| | 63.250.43.147 | 200 OK | 39 kB |
URL User Request GET HTTP/1.1IP63.250.43.147:80
File typeHTML document, Unicode text, UTF-8 text, with very long lines (9462), with CRLF, LF line terminators Hash1be47b5cd5e77ffd57de4f1398701f00 995a0a96c6286589db49c1863fc9b89a7b389789 8b8f880719a5ead8a14f9efc6fb86b33a5a9e2ee8e90d8c6d2f014d096b1841c
GET / HTTP/1.1
Host: janrean.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: nginx
date: Thu, 25 Apr 2024 19:07:37 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <http://janrean.store/wp-json/>; rel="https://api.w.org/", <http://janrean.store/wp-json/wp/v2/pages/5>; rel="alternate"; type="application/json", <http://janrean.store/>; rel=shortlink
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: public
referrer-policy: strict-origin-when-cross-origin
content-encoding: gzip
x-cacheable: YES
age: 29589
accept-ranges: bytes
x-cache: HIT
content-length: 39426
|
|
| janrean.store/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 | 63.250.43.147 | 200 OK | 30 kB |
URL GET HTTP/1.1janrean.store/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 IP63.250.43.147:80
File typeJavaScript source, ASCII text, with very long lines (65447) Hash826eb77e86b02ab7724fe3d0141ff87c 79cd3587d565afe290076a8d36c31c305a573d18 cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1
Host: janrean.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://janrean.store/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: nginx
date: Thu, 25 Apr 2024 18:22:29 GMT
content-type: application/javascript
last-modified: Mon, 28 Aug 2023 17:14:23 GMT
vary: Accept-Encoding
etag: W/"64ecd5ef-15601"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 32298
accept-ranges: bytes
x-cache: HIT
content-length: 30419
|
|
| waust.at/d.js | 104.26.4.7 | 200 OK | 7.6 kB |
IP104.26.4.7:80
File typeJavaScript source, ASCII text, with very long lines (14706), with no line terminators Hash38cdedd658fa41770f607c0b117c1f82 3f3c9c6c330ab649e27ec56a8d852e9d41b0edf4 951feaddb6ad45bcc58fee7033004366978150e8f2927692781c3e2755c7c15c
GET /d.js HTTP/1.1
Host: waust.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://janrean.store/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 03:20:47 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Thu, 12 Jan 2023 17:19:36 GMT
etag: W/"63c04128-3972"
expires: Sat, 27 Apr 2024 03:20:47 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: gzip
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e67Ehm3GwGKaawiWB8ni%2FtLno9TXKBx1XMbO39rGsdThSp7NHHysZ37XjdcYxzQiqrnMZLZgCHbEMp3tEjXAa6SI%2FV%2BvRl%2BTToKScWgW4Gl3UADvVit%2Brtqe"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87a370625c635697-OSL
alt-svc: h2=":443"; ma=60
|
|
| janrean.store/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 | 63.250.43.147 | 200 OK | 4.9 kB |
URL GET HTTP/1.1janrean.store/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 IP63.250.43.147:80
File typeJavaScript source, ASCII text, with very long lines (13479) Hash9ffeb32e2d9efbf8f70caabded242267 3ad0c10e501ac2a9bfa18f9cd7e700219b378738 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1
Host: janrean.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://janrean.store/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: nginx
date: Thu, 25 Apr 2024 18:22:29 GMT
content-type: application/javascript
last-modified: Fri, 09 Jun 2023 05:49:24 GMT
vary: Accept-Encoding
etag: W/"6482bd64-3509"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 32298
accept-ranges: bytes
x-cache: HIT
content-length: 4872
|
|
| janrean.store/wp-content/themes/hitmag/js/navigation.js?ver=20151215 | 63.250.43.147 | 200 OK | 1.4 kB |
URL GET HTTP/1.1janrean.store/wp-content/themes/hitmag/js/navigation.js?ver=20151215 IP63.250.43.147:80
File typeJavaScript source, ASCII text Hashf5d9d209852795da2a237895e87f2d72 521c90e7aa1c335bc5df2120a144ab800bac1644 ccabeb2cb5391e2956a1866ea45523a82f4117cbfc70e46b2aac5aaa6d3d359a
GET /wp-content/themes/hitmag/js/navigation.js?ver=20151215 HTTP/1.1
Host: janrean.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://janrean.store/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: nginx
date: Thu, 25 Apr 2024 18:22:30 GMT
content-type: application/javascript
last-modified: Thu, 18 Apr 2024 07:58:32 GMT
vary: Accept-Encoding
etag: W/"6620d2a8-f05"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 32297
accept-ranges: bytes
x-cache: HIT
content-length: 1356
|
|
| janrean.store/wp-content/themes/hitmag/js/skip-link-focus-fix.js?ver=20151215 | 63.250.43.147 | 200 OK | 416 B |
URL GET HTTP/1.1janrean.store/wp-content/themes/hitmag/js/skip-link-focus-fix.js?ver=20151215 IP63.250.43.147:80
File typeJavaScript source, ASCII text Hash75abd4cd8807b312f9f7faeb77ee774b e7b7a7ed06d0123ab8667a1d1eeb23de9f2bece7 ca424c0181141900220a19f998ffa7660380bc99ab99557ad458a083251f7034
GET /wp-content/themes/hitmag/js/skip-link-focus-fix.js?ver=20151215 HTTP/1.1
Host: janrean.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://janrean.store/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: nginx
date: Thu, 25 Apr 2024 18:22:31 GMT
content-type: application/javascript
last-modified: Thu, 18 Apr 2024 07:58:32 GMT
vary: Accept-Encoding
etag: W/"6620d2a8-2ab"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 32296
accept-ranges: bytes
x-cache: HIT
content-length: 416
|
|
| janrean.store/wp-content/themes/hitmag/js/scripts.js?ver=1.3.8 | 63.250.43.147 | 200 OK | 747 B |
URL GET HTTP/1.1janrean.store/wp-content/themes/hitmag/js/scripts.js?ver=1.3.8 IP63.250.43.147:80
File typeJavaScript source, ASCII text, with CRLF line terminators Hashecd38109e66a9585ef36104f99e16bfa 9bab8fd305f8ac47a5bd530c88f9760042489cde 215c0fae44ee1668bfaa892d62dbc7974b9bffd8d51b53ded1d1b786292b3f3a
GET /wp-content/themes/hitmag/js/scripts.js?ver=1.3.8 HTTP/1.1
Host: janrean.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://janrean.store/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: nginx
date: Thu, 25 Apr 2024 18:22:31 GMT
content-type: application/javascript
last-modified: Thu, 18 Apr 2024 07:58:32 GMT
vary: Accept-Encoding
etag: W/"6620d2a8-a9c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 32296
accept-ranges: bytes
x-cache: HIT
content-length: 747
|
|
| janrean.store/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 | 63.250.43.147 | 200 OK | 7.1 kB |
URL GET HTTP/1.1janrean.store/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 IP63.250.43.147:80
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (8189) Hashc4e68a0f3463c0bd3c39eab38815e881 0ce58644e9f3c5063a11453ff287c5ec096465a7 ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: janrean.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://janrean.store/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: nginx
date: Thu, 25 Apr 2024 18:22:31 GMT
content-type: application/javascript
last-modified: Thu, 02 Feb 2023 16:36:32 GMT
vary: Accept-Encoding
etag: W/"63dbe690-53be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 32296
accept-ranges: bytes
x-cache: HIT
content-length: 7099
|
|
| janrean.store/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.2 | 63.250.43.147 | 200 OK | 3.9 kB |
URL GET HTTP/1.1janrean.store/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.2 IP63.250.43.147:80
File typeJavaScript source, ASCII text, with very long lines (11760) Hash88407dc30b83ffa7dd834fe4a35307b7 857a3a007e5ea8d88123bb47019606618e19eb77 6a0d53f68e013dac42a52a5264c5d28a12a06b6bc7cc1d63bc2d385558bd2dd7
GET /wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.2 HTTP/1.1
Host: janrean.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://janrean.store/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: nginx
date: Thu, 25 Apr 2024 18:22:31 GMT
content-type: application/javascript
last-modified: Mon, 19 Sep 2022 18:04:09 GMT
vary: Accept-Encoding
etag: W/"6328af19-2ea1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 32296
accept-ranges: bytes
x-cache: HIT
content-length: 3915
|
|
| janrean.store/wp-content/themes/hitmag/css/fonts.css | 63.250.43.147 | 200 OK | 457 B |
URL GET HTTP/1.1janrean.store/wp-content/themes/hitmag/css/fonts.css IP63.250.43.147:80
Hash53d02c162fa5e84278412d531f30d309 0d15e703464ccda2a90951c7b32633382c755365 439b33bd346fde1a965eaad8991a786bc771daa5c5a6dcf0b8a1d1fa1494f4f8
GET /wp-content/themes/hitmag/css/fonts.css HTTP/1.1
Host: janrean.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://janrean.store/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: nginx
date: Thu, 25 Apr 2024 18:22:29 GMT
content-type: text/css
last-modified: Thu, 18 Apr 2024 07:58:32 GMT
vary: Accept-Encoding
etag: W/"6620d2a8-e02"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 32298
accept-ranges: bytes
x-cache: HIT
content-length: 457
|
|
| janrean.store/wp-content/themes/hitmag/js/swiper-bundle.min.js?ver=11.0.5 | 63.250.43.147 | 200 OK | 41 kB |
URL GET HTTP/1.1janrean.store/wp-content/themes/hitmag/js/swiper-bundle.min.js?ver=11.0.5 IP63.250.43.147:80
File typeJavaScript source, ASCII text, with very long lines (65278) Hash1aba3b60641d8dc579dca329a28d74d8 1a54fa817a49108dfdf2e75ce2ae507f007ac2bd 6942f0873b6a7108e18a983b4192ad469011a8131317f88161d6f0917058da22
GET /wp-content/themes/hitmag/js/swiper-bundle.min.js?ver=11.0.5 HTTP/1.1
Host: janrean.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://janrean.store/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: nginx
date: Thu, 25 Apr 2024 19:07:37 GMT
content-type: application/javascript
last-modified: Thu, 18 Apr 2024 07:58:32 GMT
vary: Accept-Encoding
etag: W/"6620d2a8-243f7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 29590
accept-ranges: bytes
x-cache: HIT
content-length: 41220
|
|
| janrean.store/wp-content/themes/hitmag/style.css?ver=1.3.8 | 63.250.43.147 | 200 OK | 13 kB |
URL GET HTTP/1.1janrean.store/wp-content/themes/hitmag/style.css?ver=1.3.8 IP63.250.43.147:80
File typeASCII text, with very long lines (659) Hashb1a9952107f8a9b31a33bf45def93f76 9f9c65878b846eba015650dcda887e0b276392d7 da3a8a91709236fa91e72649a3575c047088707f2429d43474611d0f08497a8a
GET /wp-content/themes/hitmag/style.css?ver=1.3.8 HTTP/1.1
Host: janrean.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://janrean.store/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: nginx
date: Thu, 25 Apr 2024 18:22:29 GMT
content-type: text/css
last-modified: Thu, 18 Apr 2024 07:58:32 GMT
vary: Accept-Encoding
etag: W/"6620d2a8-1183f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 32298
accept-ranges: bytes
x-cache: HIT
content-length: 13086
|
|
| pl22909671.highcpmgate.com/94/a4/32/94a432e0f0abe7b6156530170c6a8b38.js | 172.240.108.68 | 200 OK | 16 kB |
URL GET HTTP/1.1pl22909671.highcpmgate.com/94/a4/32/94a432e0f0abe7b6156530170c6a8b38.js IP172.240.108.68:80
File typeJavaScript source, ASCII text, with very long lines (44063), with no line terminators Hash0ecf3cf838bc8ae3fa14bdff6edabcad 115fc0e8923d1f3923246fee3e4c55a45c04239c 551f25de2de0ca6e14f216add18cbe200945c71ef7dfd88f580361fea27e4aca
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /94/a4/32/94a432e0f0abe7b6156530170c6a8b38.js HTTP/1.1
Host: pl22909671.highcpmgate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://janrean.store/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 03:20:48 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ea4aeeb7de71a56fac32ff285121a406
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| janrean.store/wp-content/themes/hitmag/css/swiper-bundle.min.css?ver=11.0.5 | 63.250.43.147 | 200 OK | 1.9 kB |
URL GET HTTP/1.1janrean.store/wp-content/themes/hitmag/css/swiper-bundle.min.css?ver=11.0.5 IP63.250.43.147:80
File typeASCII text, with very long lines (7001) Hash825008e0eca498e103120eea032c6f9a 2a4562519361c1857c9ef9e356945cdcf6a0ea79 507517de78a228b0daa6cb64d059cefa54aba49647b7715a451295a70b7868ad
GET /wp-content/themes/hitmag/css/swiper-bundle.min.css?ver=11.0.5 HTTP/1.1
Host: janrean.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://janrean.store/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: nginx
date: Thu, 25 Apr 2024 19:07:37 GMT
content-type: text/css
last-modified: Thu, 18 Apr 2024 07:58:32 GMT
vary: Accept-Encoding
etag: W/"6620d2a8-1c56"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 29590
accept-ranges: bytes
x-cache: HIT
content-length: 1874
|
|
| janrean.store/wp-includes/css/dist/block-library/style.min.css?ver=6.5.2 | 63.250.43.147 | 200 OK | 15 kB |
URL GET HTTP/1.1janrean.store/wp-includes/css/dist/block-library/style.min.css?ver=6.5.2 IP63.250.43.147:80
File typeASCII text, with very long lines (59701) Hash51a8390b47aa0582cf2d9c96c5addee2 b16a640874025d085c38119a1a02a3460f83f2de 98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.5.2 HTTP/1.1
Host: janrean.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://janrean.store/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: nginx
date: Thu, 25 Apr 2024 18:22:28 GMT
content-type: text/css
last-modified: Tue, 27 Feb 2024 14:48:23 GMT
vary: Accept-Encoding
etag: W/"65ddf637-1bae5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 32299
accept-ranges: bytes
x-cache: HIT
content-length: 14991
|
|
| janrean.store/wp-content/themes/hitmag/css/all.min.css?ver=6.5.1 | 63.250.43.147 | 200 OK | 22 kB |
URL GET HTTP/1.1janrean.store/wp-content/themes/hitmag/css/all.min.css?ver=6.5.1 IP63.250.43.147:80
File typeASCII text, with very long lines (52276) Hashfbe604525dc7a004d505396511f906bd fa63685b75e0fbbe4b4e37534b9d57ad7c912370 2c051374591f7c373d512e10ab5538d9fdd17efeb861d7756933ad5b73ccab9f
GET /wp-content/themes/hitmag/css/all.min.css?ver=6.5.1 HTTP/1.1
Host: janrean.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://janrean.store/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: nginx
date: Thu, 25 Apr 2024 18:22:29 GMT
content-type: text/css
last-modified: Thu, 18 Apr 2024 07:58:32 GMT
vary: Accept-Encoding
etag: W/"6620d2a8-190b5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 32298
accept-ranges: bytes
x-cache: HIT
content-length: 22520
|
|
| downstairsnegotiatebarren.com/sfp.js | 188.114.96.1 | 200 OK | 167 B |
URL GET HTTP/2downstairsnegotiatebarren.com/sfp.js IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint2C:6A:E1:8E:26:5B:1D:8B:86:CB:C1:72:4E:52:4B:8B:67:3A:D2:44 ValidityMon, 04 Mar 2024 21:53:07 GMT - Sun, 02 Jun 2024 21:53:06 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash0104c301c5e02bd6148b8703d19b3a73 7436e0b4b1f8c222c38069890b75fa2baf9ca620 446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://janrean.store/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Fri, 26 Apr 2024 03:20:48 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 26 Apr 2024 04:20:48 GMT
Location: https://downstairsnegotiatebarren.com/sfp.js
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AqowKqvF9Q9aT6z9h4vWBIqq0O4e4vgaj1MEUxrt3coPl%2FI5Sma%2Ft26seiKAc0eMBmyFsT6GiGGvFeKeZNq8F9JEuhSF5IItXrGtM2mg7A1djQzlasou1gc0KqYzUlOLnnRLa7hmd22QUAj5N9KGXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87a370670fe756a9-OSL
alt-svc: h2=":443"; ma=60
|
|
| janrean.store/wp-content/themes/hitmag/images/slide.jpg | 63.250.43.147 | 200 OK | 23 kB |
URL GET HTTP/1.1janrean.store/wp-content/themes/hitmag/images/slide.jpg IP63.250.43.147:80
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2017:06:10 12:43:41], progressive, precision 8, 735x400, components 3 Hashac800c479264e1f09087d13e0ee84708 dafefff032dd4004a07388ce8a0e30f93502e058 567b87d3da8e3a13ad5317dff294ed4f66d6e7a274ba5e48bcfe0d3b239ba762
GET /wp-content/themes/hitmag/images/slide.jpg HTTP/1.1
Host: janrean.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://janrean.store/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: nginx
date: Thu, 25 Apr 2024 19:07:37 GMT
content-type: image/jpeg
content-length: 23120
last-modified: Thu, 18 Apr 2024 07:58:32 GMT
etag: "6620d2a8-5a50"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 29590
accept-ranges: bytes
x-cache: HIT
|
|
| janrean.store/wp-content/themes/hitmag/images/slide-thumb.jpg | 63.250.43.147 | 200 OK | 19 kB |
URL GET HTTP/1.1janrean.store/wp-content/themes/hitmag/images/slide-thumb.jpg IP63.250.43.147:80
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2017:06:10 12:46:26], progressive, precision 8, 135x93, components 3 Hash74e75c62b7bbd9c70e4be2d1a7eb32f6 f305cd177faeeb3247fb513703b1eab3bfd942e6 862dafe7d91440706d0cad7f43e08eb8bb65bcd96c570885e85a2a025f9dbf85
GET /wp-content/themes/hitmag/images/slide-thumb.jpg HTTP/1.1
Host: janrean.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://janrean.store/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: nginx
date: Thu, 25 Apr 2024 19:07:38 GMT
content-type: image/jpeg
content-length: 19003
last-modified: Thu, 18 Apr 2024 07:58:32 GMT
etag: "6620d2a8-4a3b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 29590
accept-ranges: bytes
x-cache: HIT
|
|
| proftrafficcounter.com/stats | 18.185.247.192 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP18.185.247.192:443
CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hashf73240a9180ac7f44c2783bae9851ba3 91dbf6a932adbdc381c5d3e80df889d49cad142e 324886b43dfaf3f4963eccb2d23cc6f738eb3e7cc2bd0502c6a38281f6e95010
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://janrean.store/
Origin: http://janrean.store
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 03:20:48 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://janrean.store
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=a323309a-963b-41c9-92f0-69b40ad8eea3:2:1; expires=Mon, 24 Apr 2034 03:20:48 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| janrean.store/wp-content/themes/hitmag/fonts/lato-regular-latin.woff2 | 63.250.43.147 | 200 OK | 24 kB |
URL GET HTTP/1.1janrean.store/wp-content/themes/hitmag/fonts/lato-regular-latin.woff2 IP63.250.43.147:80
File typeWeb Open Font Format (Version 2), TrueType, length 23580, version 1.0 Hashe1b3b5908c9cf23dfb2b9c52b9a023ab fcd4136085f2a03481d9958cc6793a5ed98e714c 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /wp-content/themes/hitmag/fonts/lato-regular-latin.woff2 HTTP/1.1
Host: janrean.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://janrean.store/wp-content/themes/hitmag/css/fonts.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: nginx
date: Thu, 25 Apr 2024 18:22:30 GMT
content-type: font/woff2
content-length: 23580
last-modified: Thu, 18 Apr 2024 07:58:32 GMT
etag: "6620d2a8-5c1c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: http://janrean.store
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 32298
accept-ranges: bytes
x-cache: HIT
|
|
| janrean.store/wp-content/themes/hitmag/fonts/opensans-bold-webfont.woff2 | 63.250.43.147 | 200 OK | 19 kB |
URL GET HTTP/1.1janrean.store/wp-content/themes/hitmag/fonts/opensans-bold-webfont.woff2 IP63.250.43.147:80
File typeWeb Open Font Format (Version 2), TrueType, length 18992, version 1.0 Hash8b1081927e10196dfa2642487a7b2e8c b9b32eabae814e96e10c20e43d87a5cafc4dc0d4 c3980ea8f019855a578aef98e57530e78df585bce65b79b9f86a3356fa748bf3
GET /wp-content/themes/hitmag/fonts/opensans-bold-webfont.woff2 HTTP/1.1
Host: janrean.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://janrean.store/wp-content/themes/hitmag/css/fonts.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: nginx
date: Thu, 25 Apr 2024 18:22:30 GMT
content-type: font/woff2
content-length: 18992
last-modified: Thu, 18 Apr 2024 07:58:32 GMT
etag: "6620d2a8-4a30"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: http://janrean.store
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 32297
accept-ranges: bytes
x-cache: HIT
|
|
| janrean.store/wp-content/themes/hitmag/fonts/ubuntu-medium-webfont.woff2 | 63.250.43.147 | 200 OK | 29 kB |
URL GET HTTP/1.1janrean.store/wp-content/themes/hitmag/fonts/ubuntu-medium-webfont.woff2 IP63.250.43.147:80
File typeWeb Open Font Format (Version 2), TrueType, length 28568, version 1.0 Hash29f43fe3556abaad9c673ca2537b1303 764fdf1fcf9cb68dc38ed004cfe67a9ecfa14256 dcee1278430c78c2294f2e960b4d878690eb22c06780ff9671ecd6d2f60e7e11
GET /wp-content/themes/hitmag/fonts/ubuntu-medium-webfont.woff2 HTTP/1.1
Host: janrean.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://janrean.store/wp-content/themes/hitmag/css/fonts.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: nginx
date: Thu, 25 Apr 2024 18:23:08 GMT
content-type: font/woff2
content-length: 28568
last-modified: Thu, 18 Apr 2024 07:58:32 GMT
etag: "6620d2a8-6f98"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: http://janrean.store
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 32259
accept-ranges: bytes
x-cache: HIT
|
|
| janrean.store/wp-content/themes/hitmag/fonts/fa-brands-400.woff2 | 63.250.43.147 | 200 OK | 117 kB |
URL GET HTTP/1.1janrean.store/wp-content/themes/hitmag/fonts/fa-brands-400.woff2 IP63.250.43.147:80
File typeWeb Open Font Format (Version 2), TrueType, length 117372, version 773.768 Size117 kB (117372 bytes) Hashb6356c957274676e6571c1ff5e11c9a8 4022f95e001d734ca8f082b8e7627abd205609ec 3a8924cd5203a28628716aedb5cef0943da4c3b44e3ffcee90ab06387b41c490
GET /wp-content/themes/hitmag/fonts/fa-brands-400.woff2 HTTP/1.1
Host: janrean.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://janrean.store/wp-content/themes/hitmag/css/all.min.css?ver=6.5.1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: nginx
date: Thu, 25 Apr 2024 18:22:30 GMT
content-type: font/woff2
content-length: 117372
last-modified: Thu, 18 Apr 2024 07:58:32 GMT
etag: "6620d2a8-1ca7c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: http://janrean.store
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 32298
accept-ranges: bytes
x-cache: HIT
|
|
| janrean.store/wp-content/themes/hitmag/fonts/ubuntu-bold-webfont.woff2 | 63.250.43.147 | 200 OK | 29 kB |
URL GET HTTP/1.1janrean.store/wp-content/themes/hitmag/fonts/ubuntu-bold-webfont.woff2 IP63.250.43.147:80
File typeWeb Open Font Format (Version 2), TrueType, length 29320, version 1.0 Hash523215f3b621ae9406e84e39e7976e67 3ff9b171c3ccbd71c73121b803da01b62c033ed9 78cfcd698660fe6904cdccf493e82f639a1a08707c35df07be4566e511bb04cc
GET /wp-content/themes/hitmag/fonts/ubuntu-bold-webfont.woff2 HTTP/1.1
Host: janrean.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://janrean.store/wp-content/themes/hitmag/css/fonts.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: nginx
date: Thu, 25 Apr 2024 18:22:30 GMT
content-type: font/woff2
content-length: 29320
last-modified: Thu, 18 Apr 2024 07:58:32 GMT
etag: "6620d2a8-7288"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: http://janrean.store
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 32298
accept-ranges: bytes
x-cache: HIT
|
|
| janrean.store/wp-content/themes/hitmag/fonts/ubuntu-regular-webfont.woff2 | 63.250.43.147 | 200 OK | 29 kB |
URL GET HTTP/1.1janrean.store/wp-content/themes/hitmag/fonts/ubuntu-regular-webfont.woff2 IP63.250.43.147:80
File typeWeb Open Font Format (Version 2), TrueType, length 28592, version 1.0 Hasha72bbb5a10e8ff13010604a1bb4a4037 4accf5cfaa94279c6cfdf8cda1c75270e8278761 c07bdac3cac751c087419fb7be13f75451845e648c0c67376ce388216693265c
GET /wp-content/themes/hitmag/fonts/ubuntu-regular-webfont.woff2 HTTP/1.1
Host: janrean.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://janrean.store/wp-content/themes/hitmag/css/fonts.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: nginx
date: Thu, 25 Apr 2024 18:22:30 GMT
content-type: font/woff2
content-length: 28592
last-modified: Thu, 18 Apr 2024 07:58:32 GMT
etag: "6620d2a8-6fb0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: http://janrean.store
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 32298
accept-ranges: bytes
x-cache: HIT
|
|
| janrean.store/wp-content/themes/hitmag/fonts/lato-bold-latin.woff2 | 63.250.43.147 | 200 OK | 23 kB |
URL GET HTTP/1.1janrean.store/wp-content/themes/hitmag/fonts/lato-bold-latin.woff2 IP63.250.43.147:80
File typeWeb Open Font Format (Version 2), TrueType, length 23040, version 1.0 Hashde69cf9e514df447d1b0bb16f49d2457 2ac78601179c3a63ba3f3f3081556b12ddcaf655 c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /wp-content/themes/hitmag/fonts/lato-bold-latin.woff2 HTTP/1.1
Host: janrean.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://janrean.store/wp-content/themes/hitmag/css/fonts.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: nginx
date: Thu, 25 Apr 2024 18:22:30 GMT
content-type: font/woff2
content-length: 23040
last-modified: Thu, 18 Apr 2024 07:58:32 GMT
etag: "6620d2a8-5a00"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: http://janrean.store
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 32298
accept-ranges: bytes
x-cache: HIT
|
|
| janrean.store/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2 | 63.250.43.147 | 200 OK | 5.1 kB |
URL GET HTTP/1.1janrean.store/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2 IP63.250.43.147:80
File typeJavaScript source, ASCII text, with very long lines (15752) Hashb976b651932bfd25b9ddb5b7693d88a7 7fcb7cb5c11227f9213b1e08a07d0212209e1432 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.5.2 HTTP/1.1
Host: janrean.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://janrean.store/
DNT: 1
Connection: keep-alive
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=a323309a-963b-41c9-92f0-69b40ad8eea3%3A2%3A1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: nginx
date: Thu, 25 Apr 2024 18:22:46 GMT
content-type: application/javascript
last-modified: Tue, 13 Feb 2024 14:36:07 GMT
vary: Accept-Encoding
etag: W/"65cb7e57-4926"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 32282
accept-ranges: bytes
x-cache: HIT
content-length: 5056
|
|
| janrean.store/wp-content/themes/hitmag/fonts/lato-regular-latin-italic.woff2 | 63.250.43.147 | 200 OK | 24 kB |
URL GET HTTP/1.1janrean.store/wp-content/themes/hitmag/fonts/lato-regular-latin-italic.woff2 IP63.250.43.147:80
File typeWeb Open Font Format (Version 2), TrueType, length 24408, version 1.0 Hashefee2d080d7bebdd2e0aeb2e030813a0 f8d38f9f9584e48c2e469877ebd94232265585f1 bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
GET /wp-content/themes/hitmag/fonts/lato-regular-latin-italic.woff2 HTTP/1.1
Host: janrean.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://janrean.store/wp-content/themes/hitmag/css/fonts.css
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=a323309a-963b-41c9-92f0-69b40ad8eea3%3A2%3A1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: nginx
date: Thu, 25 Apr 2024 18:22:32 GMT
content-type: font/woff2
content-length: 24408
last-modified: Thu, 18 Apr 2024 07:58:32 GMT
etag: "6620d2a8-5f58"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: http://janrean.store
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 32296
accept-ranges: bytes
x-cache: HIT
|
|
| janrean.store/wp-content/themes/hitmag/fonts/fa-solid-900.woff2 | 63.250.43.147 | 200 OK | 156 kB |
URL GET HTTP/1.1janrean.store/wp-content/themes/hitmag/fonts/fa-solid-900.woff2 IP63.250.43.147:80
File typeWeb Open Font Format (Version 2), TrueType, length 156496, version 773.768 Size156 kB (156496 bytes) Hash6c4eee562650e53cee32496bdfbe534b 1aae708e3b94ee981b452a918d28ed037fbb5e18 9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2
GET /wp-content/themes/hitmag/fonts/fa-solid-900.woff2 HTTP/1.1
Host: janrean.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://janrean.store/wp-content/themes/hitmag/css/all.min.css?ver=6.5.1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: nginx
date: Thu, 25 Apr 2024 18:22:30 GMT
content-type: font/woff2
content-length: 156496
last-modified: Thu, 18 Apr 2024 07:58:32 GMT
etag: "6620d2a8-26350"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: http://janrean.store
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 32298
accept-ranges: bytes
x-cache: HIT
|
|
| 1.gravatar.com/avatar/d7a973c7dab26985da5f961be7b74480?s=50&d=mm&r=g | 192.0.73.2 | 200 OK | 162 B |
URL GET HTTP/21.gravatar.com/avatar/d7a973c7dab26985da5f961be7b74480?s=50&d=mm&r=g IP192.0.73.2:443
CertificateIssuerSectigo Limited Subject*.gravatar.com Fingerprint28:34:17:4E:69:95:4B:B9:70:DF:D4:0F:AA:2C:8D:60:F2:45:E7:D0 ValidityTue, 05 Dec 2023 00:00:00 GMT - Sat, 04 Jan 2025 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /avatar/d7a973c7dab26985da5f961be7b74480?s=50&d=mm&r=g HTTP/1.1
Host: 1.gravatar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://janrean.store/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 26 Apr 2024 03:20:49 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://1.gravatar.com/avatar/d7a973c7dab26985da5f961be7b74480?s=50&d=mm&r=g
|
|
| lessonworkman.com/sbar.json?key=94a432e0f0abe7b6156530170c6a8b38&uuid=a323309a-963b-41c9-92f0-69b40ad8eea3%3A2%3A1 | 192.243.61.227 | 200 OK | 8.4 kB |
URL GET HTTP/1.1lessonworkman.com/sbar.json?key=94a432e0f0abe7b6156530170c6a8b38&uuid=a323309a-963b-41c9-92f0-69b40ad8eea3%3A2%3A1 IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
CertificateIssuerLet's Encrypt Subjectlessonworkman.com FingerprintCD:A5:4F:8D:3C:FD:46:18:D6:1B:0E:BB:6E:B5:15:CA:2F:C9:F3:CB ValidityTue, 23 Apr 2024 10:55:31 GMT - Mon, 22 Jul 2024 10:55:30 GMT
Hash0489486c1641642e65f1f983dedddb26 843a5ae348b887f99efcaf542fea715c4d550423 8c037446b75b01c480bab12f5c5aa6be26ff2fde07c786e8479fe5110c228d47
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /sbar.json?key=94a432e0f0abe7b6156530170c6a8b38&uuid=a323309a-963b-41c9-92f0-69b40ad8eea3%3A2%3A1 HTTP/1.1
Host: lessonworkman.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://janrean.store/
Origin: http://janrean.store
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 03:20:49 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://janrean.store
Access-Control-Allow-Origin: http://janrean.store
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=22809172; expires=Sat, 27 Apr 2024 03:20:49 GMT; secure; SameSite=None
uid_id2=a323309a-963b-41c9-92f0-69b40ad8eea3:2:1; expires=Fri, 03 May 2024 03:20:49 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 27 Apr 2024 03:20:49 GMT; secure; SameSite=None
uncs=1; expires=Sat, 27 Apr 2024 03:20:49 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sat, 27 Apr 2024 03:20:49 GMT; secure; SameSite=None
uncs29=1; expires=Sat, 27 Apr 2024 03:20:49 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6f6c411e892808580ed4b57eec2eaf71
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| 1.gravatar.com/avatar/d7a973c7dab26985da5f961be7b74480?s=50&d=mm&r=g | 192.0.73.2 | 200 OK | 2.8 kB |
URL GET HTTP/21.gravatar.com/avatar/d7a973c7dab26985da5f961be7b74480?s=50&d=mm&r=g IP192.0.73.2:443
CertificateIssuerSectigo Limited Subject*.gravatar.com Fingerprint28:34:17:4E:69:95:4B:B9:70:DF:D4:0F:AA:2C:8D:60:F2:45:E7:D0 ValidityTue, 05 Dec 2023 00:00:00 GMT - Sat, 04 Jan 2025 23:59:59 GMT
File typePNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced Hashbbd1986793bf0b4bfd4740e9c4bc805a 0b5ec377c1dd5664910636a7294baa2cdbeeca31 7a6c7ac4096e0313e83ea26672463b665a4e067bd76d1afc43b4acb3e1b3c2f5
GET /avatar/d7a973c7dab26985da5f961be7b74480?s=50&d=mm&r=g HTTP/1.1
Host: 1.gravatar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://janrean.store/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 03:20:49 GMT
content-type: image/png
content-length: 2843
last-modified: Thu, 26 Mar 2020 22:12:54 GMT
link: <https://gravatar.com/avatar/d7a973c7dab26985da5f961be7b74480?s=50&d=mm&r=g>; rel="canonical"
content-disposition: inline; filename="d7a973c7dab26985da5f961be7b74480.png"
access-control-allow-origin: *
expires: Fri, 26 Apr 2024 03:25:49 GMT
cache-control: max-age=300
x-nc: HIT arn 4
alt-svc: h3=":443"; ma=86400
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| janrean.store/favicon.ico | 63.250.43.147 | 204 No Content | 0 B |
URL GET HTTP/1.1janrean.store/favicon.ico IP63.250.43.147:80
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: janrean.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://janrean.store/
DNT: 1
Connection: keep-alive
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=a323309a-963b-41c9-92f0-69b40ad8eea3%3A2%3A1; sb_main_94a432e0f0abe7b6156530170c6a8b38=1; sb_count_94a432e0f0abe7b6156530170c6a8b38=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
server: nginx
date: Thu, 25 Apr 2024 18:22:45 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-type: image/png
age: 32284
x-cache: HIT
|
|
| lessonworkman.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST29bxRed52b1%2B0lIVN2VSl6wKII474%2FzbNNFRSlBEaGJ2iBYIKGZN2NnyPjN08wbPyeriEqoGyTDJ3g5ThoBBbVbJCr0UolFJKSaVRZkwzcAqWtkY2G4i7n3zjkjnTn3fn7oLkgIR89vv6%2F3pVJ0ZbXh169%2FFAQ36hsydcP6sB1%2FEjdv1M3gzU7c8F%2BrvyuSXb0S%2BoHvB35QX5NGdPVwZQpCZo86QaPjN5phI1htYmj%2B21vnwVIPfHBBLkPyydIz7wpkUiHtP74t7G6uszfe6TtFc20w4CcfpLupLlL0F2XXeOimJ3M2tH2%2B9hQ6PZ7JhR78Q2RyQryfn4KlJ3ORYIOjmU6mIFIw%2Fn8UgwpCVZC0QqLvQ%2FLnBEg47mwi7T%2B8o01B9%2F5G6RSdkKUXf0IWE7L02xWk%2Fe9vKTms39PK5VKnFsNuCTmsIHsVMneKfL8GWZwiyT%2BD5L%2BQlRcbSPtHm1ZpSH7%2BKo3CKPI7dLkTR2y5GSSd5U7Y9ZfjDmv6lLeFoNHMICkryG4FJUagtgZnPTjpwXU9uMxDn5%2FXkyAIWj5PqN%2FuJEnEW4LF3A9oqxvQwI%2FbcMn0DyPk2QiJGiExB8jMAXblCMb9BLtTwnIPNicY8BKFICgsQUEJCklQ5ATFoDzmyoa2fMiVdSyY53Ceo3Ks894hPdZ5T6QE1IxgeHmYXZCXpwZ6H%2F9vG7vivN5p0mYUCr%2FrUyZaLA5W49XID1p%2BEtM2i9qwsoS0NVDrYV9OSPuLI2RyQi7zAoyewqpTJPIVUHcNtChBd0rsp9%2FtiLSn9ho210aE4LpEli8h3%2FMO1QW5Opvh%2BuYTiOTs5u%2FRLJCYEpkp8al8RtBTD8Z3dUGO7urCkiebWS77cp9O53svp7m49M17Yq%2FQhq%2FftqOv30qmwLR8tC1svkFTLtOeJd%2FekpwLs6ZNIsiP6%2FZDwbac3bnlTOqyja2319b7mRHWSp1WoNNV%2FcMgkRPy0tXt2epe%2F2EL0lQwrkTfnZF5QOoKSXYAmy30W01g1ILDMg%2BFK8cmZItLJQmUWPSUlbD%2F6tmiHhs6fU1leWgfoGdqoPl9pP0SA1NioEpQNYJ1l8Z5Zs5u%2FjqXwVRtzJSpHTFl1Fczm6fHY1h5Xm9FkU%2FjzmrQalHRYs2w3Y0DTmnYjMM4phFyO%2Bm%2Bfu3LvwAAAP%2F%2FAQAA%2F%2F%2BZ1%2Ba9lAQAAA%3D%3D | 192.243.61.227 | 200 OK | 7 B |
URL GET HTTP/1.1lessonworkman.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST29bxRed52b1%2B0lIVN2VSl6wKII474%2FzbNNFRSlBEaGJ2iBYIKGZN2NnyPjN08wbPyeriEqoGyTDJ3g5ThoBBbVbJCr0UolFJKSaVRZkwzcAqWtkY2G4i7n3zjkjnTn3fn7oLkgIR89vv6%2F3pVJ0ZbXh169%2FFAQ36hsydcP6sB1%2FEjdv1M3gzU7c8F%2BrvyuSXb0S%2BoHvB35QX5NGdPVwZQpCZo86QaPjN5phI1htYmj%2B21vnwVIPfHBBLkPyydIz7wpkUiHtP74t7G6uszfe6TtFc20w4CcfpLupLlL0F2XXeOimJ3M2tH2%2B9hQ6PZ7JhR78Q2RyQryfn4KlJ3ORYIOjmU6mIFIw%2Fn8UgwpCVZC0QqLvQ%2FLnBEg47mwi7T%2B8o01B9%2F5G6RSdkKUXf0IWE7L02xWk%2Fe9vKTms39PK5VKnFsNuCTmsIHsVMneKfL8GWZwiyT%2BD5L%2BQlRcbSPtHm1ZpSH7%2BKo3CKPI7dLkTR2y5GSSd5U7Y9ZfjDmv6lLeFoNHMICkryG4FJUagtgZnPTjpwXU9uMxDn5%2FXkyAIWj5PqN%2FuJEnEW4LF3A9oqxvQwI%2FbcMn0DyPk2QiJGiExB8jMAXblCMb9BLtTwnIPNicY8BKFICgsQUEJCklQ5ATFoDzmyoa2fMiVdSyY53Ceo3Ks894hPdZ5T6QE1IxgeHmYXZCXpwZ6H%2F9vG7vivN5p0mYUCr%2FrUyZaLA5W49XID1p%2BEtM2i9qwsoS0NVDrYV9OSPuLI2RyQi7zAoyewqpTJPIVUHcNtChBd0rsp9%2FtiLSn9ho210aE4LpEli8h3%2FMO1QW5Opvh%2BuYTiOTs5u%2FRLJCYEpkp8al8RtBTD8Z3dUGO7urCkiebWS77cp9O53svp7m49M17Yq%2FQhq%2FftqOv30qmwLR8tC1svkFTLtOeJd%2FekpwLs6ZNIsiP6%2FZDwbac3bnlTOqyja2319b7mRHWSp1WoNNV%2FcMgkRPy0tXt2epe%2F2EL0lQwrkTfnZF5QOoKSXYAmy30W01g1ILDMg%2BFK8cmZItLJQmUWPSUlbD%2F6tmiHhs6fU1leWgfoGdqoPl9pP0SA1NioEpQNYJ1l8Z5Zs5u%2FjqXwVRtzJSpHTFl1Fczm6fHY1h5Xm9FkU%2FjzmrQalHRYs2w3Y0DTmnYjMM4phFyO%2Bm%2Bfu3LvwAAAP%2F%2FAQAA%2F%2F%2BZ1%2Ba9lAQAAA%3D%3D IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
CertificateIssuerLet's Encrypt Subjectlessonworkman.com FingerprintCD:A5:4F:8D:3C:FD:46:18:D6:1B:0E:BB:6E:B5:15:CA:2F:C9:F3:CB ValidityTue, 23 Apr 2024 10:55:31 GMT - Mon, 22 Jul 2024 10:55:30 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RST29bxRed52b1%2B0lIVN2VSl6wKII474%2FzbNNFRSlBEaGJ2iBYIKGZN2NnyPjN08wbPyeriEqoGyTDJ3g5ThoBBbVbJCr0UolFJKSaVRZkwzcAqWtkY2G4i7n3zjkjnTn3fn7oLkgIR89vv6%2F3pVJ0ZbXh169%2FFAQ36hsydcP6sB1%2FEjdv1M3gzU7c8F%2BrvyuSXb0S%2BoHvB35QX5NGdPVwZQpCZo86QaPjN5phI1htYmj%2B21vnwVIPfHBBLkPyydIz7wpkUiHtP74t7G6uszfe6TtFc20w4CcfpLupLlL0F2XXeOimJ3M2tH2%2B9hQ6PZ7JhR78Q2RyQryfn4KlJ3ORYIOjmU6mIFIw%2Fn8UgwpCVZC0QqLvQ%2FLnBEg47mwi7T%2B8o01B9%2F5G6RSdkKUXf0IWE7L02xWk%2Fe9vKTms39PK5VKnFsNuCTmsIHsVMneKfL8GWZwiyT%2BD5L%2BQlRcbSPtHm1ZpSH7%2BKo3CKPI7dLkTR2y5GSSd5U7Y9ZfjDmv6lLeFoNHMICkryG4FJUagtgZnPTjpwXU9uMxDn5%2FXkyAIWj5PqN%2FuJEnEW4LF3A9oqxvQwI%2FbcMn0DyPk2QiJGiExB8jMAXblCMb9BLtTwnIPNicY8BKFICgsQUEJCklQ5ATFoDzmyoa2fMiVdSyY53Ceo3Ks894hPdZ5T6QE1IxgeHmYXZCXpwZ6H%2F9vG7vivN5p0mYUCr%2FrUyZaLA5W49XID1p%2BEtM2i9qwsoS0NVDrYV9OSPuLI2RyQi7zAoyewqpTJPIVUHcNtChBd0rsp9%2FtiLSn9ho210aE4LpEli8h3%2FMO1QW5Opvh%2BuYTiOTs5u%2FRLJCYEpkp8al8RtBTD8Z3dUGO7urCkiebWS77cp9O53svp7m49M17Yq%2FQhq%2FftqOv30qmwLR8tC1svkFTLtOeJd%2FekpwLs6ZNIsiP6%2FZDwbac3bnlTOqyja2319b7mRHWSp1WoNNV%2FcMgkRPy0tXt2epe%2F2EL0lQwrkTfnZF5QOoKSXYAmy30W01g1ILDMg%2BFK8cmZItLJQmUWPSUlbD%2F6tmiHhs6fU1leWgfoGdqoPl9pP0SA1NioEpQNYJ1l8Z5Zs5u%2FjqXwVRtzJSpHTFl1Fczm6fHY1h5Xm9FkU%2FjzmrQalHRYs2w3Y0DTmnYjMM4phFyO%2Bm%2Bfu3LvwAAAP%2F%2FAQAA%2F%2F%2BZ1%2Ba9lAQAAA%3D%3D HTTP/1.1
Host: lessonworkman.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://janrean.store/
DNT: 1
Connection: keep-alive
Cookie: u_pl=22809172; uid_id2=a323309a-963b-41c9-92f0-69b40ad8eea3:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 03:20:49 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0fe170ab372de17f593a298364f309d9
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/img/close.png | 188.114.96.1 | 200 OK | 591 B |
URL GET HTTP/2cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/img/close.png IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typePNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced Hash9fd5bcb6103d86e317bd1eb019bcbe71 6b5a52ea669dcb74946f2bed4bdd7ec985026113 0ddd3be104ac7945fb062096df62034a6a24ecc76ba92493c35c62c3c25982ae
GET /sb/ssp/vpn/classic-push/small/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 03:20:49 GMT
content-type: image/png
content-length: 591
last-modified: Fri, 19 Jan 2024 14:19:42 GMT
etag: "65aa84fe-24f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 6185742
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y3XbSZnmv6z7F3eSWFRqBL3cu7I%2FDXG4Cx%2FK2jQklrvrSRqNB08ngAwpITwOShBqB88vQE%2BnZBDylvtFRtZmyH8Hbp%2FP4%2B2mCuM6k2qiIX3hO792FgiMy8wpLTIJ676qYpKiyALuTIG%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a370706e09568b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| lessonworkman.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F0c%2Fc8%2Fe1%2F0cc8e13ba9d5dbc867b982993e805a9d%2F1632728593.html&l=1325&fd=120 | 192.243.61.227 | 200 OK | 0 B |
URL GET HTTP/1.1lessonworkman.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F0c%2Fc8%2Fe1%2F0cc8e13ba9d5dbc867b982993e805a9d%2F1632728593.html&l=1325&fd=120 IP192.243.61.227:80 ASN#39572 DataWeb Global Group B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F0c%2Fc8%2Fe1%2F0cc8e13ba9d5dbc867b982993e805a9d%2F1632728593.html&l=1325&fd=120 HTTP/1.1
Host: lessonworkman.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://janrean.store/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 03:20:49 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap | 142.250.74.74 | 200 OK | 717 B |
URL GET HTTP/1.1fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap IP142.250.74.74:80
Hash9cc7d472437c87f6f7ebeb35abec09f1 948bb2b7bf4bbc829015c125e1b6f7859b2948b0 9a39510af72db44fb14d333c52c41da0e90827afcfe78c8f12b367f0a94783b7
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Fri, 26 Apr 2024 03:20:50 GMT
Date: Fri, 26 Apr 2024 03:20:50 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
|
|
| cdn.cloudimagesb.com/si/07/9c/1b/079c1b9b48633e3ef398faef0739f24f/1701651986.png | 45.133.44.10 | 200 OK | 16 kB |
URL GET HTTP/2cdn.cloudimagesb.com/si/07/9c/1b/079c1b9b48633e3ef398faef0739f24f/1701651986.png IP45.133.44.10:443 ASN#39572 DataWeb Global Group B.V.
CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typePNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced Hash14cf262fabfd850855c42847d14fe775 2fafa28f167f018a0fb1f261f47380c8810803c9 972004ebada4077c3a4d03dcb45175ea467faf54da72be727a1c5c75e688b8af
GET /si/07/9c/1b/079c1b9b48633e3ef398faef0739f24f/1701651986.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 03:20:50 GMT
content-type: image/png
content-length: 16093
server: nginx/1.21.6
last-modified: Mon, 04 Dec 2023 01:06:35 GMT
etag: "656d261b-3edd"
expires: Sun, 28 Apr 2024 03:20:50 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/css/style.css | 188.114.96.1 | 200 OK | 961 B |
URL GET HTTP/2cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/css/style.css IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
Hash039a6734d79ed9aa51cf81c52479c5fe 9cf29c4ea1a3880681d50c7228374f8073b7778b a15bad73fc8907795285b78a4a1a1bf5e7f68b4d39988b9bb165444819cf9eb1
GET /sb/ssp/vpn/classic-push/small/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://janrean.store/
Origin: http://janrean.store
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 03:20:50 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:19:42 GMT
etag: W/"65aa84fe-d1b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7enTi3dChP5Yb%2Fpwdte1yPWOLc%2FyEZ4JZ%2Bw8ZiZvaw1g%2FA7lFfkn3g%2BMX3SnxpoW9%2FcnWBQbiYkAg8V%2F9cd6zU2qrQp0HDST5wWfAlGFVQdMRJSmwrX9gFInQYv7LGFLCRmkegX0LynX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3706f9de1568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| unseenreport.com/pxf.gif?uuid=a323309a-963b-41c9-92f0-69b40ad8eea3&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2069&b_frame=0&pk=94a432e0f0abe7b6156530170c6a8b38&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=3 | 192.243.59.13 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=a323309a-963b-41c9-92f0-69b40ad8eea3&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2069&b_frame=0&pk=94a432e0f0abe7b6156530170c6a8b38&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=3 IP192.243.59.13:80 ASN#39572 DataWeb Global Group B.V.
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=a323309a-963b-41c9-92f0-69b40ad8eea3&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2069&b_frame=0&pk=94a432e0f0abe7b6156530170c6a8b38&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=3 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://janrean.store/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 26 Apr 2024 03:20:50 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c79de7b653ca6a00d3d5c8fac9d2d1d5
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/1.1fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.227:80
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://janrean.store
DNT: 1
Connection: keep-alive
Referer: http://fonts.googleapis.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15744
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 25 Apr 2024 17:40:22 GMT
Expires: Fri, 25 Apr 2025 17:40:22 GMT
Cache-Control: public, max-age=31536000
Age: 34828
Last-Modified: Wed, 11 May 2022 19:24:48 GMT
Content-Type: font/woff2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/1.1fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP216.58.207.227:80
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0 Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://janrean.store
DNT: 1
Connection: keep-alive
Referer: http://fonts.googleapis.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15860
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 25 Apr 2024 02:45:20 GMT
Expires: Fri, 25 Apr 2025 02:45:20 GMT
Cache-Control: public, max-age=31536000
Age: 88530
Last-Modified: Wed, 11 May 2022 19:24:42 GMT
Content-Type: font/woff2
|
|
| lessonworkman.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fstyle.css&l=3355&fd=346 | 192.243.59.20 | 200 OK | 0 B |
URL GET HTTP/1.1lessonworkman.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fstyle.css&l=3355&fd=346 IP192.243.59.20:80 ASN#39572 DataWeb Global Group B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fstyle.css&l=3355&fd=346 HTTP/1.1
Host: lessonworkman.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://janrean.store/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 26 Apr 2024 03:20:50 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/css/animate.css | 188.114.96.1 | 200 OK | 4.9 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/css/animate.css IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
Hash3d4123dbfb33d27a5cfdfcfa91df6783 e7d0eeeec54b848f0bc3da8685fa3bc88429d660 cb7d1393b65701b2f97d8da244c2c6023e9cbc3463ecb0136b915cfc775c6887
GET /sb/ssp/vpn/classic-push/small/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://janrean.store/
Origin: http://janrean.store
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 03:20:50 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:19:42 GMT
etag: W/"65aa84fe-13361"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eSsseolaFGa1XLEkI33f6ZstbB%2F1H6D4U0GVhjvap6tjCCCXTWc%2FULl%2Bwv7ld6QQDK5rexmRGu2pghPDweYoBFVFazq62hWa%2BOkp94DlugtQv%2F8dXtG4o6pK3xMzKcuMEX0GXnvhkDJo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3706f9ddf568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| lessonworkman.com/impr.gif?sid=H4sIAAAAAAAC%2F1RST2skxRuuns3p9wPBZW%2Frwhw8rGgm3dPz1z0sxhgJxk3YjehBkPrXkzI1XU1V9%2FQkp%2BCC7EUY%2FQSdZ5IN6iq7V8FFOgseAsKOpxzMxW%2BgsGeZcXD0PdT7vvU8BU897%2Fv5UXZJ6sjoxdr75kBpTVeaNb9686MguFXdVHE2rA47rU9ajVtVO3iz26r5r1XflXzPrNT9wPcDP6iuKysjM1yZglDJo25Q6%2Fq1Rr0WNBsY2v%2F2LvPgqAcxuCRXocRk6Zl3DYqXiPuP16TbS03yxjv9TNPUWAzE6QfxXmzyGP1FGVkPUXw6Z8O45%2BtPYeKTmVyYwT9EpibE%2B%2FkpWHw6Fwk2OJ7pZBoyBhP%2FRz4oIXUJRUtwcx9KPCcAF7izhbj%2F8I6xOd3%2FG6VTdEKWXvwJlU%2FI0m%2FXEPe%2FX9VqWL1ndJYqEzsMowJqWEL1SiTZGdKDClR%2BBp5%2BBiV%2BISsvNhH3j7ecNlDi4lUa1sPQ79Llbitky42Ad5e79chfbnVZw6eiIyUNZwYpVUJFJbQcgboKMuchUx6yyEOWeOiLiyoPgqDtC079TpfzULQlawk%2FoO0ooIHf6iDj0z%2BMkCYjcD0Ct4dI7CH21Ag2%2Bwlut4ATHlxKMBAFckmQO4KcEuSKIE8J8kFxIrSru%2BKh0C5jwTzX5zksxibtHdETk%2FZkTEDtCFYUR8kleXlqoPfx%2F3awJy%2Bq3QZthHXpRz5lss1aQbPVDP2g7fMW7bCwA6cKKFcBdR4O1IR0vjhGoibkqsjB6BmcPgNXr4BmN0DzAnS3wEH83a6Me3q%2F5lJjZR3CFEjSJaT73pG%2BJNdnM9zYegLJz2%2F%2FHs4C3BZIbIFP1TOCnn4wvmtycnzX5I482UpS1VcHdDrfeylN5ZVv3pP7ubFiY82Nvn6LT4Fp%2BWhHunSTxkLFPUe%2BXVVCSLtuLJfkxw33oWTbmdtdzWycJZvbb69v9BMrnVMmLkGnq%2FqHBVcT8tL1ndnq3vxhG8qWsFmBfnZO5gFlSvDkEC5Z6HeGwOoFhyUe8qwY2zpbXGpFoOWip6yA%2B1fPFvXY0ulrqooj9wA9WwFN7yPuFxjYAgNdgOoRXHZlnCb2%2FPavcxlMV8ZM28ox01Z%2FNbN5ejyGUxfV0BdtJiPZZrLRbESSC9ZsMp9HnIWi0%2BFI3SR6%2FcaXfwEAAP%2F%2FAQAA%2F%2F8ZAzNVlAQAAA%3D%3D | 192.243.61.227 | 200 OK | 7 B |
URL GET HTTP/1.1lessonworkman.com/impr.gif?sid=H4sIAAAAAAAC%2F1RST2skxRuuns3p9wPBZW%2Frwhw8rGgm3dPz1z0sxhgJxk3YjehBkPrXkzI1XU1V9%2FQkp%2BCC7EUY%2FQSdZ5IN6iq7V8FFOgseAsKOpxzMxW%2BgsGeZcXD0PdT7vvU8BU897%2Fv5UXZJ6sjoxdr75kBpTVeaNb9686MguFXdVHE2rA47rU9ajVtVO3iz26r5r1XflXzPrNT9wPcDP6iuKysjM1yZglDJo25Q6%2Fq1Rr0WNBsY2v%2F2LvPgqAcxuCRXocRk6Zl3DYqXiPuP16TbS03yxjv9TNPUWAzE6QfxXmzyGP1FGVkPUXw6Z8O45%2BtPYeKTmVyYwT9EpibE%2B%2FkpWHw6Fwk2OJ7pZBoyBhP%2FRz4oIXUJRUtwcx9KPCcAF7izhbj%2F8I6xOd3%2FG6VTdEKWXvwJlU%2FI0m%2FXEPe%2FX9VqWL1ndJYqEzsMowJqWEL1SiTZGdKDClR%2BBp5%2BBiV%2BISsvNhH3j7ecNlDi4lUa1sPQ79Llbitky42Ad5e79chfbnVZw6eiIyUNZwYpVUJFJbQcgboKMuchUx6yyEOWeOiLiyoPgqDtC079TpfzULQlawk%2FoO0ooIHf6iDj0z%2BMkCYjcD0Ct4dI7CH21Ag2%2Bwlut4ATHlxKMBAFckmQO4KcEuSKIE8J8kFxIrSru%2BKh0C5jwTzX5zksxibtHdETk%2FZkTEDtCFYUR8kleXlqoPfx%2F3awJy%2Bq3QZthHXpRz5lss1aQbPVDP2g7fMW7bCwA6cKKFcBdR4O1IR0vjhGoibkqsjB6BmcPgNXr4BmN0DzAnS3wEH83a6Me3q%2F5lJjZR3CFEjSJaT73pG%2BJNdnM9zYegLJz2%2F%2FHs4C3BZIbIFP1TOCnn4wvmtycnzX5I482UpS1VcHdDrfeylN5ZVv3pP7ubFiY82Nvn6LT4Fp%2BWhHunSTxkLFPUe%2BXVVCSLtuLJfkxw33oWTbmdtdzWycJZvbb69v9BMrnVMmLkGnq%2FqHBVcT8tL1ndnq3vxhG8qWsFmBfnZO5gFlSvDkEC5Z6HeGwOoFhyUe8qwY2zpbXGpFoOWip6yA%2B1fPFvXY0ulrqooj9wA9WwFN7yPuFxjYAgNdgOoRXHZlnCb2%2FPavcxlMV8ZM28ox01Z%2FNbN5ejyGUxfV0BdtJiPZZrLRbESSC9ZsMp9HnIWi0%2BFI3SR6%2FcaXfwEAAP%2F%2FAQAA%2F%2F8ZAzNVlAQAAA%3D%3D IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
CertificateIssuerLet's Encrypt Subjectlessonworkman.com FingerprintCD:A5:4F:8D:3C:FD:46:18:D6:1B:0E:BB:6E:B5:15:CA:2F:C9:F3:CB ValidityTue, 23 Apr 2024 10:55:31 GMT - Mon, 22 Jul 2024 10:55:30 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RST2skxRuuns3p9wPBZW%2Frwhw8rGgm3dPz1z0sxhgJxk3YjehBkPrXkzI1XU1V9%2FQkp%2BCC7EUY%2FQSdZ5IN6iq7V8FFOgseAsKOpxzMxW%2BgsGeZcXD0PdT7vvU8BU897%2Fv5UXZJ6sjoxdr75kBpTVeaNb9686MguFXdVHE2rA47rU9ajVtVO3iz26r5r1XflXzPrNT9wPcDP6iuKysjM1yZglDJo25Q6%2Fq1Rr0WNBsY2v%2F2LvPgqAcxuCRXocRk6Zl3DYqXiPuP16TbS03yxjv9TNPUWAzE6QfxXmzyGP1FGVkPUXw6Z8O45%2BtPYeKTmVyYwT9EpibE%2B%2FkpWHw6Fwk2OJ7pZBoyBhP%2FRz4oIXUJRUtwcx9KPCcAF7izhbj%2F8I6xOd3%2FG6VTdEKWXvwJlU%2FI0m%2FXEPe%2FX9VqWL1ndJYqEzsMowJqWEL1SiTZGdKDClR%2BBp5%2BBiV%2BISsvNhH3j7ecNlDi4lUa1sPQ79Llbitky42Ad5e79chfbnVZw6eiIyUNZwYpVUJFJbQcgboKMuchUx6yyEOWeOiLiyoPgqDtC079TpfzULQlawk%2FoO0ooIHf6iDj0z%2BMkCYjcD0Ct4dI7CH21Ag2%2Bwlut4ATHlxKMBAFckmQO4KcEuSKIE8J8kFxIrSru%2BKh0C5jwTzX5zksxibtHdETk%2FZkTEDtCFYUR8kleXlqoPfx%2F3awJy%2Bq3QZthHXpRz5lss1aQbPVDP2g7fMW7bCwA6cKKFcBdR4O1IR0vjhGoibkqsjB6BmcPgNXr4BmN0DzAnS3wEH83a6Me3q%2F5lJjZR3CFEjSJaT73pG%2BJNdnM9zYegLJz2%2F%2FHs4C3BZIbIFP1TOCnn4wvmtycnzX5I482UpS1VcHdDrfeylN5ZVv3pP7ubFiY82Nvn6LT4Fp%2BWhHunSTxkLFPUe%2BXVVCSLtuLJfkxw33oWTbmdtdzWycJZvbb69v9BMrnVMmLkGnq%2FqHBVcT8tL1ndnq3vxhG8qWsFmBfnZO5gFlSvDkEC5Z6HeGwOoFhyUe8qwY2zpbXGpFoOWip6yA%2B1fPFvXY0ulrqooj9wA9WwFN7yPuFxjYAgNdgOoRXHZlnCb2%2FPavcxlMV8ZM28ox01Z%2FNbN5ejyGUxfV0BdtJiPZZrLRbESSC9ZsMp9HnIWi0%2BFI3SR6%2FcaXfwEAAP%2F%2FAQAA%2F%2F8ZAzNVlAQAAA%3D%3D HTTP/1.1
Host: lessonworkman.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://janrean.store/
DNT: 1
Connection: keep-alive
Cookie: u_pl=22809172; uid_id2=a323309a-963b-41c9-92f0-69b40ad8eea3:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 03:20:50 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 08c5baff4184ebefefa558ecaf49c2d6
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| lessonworkman.com/pixel/sbs?c=1 | 192.243.61.227 | 200 OK | 0 B |
URL GET HTTP/1.1lessonworkman.com/pixel/sbs?c=1 IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
CertificateIssuerLet's Encrypt Subjectlessonworkman.com FingerprintCD:A5:4F:8D:3C:FD:46:18:D6:1B:0E:BB:6E:B5:15:CA:2F:C9:F3:CB ValidityTue, 23 Apr 2024 10:55:31 GMT - Mon, 22 Jul 2024 10:55:30 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbs?c=1 HTTP/1.1
Host: lessonworkman.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://janrean.store/
DNT: 1
Connection: keep-alive
Cookie: u_pl=22809172; uid_id2=a323309a-963b-41c9-92f0-69b40ad8eea3:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 03:20:50 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/js/script.js | 188.114.96.1 | 200 OK | 6.8 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/js/script.js IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
Hash0013fbb3bd9e7300fa1bc9f62501dcf0 447e4a8994979e2e158b9beff79b94e7d1b29508 4cf18df81115ddab6967dc82096077ee024223dac3c6ffc9b810bffb7780a20e
GET /sb/ssp/vpn/classic-push/small/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://janrean.store/
Origin: http://janrean.store
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 03:20:50 GMT
content-type: application/javascript
last-modified: Fri, 19 Jan 2024 14:19:42 GMT
etag: W/"65aa84fe-3c2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 220997
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gk1hBoWkQFSAWL%2BS9FswcFaXMiFG62RuqpY78Tz1M1H7oiEuUehXFIYbpWI85J1SHclacumcCBHxKOQtJJF0NkDwm4c%2B3vMX34GVXqjro1bYg5dyNV%2FE5vMV%2B%2BZe3XBogQLzUTwpkgZ4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a370714e32568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml | 35.244.181.201 | | 444 B |
URL aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml IP35.244.181.201:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typeXML 1.0 document, ASCII text, with very long lines (332) Hash3b324dec137a87ef7e24a30a65b13dd0 c0faa95b2f1018e264b3a14aaf50d1003e6c27b3 6cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463
GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-06-09-11-51-10.chain; p384ecdsa=wLhcQaeyjwa89CiGeuPYKWFufSapFCr4ZL_x0eb4wwFEhn3STqMq87QE8FtNtZtxxO5IZ3maHDdwg2_kLeC-Lxr8akhHuJk4yegd4ICJUQiPCldAeLhw09Ciu2UT43w3
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: EXPIRED
content-encoding: gzip
via: 1.1 google
date: Fri, 26 Apr 2024 03:19:42 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
content-length: 444
age: 83
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| t.dtscout.com/pv/?_a=v&_h=janrean.store&_ss=2893rorfb6&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=jf15&_cb=_dtspv.c | 141.101.120.10 | 200 OK | 5.4 kB |
URL GET HTTP/2t.dtscout.com/pv/?_a=v&_h=janrean.store&_ss=2893rorfb6&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=jf15&_cb=_dtspv.c IP141.101.120.10:443
CertificateIssuerGoogle Trust Services LLC Subjectdtscout.com Fingerprint69:9E:FB:2A:E2:0B:6B:60:8A:15:AF:4F:5A:3D:94:5B:68:70:F4:21 ValiditySun, 17 Mar 2024 14:35:30 GMT - Sat, 15 Jun 2024 14:35:29 GMT
File typeASCII text, with no line terminators Hashfbf0610787e594b07154579c4594e03b 349744a91d10024352d3d0d9c3b1480201c8e069 89d7daa94b6d05879bf621fa3b1561120e02d6522810201bc8f165e2c910cf41
GET /pv/?_a=v&_h=janrean.store&_ss=2893rorfb6&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=jf15&_cb=_dtspv.c HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://janrean.store/
DNT: 1
Connection: keep-alive
Cookie: m=1; oa=1; df=1714101649
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 03:20:49 GMT
content-type: application/javascript
x-t: 0.173
x-c: 0
expires: Fri, 26 Apr 2024 03:20:48 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I%2FLLEaHboKGAvaJnAVNRp931Zqs3GbIaanaz6w13WRAVmkHPxRRxIioTNrSGiatM4fsexM0oo4pqEbrQ6smjIS3BQl8sFtlJtgoJ5R9oRFbyjgwFJb5SNUnvyfSFURA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a3706c3ed68d8b-HEL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| lessonworkman.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fjs%2Fscript.js&l=962&fd=17 | 192.243.61.227 | 200 OK | 0 B |
URL GET HTTP/1.1lessonworkman.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fjs%2Fscript.js&l=962&fd=17 IP192.243.61.227:80 ASN#39572 DataWeb Global Group B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fjs%2Fscript.js&l=962&fd=17 HTTP/1.1
Host: lessonworkman.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://janrean.store/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 03:20:50 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| t.dtscout.com/i/?l=http%3A%2F%2Fjanrean.store%2F&j= | 141.101.120.10 | 200 OK | 2.1 kB |
URL GET HTTP/2t.dtscout.com/i/?l=http%3A%2F%2Fjanrean.store%2F&j= IP141.101.120.10:443
CertificateIssuerGoogle Trust Services LLC Subjectdtscout.com Fingerprint69:9E:FB:2A:E2:0B:6B:60:8A:15:AF:4F:5A:3D:94:5B:68:70:F4:21 ValiditySun, 17 Mar 2024 14:35:30 GMT - Sat, 15 Jun 2024 14:35:29 GMT
File typeASCII text, with very long lines (2163), with no line terminators Hash8811c1da7d7cd9a89cf1c9d88cf153c1 5dd7a95e6eee435a18d261757a4aa4aeea7ae472 0c72ec693d21a33e6c802f2648030af0433badc9a020325a82550115cf5044cc
GET /i/?l=http%3A%2F%2Fjanrean.store%2F&j= HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://janrean.store/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 03:20:49 GMT
content-type: application/javascript
x-s: mtl1
set-cookie: m=1; Domain=dtscout.com; Expires=Fri, 26-Apr-2024 04:44:09 GMT; Max-Age=5000; Path=/; SameSite=None; Secure
oa=1; Domain=dtscout.com; Expires=Fri, 26-Apr-2024 07:20:49 GMT; Max-Age=14400; Path=/; SameSite=None; Secure
df=1714101649; Domain=dtscout.com; Expires=Sun, 04-Aug-2024 03:20:49 GMT; Max-Age=8640000; Path=/; SameSite=None; Secure
x-t: 0.307
expires: Fri, 26 Apr 2024 03:20:48 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OAYhpvV1ojsH7x%2B6ZPI1Nvyyhg4Kp%2FB%2BhnSoSVy8XpV0Q7BgnZ2zv1MrHtoEZYlcsqD6DjyANM1OwsorOT0K0OLKgHfmIbwDDQB7ON0dD%2F6bxeSihJuQJpO%2F1AjDJiQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a3706a4e0e8d8b-HEL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/js/jquery.min.js | 188.114.96.1 | 200 OK | 84 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/js/jquery.min.js IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeJavaScript source, ASCII text, with very long lines (32025) Hash4a356126b9573eb7bd1e9a7494737410 8258d046f17dd3c15a5d3984e1868b7b5d1db329 22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
GET /sb/ssp/vpn/classic-push/small/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 03:20:49 GMT
content-type: application/javascript
last-modified: Fri, 19 Jan 2024 14:19:42 GMT
etag: W/"65aa84fe-1499c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 6185743
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ioEyLb5PfRHfB5u1ereQJ32eebajsFRhbykO9yowSn6ogeN7HY5HKiMDdOgEMOv2jTYDJHRPgDJfHaBPSeKLh5dEma08v159SQdwiK2uftRd3epPzoHOTNlhVDL8OOecC4fZFR%2FB3eqU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a370706e0c568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| lessonworkman.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fanimate.css&l=78689&fd=361 | 192.243.61.227 | 200 OK | 0 B |
URL GET HTTP/1.1lessonworkman.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fanimate.css&l=78689&fd=361 IP192.243.61.227:80 ASN#39572 DataWeb Global Group B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fanimate.css&l=78689&fd=361 HTTP/1.1
Host: lessonworkman.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://janrean.store/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 03:20:50 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.barscreative1.com/sb/au/0c/c8/e1/0cc8e13ba9d5dbc867b982993e805a9d/1632728593.html | 45.133.44.4 | 200 OK | 1.3 kB |
URL GET HTTP/2cdn.barscreative1.com/sb/au/0c/c8/e1/0cc8e13ba9d5dbc867b982993e805a9d/1632728593.html IP45.133.44.4:443 ASN#39572 DataWeb Global Group B.V.
CertificateIssuerLet's Encrypt Subjectcdn.barscreative1.com FingerprintF6:54:F4:B9:EB:AD:1E:FA:8F:76:B9:75:20:9B:41:57:32:37:94:E3 ValiditySun, 10 Mar 2024 03:01:32 GMT - Sat, 08 Jun 2024 03:01:31 GMT
File typeHTML document, ASCII text, with very long lines (1405), with no line terminators Hash5373f3c4843345dde67db670323b2d54 666b2db9872196e52a2bc902111de5e37aa1ae28 e398fbdac28494dec6505fb0143d4cd41cee83989517e12c13ea113fef006fda
GET /sb/au/0c/c8/e1/0cc8e13ba9d5dbc867b982993e805a9d/1632728593.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://janrean.store/
Origin: http://janrean.store
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 03:20:49 GMT
content-type: text/html; charset=utf-8
server: nginx/1.21.6
last-modified: Mon, 27 Sep 2021 07:43:24 GMT
etag: W/"6151761c-52d"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Fri, 26 Apr 2024 04:20:49 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
|
|