| www.googletagmanager.com/gtag/js?id=UA-46789381-48 | 216.58.211.8 | 200 OK | 75 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=UA-46789381-48 IP216.58.211.8:443
Requested byhttps://wk.jdi5.com/download/dl4/f8fd433c9a55396c748622f1b66a774c/65f3ea1973e6e2c9b19b6e86df30b13d/djbantuverma+wapqiz+com/KANHA-MAI-TO-TERE-DARSHAN-KI-PYASI-BANAY-LE-MOY-CHARN-KI-DASI-HARD-MIX-DEHAITI-DHOLKI-MIX-DJBANTUVERMA-(djbantuverma.wapqiz.com).mp3.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Hash62a871fff29d9f09a86c23fb8044ef76 d24d16e4669ab56a06b6f557a7da9569b56cae5e 0ffb85c0c268c75952b1bca3a1a44a09bb665320045a97c6a401c7ccf7f6437d
GET /gtag/js?id=UA-46789381-48 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wk.jdi5.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 09 May 2024 00:57:07 GMT
expires: Thu, 09 May 2024 00:57:07 GMT
cache-control: private, max-age=900
last-modified: Thu, 09 May 2024 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74611
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-49LW6323V3 | 216.58.211.8 | 200 OK | 102 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-49LW6323V3 IP216.58.211.8:443
Requested byhttps://wk.jdi5.com/download/dl4/f8fd433c9a55396c748622f1b66a774c/65f3ea1973e6e2c9b19b6e86df30b13d/djbantuverma+wapqiz+com/KANHA-MAI-TO-TERE-DARSHAN-KI-PYASI-BANAY-LE-MOY-CHARN-KI-DASI-HARD-MIX-DEHAITI-DHOLKI-MIX-DJBANTUVERMA-(djbantuverma.wapqiz.com).mp3.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Size102 kB (101511 bytes) Hash75069f6739adcc7f04e20647a4c07065 a80ed43ee2293940fd829daa734eb2d86f8fef56 99b1f7955e4d9bbd7e35b49a965ea626a6c428e5f62682225b104862d2a84e90
GET /gtag/js?id=G-49LW6323V3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wk.jdi5.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 09 May 2024 00:57:07 GMT
expires: Thu, 09 May 2024 00:57:07 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 101511
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| afarkas.github.io/lazysizes/lazysizes.min.js | 185.199.108.153 | 200 OK | 3.5 kB |
URL GET HTTP/2afarkas.github.io/lazysizes/lazysizes.min.js IP185.199.108.153:443
Requested byhttps://wk.jdi5.com/download/dl4/f8fd433c9a55396c748622f1b66a774c/65f3ea1973e6e2c9b19b6e86df30b13d/djbantuverma+wapqiz+com/KANHA-MAI-TO-TERE-DARSHAN-KI-PYASI-BANAY-LE-MOY-CHARN-KI-DASI-HARD-MIX-DEHAITI-DHOLKI-MIX-DJBANTUVERMA-(djbantuverma.wapqiz.com).mp3.html CertificateIssuerDigiCert Inc Subject*.github.io Fingerprint97:D8:C5:70:0F:12:24:6C:88:BC:FA:06:7E:8C:A7:4D:A8:62:67:28 ValidityFri, 15 Mar 2024 00:00:00 GMT - Fri, 14 Mar 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (7862) Hash45bacd312d5098b4b59f563d8756c15d fa55e2cff078381e5365d95782a95a787d0b7192 3d9120fa621da6d613c1698b7014ec6bdf4620366e8f2b7b547059f4b6f6272b
GET /lazysizes/lazysizes.min.js HTTP/1.1
Host: afarkas.github.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wk.jdi5.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
permissions-policy: interest-cohort=()
last-modified: Mon, 17 May 2021 09:28:46 GMT
access-control-allow-origin: *
etag: W/"60a2374e-1ed1"
expires: Tue, 07 May 2024 02:59:17 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: HIT
x-github-request-id: 0F4C:38D071:5E2E998:60B7E81:663997F0
accept-ranges: bytes
age: 0
date: Thu, 09 May 2024 00:57:07 GMT
via: 1.1 varnish
x-served-by: cache-hel1410024-HEL
x-cache: HIT
x-cache-hits: 0
x-timer: S1715216227.449218,VS0,VE130
vary: Accept-Encoding
x-fastly-request-id: a4ade92fd3855322ad49556b578f5f718faaf846
content-length: 3497
X-Firefox-Spdy: h2
|
|
| github.com/wapkiz/cdn/raw/master/js/page_templates_simple.js | 140.82.121.4 | 302 Found | 0 B |
URL GET HTTP/2github.com/wapkiz/cdn/raw/master/js/page_templates_simple.js IP140.82.121.4:443
Requested byhttps://wk.jdi5.com/download/dl4/f8fd433c9a55396c748622f1b66a774c/65f3ea1973e6e2c9b19b6e86df30b13d/djbantuverma+wapqiz+com/KANHA-MAI-TO-TERE-DARSHAN-KI-PYASI-BANAY-LE-MOY-CHARN-KI-DASI-HARD-MIX-DEHAITI-DHOLKI-MIX-DJBANTUVERMA-(djbantuverma.wapqiz.com).mp3.html CertificateIssuerSectigo Limited Subjectgithub.com FingerprintE7:03:5B:CC:1C:18:77:1F:79:2F:90:86:6B:6C:1D:F8:DF:AA:BD:C0 ValidityThu, 07 Mar 2024 00:00:00 GMT - Fri, 07 Mar 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wapkiz/cdn/raw/master/js/page_templates_simple.js HTTP/1.1
Host: github.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wk.jdi5.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: GitHub.com
date: Thu, 09 May 2024 00:57:07 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
access-control-allow-origin:
location: https://raw.githubusercontent.com/wapkiz/cdn/master/js/page_templates_simple.js
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com api.githubcopilot.com objects-origin.githubusercontent.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/
content-length: 0
x-github-request-id: ED00:288569:2C7B6CE:2D33697:663C1F63
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-BXJ1TNEJ97&l=dataLayer&cx=c | 216.58.211.8 | 200 OK | 90 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-BXJ1TNEJ97&l=dataLayer&cx=c IP216.58.211.8:443
Requested byhttps://wk.jdi5.com/download/dl4/f8fd433c9a55396c748622f1b66a774c/65f3ea1973e6e2c9b19b6e86df30b13d/djbantuverma+wapqiz+com/KANHA-MAI-TO-TERE-DARSHAN-KI-PYASI-BANAY-LE-MOY-CHARN-KI-DASI-HARD-MIX-DEHAITI-DHOLKI-MIX-DJBANTUVERMA-(djbantuverma.wapqiz.com).mp3.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Hash744c4095f01a06ac3ad2bb098bbb7ebd 7f61c489de3eaef9aee18a636c158108664944fc 7e991f0f4452cccf08fb6d3fb4e5e7fbfd86d0c7d0174dfa852d3ee34a47ba2f
GET /gtag/js?id=G-BXJ1TNEJ97&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wk.jdi5.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 09 May 2024 00:57:07 GMT
expires: Thu, 09 May 2024 00:57:07 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 89736
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| raw.githubusercontent.com/wapkiz/cdn/master/js/page_templates_simple.js | 185.199.108.133 | 200 OK | 409 B |
URL GET HTTP/2raw.githubusercontent.com/wapkiz/cdn/master/js/page_templates_simple.js IP185.199.108.133:443
Requested byhttps://wk.jdi5.com/download/dl4/f8fd433c9a55396c748622f1b66a774c/65f3ea1973e6e2c9b19b6e86df30b13d/djbantuverma+wapqiz+com/KANHA-MAI-TO-TERE-DARSHAN-KI-PYASI-BANAY-LE-MOY-CHARN-KI-DASI-HARD-MIX-DEHAITI-DHOLKI-MIX-DJBANTUVERMA-(djbantuverma.wapqiz.com).mp3.html CertificateIssuerDigiCert Inc Subject*.github.io Fingerprint97:D8:C5:70:0F:12:24:6C:88:BC:FA:06:7E:8C:A7:4D:A8:62:67:28 ValidityFri, 15 Mar 2024 00:00:00 GMT - Fri, 14 Mar 2025 23:59:59 GMT
Hashf53687164731cffce276463948dfcbef 0cf35a404a601d49466ae09bc2ba3d9ec1130500 5b3002cada011b91348a429587aa8197d10f3557b68a485195a2dcc1ffcacc6f
GET /wapkiz/cdn/master/js/page_templates_simple.js HTTP/1.1
Host: raw.githubusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wk.jdi5.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=300
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
content-type: text/plain; charset=utf-8
etag: W/"e10025dca4e9820776b525fc26581e0967381374797a37e2a4228695d3202429"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
x-github-request-id: FD80:2BE62F:52DE8B:56F1D0:663C1F63
content-encoding: gzip
accept-ranges: bytes
date: Thu, 09 May 2024 00:57:07 GMT
via: 1.1 varnish
x-served-by: cache-hel1410030-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715216228.728723,VS0,VE124
vary: Authorization,Accept-Encoding,Origin
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: bae6bda03c655493d221b80529ec7abf5ba6eb6b
expires: Thu, 09 May 2024 01:02:07 GMT
source-age: 0
content-length: 409
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-49LW6323V3&l=dataLayer&cx=c | 216.58.211.8 | 200 OK | 102 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-49LW6323V3&l=dataLayer&cx=c IP216.58.211.8:443
Requested byhttps://wk.jdi5.com/download/dl4/f8fd433c9a55396c748622f1b66a774c/65f3ea1973e6e2c9b19b6e86df30b13d/djbantuverma+wapqiz+com/KANHA-MAI-TO-TERE-DARSHAN-KI-PYASI-BANAY-LE-MOY-CHARN-KI-DASI-HARD-MIX-DEHAITI-DHOLKI-MIX-DJBANTUVERMA-(djbantuverma.wapqiz.com).mp3.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Size102 kB (101542 bytes) Hash50d2d4de7fec28f5e0cc934c5b25e4c8 d7c53c72ad8f1128a202c693920be77ce4c43fad 2b7671a36bb4832f5eb5bc4d04f8b8619866d0e31373575c0a2d3780e067d0a8
GET /gtag/js?id=G-49LW6323V3&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wk.jdi5.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 09 May 2024 00:57:07 GMT
expires: Thu, 09 May 2024 00:57:07 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 101542
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| github.com/wapkiz/cdn/raw/master/image/close2.png | 140.82.121.4 | 302 Found | 0 B |
URL GET HTTP/2github.com/wapkiz/cdn/raw/master/image/close2.png IP140.82.121.4:443
Requested byhttps://wk.jdi5.com/download/dl4/f8fd433c9a55396c748622f1b66a774c/65f3ea1973e6e2c9b19b6e86df30b13d/djbantuverma+wapqiz+com/KANHA-MAI-TO-TERE-DARSHAN-KI-PYASI-BANAY-LE-MOY-CHARN-KI-DASI-HARD-MIX-DEHAITI-DHOLKI-MIX-DJBANTUVERMA-(djbantuverma.wapqiz.com).mp3.html CertificateIssuerSectigo Limited Subjectgithub.com FingerprintE7:03:5B:CC:1C:18:77:1F:79:2F:90:86:6B:6C:1D:F8:DF:AA:BD:C0 ValidityThu, 07 Mar 2024 00:00:00 GMT - Fri, 07 Mar 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wapkiz/cdn/raw/master/image/close2.png HTTP/1.1
Host: github.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wk.jdi5.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: GitHub.com
date: Thu, 09 May 2024 00:57:07 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
access-control-allow-origin:
location: https://raw.githubusercontent.com/wapkiz/cdn/master/image/close2.png
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com api.githubcopilot.com objects-origin.githubusercontent.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/
content-length: 0
x-github-request-id: ED00:288569:2C7B7EF:2D337EE:663C1F63
X-Firefox-Spdy: h2
|
|
| raw.githubusercontent.com/wapkiz/cdn/master/image/close2.png | 185.199.108.133 | 200 OK | 564 B |
URL GET HTTP/2raw.githubusercontent.com/wapkiz/cdn/master/image/close2.png IP185.199.108.133:443
Requested byhttps://wk.jdi5.com/download/dl4/f8fd433c9a55396c748622f1b66a774c/65f3ea1973e6e2c9b19b6e86df30b13d/djbantuverma+wapqiz+com/KANHA-MAI-TO-TERE-DARSHAN-KI-PYASI-BANAY-LE-MOY-CHARN-KI-DASI-HARD-MIX-DEHAITI-DHOLKI-MIX-DJBANTUVERMA-(djbantuverma.wapqiz.com).mp3.html CertificateIssuerDigiCert Inc Subject*.github.io Fingerprint97:D8:C5:70:0F:12:24:6C:88:BC:FA:06:7E:8C:A7:4D:A8:62:67:28 ValidityFri, 15 Mar 2024 00:00:00 GMT - Fri, 14 Mar 2025 23:59:59 GMT
File typePNG image data, 32 x 32, 8-bit colormap, non-interlaced Hash865dce1b2a4002b9a85f75ea622f4000 f56c8218b5ca721a9e5a3daec742a6f38c33c075 bc5dcb35fc074321d66b9d7809e286e4afe72c7b08d1e799672126c92150ecd3
GET /wapkiz/cdn/master/image/close2.png HTTP/1.1
Host: raw.githubusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wk.jdi5.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=300
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
content-type: image/png
etag: W/"07ab105ccfd60fc2e0eccdd6f43cf3a305a8137d752da013e06d9eba2c8ddc27"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
x-github-request-id: DE7A:208DB8:4272E3:45DE01:663C1F63
accept-ranges: bytes
date: Thu, 09 May 2024 00:57:08 GMT
via: 1.1 varnish
x-served-by: cache-hel1410030-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715216228.095729,VS0,VE130
vary: Authorization,Accept-Encoding,Origin
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: e10d4e02eead1649acf08515406143f0eef0f8ec
expires: Thu, 09 May 2024 01:02:08 GMT
source-age: 0
content-length: 564
X-Firefox-Spdy: h2
|
|
| funnyfoto.me/submit.php | 199.59.243.225 | 200 OK | 1.1 kB |
IP199.59.243.225:443
Requested byhttps://wk.jdi5.com/download/dl4/f8fd433c9a55396c748622f1b66a774c/65f3ea1973e6e2c9b19b6e86df30b13d/djbantuverma+wapqiz+com/KANHA-MAI-TO-TERE-DARSHAN-KI-PYASI-BANAY-LE-MOY-CHARN-KI-DASI-HARD-MIX-DEHAITI-DHOLKI-MIX-DJBANTUVERMA-(djbantuverma.wapqiz.com).mp3.html CertificateIssuerLet's Encrypt Subjectfunnyfoto.me FingerprintC2:E9:D1:0D:0E:4B:F6:9C:B5:34:8C:E8:CE:24:84:06:73:C7:98:37 ValidityWed, 24 Apr 2024 17:32:43 GMT - Tue, 23 Jul 2024 17:32:42 GMT
File typeHTML document, ASCII text, with very long lines (366) Hashcafff0587f11f29ab568ca6c6b18a793 55c6be7cd800c70df9f50b95897a7cdd9527d7a7 24fdebbefe4dcbc7c6b5af5f94b9764397166bc4d125b5dfc988142b999e4170
GET /submit.php HTTP/1.1
Host: funnyfoto.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wk.jdi5.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 09 May 2024 00:57:07 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 1098
X-Request-Id: fdbd4e0a-b8b0-4d63-ae0c-50f683f21258
Cache-Control: no-store, max-age=0
Accept-Ch: sec-ch-prefers-color-scheme
Critical-Ch: sec-ch-prefers-color-scheme
Vary: sec-ch-prefers-color-scheme
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_eFbd3PE0RNkoeXfviYhXwN0DcR/q8OSoIaIw9egAXafbf48vbrJGXJz4I55rOK+XeBLr+e5iBXeLwfC6PsPWzw==
Set-Cookie: parking_session=fdbd4e0a-b8b0-4d63-ae0c-50f683f21258; expires=Thu, 09 May 2024 01:12:08 GMT; path=/
Connection: close
|
|
| funnyfoto.me/bXUtVWbCj.js | 199.59.243.225 | 200 OK | 34 kB |
URL GET HTTP/1.1funnyfoto.me/bXUtVWbCj.js IP199.59.243.225:443
Requested byhttps://funnyfoto.me/submit.php CertificateIssuerLet's Encrypt Subjectfunnyfoto.me FingerprintC2:E9:D1:0D:0E:4B:F6:9C:B5:34:8C:E8:CE:24:84:06:73:C7:98:37 ValidityWed, 24 Apr 2024 17:32:43 GMT - Tue, 23 Jul 2024 17:32:42 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (33788) Hashf48baec69cc4dc0852d118259eff2d56 e64c6e4423421da5b35700154810cb67160bc32b 463d99ca5448f815a05b2d946ddae9eed3e21c335c0f4cfe7a16944e3512f76c
GET /bXUtVWbCj.js HTTP/1.1
Host: funnyfoto.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://funnyfoto.me/submit.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 09 May 2024 00:57:08 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 33791
X-Request-Id: 9a8168f6-ef8c-4a3c-ac80-cc0a84d5e230
Set-Cookie: parking_session=9a8168f6-ef8c-4a3c-ac80-cc0a84d5e230; expires=Thu, 09 May 2024 01:12:08 GMT; path=/
Connection: close
|
|
| www.googletagmanager.com/gtag/js?id=UA-46789381-49 | 216.58.211.8 | 200 OK | 75 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=UA-46789381-49 IP216.58.211.8:443
Requested byhttps://1337x1.wb4.xyz/2019/05/allu-palak-k-pakore.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Hash1b0b449100fa79eb96ab813618f01404 b8fa037a4aba7e902ff13e48292a5218030b1489 c37fdbb527fd865749244bdc5b45e4d3d9c25d061b8f372633966ba08b12890c
GET /gtag/js?id=UA-46789381-49 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 09 May 2024 00:57:08 GMT
expires: Thu, 09 May 2024 00:57:08 GMT
cache-control: private, max-age=900
last-modified: Thu, 09 May 2024 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74586
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| 1337x1.wb4.xyz/2019/05/allu-palak-k-pakore.html | 172.67.135.38 | 200 OK | 76 kB |
URL POST HTTP/31337x1.wb4.xyz/2019/05/allu-palak-k-pakore.html IP172.67.135.38:443
Requested byhttps://wk.jdi5.com/download/dl4/f8fd433c9a55396c748622f1b66a774c/65f3ea1973e6e2c9b19b6e86df30b13d/djbantuverma+wapqiz+com/KANHA-MAI-TO-TERE-DARSHAN-KI-PYASI-BANAY-LE-MOY-CHARN-KI-DASI-HARD-MIX-DEHAITI-DHOLKI-MIX-DJBANTUVERMA-(djbantuverma.wapqiz.com).mp3.html CertificateIssuerGoogle Trust Services LLC Subjectwb4.xyz Fingerprint4B:B4:3F:D1:32:E2:5A:2E:D9:F8:D1:4D:75:85:86:FE:F0:3D:DB:C2 ValidityMon, 15 Apr 2024 02:16:20 GMT - Sun, 14 Jul 2024 02:16:19 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (371) Hash1fcf15bb75d4216c8fc608eb36ba8aca 59dd5a8f8035e97bee034c498ee1e42d553f6c0c f2a2b20fb58893b0138c36475e2aa077d40081b25b3ff067d76a688965bad514
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - Anti-debugging code |
POST /2019/05/allu-palak-k-pakore.html HTTP/1.1
Host: 1337x1.wb4.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 28
Origin: https://1337x1.wb4.xyz
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 00:57:08 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
set-cookie: sam=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=1337x1.wb4.xyz
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=47ku7ZGkztgGKeyqD31awoHo%2Bs50Ha%2FwUR%2F5DHEsRDZpB8B7uU8qG%2BlLH2FX527WknOM%2F8xASAlo%2Baw8oCaK1YH2NGg9Sjmen%2F%2FOBGra40XMcRzoLV%2B4UsjSXWsIJtQNrw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880dbbd52a05b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 1337x1.wb4.xyz/ | 172.67.135.38 | 200 OK | 6.2 kB |
IP172.67.135.38:443
Requested byhttps://wk.jdi5.com/download/dl4/f8fd433c9a55396c748622f1b66a774c/65f3ea1973e6e2c9b19b6e86df30b13d/djbantuverma+wapqiz+com/KANHA-MAI-TO-TERE-DARSHAN-KI-PYASI-BANAY-LE-MOY-CHARN-KI-DASI-HARD-MIX-DEHAITI-DHOLKI-MIX-DJBANTUVERMA-(djbantuverma.wapqiz.com).mp3.html CertificateIssuerGoogle Trust Services LLC Subjectwb4.xyz Fingerprint4B:B4:3F:D1:32:E2:5A:2E:D9:F8:D1:4D:75:85:86:FE:F0:3D:DB:C2 ValidityMon, 15 Apr 2024 02:16:20 GMT - Sun, 14 Jul 2024 02:16:19 GMT
File typeHTML document, ASCII text Hash9aea66139aaaca486d78a82ba8583182 fb12cf508a1750b68c0a97aa220c0effafbebba8 1f1b1409701b5bf02c80b92ab14741cb165319265b74d74477ef79f0e7991a65
POST / HTTP/1.1
Host: 1337x1.wb4.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 24
Origin: https://1337x1.wb4.xyz
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/submit.php
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 00:57:08 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
set-cookie: sam=sam; expires=Sat, 08-Jun-2024 00:57:08 GMT; Max-Age=2592000; path=/; domain=1337x1.wb4.xyz
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XpQWNkn2Glws7R7Ft9R1QnBY3Ed1druFWskh793nPYtAV0sEa5LwFfaLecVsZOJlsG7Hl62WFAGVk2ItzFuvTMWMLc8NHjcm4zBvbco2knu81P%2FWFc3FYsWhwDK%2FE1F8wA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880dbbd499cab515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.googletagmanager.com/gtag/js?id=G-32THDDHNK8&l=dataLayer&cx=c | 216.58.211.8 | 200 OK | 90 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-32THDDHNK8&l=dataLayer&cx=c IP216.58.211.8:443
Requested byhttps://1337x1.wb4.xyz/2019/02/my-kitchen-garden-products.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Hash24938b512ec1064452b436fee5b1fef5 eba8518ffc4305feeaae8065131bc5b43d008992 4dcbe87ff111c9fb04f291f2e446ce0260dd9ae33b4f1160153dc5715761634b
GET /gtag/js?id=G-32THDDHNK8&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 09 May 2024 00:57:08 GMT
expires: Thu, 09 May 2024 00:57:08 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 89722
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.googletagmanager.com/gtag/js?id=G-32THDDHNK8&l=dataLayer&cx=c | 216.58.211.8 | 200 OK | 90 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-32THDDHNK8&l=dataLayer&cx=c IP216.58.211.8:443
Requested byhttps://1337x1.wb4.xyz/2019/02/my-kitchen-garden-products.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Hash05b27c3413ffd80a4cf3a0237d06922a e94cc7cf0fc112b55eb910fed06a6a856b78fc76 4985b34089ea4ce2b23977e72a4255b853b4bf880b330d535ab57ced7d72a22b
GET /gtag/js?id=G-32THDDHNK8&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 09 May 2024 00:57:08 GMT
expires: Thu, 09 May 2024 00:57:08 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 89818
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.google.com/adsense/domains/caf.js?abp=1&bodis=true | 142.250.74.132 | 200 OK | 74 kB |
URL GET HTTP/2www.google.com/adsense/domains/caf.js?abp=1&bodis=true IP142.250.74.132:443
Requested byhttps://funnyfoto.me/submit.php CertificateIssuerGoogle Trust Services LLC Subjectwww.google.com FingerprintC6:A2:DC:31:5A:53:FA:DD:55:71:A3:F4:DD:43:3D:16:71:B8:B3:99 ValidityTue, 16 Apr 2024 04:20:32 GMT - Tue, 09 Jul 2024 04:20:31 GMT
File typegzip compressed data, max compression Hash631f3fd9980857e51762c2f745078f94 c74569d9ec6e934b91880390a6c70ba3ce75ed47 393cadafe47cb1f8be07c876f9967b3cdde0361130cc7d042bfe7f123b13f0af
GET /adsense/domains/caf.js?abp=1&bodis=true HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://funnyfoto.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Thu, 09 May 2024 00:57:09 GMT
expires: Thu, 09 May 2024 00:57:09 GMT
cache-control: private, max-age=3600
etag: "7664028437327203187"
x-content-type-options: nosniff
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol300%2Cpid-bodis-gcontrol403%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol202&client=dp-bodis31_3ph&r=m&sc_status=0&hl=en&ivt=0&rpbu=https%3A%2F%2Ffunnyfoto.me%2F%3Fcaf%3D1%26bpt%3D345&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2167086777806799&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301431%2C17301433%2C17301436&client_gdprApplies=1&format=r3&nocache=3171715216229144&num=0&output=afd_ads&domain_name=funnyfoto.me&v=3&bsl=8&pac=0&u_his=6&u_tz=0&dt=1715216229145&u_w=1280&u_h=1024&biw=-12245933&bih=-12245933&isw=300&ish=270&psw=300&psh=243&frm=2&uio=-&cont=rs&drt=0&jsid=caf&jsv=629216002&rurl=https%3A%2F%2Ffunnyfoto.me%2Fsubmit.php&referer=https%3A%2F%2Fwk.jdi5.com%2F | 216.58.211.14 | 200 OK | 2.6 kB |
URL GET HTTP/2www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol300%2Cpid-bodis-gcontrol403%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol202&client=dp-bodis31_3ph&r=m&sc_status=0&hl=en&ivt=0&rpbu=https%3A%2F%2Ffunnyfoto.me%2F%3Fcaf%3D1%26bpt%3D345&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2167086777806799&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301431%2C17301433%2C17301436&client_gdprApplies=1&format=r3&nocache=3171715216229144&num=0&output=afd_ads&domain_name=funnyfoto.me&v=3&bsl=8&pac=0&u_his=6&u_tz=0&dt=1715216229145&u_w=1280&u_h=1024&biw=-12245933&bih=-12245933&isw=300&ish=270&psw=300&psh=243&frm=2&uio=-&cont=rs&drt=0&jsid=caf&jsv=629216002&rurl=https%3A%2F%2Ffunnyfoto.me%2Fsubmit.php&referer=https%3A%2F%2Fwk.jdi5.com%2F IP216.58.211.14:443
Requested byhttps://funnyfoto.me/submit.php CertificateIssuerGoogle Trust Services LLC Subjectmisc-sni.google.com Fingerprint15:D1:F9:FD:F4:47:59:FF:66:C1:EB:18:18:71:8F:7D:9A:38:20:14 ValidityTue, 16 Apr 2024 03:24:35 GMT - Tue, 09 Jul 2024 03:24:34 GMT
File typeHTML document, ASCII text, with very long lines (13077) Hash3cafb91c0461be869ad656b9b9b2d0c4 7d5001fe349d69802298cb7a55b439adf3fdf65c ce581f20436adc487ec04c9bcedd048e81ce4f44ea89da5d7c9c4aac030a674b
GET /afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol300%2Cpid-bodis-gcontrol403%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol202&client=dp-bodis31_3ph&r=m&sc_status=0&hl=en&ivt=0&rpbu=https%3A%2F%2Ffunnyfoto.me%2F%3Fcaf%3D1%26bpt%3D345&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2167086777806799&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301431%2C17301433%2C17301436&client_gdprApplies=1&format=r3&nocache=3171715216229144&num=0&output=afd_ads&domain_name=funnyfoto.me&v=3&bsl=8&pac=0&u_his=6&u_tz=0&dt=1715216229145&u_w=1280&u_h=1024&biw=-12245933&bih=-12245933&isw=300&ish=270&psw=300&psh=243&frm=2&uio=-&cont=rs&drt=0&jsid=caf&jsv=629216002&rurl=https%3A%2F%2Ffunnyfoto.me%2Fsubmit.php&referer=https%3A%2F%2Fwk.jdi5.com%2F HTTP/1.1
Host: www.adsensecustomsearchads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://funnyfoto.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-disposition: inline
date: Thu, 09 May 2024 00:57:09 GMT
expires: Thu, 09 May 2024 00:57:09 GMT
cache-control: private, max-age=3600
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-HdLlmmtgzwW5q8-GQ9ecrg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-encoding: br
server: gws
content-length: 2573
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| tinyfast.xyz/red2.php?id=30 | 172.67.203.105 | 302 Found | 7.4 kB |
URL GET HTTP/2tinyfast.xyz/red2.php?id=30 IP172.67.203.105:443
Requested byhttps://wk.jdi5.com/download/dl4/f8fd433c9a55396c748622f1b66a774c/65f3ea1973e6e2c9b19b6e86df30b13d/djbantuverma+wapqiz+com/KANHA-MAI-TO-TERE-DARSHAN-KI-PYASI-BANAY-LE-MOY-CHARN-KI-DASI-HARD-MIX-DEHAITI-DHOLKI-MIX-DJBANTUVERMA-(djbantuverma.wapqiz.com).mp3.html CertificateIssuerLet's Encrypt Subjecttinyfast.xyz Fingerprint37:56:44:A9:31:BA:4A:7D:0A:CF:C4:1F:EB:63:7E:C9:3C:03:4D:17 ValidityTue, 07 May 2024 13:16:19 GMT - Mon, 05 Aug 2024 13:16:18 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 Hashbfe2dd88e0348587b9786b8d3c0bfa5b 4bfff31c266da2d7acda88e62f4fcf6c2826385d 4e0d3836952f17dc71bdeeccfe234c09a15bb6eeae55d50180ceb49d45e463c2
GET /red2.php?id=30 HTTP/1.1
Host: tinyfast.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wk.jdi5.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Thu, 09 May 2024 00:57:08 GMT
content-type: text/html; charset=UTF-8
location: https://1337x1.wb4.xyz/submit.php
x-powered-by: PHP/7.4.33
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9H8ZIoybCtIGQyHmkghG0NWFrWE3fy5baQY7aXJHDa9kqArS%2BvBcCwnbbYAcGgCOetElzvM%2Bp0b5pUV8kPW6Jcm0fUu1z%2BEw6WdLpyS5H1nH5i888RFDtHFpiSQrmnE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880dbbd169167131-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 1337x1.wb4.xyz/submit.php | 172.67.135.38 | 200 OK | 9.7 kB |
URL GET HTTP/21337x1.wb4.xyz/submit.php IP172.67.135.38:443
Requested byhttps://wk.jdi5.com/download/dl4/f8fd433c9a55396c748622f1b66a774c/65f3ea1973e6e2c9b19b6e86df30b13d/djbantuverma+wapqiz+com/KANHA-MAI-TO-TERE-DARSHAN-KI-PYASI-BANAY-LE-MOY-CHARN-KI-DASI-HARD-MIX-DEHAITI-DHOLKI-MIX-DJBANTUVERMA-(djbantuverma.wapqiz.com).mp3.html CertificateIssuerGoogle Trust Services LLC Subjectwb4.xyz Fingerprint4B:B4:3F:D1:32:E2:5A:2E:D9:F8:D1:4D:75:85:86:FE:F0:3D:DB:C2 ValidityMon, 15 Apr 2024 02:16:20 GMT - Sun, 14 Jul 2024 02:16:19 GMT
File typeHTML document, ASCII text Hash7def7808ecb19dfe4a69747f7efd4d83 7157a9989515621d241ad3b194f8d5c8cc0fd7e0 99262cf14b9cc66dc28995a10253b7025649240b73a10bbc57f8d0cfd471bf56
GET /submit.php HTTP/1.1
Host: 1337x1.wb4.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wk.jdi5.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 09 May 2024 00:57:08 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ML%2FPijsF6AG8VaJ3IJBF%2BNRfEYoLc2XiX9CfhVhcc9jQLeLaCJWypKLDqFFBBIBXV%2Fw%2Biklmfft3285HczJF0chZ3CACoC065ZVo%2BN2jWY9iWmJc6quBcbEJeRFpjtU4Xw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880dbbd27c18b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 1337x1.wb4.xyz/submit.php | 172.67.135.38 | 200 OK | 11 kB |
URL GET HTTP/21337x1.wb4.xyz/submit.php IP172.67.135.38:443
Requested byhttps://wk.jdi5.com/download/dl4/f8fd433c9a55396c748622f1b66a774c/65f3ea1973e6e2c9b19b6e86df30b13d/djbantuverma+wapqiz+com/KANHA-MAI-TO-TERE-DARSHAN-KI-PYASI-BANAY-LE-MOY-CHARN-KI-DASI-HARD-MIX-DEHAITI-DHOLKI-MIX-DJBANTUVERMA-(djbantuverma.wapqiz.com).mp3.html CertificateIssuerGoogle Trust Services LLC Subjectwb4.xyz Fingerprint4B:B4:3F:D1:32:E2:5A:2E:D9:F8:D1:4D:75:85:86:FE:F0:3D:DB:C2 ValidityMon, 15 Apr 2024 02:16:20 GMT - Sun, 14 Jul 2024 02:16:19 GMT
File typeHTML document, ASCII text Hash7def7808ecb19dfe4a69747f7efd4d83 7157a9989515621d241ad3b194f8d5c8cc0fd7e0 99262cf14b9cc66dc28995a10253b7025649240b73a10bbc57f8d0cfd471bf56
GET /submit.php HTTP/1.1
Host: 1337x1.wb4.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wk.jdi5.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 09 May 2024 00:57:08 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NBhhrAU%2FRvBymS93uTjrTNZAG0Msgl6%2BtKO9Ix8yv0AxaJxmQa5Y%2FF71610XQIyNKCnHjcIR1VKE2RoDH9hNUWzTxrj5y9HLGcYvOsbIDwDj2woJPaTanY2YR1HsT33B1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880dbbd27c15b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| funnyfoto.me/_tr | 199.59.243.225 | 200 OK | 22 B |
IP199.59.243.225:443
Requested byhttps://funnyfoto.me/submit.php CertificateIssuerLet's Encrypt Subjectfunnyfoto.me FingerprintC2:E9:D1:0D:0E:4B:F6:9C:B5:34:8C:E8:CE:24:84:06:73:C7:98:37 ValidityWed, 24 Apr 2024 17:32:43 GMT - Tue, 23 Jul 2024 17:32:42 GMT
File typeASCII text, with no line terminators Hash444bcb3a3fcf8389296c49467f27e1d6 7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /_tr HTTP/1.1
Host: funnyfoto.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://funnyfoto.me/submit.php
Content-Type: application/json
Content-Length: 1933
Origin: https://funnyfoto.me
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Thu, 09 May 2024 00:57:09 GMT
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Content-Length: 22
X-Version: 2.118.0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: parking_session=d45917cf-4df0-4469-a8e8-b450dc0eb0f5; expires=Thu, 09 May 2024 01:12:09 GMT; Max-Age=900; path=/; httponly
Connection: close
|
|
| porkbun-bodis.com/images/porkbun.comphpPkl2eU.svg | 44.227.65.245 | 200 OK | 1.6 kB |
URL GET HTTP/2porkbun-bodis.com/images/porkbun.comphpPkl2eU.svg IP44.227.65.245:443
Requested byhttps://porkbun-bodis.com/?domain=funnyfoto.me CertificateIssuerLet's Encrypt Subjectporkbun-bodis.com Fingerprint68:BD:4E:9B:84:72:D8:73:6D:9F:62:44:20:8C:2B:9A:5A:57:94:DA ValiditySun, 21 Apr 2024 20:46:09 GMT - Sat, 20 Jul 2024 20:46:08 GMT
File typeSVG Scalable Vector Graphics image Hashd8421daa6806760a45eb430582ca0b8f 6a19b5a276382d53dc9f261a7bce433f22ea2116 ad63de50178ec4a13d669e3a3ef5998e7ed8ab01569c2f392f97ecc96f5ff0af
GET /images/porkbun.comphpPkl2eU.svg HTTP/1.1
Host: porkbun-bodis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://porkbun-bodis.com/?domain=funnyfoto.me
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 09 May 2024 00:57:09 GMT
content-type: image/svg+xml
content-length: 1550
set-cookie: AWSALB=DBkUNnLj1x6pQPPrDIKeH8AgOS+j6FsebedIC8NjuxvA8iY6VdqYE7Lkhf0lvUuxiM3hmfMEcfJ7FYg6a5Ks6PFP+VlEUf1XRo8UwLjO6POab3vUELeaLVenW4hq; Expires=Thu, 16 May 2024 00:57:09 GMT; Path=/
AWSALBCORS=DBkUNnLj1x6pQPPrDIKeH8AgOS+j6FsebedIC8NjuxvA8iY6VdqYE7Lkhf0lvUuxiM3hmfMEcfJ7FYg6a5Ks6PFP+VlEUf1XRo8UwLjO6POab3vUELeaLVenW4hq; Expires=Thu, 16 May 2024 00:57:09 GMT; Path=/; SameSite=None
last-modified: Wed, 06 Feb 2019 18:00:21 GMT
etag: "5c5b20b5-60e"
accept-ranges: bytes
x-cache: BYPASS
x-service: pixie-default
X-Firefox-Spdy: h2
|
|
| 1337x1.wb4.xyz/2019/02/my-kitchen-garden-products.html | 172.67.135.38 | 200 OK | 2.3 kB |
URL POST HTTP/31337x1.wb4.xyz/2019/02/my-kitchen-garden-products.html IP172.67.135.38:443
Requested byhttps://wk.jdi5.com/download/dl4/f8fd433c9a55396c748622f1b66a774c/65f3ea1973e6e2c9b19b6e86df30b13d/djbantuverma+wapqiz+com/KANHA-MAI-TO-TERE-DARSHAN-KI-PYASI-BANAY-LE-MOY-CHARN-KI-DASI-HARD-MIX-DEHAITI-DHOLKI-MIX-DJBANTUVERMA-(djbantuverma.wapqiz.com).mp3.html CertificateIssuerGoogle Trust Services LLC Subjectwb4.xyz Fingerprint4B:B4:3F:D1:32:E2:5A:2E:D9:F8:D1:4D:75:85:86:FE:F0:3D:DB:C2 ValidityMon, 15 Apr 2024 02:16:20 GMT - Sun, 14 Jul 2024 02:16:19 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (371) Hashfb6159fe6911a910afae96174de20d98 d9f2151ed6e4a2439d07b3a8d652542b34d4405c f2b985075970d03e51a059c7d2dfce3e06cc913b4a5f003c4d58a188f533502d
POST /2019/02/my-kitchen-garden-products.html HTTP/1.1
Host: 1337x1.wb4.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 28
Origin: https://1337x1.wb4.xyz
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 00:57:08 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
set-cookie: sam=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=1337x1.wb4.xyz
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0%2FGepV963e160QtYIhbI%2FIuiTrZ5LKecweiYpyAe3ufcR19ImC19ElgLuBnTRM2oM587ztrGkQQy%2BYHGNC1GntyYmdR%2FzTx9RLUt%2FpPqs3dYbgUuklLWRFqreLu3u7ga1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880dbbd509fcb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| jswww.net/w.js?isr=1&wtoken=98963dc7-1c2d-49d5-bc4b-859b47dfca0e&u=434630&t=2037&sid=1337x1.wb4.xyz&r=0.6609564519932007 | 109.206.168.17 | 200 OK | 606 B |
URL GET HTTP/1.1jswww.net/w.js?isr=1&wtoken=98963dc7-1c2d-49d5-bc4b-859b47dfca0e&u=434630&t=2037&sid=1337x1.wb4.xyz&r=0.6609564519932007 IP109.206.168.17:443
Requested byhttps://1337x1.wb4.xyz/2019/05/allu-palak-k-pakore.html CertificateIssuerLet's Encrypt Subjectjswww.net Fingerprint42:54:41:F6:2F:23:F0:E2:D5:43:1D:8F:24:61:C0:F7:46:C9:40:00 ValiditySat, 06 Apr 2024 21:36:13 GMT - Fri, 05 Jul 2024 21:36:12 GMT
File typeASCII text, with very long lines (606), with no line terminators Hash9beff88ba4725e2d8fca3f3fe6a8b2d8 6ccea6ceb106c9908ed701de8f68fbd951502552 19d67891ff6f814a9850c0407b60c3236378063c4cb79182f6394d35e6a70a2c
GET /w.js?isr=1&wtoken=98963dc7-1c2d-49d5-bc4b-859b47dfca0e&u=434630&t=2037&sid=1337x1.wb4.xyz&r=0.6609564519932007 HTTP/1.1
Host: jswww.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: binder-v5.11.8.1
date: Thu, 09 May 2024 00:57:09 GMT
content-type: text/javascript
content-length: 606
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: *
access-control-expose-headers: *
x-response-code: 20204
|
|
| jswww.net/w.js?isr=1&wtoken=98963dc7-1c2d-49d5-bc4b-859b47dfca0e&u=921296&t=2037&sid=1337x1.wb4.xyz&r=0.5745453449274843 | 109.206.168.17 | 200 OK | 606 B |
URL GET HTTP/1.1jswww.net/w.js?isr=1&wtoken=98963dc7-1c2d-49d5-bc4b-859b47dfca0e&u=921296&t=2037&sid=1337x1.wb4.xyz&r=0.5745453449274843 IP109.206.168.17:443
Requested byhttps://1337x1.wb4.xyz/2019/02/my-kitchen-garden-products.html CertificateIssuerLet's Encrypt Subjectjswww.net Fingerprint42:54:41:F6:2F:23:F0:E2:D5:43:1D:8F:24:61:C0:F7:46:C9:40:00 ValiditySat, 06 Apr 2024 21:36:13 GMT - Fri, 05 Jul 2024 21:36:12 GMT
File typeASCII text, with very long lines (606), with no line terminators Hash222ca4872dbb73dde99b7574e09948a8 b403725255e21dada1705d6e67648b86dad97a81 699d002fd5006668240890855a6afd4b3470869e2bd65e7d72b6ed739e36c4a9
GET /w.js?isr=1&wtoken=98963dc7-1c2d-49d5-bc4b-859b47dfca0e&u=921296&t=2037&sid=1337x1.wb4.xyz&r=0.5745453449274843 HTTP/1.1
Host: jswww.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: binder-v5.11.8.1
date: Thu, 09 May 2024 00:57:09 GMT
content-type: text/javascript
content-length: 606
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: *
access-control-expose-headers: *
x-response-code: 20204
|
|
| porkbun-media.s3-us-west-2.amazonaws.com/tld-buns/_me.svg | 52.92.227.34 | 200 OK | 4.7 kB |
URL GET HTTP/1.1porkbun-media.s3-us-west-2.amazonaws.com/tld-buns/_me.svg IP52.92.227.34:443
Requested byhttps://porkbun-bodis.com/?domain=funnyfoto.me CertificateIssuerAmazon Subject*.s3-us-west-2.amazonaws.com Fingerprint6B:A0:F8:B2:43:23:23:C2:19:40:1C:DB:A4:9D:29:72:85:4C:58:C9 ValidityFri, 15 Mar 2024 00:00:00 GMT - Sat, 15 Feb 2025 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash5241b233499ce6dfe276af2eb70e51b5 7c11cfca88ba206d7d82a82f724c90ee70d6b259 0d931d86fae47f28b51e9bb6e5aa6292a7d8f0f68b9cf5e03c33226bf79aee6a
GET /tld-buns/_me.svg HTTP/1.1
Host: porkbun-media.s3-us-west-2.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://porkbun-bodis.com/
Sec-Fetch-Dest: object
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: IHA189sp5fRnxfvJnitBsLfQWsvOqsjTJMPuMB4o9aSiM+v6fxQ33L7OLZtesJWy1Fnl0xjhT0E=
x-amz-request-id: 5H3D0CHVW2BT04B4
Date: Thu, 09 May 2024 00:57:11 GMT
Last-Modified: Thu, 29 Dec 2022 22:45:13 GMT
ETag: "5241b233499ce6dfe276af2eb70e51b5"
x-amz-server-side-encryption: AES256
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 4652
|
|
| www.adsensecustomsearchads.com/afs/gen_204?client=dp-bodis31_3ph&output=uds_ads_only&zx=x66g6rgdxq96&aqid=ZR88ZpmiEtigiM0P76CwiA0&psid=3113057640&pbt=bs&adbx=0&adby=243&adbh=481&adbw=300&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis31_3ph&errv=629216002&csala=5%7C0%7C471%7C91%7C24&lle=0&ifv=0&hpt=0 | 216.58.211.14 | 204 No Content | 0 B |
URL GET HTTP/3www.adsensecustomsearchads.com/afs/gen_204?client=dp-bodis31_3ph&output=uds_ads_only&zx=x66g6rgdxq96&aqid=ZR88ZpmiEtigiM0P76CwiA0&psid=3113057640&pbt=bs&adbx=0&adby=243&adbh=481&adbw=300&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis31_3ph&errv=629216002&csala=5%7C0%7C471%7C91%7C24&lle=0&ifv=0&hpt=0 IP216.58.211.14:443
Requested byhttps://funnyfoto.me/submit.php CertificateIssuerGoogle Trust Services LLC Subjectmisc-sni.google.com Fingerprint15:D1:F9:FD:F4:47:59:FF:66:C1:EB:18:18:71:8F:7D:9A:38:20:14 ValidityTue, 16 Apr 2024 03:24:35 GMT - Tue, 09 Jul 2024 03:24:34 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /afs/gen_204?client=dp-bodis31_3ph&output=uds_ads_only&zx=x66g6rgdxq96&aqid=ZR88ZpmiEtigiM0P76CwiA0&psid=3113057640&pbt=bs&adbx=0&adby=243&adbh=481&adbw=300&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis31_3ph&errv=629216002&csala=5%7C0%7C471%7C91%7C24&lle=0&ifv=0&hpt=0 HTTP/1.1
Host: www.adsensecustomsearchads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://funnyfoto.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-RILQhEzINe_aOn7frtzDNg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
date: Thu, 09 May 2024 00:57:11 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| funnyfoto.me/_fd | 199.59.243.225 | 200 OK | 5.7 kB |
IP199.59.243.225:443
Requested byhttps://funnyfoto.me/submit.php CertificateIssuerLet's Encrypt Subjectfunnyfoto.me FingerprintC2:E9:D1:0D:0E:4B:F6:9C:B5:34:8C:E8:CE:24:84:06:73:C7:98:37 ValidityWed, 24 Apr 2024 17:32:43 GMT - Tue, 23 Jul 2024 17:32:42 GMT
File typeASCII text, with very long lines (5741), with no line terminators Hashf35e4d2f12065d94c8bd79c1241c06ed 12092848dce25efd29b5e436dc66662a1bac3e85 e7ca0c9ee988ed680628743fea1fa7ee7a9d1c083c39f0f7f9fd8de8e4ea3561
POST /_fd HTTP/1.1
Host: funnyfoto.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://funnyfoto.me/submit.php
Content-Type: application/json
Origin: https://funnyfoto.me
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
HTTP/1.1 200 OK
Date: Thu, 09 May 2024 00:57:08 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 5741
X-Request-Id: 9ed0d3b6-665b-461e-a34a-dc63f5f82afb
Set-Cookie: parking_session=9ed0d3b6-665b-461e-a34a-dc63f5f82afb; expires=Thu, 09 May 2024 01:12:08 GMT; path=/
Connection: close
|
|
| wk.jdi5.com/style.css | 172.67.165.78 | 200 OK | 4.6 kB |
IP172.67.165.78:443
Requested byhttps://wk.jdi5.com/download/dl4/f8fd433c9a55396c748622f1b66a774c/65f3ea1973e6e2c9b19b6e86df30b13d/djbantuverma+wapqiz+com/KANHA-MAI-TO-TERE-DARSHAN-KI-PYASI-BANAY-LE-MOY-CHARN-KI-DASI-HARD-MIX-DEHAITI-DHOLKI-MIX-DJBANTUVERMA-(djbantuverma.wapqiz.com).mp3.html CertificateIssuerGoogle Trust Services LLC Subjectjdi5.com Fingerprint0A:37:16:13:78:6E:DA:39:59:5C:BF:40:B2:52:20:5D:E0:13:DB:60 ValidityWed, 13 Mar 2024 22:43:31 GMT - Tue, 11 Jun 2024 22:43:30 GMT
File typeASCII text, with very long lines (4592), with no line terminators Hashc4b94c72fbf6af7a5b03c888916d0e87 b74ec2fc2807c1bb8cdc13603eab50350bf97fd2 a624a4fdd1e260b9c175cbf7c937796b9c54ea563a655bc5894bc7fc2c59bc4b
GET /style.css HTTP/1.1
Host: wk.jdi5.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wk.jdi5.com/download/dl4/f8fd433c9a55396c748622f1b66a774c/65f3ea1973e6e2c9b19b6e86df30b13d/djbantuverma+wapqiz+com/KANHA-MAI-TO-TERE-DARSHAN-KI-PYASI-BANAY-LE-MOY-CHARN-KI-DASI-HARD-MIX-DEHAITI-DHOLKI-MIX-DJBANTUVERMA-(djbantuverma.wapqiz.com).mp3.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 00:57:07 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=7081
etag: W/"1ba9-5b45fbd9366c0"
last-modified: Wed, 18 Nov 2020 11:16:19 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q%2B8sNgwOwT8KQFJ5pjudPBeixhAe1nH4GsXBH63axrYXhE5qtWLTIMV4l4edN49T1P3LpWJSJWUKzXPC%2F6OPs7GV8GHfc6f08ZJkjyFedP798mriEmQs6imoqyOPYA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880dbbccc839b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 1337x1.wb4.xyz/script.js?t=2024490 | 172.67.135.38 | 200 OK | 92 kB |
URL GET HTTP/31337x1.wb4.xyz/script.js?t=2024490 IP172.67.135.38:443
Requested byhttps://1337x1.wb4.xyz/2019/05/allu-palak-k-pakore.html CertificateIssuerGoogle Trust Services LLC Subjectwb4.xyz Fingerprint4B:B4:3F:D1:32:E2:5A:2E:D9:F8:D1:4D:75:85:86:FE:F0:3D:DB:C2 ValidityMon, 15 Apr 2024 02:16:20 GMT - Sun, 14 Jul 2024 02:16:19 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /script.js?t=2024490 HTTP/1.1
Host: 1337x1.wb4.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/2019/05/allu-palak-k-pakore.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 00:57:08 GMT
content-type: application/javascript
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
last-modified: Thu, 09 May 2024 00:57:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vhai7Xql24jpIXWSGrNskaaOF1rPYdErBRAESX2mH6raL%2FQx7EP1Q7RCCTHw29l1yPqJZK29cHVOHWAaNiNl5VjZTAl2rjFwOrPA9MLr1iv1y4%2FjIfn2MxTEV8UupDYz3g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880dbbd5aa3bb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| porkbun-bodis.com/?domain=funnyfoto.me | 44.227.65.245 | 200 OK | 1.2 kB |
URL GET HTTP/2porkbun-bodis.com/?domain=funnyfoto.me IP44.227.65.245:443
Requested byhttps://funnyfoto.me/submit.php CertificateIssuerLet's Encrypt Subjectporkbun-bodis.com Fingerprint68:BD:4E:9B:84:72:D8:73:6D:9F:62:44:20:8C:2B:9A:5A:57:94:DA ValiditySun, 21 Apr 2024 20:46:09 GMT - Sat, 20 Jul 2024 20:46:08 GMT
File typeHTML document, ASCII text, with very long lines (1251), with no line terminators Hash9eb54ac1d066b33b1d1e8af83bdfc751 f19c3b5ac0975794700a05c601f433597e4c7e1b 6b7ce0597591e25621ca245bf9ad23225413c2db5e4008686876a8cf1cb91629
GET /?domain=funnyfoto.me HTTP/1.1
Host: porkbun-bodis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://funnyfoto.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: openresty
date: Thu, 09 May 2024 00:57:09 GMT
content-type: text/html; charset=UTF-8
set-cookie: AWSALB=S97bQP/5vVdvhf0MQb3jKsNzP0ds7Dd9dTfgPMHvAFI2j3m3PwkzHggG0MFr1EMTREKSY88hQw32y8z3oFhni8syQ8BcRmzE0tpxYQtp+YT6nkvgvR8L4spm4Uxf; Expires=Thu, 16 May 2024 00:57:09 GMT; Path=/
AWSALBCORS=S97bQP/5vVdvhf0MQb3jKsNzP0ds7Dd9dTfgPMHvAFI2j3m3PwkzHggG0MFr1EMTREKSY88hQw32y8z3oFhni8syQ8BcRmzE0tpxYQtp+YT6nkvgvR8L4spm4Uxf; Expires=Thu, 16 May 2024 00:57:09 GMT; Path=/; SameSite=None
x-powered-by: PHP/8.0.25
content-encoding: gzip
x-cache: BYPASS
x-service: pixie-default
X-Firefox-Spdy: h2
|
|
| taleszone.com/submit.php | 0.0.0.0 | | 0 B |
IP0.0.0.0:0
Requested byhttps://wk.jdi5.com/download/dl4/f8fd433c9a55396c748622f1b66a774c/65f3ea1973e6e2c9b19b6e86df30b13d/djbantuverma+wapqiz+com/KANHA-MAI-TO-TERE-DARSHAN-KI-PYASI-BANAY-LE-MOY-CHARN-KI-DASI-HARD-MIX-DEHAITI-DHOLKI-MIX-DJBANTUVERMA-(djbantuverma.wapqiz.com).mp3.html
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /submit.php HTTP/1.1
Host: taleszone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wk.jdi5.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| wk.jdi5.com/favicon.ico | 172.67.165.78 | 404 Not Found | 238 B |
IP172.67.165.78:443
Requested byhttps://wk.jdi5.com/download/dl4/f8fd433c9a55396c748622f1b66a774c/65f3ea1973e6e2c9b19b6e86df30b13d/djbantuverma+wapqiz+com/KANHA-MAI-TO-TERE-DARSHAN-KI-PYASI-BANAY-LE-MOY-CHARN-KI-DASI-HARD-MIX-DEHAITI-DHOLKI-MIX-DJBANTUVERMA-(djbantuverma.wapqiz.com).mp3.html CertificateIssuerGoogle Trust Services LLC Subjectjdi5.com Fingerprint0A:37:16:13:78:6E:DA:39:59:5C:BF:40:B2:52:20:5D:E0:13:DB:60 ValidityWed, 13 Mar 2024 22:43:31 GMT - Tue, 11 Jun 2024 22:43:30 GMT
File typeHTML document, ASCII text, with no line terminators Hash327e140a6015094f4bc2cc2822706b87 8db50b70e15667506a5694b17c159b4697bb1d6f 42a0b56fe7f0b8315e25a6f84ce03ae321ee0cadc5f4904145de479088a6a9b1
GET /favicon.ico HTTP/1.1
Host: wk.jdi5.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wk.jdi5.com/download/dl4/f8fd433c9a55396c748622f1b66a774c/65f3ea1973e6e2c9b19b6e86df30b13d/djbantuverma+wapqiz+com/KANHA-MAI-TO-TERE-DARSHAN-KI-PYASI-BANAY-LE-MOY-CHARN-KI-DASI-HARD-MIX-DEHAITI-DHOLKI-MIX-DJBANTUVERMA-(djbantuverma.wapqiz.com).mp3.html
Cookie: _ga_BXJ1TNEJ97=GS1.1.1715216227.1.0.1715216227.0.0.0; _ga=GA1.1.2064189747.1715216228
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Thu, 09 May 2024 00:57:08 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/5.6.40
x-robots-tag: noindex, nofollow
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vzbzQ%2F6%2Bop1n9S3GRwh3kwkyWjyioytpl3MQUZhBlX849bMkVkqJn3Yy0u1%2F7ZXPScbF6cr7iZG1ktVUBDgFHaGjUVeGylHYnL9c5TvROdHn4h6t30Jx%2FAS7qgyV3w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880dbbd18a99b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.adsensecustomsearchads.com/adsense/domains/caf.js | 216.58.211.14 | 200 OK | 190 kB |
URL GET HTTP/3www.adsensecustomsearchads.com/adsense/domains/caf.js IP216.58.211.14:443
Requested byhttps://www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol300%2Cpid-bodis-gcontrol403%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol202&client=dp-bodis31_3ph&r=m&sc_status=0&hl=en&ivt=0&rpbu=https%3A%2F%2Ffunnyfoto.me%2F%3Fcaf%3D1%26bpt%3D345&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2167086777806799&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301431%2C17301433%2C17301436&client_gdprApplies=1&format=r3&nocache=3171715216229144&num=0&output=afd_ads&domain_name=funnyfoto.me&v=3&bsl=8&pac=0&u_his=6&u_tz=0&dt=1715216229145&u_w=1280&u_h=1024&biw=-12245933&bih=-12245933&isw=300&ish=270&psw=300&psh=243&frm=2&uio=-&cont=rs&drt=0&jsid=caf&jsv=629216002&rurl=https%3A%2F%2Ffunnyfoto.me%2Fsubmit.php&referer=https%3A%2F%2Fwk.jdi5.com%2F CertificateIssuerGoogle Trust Services LLC Subjectmisc-sni.google.com Fingerprint15:D1:F9:FD:F4:47:59:FF:66:C1:EB:18:18:71:8F:7D:9A:38:20:14 ValidityTue, 16 Apr 2024 03:24:35 GMT - Tue, 09 Jul 2024 03:24:34 GMT
File typeJavaScript source, ASCII text, with very long lines (2247) Size190 kB (190037 bytes) Hash96535e69cd6a393a4d405b1b84e2ab62 3aa9bdc598ab15d333ded247586113b4028f91de 2e59af8cbfa0fca4dcf0a587897cd774ee2a62549cc66a8f1185ede09e2251d5
GET /adsense/domains/caf.js HTTP/1.1
Host: www.adsensecustomsearchads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.adsensecustomsearchads.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Thu, 09 May 2024 00:57:09 GMT
expires: Thu, 09 May 2024 00:57:09 GMT
cache-control: private, max-age=3600
etag: "4567345819176541143"
x-content-type-options: nosniff
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css | 104.18.11.207 | 200 OK | 121 kB |
URL GET HTTP/2maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css IP104.18.11.207:443
Requested byhttps://wk.jdi5.com/download/dl4/f8fd433c9a55396c748622f1b66a774c/65f3ea1973e6e2c9b19b6e86df30b13d/djbantuverma+wapqiz+com/KANHA-MAI-TO-TERE-DARSHAN-KI-PYASI-BANAY-LE-MOY-CHARN-KI-DASI-HARD-MIX-DEHAITI-DHOLKI-MIX-DJBANTUVERMA-(djbantuverma.wapqiz.com).mp3.html CertificateIssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63 ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT
File typeASCII text, with very long lines (65371) Size121 kB (121260 bytes) Hash2f624089c65f12185e79925bc5a7fc42 8eb176c70b9cfa6871b76d6dc98fb526e7e9b3de eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
GET /bootstrap/3.3.6/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wk.jdi5.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 09 May 2024 00:57:07 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"2f624089c65f12185e79925bc5a7fc42"
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-cachedat: 10/31/2023 18:48:20
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 755
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: e75e2b1bc710e8580919cf29a00effc5
cdn-cache: HIT
cf-cache-status: HIT
age: 713927
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 880dbbcd1f085691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| tinyfast.xyz/red.php?id=35 | 172.67.203.105 | 302 Found | 1.4 kB |
URL GET HTTP/2tinyfast.xyz/red.php?id=35 IP172.67.203.105:443
Requested byhttps://wk.jdi5.com/download/dl4/f8fd433c9a55396c748622f1b66a774c/65f3ea1973e6e2c9b19b6e86df30b13d/djbantuverma+wapqiz+com/KANHA-MAI-TO-TERE-DARSHAN-KI-PYASI-BANAY-LE-MOY-CHARN-KI-DASI-HARD-MIX-DEHAITI-DHOLKI-MIX-DJBANTUVERMA-(djbantuverma.wapqiz.com).mp3.html CertificateIssuerLet's Encrypt Subjecttinyfast.xyz Fingerprint37:56:44:A9:31:BA:4A:7D:0A:CF:C4:1F:EB:63:7E:C9:3C:03:4D:17 ValidityTue, 07 May 2024 13:16:19 GMT - Mon, 05 Aug 2024 13:16:18 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /red.php?id=35 HTTP/1.1
Host: tinyfast.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wk.jdi5.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Thu, 09 May 2024 00:57:08 GMT
content-type: text/html; charset=UTF-8
location: https://1337x1.wb4.xyz/submit.php
x-powered-by: PHP/7.4.33
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D1o0RUIcBN1gWHoEVyDaExnZ%2BOt%2Bw3L%2FhTRqutVxdSLXwPqY9lBnwgyp4at7QOQClClff2pkhU2OQ41V9Alkz6yzHf06Nn4S6MKmugxo2k7YIT3RNSWg7sR3FNhiQUo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880dbbd169147131-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 1337x1.wb4.xyz/script.js?t=2024490 | 172.67.135.38 | 200 OK | 92 kB |
URL GET HTTP/31337x1.wb4.xyz/script.js?t=2024490 IP172.67.135.38:443
Requested byhttps://1337x1.wb4.xyz/2019/02/my-kitchen-garden-products.html CertificateIssuerGoogle Trust Services LLC Subjectwb4.xyz Fingerprint4B:B4:3F:D1:32:E2:5A:2E:D9:F8:D1:4D:75:85:86:FE:F0:3D:DB:C2 ValidityMon, 15 Apr 2024 02:16:20 GMT - Sun, 14 Jul 2024 02:16:19 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /script.js?t=2024490 HTTP/1.1
Host: 1337x1.wb4.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1337x1.wb4.xyz/2019/02/my-kitchen-garden-products.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 00:57:08 GMT
content-type: application/javascript
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 09 May 2024 00:57:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C7Z8JaXcIIoR0wcAlZugHMqAyQa7Uqmftq8TZxkUrTMIcUIKaqXLIR1zDKYSw23kYmboBjQKL82XElzKjssYhObi6cCExILGo5UNMaUmmmC0dhqhov%2BbIYX5y3cP8RJ54g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880dbbd58a2ab515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| wk.jdi5.com/download/dl4/f8fd433c9a55396c748622f1b66a774c/65f3ea1973e6e2c9b19b6e86df30b13d/djbantuverma+wapqiz+com/KANHA-MAI-TO-TERE-DARSHAN-KI-PYASI-BANAY-LE-MOY-CHARN-KI-DASI-HARD-MIX-DEHAITI-DHOLKI-MIX-DJBANTUVERMA-(djbantuverma.wapqiz.com).mp3.html | 172.67.165.78 | 200 OK | 16 kB |
URL User Request GET HTTP/2wk.jdi5.com/download/dl4/f8fd433c9a55396c748622f1b66a774c/65f3ea1973e6e2c9b19b6e86df30b13d/djbantuverma+wapqiz+com/KANHA-MAI-TO-TERE-DARSHAN-KI-PYASI-BANAY-LE-MOY-CHARN-KI-DASI-HARD-MIX-DEHAITI-DHOLKI-MIX-DJBANTUVERMA-(djbantuverma.wapqiz.com).mp3.html IP172.67.165.78:443
CertificateIssuerGoogle Trust Services LLC Subjectjdi5.com Fingerprint0A:37:16:13:78:6E:DA:39:59:5C:BF:40:B2:52:20:5D:E0:13:DB:60 ValidityWed, 13 Mar 2024 22:43:31 GMT - Tue, 11 Jun 2024 22:43:30 GMT
File typeHTML document, ASCII text, with very long lines (486) Hash9ef9fae3ebcd5e1ac9ae28a924c6e4a8 32d3890bb1e4223d8397bfe33c5f84511e68e5c7 ff1444ed426717a420fbdfe021de3d350cacfc70d6f97e027e5c8529b784f609
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - Anti-debugging code |
GET /download/dl4/f8fd433c9a55396c748622f1b66a774c/65f3ea1973e6e2c9b19b6e86df30b13d/djbantuverma+wapqiz+com/KANHA-MAI-TO-TERE-DARSHAN-KI-PYASI-BANAY-LE-MOY-CHARN-KI-DASI-HARD-MIX-DEHAITI-DHOLKI-MIX-DJBANTUVERMA-(djbantuverma.wapqiz.com).mp3.html HTTP/1.1
Host: wk.jdi5.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 09 May 2024 00:57:06 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/5.6.40
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PPJGW4VdRwkjIyWUNsVG2TETAkNT%2F5DZXh2Lnn9LqhXGPzateIyGUmfJqcU9klA4W5ejPpCDFE8x9a9r2ojSp3rC5bju4bs2MvfEmWxyn%2FVcvRdyJf6DqPzLZHnSRA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880dbbc95c6a56bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|