Report - pinturaja.info/

Report Overview

URL

pinturaja.info/
IP

172.67.211.81

ASN

#13335 CLOUDFLARENET
Submitted

2023-02-08T22:06:51Z

Access
Tags

None
urlquery detections

No alerts detected

Detections

urlquery

0
Network Intrusion Detection

6
Threat Detection Systems

0

Domain Summary

Domain	Rank	First Seen	Last Seen	Sent	Received	IP
fonts.googleapis.com (1)	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	437	630	142.250.74.74
tawk.link (1)	48589	2015-06-24T13:31:14Z	2023-03-13T02:55:41Z	412	724	188.114.96.1
pinturaja.info (2)	unknown	2022-12-12T15:07:48Z	2022-12-30T22:49:48Z	790	18789	104.21.23.137
ocsp.pki.goog (5)	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	1715	3495	216.58.211.3
ocsp.globalsign.com (1)	2075	2012-07-20T19:46:16Z	2023-03-13T05:09:19Z	368	1920	104.18.21.226
fonts.gstatic.com (4)	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	1934	115104	142.250.74.35
vsb7.tawk.to (1)	113922	2020-04-05T00:29:00Z	2023-03-13T07:51:05Z	1070	769	104.22.24.131
r3.o.lencr.org (6)	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2028	5320	23.36.77.32
contile.services.mozilla.com (1)	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333	391	34.117.237.239
e1.o.lencr.org (4)	6159	2021-08-20T09:36:30Z	2023-03-13T05:21:46Z	1352	2914	23.36.76.226
push.services.mozilla.com (1)	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606	127	54.148.213.75
embed.tawk.to (6)	8650	2014-03-19T22:03:49Z	2023-03-13T08:30:57Z	2559	3505	104.22.25.131
static.getbutton.io (2)	31869	2019-10-01T11:11:58Z	2023-03-13T05:14:19Z	753	95057	95.216.228.15
img-getpocket.cdn.mozilla.net (6)	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3246	63952	34.120.237.76
va.tawk.to (4)	8297	2017-01-30T05:20:46Z	2023-03-13T05:52:59Z	1928	2903	104.22.25.131
content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413	5844	34.160.144.191
ocsp.digicert.com (5)	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	1705	24846	93.184.220.29
img.pay4d.info (47)	93767	2019-09-25T05:12:55Z	2023-03-13T06:56:23Z	18708	651142	104.19.136.75
cdn.jsdelivr.net (1)	439	2012-09-30T02:15:09Z	2023-03-13T06:17:54Z	424	11730	151.101.193.229
code.jquery.com (1)	634	2012-05-21T19:28:02Z	2023-03-13T05:09:57Z	398	31333	69.16.175.10
firefox.settings.services.mozilla.com (2)	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782	2373	35.241.9.150

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-02-08T22:07:38Z	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-02-08T22:07:38Z	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-02-08T22:07:39Z	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-02-08T22:07:39Z	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-02-08T22:07:41Z	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-02-08T22:07:41Z	medium	Client IP	Internal IP	ET DNS Query for .to TLD

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

HTTP Transactions (102)

	URL	IP	Response	Size
	pinturaja.info/	104.21.23.137	301 Moved Permanently	0
Search urlquery URL pinturaja.info/ DOMAIN pinturaja.info FQDN pinturaja.info IP 104.21.23.137 Hash d41d8cd98f00b204e9800998ecf8427e External sources Mnemonic PDNS FQDN pinturaja.info DOMAIN pinturaja.info IP 104.21.23.137 VirusTotal HASH da39a3ee5e6b4b0d3255bfef95601890afd80709 FQDN pinturaja.info DOMAIN pinturaja.info IP 104.21.23.137 crt.sh FQDN pinturaja.info DOMAIN pinturaja.info URL HTTP/1.1 pinturaja.info/ IP 104.21.23.137:0 ASN #13335 CLOUDFLARENET Magic Size 0 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET / HTTP/1.1 Host: pinturaja.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` HTTP/1.1 301 Moved Permanently Date: Wed, 08 Feb 2023 22:06:40 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: max-age=3600 Expires: Wed, 08 Feb 2023 23:06:40 GMT Location: https://pinturaja.info/ Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UYjpxNiLCSSMbJsyOF70ZqeGb%2BA8LZ1bAonUJDsQDhyJMG7wcI6ys5gP99rUxYUqqS2BYXiGQMtHc%2BfCb6HIjpMQlYPUsq6ZJt83crTzsegmfrEcqejEzCSyVr3Z5s0VlA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 7967ac7d5d981c16-OSL alt-svc: h2=":443"; ma=60

	r3.o.lencr.org/	23.36.77.32	200 OK	503
Search urlquery URL r3.o.lencr.org/ DOMAIN lencr.org FQDN r3.o.lencr.org IP 23.36.77.32 Hash dca68db7aea32f6683ce8d542c078f04 External sources Mnemonic PDNS FQDN r3.o.lencr.org DOMAIN lencr.org IP 23.36.77.32 VirusTotal HASH 19c495238df74fca680e21f18627ff94de5dd2e5 FQDN r3.o.lencr.org DOMAIN lencr.org IP 23.36.77.32 crt.sh FQDN r3.o.lencr.org DOMAIN lencr.org URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. Magic data Size 503 Hash dca68db7aea32f6683ce8d542c078f04 19c495238df74fca680e21f18627ff94de5dd2e5 35cab3987fc0e4a41b305cb208c1e33fa38ce8bdfd9f386c3dc0411dd4d5ac61 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "35CAB3987FC0E4A41B305CB208C1E33FA38CE8BDFD9F386C3DC0411DD4D5AC61" Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15599 Expires: Thu, 09 Feb 2023 02:26:39 GMT Date: Wed, 08 Feb 2023 22:06:40 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503
Search urlquery URL r3.o.lencr.org/ DOMAIN lencr.org FQDN r3.o.lencr.org IP 23.36.77.32 Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a External sources Mnemonic PDNS FQDN r3.o.lencr.org DOMAIN lencr.org IP 23.36.77.32 VirusTotal HASH cfdba5bc597130461dd67bf6cda53183be592493 FQDN r3.o.lencr.org DOMAIN lencr.org IP 23.36.77.32 crt.sh FQDN r3.o.lencr.org DOMAIN lencr.org URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. Magic data Size 503 Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a cfdba5bc597130461dd67bf6cda53183be592493 60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D" Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11818 Expires: Thu, 09 Feb 2023 01:23:38 GMT Date: Wed, 08 Feb 2023 22:06:40 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503
Search urlquery URL r3.o.lencr.org/ DOMAIN lencr.org FQDN r3.o.lencr.org IP 23.36.77.32 Hash cc14b0d2f7c451f6431dc87ba54d1d60 External sources Mnemonic PDNS FQDN r3.o.lencr.org DOMAIN lencr.org IP 23.36.77.32 VirusTotal HASH bab8bfda6fa3e2f17125353f5147211787dc25d0 FQDN r3.o.lencr.org DOMAIN lencr.org IP 23.36.77.32 crt.sh FQDN r3.o.lencr.org DOMAIN lencr.org URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. Magic data Size 503 Hash cc14b0d2f7c451f6431dc87ba54d1d60 bab8bfda6fa3e2f17125353f5147211787dc25d0 b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD" Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=13768 Expires: Thu, 09 Feb 2023 01:56:08 GMT Date: Wed, 08 Feb 2023 22:06:40 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939
Search urlquery URL firefox.settings.services.mozilla.com/v1/ DOMAIN mozilla.com FQDN firefox.settings.services.mozilla.com IP 35.241.9.150 Hash bf0c602d32b3c14606f22a86183b5e3c External sources Mnemonic PDNS FQDN firefox.settings.services.mozilla.com DOMAIN mozilla.com IP 35.241.9.150 VirusTotal HASH 6eabd8d83475eba731968abe1a05a8bfd272f160 FQDN firefox.settings.services.mozilla.com DOMAIN mozilla.com IP 35.241.9.150 crt.sh FQDN firefox.settings.services.mozilla.com DOMAIN mozilla.com URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE Magic JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 Hash bf0c602d32b3c14606f22a86183b5e3c 6eabd8d83475eba731968abe1a05a8bfd272f160 6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Type, Retry-After, Backoff, Alert, Content-Length content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Wed, 08 Feb 2023 21:36:44 GMT content-type: application/json age: 1796 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain	34.160.144.191	200 OK	5348
Search urlquery URL content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain DOMAIN mozilla.net FQDN content-signature-2.cdn.mozilla.net IP 34.160.144.191 Hash e76071a28ee566dababb3834f46d68ed External sources Mnemonic PDNS FQDN content-signature-2.cdn.mozilla.net DOMAIN mozilla.net IP 34.160.144.191 VirusTotal HASH aebb4e68c1ba2de0f90025283e8ed8470944fde0 FQDN content-signature-2.cdn.mozilla.net DOMAIN mozilla.net IP 34.160.144.191 crt.sh FQDN content-signature-2.cdn.mozilla.net DOMAIN mozilla.net URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain IP 34.160.144.191:0 ASN #15169 GOOGLE Magic PEM certificate\012- , ASCII text Size 5348 Hash e76071a28ee566dababb3834f46d68ed aebb4e68c1ba2de0f90025283e8ed8470944fde0 78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6 HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK x-amz-id-2: yHirCzDNevTsxCw9MuBSCqG0p9uqtF0TwywwakYqsOpkpXgTZqa8ktmkmgDFuEq4mNLfXZBV5rY= x-amz-request-id: 2KDPBNEGR57EJ1TJ content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Wed, 08 Feb 2023 21:46:07 GMT age: 1233 last-modified: Sun, 29 Jan 2023 18:44:47 GMT etag: "e76071a28ee566dababb3834f46d68ed" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2`

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12
Search urlquery URL contile.services.mozilla.com/v1/tiles DOMAIN mozilla.com FQDN contile.services.mozilla.com IP 34.117.237.239 Hash 23e88fb7b99543fb33315b29b1fad9d6 External sources Mnemonic PDNS FQDN contile.services.mozilla.com DOMAIN mozilla.com IP 34.117.237.239 VirusTotal HASH a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce FQDN contile.services.mozilla.com DOMAIN mozilla.com IP 34.117.237.239 crt.sh FQDN contile.services.mozilla.com DOMAIN mozilla.com URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE Magic JSON data\012- , ASCII text, with no line terminators Size 12 Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Wed, 08 Feb 2023 22:06:40 GMT content-type: application/json content-length: 12 vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-expose-headers: content-type access-control-allow-credentials: true strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	e1.o.lencr.org/	23.36.76.226	200 OK	345
Search urlquery URL e1.o.lencr.org/ DOMAIN lencr.org FQDN e1.o.lencr.org IP 23.36.76.226 Hash 6c2a52c1143b3981d724c34a66e67872 External sources Mnemonic PDNS FQDN e1.o.lencr.org DOMAIN lencr.org IP 23.36.76.226 VirusTotal HASH dcea12fb444bf8cad9710324233705d68c885279 FQDN e1.o.lencr.org DOMAIN lencr.org IP 23.36.76.226 crt.sh FQDN e1.o.lencr.org DOMAIN lencr.org URL HTTP/1.1 e1.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. Magic data Size 345 Hash 6c2a52c1143b3981d724c34a66e67872 dcea12fb444bf8cad9710324233705d68c885279 3588735dfc68ec0f86543b0aeb1578d179d151fa7276aac43c238d596fc9cfd7 HTTP Headers `POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 345 ETag: "3588735DFC68EC0F86543B0AEB1578D179D151FA7276AAC43C238D596FC9CFD7" Last-Modified: Mon, 06 Feb 2023 14:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=21560 Expires: Thu, 09 Feb 2023 04:06:00 GMT Date: Wed, 08 Feb 2023 22:06:40 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329
Search urlquery URL firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US DOMAIN mozilla.com FQDN firefox.settings.services.mozilla.com IP 35.241.9.150 Hash 0333b0655111aa68de771adfcc4db243 External sources Mnemonic PDNS FQDN firefox.settings.services.mozilla.com DOMAIN mozilla.com IP 35.241.9.150 VirusTotal HASH 63f295a144ac87a7c8e23417626724eeca68a7eb FQDN firefox.settings.services.mozilla.com DOMAIN mozilla.com IP 35.241.9.150 crt.sh FQDN firefox.settings.services.mozilla.com DOMAIN mozilla.com URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE Magic JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Expires, Retry-After, Content-Length, Content-Type, ETag, Cache-Control, Alert, Pragma, Backoff, Last-Modified content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Wed, 08 Feb 2023 21:51:20 GMT age: 920 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.36.77.32	200 OK	503
Search urlquery URL r3.o.lencr.org/ DOMAIN lencr.org FQDN r3.o.lencr.org IP 23.36.77.32 Hash 9b88bae61bca33aba8aa99f6128db8d9 External sources Mnemonic PDNS FQDN r3.o.lencr.org DOMAIN lencr.org IP 23.36.77.32 VirusTotal HASH a07b61fb2458917699613fcae68710941b595416 FQDN r3.o.lencr.org DOMAIN lencr.org IP 23.36.77.32 crt.sh FQDN r3.o.lencr.org DOMAIN lencr.org URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. Magic data Size 503 Hash 9b88bae61bca33aba8aa99f6128db8d9 a07b61fb2458917699613fcae68710941b595416 54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA" Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4585 Expires: Wed, 08 Feb 2023 23:23:05 GMT Date: Wed, 08 Feb 2023 22:06:40 GMT Connection: keep-alive`

	e1.o.lencr.org/	23.36.76.226	200 OK	345
Search urlquery URL e1.o.lencr.org/ DOMAIN lencr.org FQDN e1.o.lencr.org IP 23.36.76.226 Hash 6c2a52c1143b3981d724c34a66e67872 External sources Mnemonic PDNS FQDN e1.o.lencr.org DOMAIN lencr.org IP 23.36.76.226 VirusTotal HASH dcea12fb444bf8cad9710324233705d68c885279 FQDN e1.o.lencr.org DOMAIN lencr.org IP 23.36.76.226 crt.sh FQDN e1.o.lencr.org DOMAIN lencr.org URL HTTP/1.1 e1.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. Magic data Size 345 Hash 6c2a52c1143b3981d724c34a66e67872 dcea12fb444bf8cad9710324233705d68c885279 3588735dfc68ec0f86543b0aeb1578d179d151fa7276aac43c238d596fc9cfd7 HTTP Headers `POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 345 ETag: "3588735DFC68EC0F86543B0AEB1578D179D151FA7276AAC43C238D596FC9CFD7" Last-Modified: Mon, 06 Feb 2023 14:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=21559 Expires: Thu, 09 Feb 2023 04:06:00 GMT Date: Wed, 08 Feb 2023 22:06:41 GMT Connection: keep-alive`

	push.services.mozilla.com/	54.148.213.75	101 Switching Protocols	0
Search urlquery URL push.services.mozilla.com/ DOMAIN mozilla.com FQDN push.services.mozilla.com IP 54.148.213.75 Hash d41d8cd98f00b204e9800998ecf8427e External sources Mnemonic PDNS FQDN push.services.mozilla.com DOMAIN mozilla.com IP 54.148.213.75 VirusTotal HASH da39a3ee5e6b4b0d3255bfef95601890afd80709 FQDN push.services.mozilla.com DOMAIN mozilla.com IP 54.148.213.75 crt.sh FQDN push.services.mozilla.com DOMAIN mozilla.com URL HTTP/1.1 push.services.mozilla.com/ IP 54.148.213.75:0 ASN #16509 AMAZON-02 Magic Size 0 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: hZBlqwwLAx50xLKvvhBK3w== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: SX1JR0TjV3uJIp9h59A+etIPUZ8=`

	ocsp.pki.goog/gts1c3	216.58.211.3	200 OK	471
Search urlquery URL ocsp.pki.goog/gts1c3 DOMAIN pki.goog FQDN ocsp.pki.goog IP 216.58.211.3 Hash 0333fa3e34f17f01e9829bd8ee662c23 External sources Mnemonic PDNS FQDN ocsp.pki.goog DOMAIN pki.goog IP 216.58.211.3 VirusTotal HASH be4c7a8599038facc49c73d6d14451023bc919e7 FQDN ocsp.pki.goog DOMAIN pki.goog IP 216.58.211.3 crt.sh FQDN ocsp.pki.goog DOMAIN pki.goog URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 216.58.211.3:0 ASN #15169 GOOGLE Magic data Size 471 Hash 0333fa3e34f17f01e9829bd8ee662c23 be4c7a8599038facc49c73d6d14451023bc919e7 8b4ad992549334395b268f43cf73150ed0dfe58801cf9595c3e245ea92dea7d9 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 08 Feb 2023 22:06:41 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.digicert.com/	93.184.220.29	200 OK	279
Search urlquery URL ocsp.digicert.com/ DOMAIN digicert.com FQDN ocsp.digicert.com IP 93.184.220.29 Hash 51ac0e9b354198152f7f87905af994ff External sources Mnemonic PDNS FQDN ocsp.digicert.com DOMAIN digicert.com IP 93.184.220.29 VirusTotal HASH 3ef2ed4be6fb2f89472b5f9632bb49898caae433 FQDN ocsp.digicert.com DOMAIN digicert.com IP 93.184.220.29 crt.sh FQDN ocsp.digicert.com DOMAIN digicert.com URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST Magic data Size 279 Hash 51ac0e9b354198152f7f87905af994ff 3ef2ed4be6fb2f89472b5f9632bb49898caae433 f15b01546de3f1e1212417b302abeb2c136a5e349a382db4d7ce920dcd74e46b HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Cache-Control: 'max-age=158059' Content-Type: application/ocsp-response Date: Wed, 08 Feb 2023 22:06:41 GMT Server: ECS (amb/6BC5) Content-Length: 279`

	ocsp.digicert.com/	93.184.220.29	200 OK	279
Search urlquery URL ocsp.digicert.com/ DOMAIN digicert.com FQDN ocsp.digicert.com IP 93.184.220.29 Hash 51ac0e9b354198152f7f87905af994ff External sources Mnemonic PDNS FQDN ocsp.digicert.com DOMAIN digicert.com IP 93.184.220.29 VirusTotal HASH 3ef2ed4be6fb2f89472b5f9632bb49898caae433 FQDN ocsp.digicert.com DOMAIN digicert.com IP 93.184.220.29 crt.sh FQDN ocsp.digicert.com DOMAIN digicert.com URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST Magic data Size 279 Hash 51ac0e9b354198152f7f87905af994ff 3ef2ed4be6fb2f89472b5f9632bb49898caae433 f15b01546de3f1e1212417b302abeb2c136a5e349a382db4d7ce920dcd74e46b HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Cache-Control: 'max-age=158059' Content-Type: application/ocsp-response Date: Wed, 08 Feb 2023 22:06:41 GMT Etag: "63e156eb-117" Server: ECS (amb/6B8D) Content-Length: 279`

	pinturaja.info/	104.21.23.137	200 OK	17270
Search urlquery URL pinturaja.info/ DOMAIN pinturaja.info FQDN pinturaja.info IP 104.21.23.137 Hash 034cc7eb9d17b99693bedd47a36736b6 External sources Mnemonic PDNS FQDN pinturaja.info DOMAIN pinturaja.info IP 104.21.23.137 VirusTotal HASH 5f56a5b81c09cb2c02b5880125abbf070f87b8be FQDN pinturaja.info DOMAIN pinturaja.info IP 104.21.23.137 crt.sh FQDN pinturaja.info DOMAIN pinturaja.info URL HTTP/2 pinturaja.info/ IP 104.21.23.137:0 ASN #13335 CLOUDFLARENET Magic HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (462), with CRLF, LF line terminators Size 17270 Hash 034cc7eb9d17b99693bedd47a36736b6 5f56a5b81c09cb2c02b5880125abbf070f87b8be 13437876ccea9d8ebe7bf7a2e25323d0ed41a6f977b2162916ec9ce4fb96eeb4 HTTP Headers `GET / HTTP/1.1 Host: pinturaja.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1` HTTP/2 200 OK date: Wed, 08 Feb 2023 22:06:41 GMT content-type: text/html; charset=UTF-8 x-frame-options: Deny x-content-type-options: nosniff expires: Thu, 19 Nov 1981 08:52:00 GMT cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma: no-cache vary: Accept-Encoding set-cookie: PHPSESSID=0ud18ip9sbh9o79bel7e0k8vp6; path=/ cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iCf7jlnth3ZdFNecCh2xz8jg6aq%2BwJPOgGutaGlLjb8X9kbTlYnEsPiebLGa8cs%2FZciwz3ZF1G3KZRtLeM3FRajCMd8p0hI%2FdaYZXOrXrhVX%2FO8RvN4%2Bq5xiXVhgw0CQjg%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7967ac800c50b524-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	ocsp.digicert.com/	93.184.220.29	200 OK	279
Search urlquery URL ocsp.digicert.com/ DOMAIN digicert.com FQDN ocsp.digicert.com IP 93.184.220.29 Hash 51ac0e9b354198152f7f87905af994ff External sources Mnemonic PDNS FQDN ocsp.digicert.com DOMAIN digicert.com IP 93.184.220.29 VirusTotal HASH 3ef2ed4be6fb2f89472b5f9632bb49898caae433 FQDN ocsp.digicert.com DOMAIN digicert.com IP 93.184.220.29 crt.sh FQDN ocsp.digicert.com DOMAIN digicert.com URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST Magic data Size 279 Hash 51ac0e9b354198152f7f87905af994ff 3ef2ed4be6fb2f89472b5f9632bb49898caae433 f15b01546de3f1e1212417b302abeb2c136a5e349a382db4d7ce920dcd74e46b HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Cache-Control: max-age=163836 Content-Type: application/ocsp-response Date: Wed, 08 Feb 2023 22:06:41 GMT Etag: "63e3f9ed-117" Expires: Fri, 10 Feb 2023 19:37:17 GMT Last-Modified: Wed, 08 Feb 2023 19:37:17 GMT Server: nginx Content-Length: 279`

	img.pay4d.info/pop/mobile-opus.jpg	104.19.136.75	200 OK	38952
Search urlquery URL img.pay4d.info/pop/mobile-opus.jpg DOMAIN pay4d.info FQDN img.pay4d.info IP 104.19.136.75 Hash e0f0398b008b54161488a24184c7b455 External sources Mnemonic PDNS FQDN img.pay4d.info DOMAIN pay4d.info IP 104.19.136.75 VirusTotal HASH a1c0f710df421e3b87ca8497185b870c82e8b7fe FQDN img.pay4d.info DOMAIN pay4d.info IP 104.19.136.75 crt.sh FQDN img.pay4d.info DOMAIN pay4d.info URL HTTP/2 img.pay4d.info/pop/mobile-opus.jpg IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET Magic RIFF (little-endian) data, Web/P image, VP8 encoding, 600x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size 38952 Hash e0f0398b008b54161488a24184c7b455 a1c0f710df421e3b87ca8497185b870c82e8b7fe b21cc98d601689089a2035d0b77f6c449699a5fe1cffb7b96b51e4873dcdcb60 HTTP Headers `GET /pop/mobile-opus.jpg HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://pinturaja.info/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 08 Feb 2023 22:06:41 GMT content-type: image/webp content-length: 38952 cf-bgj: imgq:85,h2pri cf-polished: qual=85, origFmt=jpeg, origSize=188136 content-disposition: inline; filename="mobile-opus.webp" last-modified: Wed, 01 Feb 2023 06:21:54 GMT vary: Accept cf-cache-status: HIT age: 7076 expires: Thu, 09 Feb 2023 00:06:41 GMT cache-control: public, max-age=7200 accept-ranges: bytes server: cloudflare cf-ray: 7967ac84cc9a0b69-OSL X-Firefox-Spdy: h2`

	img.pay4d.info/icon-kontak.png	104.19.136.75	200 OK	12922
Search urlquery URL img.pay4d.info/icon-kontak.png DOMAIN pay4d.info FQDN img.pay4d.info IP 104.19.136.75 Hash 03428e550c367a0b470f6fe70d6d55c0 External sources Mnemonic PDNS FQDN img.pay4d.info DOMAIN pay4d.info IP 104.19.136.75 VirusTotal HASH 80b591a03333d4bec9e5ab54a0c3f4c1ed45367e FQDN img.pay4d.info DOMAIN pay4d.info IP 104.19.136.75 crt.sh FQDN img.pay4d.info DOMAIN pay4d.info URL HTTP/2 img.pay4d.info/icon-kontak.png IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET Magic RIFF (little-endian) data, Web/P image\012- data Size 12922 Hash 03428e550c367a0b470f6fe70d6d55c0 80b591a03333d4bec9e5ab54a0c3f4c1ed45367e 277e7027c4afd477229e58b7a992d3c43ec2b1406693a3283a8d5a59ceb09b1a HTTP Headers `GET /icon-kontak.png HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://pinturaja.info/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 08 Feb 2023 22:06:41 GMT content-type: image/webp content-length: 12922 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=28713 content-disposition: inline; filename="icon-kontak.webp" last-modified: Fri, 13 Nov 2020 07:38:15 GMT vary: Accept cf-cache-status: HIT age: 7076 expires: Thu, 09 Feb 2023 00:06:41 GMT cache-control: public, max-age=7200 accept-ranges: bytes server: cloudflare cf-ray: 7967ac84cc990b69-OSL X-Firefox-Spdy: h2`

	img.pay4d.info/slot-prag.png	104.19.136.75	200 OK	1416
Search urlquery URL img.pay4d.info/slot-prag.png DOMAIN pay4d.info FQDN img.pay4d.info IP 104.19.136.75 Hash 8e7ecdf154298edbc92186de70734ff7 External sources Mnemonic PDNS FQDN img.pay4d.info DOMAIN pay4d.info IP 104.19.136.75 VirusTotal HASH 10402bf0a46147d1b1e6e41ded452c24faa6dce6 FQDN img.pay4d.info DOMAIN pay4d.info IP 104.19.136.75 crt.sh FQDN img.pay4d.info DOMAIN pay4d.info URL HTTP/2 img.pay4d.info/slot-prag.png IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET Magic RIFF (little-endian) data, Web/P image\012- data Size 1416 Hash 8e7ecdf154298edbc92186de70734ff7 10402bf0a46147d1b1e6e41ded452c24faa6dce6 b13a36e2d82b2cd019af41f40af642d37641573770e11980ecc12e2dce55d713 HTTP Headers `GET /slot-prag.png HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://pinturaja.info/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 08 Feb 2023 22:06:41 GMT content-type: image/webp content-length: 1416 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=5251 content-disposition: inline; filename="slot-prag.webp" last-modified: Wed, 18 Dec 2019 05:38:15 GMT vary: Accept cf-cache-status: HIT age: 4118 expires: Thu, 09 Feb 2023 00:06:41 GMT cache-control: public, max-age=7200 accept-ranges: bytes server: cloudflare cf-ray: 7967ac84dc9c0b69-OSL X-Firefox-Spdy: h2`

	img.pay4d.info/slot-mg.png	104.19.136.75	200 OK	1092
Search urlquery URL img.pay4d.info/slot-mg.png DOMAIN pay4d.info FQDN img.pay4d.info IP 104.19.136.75 Hash ab217824849c8bc2f05240458ef55574 External sources Mnemonic PDNS FQDN img.pay4d.info DOMAIN pay4d.info IP 104.19.136.75 VirusTotal HASH 06b015108c8fc22469d8e5a4c371e6d05c04b624 FQDN img.pay4d.info DOMAIN pay4d.info IP 104.19.136.75 crt.sh FQDN img.pay4d.info DOMAIN pay4d.info URL HTTP/2 img.pay4d.info/slot-mg.png IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET Magic RIFF (little-endian) data, Web/P image\012- data Size 1092 Hash ab217824849c8bc2f05240458ef55574 06b015108c8fc22469d8e5a4c371e6d05c04b624 326039e01fe95c632ec94f34f39b85e61715f2a5abcdb555d937ec140574aa72 HTTP Headers `GET /slot-mg.png HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://pinturaja.info/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 08 Feb 2023 22:06:41 GMT content-type: image/webp content-length: 1092 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=4064 content-disposition: inline; filename="slot-mg.webp" last-modified: Tue, 15 Mar 2022 06:24:42 GMT vary: Accept cf-cache-status: HIT age: 4117 expires: Thu, 09 Feb 2023 00:06:41 GMT cache-control: public, max-age=7200 accept-ranges: bytes server: cloudflare cf-ray: 7967ac84dca20b69-OSL X-Firefox-Spdy: h2`

	img.pay4d.info/slot-pg.png	104.19.136.75	200 OK	1740
Search urlquery URL img.pay4d.info/slot-pg.png DOMAIN pay4d.info FQDN img.pay4d.info IP 104.19.136.75 Hash 86ec152055228538f1a8f8943f179a97 External sources Mnemonic PDNS FQDN img.pay4d.info DOMAIN pay4d.info IP 104.19.136.75 VirusTotal HASH ef30830c693272695c7cf5f2ac12679c75a2db18 FQDN img.pay4d.info DOMAIN pay4d.info IP 104.19.136.75 crt.sh FQDN img.pay4d.info DOMAIN pay4d.info URL HTTP/2 img.pay4d.info/slot-pg.png IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET Magic RIFF (little-endian) data, Web/P image\012- data Size 1740 Hash 86ec152055228538f1a8f8943f179a97 ef30830c693272695c7cf5f2ac12679c75a2db18 a643c08a5d025958c4499731c62c3cc78663aa9c6bd2d567bbff38b4637b339b HTTP Headers `GET /slot-pg.png HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://pinturaja.info/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 08 Feb 2023 22:06:41 GMT content-type: image/webp content-length: 1740 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=5084 content-disposition: inline; filename="slot-pg.webp" last-modified: Tue, 08 Jun 2021 09:18:38 GMT vary: Accept cf-cache-status: HIT age: 4117 expires: Thu, 09 Feb 2023 00:06:41 GMT cache-control: public, max-age=7200 accept-ranges: bytes server: cloudflare cf-ray: 7967ac84dc9d0b69-OSL X-Firefox-Spdy: h2`

	img.pay4d.info/icon-promo.png	104.19.136.75	200 OK	15448
Search urlquery URL img.pay4d.info/icon-promo.png DOMAIN pay4d.info FQDN img.pay4d.info IP 104.19.136.75 Hash 11a8e2c003ba77a68232b9d691a26bec External sources Mnemonic PDNS FQDN img.pay4d.info DOMAIN pay4d.info IP 104.19.136.75 VirusTotal HASH 44a0551575e11d99ba5af824dffa53da30ae290c FQDN img.pay4d.info DOMAIN pay4d.info IP 104.19.136.75 crt.sh FQDN img.pay4d.info DOMAIN pay4d.info URL HTTP/2 img.pay4d.info/icon-promo.png IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET Magic RIFF (little-endian) data, Web/P image\012- data Size 15448 Hash 11a8e2c003ba77a68232b9d691a26bec 44a0551575e11d99ba5af824dffa53da30ae290c e5090f48858bf3a2ffc2caf8463340102846ca61ebeced2378f1749525e3be52 HTTP Headers `GET /icon-promo.png HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://pinturaja.info/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 08 Feb 2023 22:06:41 GMT content-type: image/webp content-length: 15448 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=35857 content-disposition: inline; filename="icon-promo.webp" last-modified: Fri, 13 Nov 2020 07:11:14 GMT vary: Accept cf-cache-status: HIT age: 7076 expires: Thu, 09 Feb 2023 00:06:41 GMT cache-control: public, max-age=7200 accept-ranges: bytes server: cloudflare cf-ray: 7967ac84cc980b69-OSL X-Firefox-Spdy: h2`

	img.pay4d.info/mobile-togel.png	104.19.136.75	200 OK	2816
Search urlquery URL img.pay4d.info/mobile-togel.png DOMAIN pay4d.info FQDN img.pay4d.info IP 104.19.136.75 Hash 24ee8246bf5b00f82e391b3de2c9530d External sources Mnemonic PDNS FQDN img.pay4d.info DOMAIN pay4d.info IP 104.19.136.75 VirusTotal HASH 44b86adefeab3260148aadfa367cf35c602b6761 FQDN img.pay4d.info DOMAIN pay4d.info IP 104.19.136.75 crt.sh FQDN img.pay4d.info DOMAIN pay4d.info URL HTTP/2 img.pay4d.info/mobile-togel.png IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET Magic RIFF (little-endian) data, Web/P image\012- data Size 2816 Hash 24ee8246bf5b00f82e391b3de2c9530d 44b86adefeab3260148aadfa367cf35c602b6761 04ea1ba435c65231d96bea3e735c0bc193beb05f7e921a354ef593dbfd7528fb HTTP Headers `GET /mobile-togel.png HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://pinturaja.info/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 08 Feb 2023 22:06:41 GMT content-type: image/webp content-length: 2816 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=6237 content-disposition: inline; filename="mobile-togel.webp" last-modified: Mon, 01 Feb 2021 07:21:49 GMT vary: Accept cf-cache-status: HIT age: 4120 expires: Thu, 09 Feb 2023 00:06:41 GMT cache-control: public, max-age=7200 accept-ranges: bytes server: cloudflare cf-ray: 7967ac84dca80b69-OSL X-Firefox-Spdy: h2`

	img.pay4d.info/slot-cq9.png	104.19.136.75	200 OK	1182
Search urlquery URL img.pay4d.info/slot-cq9.png DOMAIN pay4d.info FQDN img.pay4d.info IP 104.19.136.75 Hash c1a383f5c29c2a1abb0146f00f976edd External sources Mnemonic PDNS FQDN img.pay4d.info DOMAIN pay4d.info IP 104.19.136.75 VirusTotal HASH d044fc1b18c28a0129ef1ffbeba52166614d057e FQDN img.pay4d.info DOMAIN pay4d.info IP 104.19.136.75 crt.sh FQDN img.pay4d.info DOMAIN pay4d.info URL HTTP/2 img.pay4d.info/slot-cq9.png IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET Magic RIFF (little-endian) data, Web/P image\012- data Size 1182 Hash c1a383f5c29c2a1abb0146f00f976edd d044fc1b18c28a0129ef1ffbeba52166614d057e cef9e6fabf6bc11ddbe76f0abec0e0f7106ba78a0b5499c3c640d82c8a7d6701 HTTP Headers `GET /slot-cq9.png HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://pinturaja.info/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 08 Feb 2023 22:06:41 GMT content-type: image/webp content-length: 1182 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=4157 content-disposition: inline; filename="slot-cq9.webp" last-modified: Wed, 10 Nov 2021 17:01:06 GMT vary: Accept cf-cache-status: HIT age: 4117 expires: Thu, 09 Feb 2023 00:06:41 GMT cache-control: public, max-age=7200 accept-ranges: bytes server: cloudflare cf-ray: 7967ac84dca00b69-OSL X-Firefox-Spdy: h2`

	img.pay4d.info/live-pp.png	104.19.136.75	200 OK	1418
Search urlquery URL img.pay4d.info/live-pp.png DOMAIN pay4d.info FQDN img.pay4d.info IP 104.19.136.75 Hash 1f1aa38c5a91ca20b6bfdee9245eebc2 External sources Mnemonic PDNS FQDN img.pay4d.info DOMAIN pay4d.info IP 104.19.136.75 VirusTotal HASH 5f00a7a39257fc368e3fcaaf0b923f6a9fd49bcf FQDN img.pay4d.info DOMAIN pay4d.info IP 104.19.136.75 crt.sh FQDN img.pay4d.info DOMAIN pay4d.info URL HTTP/2 img.pay4d.info/live-pp.png IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET Magic RIFF (little-endian) data, Web/P image\012- data Size 1418 Hash 1f1aa38c5a91ca20b6bfdee9245eebc2 5f00a7a39257fc368e3fcaaf0b923f6a9fd49bcf 57d9d0b26be6a4ea6d8894ff8dab03ea2c4400155146d5380281f4a589966e65 HTTP Headers `GET /live-pp.png HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://pinturaja.info/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 08 Feb 2023 22:06:41 GMT content-type: image/webp content-length: 1418 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=7765 content-disposition: inline; filename="live-pp.webp" last-modified: Fri, 26 Jun 2020 07:51:40 GMT vary: Accept cf-cache-status: HIT age: 4116 expires: Thu, 09 Feb 2023 00:06:41 GMT cache-control: public, max-age=7200 accept-ranges: bytes server: cloudflare cf-ray: 7967ac84dca70b69-OSL X-Firefox-Spdy: h2`

	img.pay4d.info/mobile-casino.png	104.19.136.75	200 OK	3982
Search urlquery URL img.pay4d.info/mobile-casino.png DOMAIN pay4d.info FQDN img.pay4d.info IP 104.19.136.75 Hash a4ec13dedac773682a95ad0357c883d9 External sources Mnemonic PDNS FQDN img.pay4d.info DOMAIN pay4d.info IP 104.19.136.75 VirusTotal HASH ac08067b8b14c320590fd8e0d9f46fee95c98064 FQDN img.pay4d.info DOMAIN pay4d.info IP 104.19.136.75 crt.sh FQDN img.pay4d.info DOMAIN pay4d.info URL HTTP/2 img.pay4d.info/mobile-casino.png IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET Magic RIFF (little-endian) data, Web/P image\012- data Size 3982 Hash a4ec13dedac773682a95ad0357c883d9 ac08067b8b14c320590fd8e0d9f46fee95c98064 34d33f63decd18d046d7ce1eaa41df45fd546a36c020d1aa2460c68d4e382a05 HTTP Headers `GET /mobile-casino.png HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://pinturaja.info/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 08 Feb 2023 22:06:41 GMT content-type: image/webp content-length: 3982 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=8816 content-disposition: inline; filename="mobile-casino.webp" last-modified: Mon, 01 Feb 2021 07:21:49 GMT vary: Accept cf-cache-status: HIT age: 4120 expires: Thu, 09 Feb 2023 00:06:41 GMT cache-control: public, max-age=7200 accept-ranges: bytes server: cloudflare cf-ray: 7967ac84dcab0b69-OSL X-Firefox-Spdy: h2`

	cdn.jsdelivr.net/npm/bootstrap@3.4.1/dist/js/bootstrap.min.js	151.101.193.229	200 OK	10942
Search urlquery URL cdn.jsdelivr.net/npm/bootstrap@3.4.1/dist/js/bootstrap.min.js DOMAIN FQDN cdn.jsdelivr.net IP 151.101.193.229 Hash 3d7736f3e0093bfcece832c8a1dced40 External sources Mnemonic PDNS FQDN cdn.jsdelivr.net DOMAIN IP 151.101.193.229 VirusTotal HASH 4421527237d7cf60ab3a8605e131d90370d59f8e FQDN cdn.jsdelivr.net DOMAIN IP 151.101.193.229 crt.sh FQDN cdn.jsdelivr.net DOMAIN URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap@3.4.1/dist/js/bootstrap.min.js IP 151.101.193.229:0 ASN #54113 FASTLY Magic ASCII text, with very long lines (39553) Size 10942 Hash 3d7736f3e0093bfcece832c8a1dced40 4421527237d7cf60ab3a8605e131d90370d59f8e 9bfb0fe335300ad7521ccc87e8a1d7be601958e3a9b9f0ea8f98cc7fa3946e70 HTTP Headers `GET /npm/bootstrap@3.4.1/dist/js/bootstrap.min.js HTTP/1.1 Host: cdn.jsdelivr.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://pinturaja.info Connection: keep-alive Referer: https://pinturaja.info/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: * timing-allow-origin: * cache-control: public, max-age=31536000, s-maxage=31536000, immutable cross-origin-resource-policy: cross-origin x-content-type-options: nosniff strict-transport-security: max-age=31536000; includeSubDomains; preload content-type: application/javascript; charset=utf-8 x-jsd-version: 3.4.1 x-jsd-version-type: version etag: W/"9b00-sW/YImvWv7COVo8bHQoh1gJHzvs" content-encoding: gzip accept-ranges: bytes date: Wed, 08 Feb 2023 22:06:41 GMT age: 7403707 x-served-by: cache-fra-eddf8230083-FRA, cache-bma1651-BMA x-cache: HIT, HIT vary: Accept-Encoding alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length: 10942 X-Firefox-Spdy: h2

	img.pay4d.info/slot-jok.png	104.19.136.75	200 OK	2000
Search urlquery URL img.pay4d.info/slot-jok.png DOMAIN pay4d.info FQDN img.pay4d.info IP 104.19.136.75 Hash c3d6ce73337d8098402370b95ce184d6 External sources Mnemonic PDNS FQDN img.pay4d.info DOMAIN pay4d.info IP 104.19.136.75 VirusTotal HASH f82824809e6fc6b5bc0696c7dce5942ab17abac5 FQDN img.pay4d.info DOMAIN pay4d.info IP 104.19.136.75 crt.sh FQDN img.pay4d.info DOMAIN pay4d.info URL HTTP/2 img.pay4d.info/slot-jok.png IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET Magic RIFF (little-endian) data, Web/P image\012- data Size 2000 Hash c3d6ce73337d8098402370b95ce184d6 f82824809e6fc6b5bc0696c7dce5942ab17abac5 21cd86f323c17093d4d78ba1e98352a00c8459cb70d1135006cf1de90b0388b3 HTTP Headers `GET /slot-jok.png HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://pinturaja.info/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 08 Feb 2023 22:06:41 GMT content-type: image/webp content-length: 2000 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=7983 content-disposition: inline; filename="slot-jok.webp" last-modified: Wed, 18 Dec 2019 05:38:14 GMT vary: Accept cf-cache-status: HIT age: 4117 expires: Thu, 09 Feb 2023 00:06:41 GMT cache-control: public, max-age=7200 accept-ranges: bytes server: cloudflare cf-ray: 7967ac84dca40b69-OSL X-Firefox-Spdy: h2`

	img.pay4d.info/slot-hab.png	104.19.136.75	200 OK	1888
Search urlquery URL img.pay4d.info/slot-hab.png DOMAIN pay4d.info FQDN img.pay4d.info IP 104.19.136.75 Hash 158c1eeabbd166126f46035ec5e6d457 External sources Mnemonic PDNS FQDN img.pay4d.info DOMAIN pay4d.info IP 104.19.136.75 VirusTotal HASH 83fa7159d10da9989fc9853ee6f96ab57b065e83 FQDN img.pay4d.info DOMAIN pay4d.info IP 104.19.136.75 crt.sh FQDN img.pay4d.info DOMAIN pay4d.info URL HTTP/2 img.pay4d.info/slot-hab.png IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET Magic RIFF (little-endian) data, Web/P image\012- data Size 1888 Hash 158c1eeabbd166126f46035ec5e6d457 83fa7159d10da9989fc9853ee6f96ab57b065e83 11bd40a973e0e088856ced2e923bb0badeb4291c9ea0d11386d9a469817eeda0 HTTP Headers `GET /slot-hab.png HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://pinturaja.info/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 08 Feb 2023 22:06:41 GMT content-type: image/webp content-length: 1888 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=5768 content-disposition: inline; filename="slot-hab.webp" last-modified: Wed, 18 Dec 2019 05:38:14 GMT vary: Accept cf-cache-status: HIT age: 4117 expires: Thu, 09 Feb 2023 00:06:41 GMT cache-control: public, max-age=7200 accept-ranges: bytes server: cloudflare cf-ray: 7967ac84dc9f0b69-OSL X-Firefox-Spdy: h2`

	img.pay4d.info/slot-ttg.png	104.19.136.75	200 OK	356
Search urlquery URL img.pay4d.info/slot-ttg.png DOMAIN pay4d.info FQDN img.pay4d.info IP 104.19.136.75 Hash 3ce52bfdf47ac5aeec429c7d844f8309 External sources Mnemonic PDNS FQDN img.pay4d.info DOMAIN pay4d.info IP 104.19.136.75 VirusTotal HASH 20ecca3cdae26598825aca9d3180721585936d76 FQDN img.pay4d.info DOMAIN pay4d.info IP 104.19.136.75 crt.sh FQDN img.pay4d.info DOMAIN pay4d.info URL HTTP/2 img.pay4d.info/slot-ttg.png IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET Magic RIFF (little-endian) data, Web/P image\012- data Size 356 Hash 3ce52bfdf47ac5aeec429c7d844f8309 20ecca3cdae26598825aca9d3180721585936d76 574449c76cb20fb822d17cec93a25ed069371c78d8f6e9efb0daa4924a411a56 HTTP Headers `GET /slot-ttg.png HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://pinturaja.info/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 08 Feb 2023 22:06:41 GMT content-type: image/webp content-length: 356 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=2467 content-disposition: inline; filename="slot-ttg.webp" last-modified: Sat, 14 Mar 2020 09:33:42 GMT vary: Accept cf-cache-status: HIT age: 4117 expires: Thu, 09 Feb 2023 00:06:41 GMT cache-control: public, max-age=7200 accept-ranges: bytes server: cloudflare cf-ray: 7967ac84dca50b69-OSL X-Firefox-Spdy: h2`

	img.pay4d.info/mobile-sport.png	104.19.136.75	200 OK	2730
Search urlquery URL img.pay4d.info/mobile-sport.png DOMAIN pay4d.info FQDN img.pay4d.info IP 104.19.136.75 Hash 02a8a80face04e69f3bfa68f686f57bb External sources Mnemonic PDNS FQDN img.pay4d.info DOMAIN pay4d.info IP 104.19.136.75 VirusTotal HASH 61f8a41a95694c27a307199407af513dde0dc43e FQDN img.pay4d.info DOMAIN pay4d.info IP 104.19.136.75 crt.sh FQDN img.pay4d.info DOMAIN pay4d.info URL HTTP/2 img.pay4d.info/mobile-sport.png IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET Magic RIFF (little-endian) data, Web/P image\012- data Size 2730 Hash 02a8a80face04e69f3bfa68f686f57bb 61f8a41a95694c27a307199407af513dde0dc43e d9cd2cc3ba7a11673f072f321e83694c7da5979c0adda00e26de15d9a1f43797 HTTP Headers `GET /mobile-sport.png HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://pinturaja.info/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 08 Feb 2023 22:06:41 GMT content-type: image/webp content-length: 2730 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=6408 content-disposition: inline; filename="mobile-sport.webp" last-modified: Mon, 01 Feb 2021 07:21:49 GMT vary: Accept cf-cache-status: HIT age: 4120 expires: Thu, 09 Feb 2023 00:06:41 GMT cache-control: public, max-age=7200 accept-ranges: bytes server: cloudflare cf-ray: 7967ac84dcad0b69-OSL X-Firefox-Spdy: h2`

	img.pay4d.info/live-evo.png	104.19.136.75	200 OK	1224
Search urlquery URL img.pay4d.info/live-evo.png DOMAIN pay4d.info FQDN img.pay4d.info IP 104.19.136.75 Hash a27aeaaf4f87ea70e9d8f179dab9c1d6 External sources Mnemonic PDNS FQDN img.pay4d.info DOMAIN pay4d.info IP 104.19.136.75 VirusTotal HASH acd3b82f10cf00f0487ca7fe1e22ad662d4638fd FQDN img.pay4d.info DOMAIN pay4d.info IP 104.19.136.75 crt.sh FQDN img.pay4d.info DOMAIN pay4d.info URL HTTP/2 img.pay4d.info/live-evo.png IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET Magic RIFF (little-endian) data, Web/P image\012- data Size 1224 Hash a27aeaaf4f87ea70e9d8f179dab9c1d6 acd3b82f10cf00f0487ca7fe1e22ad662d4638fd 9d16857bece7fbf86f719af897f7a7036dd151d2fa4d31e2ae08f863e0dfe179 HTTP Headers `GET /live-evo.png HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://pinturaja.info/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 08 Feb 2023 22:06:41 GMT content-type: image/webp content-length: 1224 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=4930 content-disposition: inline; filename="live-evo.webp" last-modified: Sat, 24 Dec 2022 07:19:19 GMT vary: Accept cf-cache-status: HIT age: 4116 expires: Thu, 09 Feb 2023 00:06:41 GMT cache-control: public, max-age=7200 accept-ranges: bytes server: cloudflare cf-ray: 7967ac84dcae0b69-OSL X-Firefox-Spdy: h2`

	img.pay4d.info/live-ion.png	104.19.136.75	200 OK	2434
Search urlquery URL img.pay4d.info/live-ion.png DOMAIN pay4d.info FQDN img.pay4d.info IP 104.19.136.75 Hash 1a48e4a72414e5587b22eb4ac4ae959b External sources Mnemonic PDNS FQDN img.pay4d.info DOMAIN pay4d.info IP 104.19.136.75 VirusTotal HASH a3ac92a04917abab71a98503dcfff52be3af7cdb FQDN img.pay4d.info DOMAIN pay4d.info IP 104.19.136.75 crt.sh FQDN img.pay4d.info DOMAIN pay4d.info URL HTTP/2 img.pay4d.info/live-ion.png IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET Magic RIFF (little-endian) data, Web/P image\012- data Size 2434 Hash 1a48e4a72414e5587b22eb4ac4ae959b a3ac92a04917abab71a98503dcfff52be3af7cdb e48ccb777ed57ca1eee701da53a8fa2d85b64639d0b8210e3160678e1753b144 HTTP Headers `GET /live-ion.png HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://pinturaja.info/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 08 Feb 2023 22:06:41 GMT content-type: image/webp content-length: 2434 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=6674 content-disposition: inline; filename="live-ion.webp" last-modified: Fri, 26 Jun 2020 07:51:41 GMT vary: Accept cf-cache-status: HIT age: 4116 expires: Thu, 09 Feb 2023 00:06:41 GMT cache-control: public, max-age=7200 accept-ranges: bytes server: cloudflare cf-ray: 7967ac84dcb10b69-OSL X-Firefox-Spdy: h2`

	img.pay4d.info/live-mg.png	104.19.136.75	200 OK	1092
Search urlquery URL img.pay4d.info/live-mg.png DOMAIN pay4d.info FQDN img.pay4d.info IP 104.19.136.75 Hash ab217824849c8bc2f05240458ef55574 External sources Mnemonic PDNS FQDN img.pay4d.info DOMAIN pay4d.info IP 104.19.136.75 VirusTotal HASH 06b015108c8fc22469d8e5a4c371e6d05c04b624 FQDN img.pay4d.info DOMAIN pay4d.info IP 104.19.136.75 crt.sh FQDN img.pay4d.info DOMAIN pay4d.info URL HTTP/2 img.pay4d.info/live-mg.png IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET Magic RIFF (little-endian) data, Web/P image\012- data Size 1092 Hash ab217824849c8bc2f05240458ef55574 06b015108c8fc22469d8e5a4c371e6d05c04b624 326039e01fe95c632ec94f34f39b85e61715f2a5abcdb555d937ec140574aa72 HTTP Headers `GET /live-mg.png HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://pinturaja.info/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 08 Feb 2023 22:06:41 GMT content-type: image/webp content-length: 1092 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=4064 content-disposition: inline; filename="live-mg.webp" last-modified: Tue, 15 Mar 2022 06:24:43 GMT vary: Accept cf-cache-status: HIT age: 4116 expires: Thu, 09 Feb 2023 00:06:41 GMT cache-control: public, max-age=7200 accept-ranges: bytes server: cloudflare cf-ray: 7967ac84dcb30b69-OSL X-Firefox-Spdy: h2`

	img.pay4d.info/picright-b.jpg	104.19.136.75	200 OK	20622
Search urlquery URL img.pay4d.info/picright-b.jpg DOMAIN pay4d.info FQDN img.pay4d.info IP 104.19.136.75 Hash 11b3651cddd57d137ad1f9f632ca7360 External sources Mnemonic PDNS FQDN img.pay4d.info DOMAIN pay4d.info IP 104.19.136.75 VirusTotal HASH 7ac7d221ec9c1865dc06138b53fe870e6bccdb97 FQDN img.pay4d.info DOMAIN pay4d.info IP 104.19.136.75 crt.sh FQDN img.pay4d.info DOMAIN pay4d.info URL HTTP/2 img.pay4d.info/picright-b.jpg IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET Magic RIFF (little-endian) data, Web/P image, VP8 encoding, 404x194, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size 20622 Hash 11b3651cddd57d137ad1f9f632ca7360 7ac7d221ec9c1865dc06138b53fe870e6bccdb97 43c4b555f21c351bdd7b5953b63d93078c02def41fe3b333c85822aaca5bf5ef HTTP Headers `GET /picright-b.jpg HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://pinturaja.info/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 08 Feb 2023 22:06:41 GMT content-type: image/webp content-length: 20622 cf-bgj: imgq:85,h2pri cf-polished: qual=85, origFmt=jpeg, origSize=24384 content-disposition: inline; filename="picright-b.webp" last-modified: Fri, 04 Nov 2022 13:42:49 GMT vary: Accept cf-cache-status: HIT age: 7076 expires: Thu, 09 Feb 2023 00:06:41 GMT cache-control: public, max-age=7200 accept-ranges: bytes server: cloudflare cf-ray: 7967ac84cc960b69-OSL X-Firefox-Spdy: h2`

	img.pay4d.info/live-opus.png	104.19.136.75	200 OK	1330
Search urlquery URL img.pay4d.info/live-opus.png DOMAIN pay4d.info FQDN img.pay4d.info IP 104.19.136.75 Hash ff58f7baf1903414b9e121fa194c01a0 External sources Mnemonic PDNS FQDN img.pay4d.info DOMAIN pay4d.info IP 104.19.136.75 VirusTotal HASH 9686d2811e39d923e00d3573d187e84dda29fdba FQDN img.pay4d.info DOMAIN pay4d.info IP 104.19.136.75 crt.sh FQDN img.pay4d.info DOMAIN pay4d.info URL HTTP/2 img.pay4d.info/live-opus.png IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET Magic RIFF (little-endian) data, Web/P image\012- data Size 1330 Hash ff58f7baf1903414b9e121fa194c01a0 9686d2811e39d923e00d3573d187e84dda29fdba d68d2439ada8dcdb278433a33da32e2659f34ce90cc7c9023180bbd3dd92f54a HTTP Headers `GET /live-opus.png HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://pinturaja.info/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 08 Feb 2023 22:06:41 GMT content-type: image/webp content-length: 1330 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=4303 content-disposition: inline; filename="live-opus.webp" last-modified: Fri, 26 Aug 2022 10:55:33 GMT vary: Accept cf-cache-status: HIT age: 4116 expires: Thu, 09 Feb 2023 00:06:41 GMT cache-control: public, max-age=7200 accept-ranges: bytes server: cloudflare cf-ray: 7967ac84dcb40b69-OSL X-Firefox-Spdy: h2`

	code.jquery.com/jquery-3.6.0.min.js	69.16.175.10	200 OK	30875
Search urlquery URL code.jquery.com/jquery-3.6.0.min.js DOMAIN jquery.com FQDN code.jquery.com IP 69.16.175.10 Hash 899f0189aaf034bbba5340f724d91dfa External sources Mnemonic PDNS FQDN code.jquery.com DOMAIN jquery.com IP 69.16.175.10 VirusTotal HASH 210ea9de03968edb9d839ba4a0ce2d48666a8ab8 FQDN code.jquery.com DOMAIN jquery.com IP 69.16.175.10 crt.sh FQDN code.jquery.com DOMAIN jquery.com URL HTTP/2 code.jquery.com/jquery-3.6.0.min.js IP 69.16.175.10:0 ASN #20446 STACKPATH-CDN Magic ASCII text, with very long lines (65447) Size 30875 Hash 899f0189aaf034bbba5340f724d91dfa 210ea9de03968edb9d839ba4a0ce2d48666a8ab8 949b6597c5ea907a7ef3c8ca6d5ffc73be2352f9df485b78704e5c4dabac5d0f HTTP Headers `GET /jquery-3.6.0.min.js HTTP/1.1 Host: code.jquery.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://pinturaja.info Connection: keep-alive Referer: https://pinturaja.info/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK date: Wed, 08 Feb 2023 22:06:41 GMT content-encoding: gzip content-length: 30875 content-type: application/javascript; charset=utf-8 last-modified: Fri, 20 Aug 2021 17:47:53 GMT accept-ranges: bytes server: nginx etag: W/"611feac9-15d9d" cache-control: max-age=315360000, public access-control-allow-origin: * vary: Accept-Encoding x-hw: 1675894001.dop201.sk1.t,1675894001.cds220.sk1.hn,1675894001.cds210.sk1.c X-Firefox-Spdy: h2`

	img.pay4d.info/live-all.png	104.19.136.75	200 OK	2548
Search urlquery URL img.pay4d.info/live-all.png DOMAIN pay4d.info FQDN img.pay4d.info IP 104.19.136.75 Hash 80ab66e968b68828f745dbd67b94dfc8 External sources Mnemonic PDNS FQDN img.pay4d.info DOMAIN pay4d.info IP 104.19.136.75 VirusTotal HASH 18d70a225ba9f5c51d79d286178312966d339f76 FQDN img.pay4d.info DOMAIN pay4d.info IP 104.19.136.75 crt.sh FQDN img.pay4d.info DOMAIN pay4d.info URL HTTP/2 img.pay4d.info/live-all.png IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET Magic RIFF (little-endian) data, Web/P image\012- data Size 2548 Hash 80ab66e968b68828f745dbd67b94dfc8 18d70a225ba9f5c51d79d286178312966d339f76 bf207416b528a9c36145e5943266d17c909af991f3512d62636b85eb8232ab5f HTTP Headers `GET /live-all.png HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://pinturaja.info/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 08 Feb 2023 22:06:41 GMT content-type: image/webp content-length: 2548 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=9511 content-disposition: inline; filename="live-all.webp" last-modified: Mon, 07 Sep 2020 10:34:19 GMT vary: Accept cf-cache-status: HIT age: 4115 expires: Thu, 09 Feb 2023 00:06:41 GMT cache-control: public, max-age=7200 accept-ranges: bytes server: cloudflare cf-ray: 7967ac84dcb60b69-OSL X-Firefox-Spdy: h2`

	img.pay4d.info/sport-sbo.png	104.19.136.75	200 OK	916
Search urlquery URL img.pay4d.info/sport-sbo.png DOMAIN pay4d.info FQDN img.pay4d.info IP 104.19.136.75 Hash cae13d2cc7b31af8015e56b8fea2fc1e External sources

Report Overview

URL

IP

ASN

Submitted

Access

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (39)

#1 JS:Script (size: 74292)

#2 JS:Script (size: 427)

#3 JS:Script (size: 64)

#4 JS:Script (size: 151)

#5 JS:Script (size: 427)

#6 JS:Script (size: 304765)

#7 JS:Script (size: 2306)

#8 JS:Script (size: 334)

#9 JS:Script (size: 2123)

#10 JS:Script (size: 121)

#11 JS:Script (size: 77752)

#12 JS:Script (size: 196399)

#13 JS:Script (size: 28297)

#14 JS:Script (size: 22)

#15 JS:Script (size: 299)

#16 JS:Script (size: 15846)

#17 JS:Script (size: 11056)

#18 JS:Script (size: 426)

#19 JS:Script (size: 89501)

#20 JS:Script (size: 7068)

#21 JS:Script (size: 427)

#22 JS:Script (size: 426)

#23 JS:Script (size: 426)

#24 JS:Script (size: 426)

#25 JS:Script (size: 169)

#26 JS:Script (size: 39680)

#27 JS:Script (size: 490)

#28 JS:Script (size: 426)

#29 JS:Script (size: 942)

#30 JS:Script (size: 546)

#31 JS:Script (size: 16814)

#32 JS:Script (size: 815)

#33 JS:Script (size: 90)

#34 JS:Script (size: 211329)

#35 JS:Script (size: 10469)

#36 JS:Script (size: 9052)

#37 JS:Script (size: 427)

#38 JS:Script (size: 1672)

#39 JS:Script (size: 427)

HTTP Transactions (102)

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/1.1

IP