Report - free-leaks.com/s?dDfe

Report Overview

Visited public
2023-10-27 23:20:31
Tags
URL
free-leaks.com/s?dDfe
Finishing URL
locconn.com/s?dDfe
IP / ASN
172.67.175.150
#13335 CLOUDFLARENET
Title
Open Folder

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-10-27 19:02:29	932 B	203 kB	142.250.74.106
d3qgd3yzs41yp.cloudfront.net	unknown	unknown	No data	No data	412 B	84 kB	143.204.42.119
townrusisedprivat.info	unknown	unknown	No data	No data	927 B	1.8 kB	108.157.214.119
onasider.top	550880	2021-06-08	2021-06-12 07:30:56	2023-10-25 11:17:53	979 B	10 kB	104.21.23.212
free-leaks.com	unknown	2023-02-14	2012-06-29 00:28:54	2023-10-21 17:30:36	479 B	96 kB	104.21.75.122
locconn.com	unknown	2023-07-16	2023-07-16 11:57:04	2023-10-26 21:06:57	476 B	97 kB	104.21.0.190
ocsp.pki.goog	175	2016-06-13	2018-07-01 08:43:07	2023-10-27 18:12:03	1.3 kB	2.8 kB	142.250.74.131
d1wzdj81h1hubn.cloudfront.net	unknown	2008-04-25	2023-01-18 21:11:48	2023-10-25 01:54:47	983 B	201 kB	54.230.241.226
dfdgfruitie.xyz	unknown	2022-08-22	2022-12-12 12:59:22	2023-10-25 01:54:47	408 B	713 B	104.21.13.114
ivedmanyyea.org	unknown	2023-09-30	2023-10-22 10:32:03	2023-10-22 23:07:32	979 B	1.3 kB	104.21.11.156
pogothere.xyz	unknown	2022-08-22	2022-09-04 21:11:25	2023-10-27 18:14:43	834 B	105 kB	172.64.201.15
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-10-27 18:55:07	521 B	8.7 kB	216.58.207.227

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-10-27 23:20:16	medium	Client IP	Internal IP	ET DNS Query to a *.top domain - Likely Hostile

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (3)

	URL	From	Size	First Seen	Last Seen
	locconn.com/s?dDfe	ScriptElement	92 kB	2024-08-20	2024-08-20
Pretty URL locconn.com/s?dDfe IP 104.21.0.190 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 22:08 Last Seen2024-08-20 22:08 Times Seen1 Hash 23b6b8b81e1d64d4ca6315c6a8f970ee 5db542406aa67760ee9f8dae6e2a3d77294a6615 ddfb968d4a6c48383ae682c0195ed5233858ce7c028e01f8315a572ab29f5df7 Loading...

	dfdgfruitie.xyz/adserver/yzfdmoan.js	ScriptElement	0 B	0001-01-01	2025-05-02
Pretty URL dfdgfruitie.xyz/adserver/yzfdmoan.js IP 104.21.13.114 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen0001-01-01 00:00 Last Seen2025-05-02 04:11 Times Seen4593699 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	d3qgd3yzs41yp.cloudfront.net/?tid=997856	ScriptElement	211 kB	2023-10-28	2023-10-28
Pretty URL d3qgd3yzs41yp.cloudfront.net/?tid=997856 IP 143.204.42.119 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-28 01:20 Last Seen2023-10-28 01:20 Times Seen1 Hash 9c4af469b5ea70cd5b887f7a38c30092 9822dc5f8da36d0ed0d7e61d139fde4c2e419af2 f6c6faa1c064c6faa4046e585660c8351f0c4ee3f86185fb32c1e5832d67f2f0 Loading...

HTTP Transactions (20)

	URL	IP	Response	Size
	ocsp.pki.goog/gts1c3	142.250.74.131		471 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 5b5518a8650b774636e10a615a581152 1420bda99d344ae22b4230b3c6c2b117e9aa4d88 a222604e4f2444bd01ae4508adf9d7486c178aae63b445aab4b858cff28eb3ac HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 27 Oct 2023 23:20:14 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131		471 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 5b5518a8650b774636e10a615a581152 1420bda99d344ae22b4230b3c6c2b117e9aa4d88 a222604e4f2444bd01ae4508adf9d7486c178aae63b445aab4b858cff28eb3ac HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 27 Oct 2023 23:20:14 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	d1wzdj81h1hubn.cloudfront.net/062916a89534d01bd09af94dbf5f1ea7bafc2defef2a52d65172e33b095e536d.webp	54.230.241.226	200 OK	72 B
URL GET HTTP/2 d1wzdj81h1hubn.cloudfront.net/062916a89534d01bd09af94dbf5f1ea7bafc2defef2a52d65172e33b095e536d.webp IP 54.230.241.226:443 ASN #16509 AMAZON-02 Requested by https://locconn.com/s?dDfe Certificate IssuerAmazon Subject.cloudfront.net FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT File type RIFF (little-endian) data, Web/P image\012- data Size 72 B (72 bytes) Hash b47a94a8705fecc5fa4853c9f4cdfc1b 4bbc70c3f12127ffcdcc660403ced8c1768cad8d e56c717412477d45aa6f8efacd96e0a117bd90bc8dd519573a282b1e3d7bb67a HTTP Headers `GET /062916a89534d01bd09af94dbf5f1ea7bafc2defef2a52d65172e33b095e536d.webp HTTP/1.1 Host: d1wzdj81h1hubn.cloudfront.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://locconn.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK content-type: image/webp content-length: 72 last-modified: Wed, 18 Oct 2023 17:05:46 GMT x-amz-server-side-encryption: AES256 accept-ranges: bytes server: AmazonS3 date: Fri, 27 Oct 2023 00:48:33 GMT etag: "b47a94a8705fecc5fa4853c9f4cdfc1b" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 3bff78035f818b6a3185b0f5f4586410.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: KlZWweviiUEMCCQhnZwwUwmNHhYTht05TZckdM3J6_GsvmKbD7XwJA== age: 81103 X-Firefox-Spdy: h2`

	fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&display=swap	142.250.74.106	200 OK	201 kB
URL GET HTTP/2 fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&display=swap IP 142.250.74.106:443 ASN #15169 GOOGLE Requested by https://locconn.com/s?dDfe Certificate IssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint87:BD:C2:71:54:40:3F:F2:18:79:1A:89:F5:E9:BC:63:E5:EC:57:64 ValidityMon, 09 Oct 2023 08:10:33 GMT - Mon, 01 Jan 2024 08:10:32 GMT File type gzip compressed data, max compression\012- data Size 201 kB (200753 bytes) Hash f713f8c58387c90d27d1aa73a769c52c 56bf6e92d08143d0deb6d51a1069ab1562a393c7 d8e0999dd69d28e33e666322aa460657bf3e04f84633f732697efea3e9d4dbc3 HTTP Headers `GET /css2?family=Roboto:wght@100;300;400;500;700;900&display=swap HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://locconn.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Fri, 27 Oct 2023 23:20:14 GMT date: Fri, 27 Oct 2023 23:20:14 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	d1wzdj81h1hubn.cloudfront.net/c1fe525e53f330f989ca76681e61d5e5bbd45d4b5cb303ddbdd2443e69ed72af.png	54.230.241.226	200 OK	200 kB
URL GET HTTP/2 d1wzdj81h1hubn.cloudfront.net/c1fe525e53f330f989ca76681e61d5e5bbd45d4b5cb303ddbdd2443e69ed72af.png IP 54.230.241.226:443 ASN #16509 AMAZON-02 Requested by https://locconn.com/s?dDfe Certificate IssuerAmazon Subject.cloudfront.net FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT File type PNG image data, 1920 x 900, 8-bit/color RGB, non-interlaced\012- data Size 200 kB (199899 bytes) Hash 2b90504baca9f67a67dbe5678081a0fb 9f0f38a12ffe7af9959518e5de08c3adb8952fa3 55fef24f39b7b711421e0229b23a0625ede694bfe091f3ccc64f91cc4ad77f3d HTTP Headers `GET /c1fe525e53f330f989ca76681e61d5e5bbd45d4b5cb303ddbdd2443e69ed72af.png HTTP/1.1 Host: d1wzdj81h1hubn.cloudfront.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://locconn.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: image/png content-length: 199899 last-modified: Tue, 24 Oct 2023 19:29:54 GMT x-amz-server-side-encryption: AES256 accept-ranges: bytes server: AmazonS3 date: Fri, 27 Oct 2023 03:29:57 GMT etag: "2b90504baca9f67a67dbe5678081a0fb" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 3bff78035f818b6a3185b0f5f4586410.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: u_SIWJVQV1amkZjodu_CKMV4xMF2vww8M9--VIHrBLrtg9K41qHX3Q== age: 71419 X-Firefox-Spdy: h2

	dfdgfruitie.xyz/adserver/yzfdmoan.js	104.21.13.114	200 OK	0 B
URL GET HTTP/2 dfdgfruitie.xyz/adserver/yzfdmoan.js IP 104.21.13.114:443 ASN #13335 CLOUDFLARENET Requested by https://locconn.com/s?dDfe Certificate IssuerGoogle Trust Services LLC Subjectdfdgfruitie.xyz FingerprintE8:4B:C7:6B:06:D4:5C:DC:DF:8E:83:FE:9C:7E:80:35:D5:C9:98:48 ValidityWed, 04 Oct 2023 19:26:13 GMT - Tue, 02 Jan 2024 19:26:12 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /adserver/yzfdmoan.js HTTP/1.1 Host: dfdgfruitie.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://locconn.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Fri, 27 Oct 2023 23:20:15 GMT content-type: application/x-javascript content-length: 0 last-modified: Fri, 03 Feb 2023 19:26:28 GMT etag: "63dd5fe4-0" cache-control: max-age=14400 cf-cache-status: HIT age: 460 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ABkzaMjDKPHvwz5PAdwHkU9wdOxqFjlLbgtu%2B4%2F8oQN%2Fs0rOnuBlwypppE%2FTF74Txdxhw9NQ8WgLEq36gAMQwId2jsxuqCkLbsVIRt7giep%2BoPXFHN5doUmRepyhYEMWvv8%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 81ceab2738185684-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	d3qgd3yzs41yp.cloudfront.net/?tid=997856	143.204.42.119	200 OK	84 kB
URL GET HTTP/2 d3qgd3yzs41yp.cloudfront.net/?tid=997856 IP 143.204.42.119:443 ASN #16509 AMAZON-02 Requested by https://locconn.com/s?dDfe Certificate IssuerAmazon Subject.cloudfront.net FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT File type ASCII text, with very long lines (891) Size 84 kB (84011 bytes) Hash 9c4af469b5ea70cd5b887f7a38c30092 9822dc5f8da36d0ed0d7e61d139fde4c2e419af2 f6c6faa1c064c6faa4046e585660c8351f0c4ee3f86185fb32c1e5832d67f2f0 HTTP Headers `GET /?tid=997856 HTTP/1.1 Host: d3qgd3yzs41yp.cloudfront.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://locconn.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK content-length: 84011 date: Fri, 27 Oct 2023 23:20:15 GMT access-control-allow-origin: * cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform content-encoding: gzip pragma: no-cache x-cache: Miss from cloudfront via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: J8Y_tDy1JKPtaSMeFVU939wRIbTyN3NwF0UXYwLd6xpX3ACuIq1hvQ== X-Firefox-Spdy: h2`

	ivedmanyyea.org/cmEzTm1dXlA9UCgNXzoMCC9nLCsaAHEiWAI3ZX4qKlNfLDojOBU6BBZcCndaSlQFaB0bBQ59WFQSRy8ZBxIOf0sbD1UhUFQXDn5DR08BYFxUFA5/SwYRUilQQ0dDOhkeXAJ4VEpVB3ZVQ1cHeV0	104.21.11.156	204 No Content	0 B
URL GET HTTP/2 ivedmanyyea.org/cmEzTm1dXlA9UCgNXzoMCC9nLCsaAHEiWAI3ZX4qKlNfLDojOBU6BBZcCndaSlQFaB0bBQ59WFQSRy8ZBxIOf0sbD1UhUFQXDn5DR08BYFxUFA5/SwYRUilQQ0dDOhkeXAJ4VEpVB3ZVQ1cHeV0 IP 104.21.11.156:443 ASN #13335 CLOUDFLARENET Requested by https://locconn.com/s?dDfe Certificate IssuerLet's Encrypt Subjectivedmanyyea.org Fingerprint9A:EE:D6:C7:E9:FF:98:B7:22:B4:BF:FA:31:7D:B7:3A:56:51:AC:A5 ValiditySun, 22 Oct 2023 07:30:28 GMT - Sat, 20 Jan 2024 07:30:27 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /cmEzTm1dXlA9UCgNXzoMCC9nLCsaAHEiWAI3ZX4qKlNfLDojOBU6BBZcCndaSlQFaB0bBQ59WFQSRy8ZBxIOf0sbD1UhUFQXDn5DR08BYFxUFA5/SwYRUilQQ0dDOhkeXAJ4VEpVB3ZVQ1cHeV0 HTTP/1.1 Host: ivedmanyyea.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://locconn.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 204 No Content date: Fri, 27 Oct 2023 23:20:15 GMT access-control-allow-origin: * cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bo%2BBcQ%2BKG1fRbjBpbkrbNaAqNwX4YBAx3bwUkD%2F8h1YX%2BXYLywCUbCZkBhLSYHMPzDqEfIvLC2fsDZ8hNIbMG5grOyMMjh04dpjMOzj4%2FBD4HEKfTQBOevmSjd%2FLXq5mryo%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 81ceab2a2da6b4ed-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	townrusisedprivat.info/VnhMNXg3Gi9YRzdFLhMNJBRxEEoQXX5zHGUJK1FLLwI/AUkvCGJWFDkNKFMKORY4GxYzDGkHPhIZGwwtGDwrfjkSCB93AGY/AXQTFC0KXQsXKXllOgUcLmMQOisKWTphPDYNOwNLeW8xPDkfYTobNC1kKTM6HQFOAw8aZTs8CBR3Lj4yAmM6Ny4KQQEHPStyOhEUDmMfZjMBWUkBPA1BAQcuIGA5PAwDYCkDPAJnPR00fUVOFDp9VyBlAAF2Lj4zFgYhMi99DUwOLhVWPmU9C3Y6ECAVWAsZIBlFFjIQfVcgLyIPfS45DRZkKRQqfQxBEyk8bzsSVQptLSEiB28WHzMbY009Og1ZIg4WCXI7F0ALfxQQHQ5dHC46IgAhDhUZVDsTQC1UKQNeJkYXOAhxdxwVHhxjHxBIAVE	108.157.214.119	200 OK	1.2 kB
URL GET HTTP/2 townrusisedprivat.info/VnhMNXg3Gi9YRzdFLhMNJBRxEEoQXX5zHGUJK1FLLwI/AUkvCGJWFDkNKFMKORY4GxYzDGkHPhIZGwwtGDwrfjkSCB93AGY/AXQTFC0KXQsXKXllOgUcLmMQOisKWTphPDYNOwNLeW8xPDkfYTobNC1kKTM6HQFOAw8aZTs8CBR3Lj4yAmM6Ny4KQQEHPStyOhEUDmMfZjMBWUkBPA1BAQcuIGA5PAwDYCkDPAJnPR00fUVOFDp9VyBlAAF2Lj4zFgYhMi99DUwOLhVWPmU9C3Y6ECAVWAsZIBlFFjIQfVcgLyIPfS45DRZkKRQqfQxBEyk8bzsSVQptLSEiB28WHzMbY009Og1ZIg4WCXI7F0ALfxQQHQ5dHC46IgAhDhUZVDsTQC1UKQNeJkYXOAhxdxwVHhxjHxBIAVE IP 108.157.214.119:443 ASN #16509 AMAZON-02 Requested by https://locconn.com/s?dDfe Certificate IssuerAmazon Subjecttownrusisedprivat.info Fingerprint71:C6:FA:30:36:13:AF:25:A2:D9:0E:8D:1C:99:A3:26:2D:34:ED:D9 ValidityThu, 12 Oct 2023 00:00:00 GMT - Sat, 09 Nov 2024 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3016), with no line terminators Size 1.2 kB (1171 bytes) Hash 6adaeaa0073ced0a1e6c5aa3b6bed9fe b2468acad8fb4925e18040c48698f2ef1671924c c25e48723c6ff1193af769227f05812864dade5744fdd9eaaf4c5ddfa614c088 HTTP Headers GET /VnhMNXg3Gi9YRzdFLhMNJBRxEEoQXX5zHGUJK1FLLwI/AUkvCGJWFDkNKFMKORY4GxYzDGkHPhIZGwwtGDwrfjkSCB93AGY/AXQTFC0KXQsXKXllOgUcLmMQOisKWTphPDYNOwNLeW8xPDkfYTobNC1kKTM6HQFOAw8aZTs8CBR3Lj4yAmM6Ny4KQQEHPStyOhEUDmMfZjMBWUkBPA1BAQcuIGA5PAwDYCkDPAJnPR00fUVOFDp9VyBlAAF2Lj4zFgYhMi99DUwOLhVWPmU9C3Y6ECAVWAsZIBlFFjIQfVcgLyIPfS45DRZkKRQqfQxBEyk8bzsSVQptLSEiB28WHzMbY009Og1ZIg4WCXI7F0ALfxQQHQ5dHC46IgAhDhUZVDsTQC1UKQNeJkYXOAhxdxwVHhxjHxBIAVE HTTP/1.1 Host: townrusisedprivat.info User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://locconn.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK content-type: text/html content-length: 1171 date: Fri, 27 Oct 2023 23:20:15 GMT server: openresty/1.17.8.2 cache-control: no-store, no-cache, must-revalidate, no-transform pragma: no-cache p3p: CP="NID DSP ALL COR" content-encoding: gzip accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List x-cache: Miss from cloudfront via: 1.1 ab5e2ae728dfa6338273a7f7bcdc636c.cloudfront.net (CloudFront) x-amz-cf-pop: ARN56-P1 x-amz-cf-id: A_CkrpJDw8YI82UOtF3rGxXwmCZtsqjONsRFAo0kZI0yZiw6JvYErg== X-Firefox-Spdy: h2

	pogothere.xyz/asd100.bin	172.64.201.15	200 OK	103 kB
URL GET HTTP/2 pogothere.xyz/asd100.bin IP 172.64.201.15:443 ASN #13335 CLOUDFLARENET Requested by https://locconn.com/s?dDfe Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT File type data Size 103 kB (102903 bytes) Hash 7d20b0764dd9e423d6cc4e5a78b3c601 29df2f3eb881c530a566e547194ee3f55d9d1217 1d92d5ccb2d7aac09ef2cb6a81d95348023f20d6fd05aef122ffcbf46e7da0fa HTTP Headers `GET /asd100.bin HTTP/1.1 Host: pogothere.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://locconn.com/ Origin: https://locconn.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Fri, 27 Oct 2023 23:20:15 GMT content-type: binary/octet-stream access-control-allow-origin: https://locconn.com access-control-allow-credentials: true access-control-allow-methods: GET access-control-allow-headers: X-Requested-With, content-type cache-control: max-age=14400 cf-cache-status: HIT age: 4040 last-modified: Fri, 27 Oct 2023 22:12:55 GMT report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F9j1%2BC3UlacKDiKi5ZnI%2BNjKn3xfhebpwcnyn1Fg1AZwPB%2BSl8pss%2FMnKBSCRnUL1V%2FjZQ2coOSRXiOUG4McK3i76encqPgJD5bqRZIX2nDmOP%2B3uBibyIEy0pWut9MH"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 81ceab2b6f2b88ad-LHR alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	onasider.top/tc	104.21.23.212	200 OK	0 B
URL POST HTTP/2 onasider.top/tc IP 104.21.23.212:443 ASN #13335 CLOUDFLARENET Requested by https://locconn.com/s?dDfe Certificate IssuerLet's Encrypt Subjectonasider.top Fingerprint29:1E:BF:49:5C:63:2E:45:BF:52:43:BE:A9:EF:88:FF:46:A6:29:1F ValidityThu, 14 Sep 2023 08:13:30 GMT - Wed, 13 Dec 2023 08:13:29 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `OPTIONS /tc HTTP/1.1 Host: onasider.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://locconn.com/ Origin: https://locconn.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 204 No Content date: Fri, 27 Oct 2023 23:20:16 GMT set-cookie: ci=515893844017049; Max-Age=86400; Secure; SameSite=None access-control-allow-origin: https://locconn.com access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-methods: POST, GET, OPTIONS, HEAD access-control-allow-credentials: true cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ibyNwN7lXnjf2jo17zaV11SL%2BF%2Fq6wnz3V8zgX1Es%2F%2BSEbAQldrKhnBDUjXys%2B9%2BWkawX%2FVBMdWA3L7crpSaJly7LgTGYsBwjRjqlCgHHxQlThp1eGidOI9E95AJUck%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 81ceab2d29fdb517-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131		472 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash b6171b622e9f59a26be9ee77ccc24b9b dc82a2156684a22eb055c9f4eeb80b8e87e776a1 5484ebbfd19a496e2eba8bd96f320bbe7bc6c8810e1d8d307bf48b34d0ace5f5 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 27 Oct 2023 23:20:17 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	onasider.top/tc	104.21.23.212	200 OK	8.2 kB
URL POST HTTP/2 onasider.top/tc IP 104.21.23.212:443 ASN #13335 CLOUDFLARENET Requested by https://locconn.com/s?dDfe Certificate IssuerLet's Encrypt Subjectonasider.top Fingerprint29:1E:BF:49:5C:63:2E:45:BF:52:43:BE:A9:EF:88:FF:46:A6:29:1F ValidityThu, 14 Sep 2023 08:13:30 GMT - Wed, 13 Dec 2023 08:13:29 GMT File type JSON data\012- , ASCII text, with very long lines (531), with no line terminators Size 8.2 kB (8232 bytes) Hash 267740636bc69554b19c2a183aa91143 fecebebe0cdc6eb7a7b8d69903c1d69965b9af7e 4393652956b80736fb89cdb4f0872dea87774d2e8ef210c8a118e6f68c0e9b51 HTTP Headers `POST /tc HTTP/1.1 Host: onasider.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://locconn.com/ Content-Type: application/json Content-Length: 152 Origin: https://locconn.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 27 Oct 2023 23:20:16 GMT content-type: application/json set-cookie: ci=499184247586815; Max-Age=86400; Secure; SameSite=None access-control-allow-origin: https://locconn.com access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-methods: POST, GET, OPTIONS, HEAD access-control-allow-credentials: true cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=idKHt0MyNyMqfos93mAp%2F6tusQITouhLcXccpXJxpP0GhYDCTIX9TF%2BhQkwl%2B%2FYs%2Flf8F8cXgF06bmbyk1TvfRE4W2AeVwKxEMsiwj3L2gpz2xhYc2Jy%2B%2FPabz%2Bq%2Fxg%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 81ceab2ded64568e-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131		472 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash b6171b622e9f59a26be9ee77ccc24b9b dc82a2156684a22eb055c9f4eeb80b8e87e776a1 5484ebbfd19a496e2eba8bd96f320bbe7bc6c8810e1d8d307bf48b34d0ace5f5 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 27 Oct 2023 23:20:17 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	pogothere.xyz/	172.64.201.15	200 OK	27 B
URL GET HTTP/2 pogothere.xyz/ IP 172.64.201.15:443 ASN #13335 CLOUDFLARENET Requested by https://locconn.com/s?dDfe Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT File type ASCII text, with no line terminators Size 27 B (27 bytes) Hash 6d57626b69a1ae6755645d81f3e82124 80c645d95f43be3bf047c21bfbcc1c28693e63fd 4e1b93a4df8fdea803d4fc29ee5727a6dd2bc07f99b803d316496b89ae61e4e9 HTTP Headers `GET / HTTP/1.1 Host: pogothere.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://locconn.com/ Origin: https://locconn.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Fri, 27 Oct 2023 23:20:15 GMT content-type: text/plain set-cookie: csu=1032171566737846@1@1698448815; Max-Age=31104000; Secure; SameSite=None access-control-allow-origin: https://locconn.com access-control-allow-credentials: true access-control-allow-methods: GET access-control-allow-headers: X-Requested-With, content-type cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2F1UwEpn9MEPZyQZ2kZzKUQwEvQ1uCDt5BljEsV%2FE%2FvW564zG5GAFXEmUaDhapeMvnnq4RE6QWuTFPWC28NIt1xooJq2FM8oA6OGf%2F1kZ1WpLjfyq0xzzUQ7My6goRng"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 81ceab2b4f2788ad-LHR content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	free-leaks.com/s?dDfe	104.21.75.122	302 Found	96 kB
URL User Request GET HTTP/2 free-leaks.com/s?dDfe IP 104.21.75.122:443 ASN #13335 CLOUDFLARENET Certificate IssuerGoogle Trust Services LLC Subjectfree-leaks.com Fingerprint81:1A:D1:15:C3:DC:8F:38:0B:14:86:60:92:3E:99:66:2E:EE:54:8D ValiditySun, 08 Oct 2023 14:50:50 GMT - Sat, 06 Jan 2024 14:50:49 GMT File type Size 96 kB (95772 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /s?dDfe HTTP/1.1 Host: free-leaks.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 302 Found date: Fri, 27 Oct 2023 23:20:14 GMT content-type: text/html location: https://locconn.com/s?dDfe cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R3NJDf%2FODN7MfO8Nnxg6l5YpgIHBFH9o%2FIpVigEETRslkZgnCYIA0OL0FbTNa4AkKQV%2FCdSuTsEgGAnhj2qhB%2FEXZ66zGZklKowHEo5RczLTal7GFX7%2F8%2FXZA5VQ%2BJzNEA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 81ceab1fca7256b1-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	ivedmanyyea.org/popunder.gif	104.21.11.156	200 OK	35 B
URL GET HTTP/3 ivedmanyyea.org/popunder.gif IP 104.21.11.156:443 ASN #13335 CLOUDFLARENET Requested by https://locconn.com/s?dDfe Certificate IssuerLet's Encrypt Subjectivedmanyyea.org Fingerprint9A:EE:D6:C7:E9:FF:98:B7:22:B4:BF:FA:31:7D:B7:3A:56:51:AC:A5 ValiditySun, 22 Oct 2023 07:30:28 GMT - Sat, 20 Jan 2024 07:30:27 GMT File type GIF image data, version 89a, 1 x 1\012- data Size 35 B (35 bytes) Hash 28d6814f309ea289f847c69cf91194c6 0f4e929dd5bb2564f7ab9c76338e04e292a42ace 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 HTTP Headers `GET /popunder.gif HTTP/1.1 Host: ivedmanyyea.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://locconn.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 27 Oct 2023 23:20:16 GMT content-type: image/gif access-control-allow-origin: * pragma: public cache-control: public, max-age=604800, immutable cf-cache-status: HIT age: 35246 last-modified: Fri, 27 Oct 2023 13:32:50 GMT report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=que%2F1%2FxYCRz8Wi0zN1lGmhXubOMaZZSoUqbPZIlQxtoxmzeCKP46fCdvQMWeS5taHzeDnaNeQAgR%2FAINRN8PpqQJqpAv%2FRi5hkrWXtRLMATDKO4i4HdcpJy2pc49XIa1JZQ%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 81ceab2c5ca0568e-OSL alt-svc: h3=":443"; ma=86400

	locconn.com/s?dDfe	104.21.0.190	200 OK	96 kB
URL User Request GET HTTP/2 locconn.com/s?dDfe IP 104.21.0.190:443 ASN #13335 CLOUDFLARENET Certificate IssuerGoogle Trust Services LLC Subject.locconn.com FingerprintAE:8B:81:E3:9E:45:47:79:40:1A:01:C6:13:98:6E:7C:54:15:53:01 ValidityWed, 13 Sep 2023 08:33:25 GMT - Tue, 12 Dec 2023 08:33:24 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (60902) Size 96 kB (95772 bytes) Hash 372bf202185189e2b4cbe3bc6f6ca7c3 fb33ad98bd870d4fe8adefd6ff205110a50cfc6b 8731a0900ba59621f31e980c640aa979962157e1520af80b93e9462cddf0265b HTTP Headers `GET /s?dDfe HTTP/1.1 Host: locconn.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Fri, 27 Oct 2023 23:20:14 GMT content-type: text/html access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-methods: POST, GET, OPTIONS, HEAD access-control-allow-credentials: true cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zXez475pLf8yLhwfkeHQk%2Bj4abilp%2FbCWuhRu5qYUCtrfgexytsZq57fxyLfuihOODl%2B%2F2hDaTfkXlYwxwSlC5CsoPLf0XC7Id7EdRoWFAZuOxeLD2S%2F%2Bz5T%2FitArA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 81ceab219842b4ff-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	fonts.googleapis.com/css?family=Poppins:wght@300;400;500;600;700&display=swap	142.250.74.106	200 OK	1.1 kB
URL GET HTTP/3 fonts.googleapis.com/css?family=Poppins:wght@300;400;500;600;700&display=swap IP 142.250.74.106:443 ASN #15169 GOOGLE Requested by https://locconn.com/s?dDfe Certificate IssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint87:BD:C2:71:54:40:3F:F2:18:79:1A:89:F5:E9:BC:63:E5:EC:57:64 ValidityMon, 09 Oct 2023 08:10:33 GMT - Mon, 01 Jan 2024 08:10:32 GMT File type ASCII text, with very long lines (1136), with no line terminators Size 1.1 kB (1109 bytes) Hash 20537057ea6c73337cdc77b139767f3c 353181e25b8bac755eca2151f3aeeb093758e0e0 459da25a87017ee1cad7c7006d94df13abc39aee2e69f38cde9042823188bd78 HTTP Headers `GET /css?family=Poppins:wght@300;400;500;600;700&display=swap HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://locconn.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Fri, 27 Oct 2023 23:20:16 GMT date: Fri, 27 Oct 2023 23:20:16 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2	216.58.207.227	200 OK	7.9 kB
URL GET HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 IP 216.58.207.227:443 ASN #15169 GOOGLE Requested by https://locconn.com/s?dDfe Certificate IssuerGoogle Trust Services LLC Subject.gstatic.com FingerprintBE:D3:D2:0A:C4:57:FB:0B:D7:17:48:C8:AB:52:49:39:3E:E9:3C:60 ValidityMon, 09 Oct 2023 08:10:32 GMT - Mon, 01 Jan 2024 08:10:31 GMT File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data Size 7.9 kB (7884 bytes) Hash 9212f6f9860f9fc6c69b02fedf6db8c3 ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f HTTP Headers GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://locconn.com DNT: 1 Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 7884 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 26 Oct 2023 15:18:26 GMT expires: Fri, 25 Oct 2024 15:18:26 GMT cache-control: public, max-age=31536000 age: 115311 last-modified: Wed, 27 Apr 2022 17:03:52 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (3)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (20)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by