E8:3B:63:D4:BE:F5:21:59:11:30:C0:5C:EC:47 ValidityTue, 05 Mar 2024 06:36:45 GMT - Mon, 03 Jun 2024 06:36:44 GMT
File typeASCII text, with very long lines (8049), with no line terminators Hashff38520855bf32e67380f0c900e6e71a 33dbded62e37764281e0d5bcc38e48d77760a20d 7b5d633f10e5f270180f5fd9198be0406dfeed30a183f142f3b657fe3c4c6d1b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/your/css/magnific-popup.css HTTP/1.1
Host: freegtaov.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freegtaov.life/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImxZWHhQSnJMRjM2MTJvV2tpYVpaQXc9PSIsInZhbHVlIjoiY3I1T3JmRzJmeFl2Y2gzcGlmZkxBNGRCNHpNK0JXQlNRYU9HNkNZdmxxbitqVGNONEFSMCsrRmJESFdhd3dKcEx2MFpVejFCOXJkOWlaRVBUSm9jMDhpVjdqN05KQ1RIcGphQlVaaHlHd2FkSmZzSmVjZEhwb1ZpSExGc2RCSEkiLCJtYWMiOiIzMDVhMzJmMzJjODE5MWEyMTQ5ZTg1M2I1MWZhZGJiN2NlNjAyZDMxNjVlY2RlNzkzOTMzMTNiM2MyMjBlOGIzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1iSzJtcE1CWTdVUFg4UmFDSldKbVE9PSIsInZhbHVlIjoiTWVWS3F1WlFneG1OSDZtSjZTNk9tcWh5R1pKZzlhOThvQjVGV002RjQ5V3JRK3dNUHZ2eE92enVMeWtOcjFaUVBCUXEyY21xeVBRaEJuMkVldUNIUngrVWE3V0l6UjZYU1lFYnJiMjJhZ2V2eVpzSXJSdzh2bzhmY1dmblZHTXAiLCJtYWMiOiI0Zjg3OTNiYjAxZmM1MzI2MWFkYWQyYjE4ZWM4OTg0YWU5ZDQyODFmNDM4OTNkNTkzYTUyMjhhZWZlMDA3M2E3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 08:28:46 GMT
content-type: text/css
last-modified: Sat, 07 Oct 2023 06:20:27 GMT
etag: W/"1e06-6071a5a63326a-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2623
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b5%2FpFQW51HkcVGwUK9LLyNiyjQmJBLrFILHRbpU%2FRrREbOg7NtCsbb%2FJ59fobioT2xhulkdiJs6RAzRJNtDY0Dam1A36h%2F%2F5R6ASGF8ZcOpk73o7cDhgqrOoIbWThUEFBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a53389194d712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|