| cdnjs.cloudflare.com/ajax/libs/script.js/2.0.2/script.min.js | 104.17.24.14 | 200 OK | 684 B |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/script.js/2.0.2/script.min.js IP104.17.24.14:443
Requested byhttps://skibnatties.vercel.app/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (1233) Hash0425e414c5c771ea19751d344586a945 0cd64d6a8b8c87bb47b008e2ef4181a07c1ed93a 674f5eaec7036971b28f595dc5fd4d55a93994e282ab2a232d2486d30640d453
GET /ajax/libs/script.js/2.0.2/script.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://skibnatties.vercel.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 14:54:28 GMT
content-type: application/javascript; charset=utf-8
content-length: 684
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fcb-594"
last-modified: Mon, 04 May 2020 16:16:11 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 854962
expires: Wed, 30 Apr 2025 14:54:28 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=59I5t2eSFFizwdiQA74mWBgnvdBhjQ0eWx%2F%2BxLsmVN3AbQqpzpN1Wa9mrybTWTa6oMiQZHgTmzoG9ryr4ByzwRC%2BhvOZ0kBRrj9%2BsXJalcKUPwwurCZzKs3%2FtaZYcKJ%2Bhlf8JtuH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 881ac3c359b95687-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| | 76.76.21.164 | 200 OK | 7.9 kB |
URL User Request GET HTTP/2IP76.76.21.164:443
CertificateIssuerLet's Encrypt Subject*.vercel.app FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4 ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT
File typeHTML document, ASCII text, with very long lines (1321), with CRLF line terminators Hashc9842a274ec6ebf98dce14f8fe1b38ec 60a88d49b894e7a45400d13a36ff4d3dfa611ea9 48086ed9b48151d658ae5e6b8e341b00b2c7013b0e76c0e743faf247fec7bcb2
GET / HTTP/1.1
Host: skibnatties.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
age: 0
cache-control: public, max-age=0
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 10 May 2024 14:54:27 GMT
etag: W/"10e3-1668f272800"
last-modified: Sat, 20 Oct 2018 01:46:40 GMT
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-powered-by: Express
x-vercel-cache: MISS
x-vercel-id: arn1::iad1::dgvqz-1715352867868-a620a4277acf
X-Firefox-Spdy: h2
|
|
| skibnatties.vercel.app/assets/js/index.js | 76.76.21.164 | 200 OK | 918 B |
URL GET HTTP/2skibnatties.vercel.app/assets/js/index.js IP76.76.21.164:443
Requested byhttps://skibnatties.vercel.app/ CertificateIssuerLet's Encrypt Subject*.vercel.app FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4 ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT
Hash815340f4d0164925524b313679698dae d77f83ff8bad8f196341892068e29e26805131dc 4639aa1a5a7aa1f4dec1769536f09b7803885243623c577c4cd27c32e4f526e2
GET /assets/js/index.js HTTP/1.1
Host: skibnatties.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://skibnatties.vercel.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 0
cache-control: public, max-age=0
content-type: application/javascript; charset=UTF-8
date: Fri, 10 May 2024 14:54:28 GMT
etag: W/"396-1668f272800"
last-modified: Sat, 20 Oct 2018 01:46:40 GMT
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-powered-by: Express
x-vercel-cache: MISS
x-vercel-id: arn1::iad1::2n2lz-1715352868370-0519a5107ff4
content-length: 918
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-6YEQ7Q0XRC | 142.250.74.168 | 200 OK | 102 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-6YEQ7Q0XRC IP142.250.74.168:443
Requested byhttps://skibnatties.vercel.app/ CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Size102 kB (102280 bytes) Hashcf2b7ab0684c88b408650b6a7486493d 7c473b0689f255e78194de01e52dba5d368fd518 6a1ca64bcf8260e254fd3d7249cec2a1dbc6465bab396710445cd609174deb77
GET /gtag/js?id=G-6YEQ7Q0XRC HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://skibnatties.vercel.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 10 May 2024 14:54:28 GMT
expires: Fri, 10 May 2024 14:54:28 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 102280
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/bootstrap-icons@1.11.1/font/bootstrap-icons.css | 151.101.193.229 | 200 OK | 14 kB |
URL GET HTTP/3cdn.jsdelivr.net/npm/bootstrap-icons@1.11.1/font/bootstrap-icons.css IP151.101.193.229:443
Requested byhttps://skibnatties.vercel.app/ CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
Hashedf74488a993c84b266b2de3b9c14456 1bec138083d3b27ff687a9d41b80b797cf20b709 bb6fd8cd85394cb367e8ac58e47292f2d68eb288fa12fab68e65430a5ddfce48
GET /npm/bootstrap-icons@1.11.1/font/bootstrap-icons.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://skibnatties.vercel.app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 13601
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 1.11.1
x-jsd-version-type: version
etag: W/"17fcf-G+wTgIPTsn/2h6nUG4C3l88gtwk"
content-encoding: br
accept-ranges: bytes
date: Fri, 10 May 2024 14:54:28 GMT
age: 18451420
x-served-by: cache-fra-eddf8230023-FRA, cache-hel1410034-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| skibnatties.vercel.app/uv/uv.handler.js | 76.76.21.164 | 200 OK | 138 kB |
URL GET HTTP/2skibnatties.vercel.app/uv/uv.handler.js IP76.76.21.164:443
Requested byhttps://skibnatties.vercel.app/ CertificateIssuerLet's Encrypt Subject*.vercel.app FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4 ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT
File typeJavaScript source, ASCII text, with CRLF line terminators Size138 kB (138039 bytes) Hashf851487bd084c494d1c978b75b57e3f5 cbcf9e251be077638a0d4b3b8be69bcd1d5d5e8f c5e8a39d09280aeaac25c2548543e53ea74ad041f8932f1f3d702d8223d9c46c
GET /uv/uv.handler.js HTTP/1.1
Host: skibnatties.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://skibnatties.vercel.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
age: 0
cache-control: public, max-age=0
content-encoding: br
content-type: application/javascript; charset=UTF-8
date: Fri, 10 May 2024 14:54:28 GMT
etag: W/"9dbf-1668f272800"
last-modified: Sat, 20 Oct 2018 01:46:40 GMT
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-powered-by: Express
x-vercel-cache: MISS
x-vercel-id: arn1::iad1::f7pgm-1715352868555-00e1ecf2d252
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 | 216.58.207.227 | 200 OK | 7.9 kB |
URL GET HTTP/2fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 IP216.58.207.227:443
Requested byhttps://skibnatties.vercel.app/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 7884, version 1.0 Hash9212f6f9860f9fc6c69b02fedf6db8c3 ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://skibnatties.vercel.app
DNT: 1
Connection: keep-alive
Referer: https://skibnatties.vercel.app/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 17:55:04 GMT
expires: Fri, 09 May 2025 17:55:04 GMT
cache-control: public, max-age=31536000
age: 75564
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| pl22991509.profitablegatecpm.com/df/d2/e1/dfd2e1c094b00a158058ce0068d7df84.js | 172.240.108.84 | 200 OK | 16 kB |
URL GET HTTP/1.1pl22991509.profitablegatecpm.com/df/d2/e1/dfd2e1c094b00a158058ce0068d7df84.js IP172.240.108.84:443
Requested byhttps://skibnatties.vercel.app/ CertificateIssuerLet's Encrypt Subjectprofitablegatecpm.com Fingerprint9D:FB:8C:AD:4D:64:98:6B:85:78:33:54:E7:A3:BB:10:ED:77:63:30 ValidityFri, 05 Apr 2024 18:10:33 GMT - Thu, 04 Jul 2024 18:10:32 GMT
File typeJavaScript source, ASCII text, with very long lines (44118), with no line terminators Hash5f65658f7d3dd8b445bf074ab9aa6150 bc1ec56b269bd6e878b5b1e6b56df2d7944615e2 6110c1aae93a30cfc356f0bc39e7b041fac906bfc2c0777d164fd1ad15809d1d
GET /df/d2/e1/dfd2e1c094b00a158058ce0068d7df84.js HTTP/1.1
Host: pl22991509.profitablegatecpm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://skibnatties.vercel.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 14:54:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 17637779a60084373ffeea9527b80bd1
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| ocsp.r2m03.amazontrust.com/ | 143.204.53.97 | | 471 B |
URL ocsp.r2m03.amazontrust.com/ IP143.204.53.97:0
Hashc1ae368dfcd18c3fe0a38f18783ecfe1 591b78d8c937af6063def58fa5d376d07e7d005e 58ceb2cb03a41de3ae12171e7359276ed8fcbc1881b071c2783b782667cf124b
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Fri, 10 May 2024 14:54:29 GMT
Last-Modified: Fri, 10 May 2024 13:15:48 GMT
Server: ECAcc (ska/F776)
X-Cache: Miss from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: wTEEsSQAt525RSLcWnWt5g6dNsV6sAWphA_RjFCoIyv4WSEnH8n3gA==
Age: 5921
|
|
| proftrafficcounter.com/stats | 3.124.83.201 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP3.124.83.201:443
Requested byhttps://skibnatties.vercel.app/ CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash1568bcdf7782d31b81a3a7700313d064 c5f378a7cf991ac6a229bfe1d61e9fc56f3ac303 4afe6366a425914816f8b7e815ef36b2590f950b01001a58199b9db4e695ea21
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://skibnatties.vercel.app
DNT: 1
Connection: keep-alive
Referer: https://skibnatties.vercel.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 14:54:29 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://skibnatties.vercel.app
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=32f6b343-e761-475a-8a0e-b39c6804e4a8:1:1; expires=Mon, 08 May 2034 14:54:29 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| downstairsnegotiatebarren.com/sfp.js | 188.114.97.1 | 200 OK | 28 kB |
URL GET HTTP/3downstairsnegotiatebarren.com/sfp.js IP188.114.97.1:443
Requested byhttps://skibnatties.vercel.app/ CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint5D:DB:CB:C6:CE:2A:8B:34:7D:BC:43:74:33:1D:5F:77:48:F7:BC:1B ValidityThu, 02 May 2024 21:26:34 GMT - Wed, 31 Jul 2024 21:26:33 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators Hashf4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://skibnatties.vercel.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 14:54:29 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 39ad4e80c22ef66e39bce53f18f8cc32
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Fri, 10 May 2024 14:54:28 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UPbjPvkVuJLhgcVlbaJqRSZQg6YCcV%2F23ifNu0XoR%2FKlUpvALlZFVCon0aY%2B9HZRk4RTsdDGFT6vL1IUnEJPVofTNx0F9hPzIZB%2BpbDqJZ4gMrZ4oB1hcoV1L3Zg6LUvcqY%2F8LAcg%2BOvYuaKDva6RA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881ac3c8aa627131-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| skibnatties.vercel.app/uv/uv.config.js | 76.76.21.164 | 200 OK | 291 B |
URL GET HTTP/2skibnatties.vercel.app/uv/uv.config.js IP76.76.21.164:443
Requested byhttps://skibnatties.vercel.app/ CertificateIssuerLet's Encrypt Subject*.vercel.app FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4 ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT
File typeASCII text, with CRLF line terminators Hash71ce42fbda3e2abed32e5320a8812cf7 7a01f9a81b957816121a98421c99c50f63b09b23 71cbd5a515918f868cea099f452f35e50576df2494866b5aa16a7fea8b0371ed
GET /uv/uv.config.js HTTP/1.1
Host: skibnatties.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://skibnatties.vercel.app/
Cookie: _ga_6YEQ7Q0XRC=GS1.1.1715352868.1.0.1715352868.0.0.0; _ga=GA1.1.756599698.1715352869
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 0
cache-control: public, max-age=0
content-type: application/javascript; charset=UTF-8
date: Fri, 10 May 2024 14:54:29 GMT
etag: W/"123-1668f272800"
last-modified: Sat, 20 Oct 2018 01:46:40 GMT
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-powered-by: Express
x-vercel-cache: MISS
x-vercel-id: arn1::iad1::z98hd-1715352869403-f7887bc82971
content-length: 291
X-Firefox-Spdy: h2
|
|
| ascensionunfinished.com/29/fa/b7/29fab7886bf7b6e324633f506204e65d.js | 172.240.108.76 | 200 OK | 31 kB |
URL GET HTTP/1.1ascensionunfinished.com/29/fa/b7/29fab7886bf7b6e324633f506204e65d.js IP172.240.108.76:443
Requested byhttps://skibnatties.vercel.app/ CertificateIssuerLet's Encrypt Subjectascensionunfinished.com Fingerprint74:73:3B:0F:7A:C1:93:FB:B1:E0:8B:AE:39:45:B5:02:6D:2A:37:C8 ValidityMon, 06 May 2024 12:45:42 GMT - Sun, 04 Aug 2024 12:45:41 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash44c58d65129f6f9b158168950c4265e0 9db78167e7fd04a4d95a2e87f76bec0983dd3158 446520a8053d8d650f2a6d7ccb9d876d53d26b1dd0e5fb3336976b3706174e07
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /29/fa/b7/29fab7886bf7b6e324633f506204e65d.js HTTP/1.1
Host: ascensionunfinished.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://skibnatties.vercel.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 14:54:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 800829452500cd723b502354b403caf9
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| proftrafficcounter.com/stats | 3.124.83.201 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP3.124.83.201:443
Requested byhttps://skibnatties.vercel.app/ CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash1568bcdf7782d31b81a3a7700313d064 c5f378a7cf991ac6a229bfe1d61e9fc56f3ac303 4afe6366a425914816f8b7e815ef36b2590f950b01001a58199b9db4e695ea21
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://skibnatties.vercel.app
DNT: 1
Connection: keep-alive
Referer: https://skibnatties.vercel.app/
Cookie: uid_id2=32f6b343-e761-475a-8a0e-b39c6804e4a8:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 10 May 2024 14:54:29 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://skibnatties.vercel.app
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2
|
|
| sprangsugar.com/pixel/purst?dl=0&th=0&sc=0&rs=1935&rd=1935&fd=512&bv=24.5.6485&tmpl=70 | 172.240.127.234 | 200 OK | 0 B |
URL GET HTTP/1.1sprangsugar.com/pixel/purst?dl=0&th=0&sc=0&rs=1935&rd=1935&fd=512&bv=24.5.6485&tmpl=70 IP172.240.127.234:443
Requested byhttps://skibnatties.vercel.app/ CertificateIssuerLet's Encrypt Subjectsprangsugar.com FingerprintA8:FF:DF:D3:ED:3D:E8:4B:33:C8:93:D3:94:CA:8E:28:5D:39:26:C1 ValidityMon, 06 May 2024 08:08:05 GMT - Sun, 04 Aug 2024 08:08:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/purst?dl=0&th=0&sc=0&rs=1935&rd=1935&fd=512&bv=24.5.6485&tmpl=70 HTTP/1.1
Host: sprangsugar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://skibnatties.vercel.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 14:54:30 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| proftrafficcounter.com/stats | 3.124.83.201 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP3.124.83.201:443
Requested byhttps://skibnatties.vercel.app/ CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash1568bcdf7782d31b81a3a7700313d064 c5f378a7cf991ac6a229bfe1d61e9fc56f3ac303 4afe6366a425914816f8b7e815ef36b2590f950b01001a58199b9db4e695ea21
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://skibnatties.vercel.app
DNT: 1
Connection: keep-alive
Referer: https://skibnatties.vercel.app/
Cookie: uid_id2=32f6b343-e761-475a-8a0e-b39c6804e4a8:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 10 May 2024 14:54:30 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://skibnatties.vercel.app
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2
|
|
| proftrafficcounter.com/stats | 3.124.83.201 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP3.124.83.201:443
Requested byhttps://skibnatties.vercel.app/ CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash1568bcdf7782d31b81a3a7700313d064 c5f378a7cf991ac6a229bfe1d61e9fc56f3ac303 4afe6366a425914816f8b7e815ef36b2590f950b01001a58199b9db4e695ea21
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://skibnatties.vercel.app
DNT: 1
Connection: keep-alive
Referer: https://skibnatties.vercel.app/
Cookie: uid_id2=32f6b343-e761-475a-8a0e-b39c6804e4a8:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 10 May 2024 14:54:30 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://skibnatties.vercel.app
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2
|
|
| ascensionunfinished.com/sbar.json?key=dfd2e1c094b00a158058ce0068d7df84 | 172.240.108.76 | 200 OK | 6.0 kB |
URL GET HTTP/1.1ascensionunfinished.com/sbar.json?key=dfd2e1c094b00a158058ce0068d7df84 IP172.240.108.76:443
Requested byhttps://skibnatties.vercel.app/ CertificateIssuerLet's Encrypt Subjectascensionunfinished.com Fingerprint74:73:3B:0F:7A:C1:93:FB:B1:E0:8B:AE:39:45:B5:02:6D:2A:37:C8 ValidityMon, 06 May 2024 12:45:42 GMT - Sun, 04 Aug 2024 12:45:41 GMT
Hashab5615459ceed75f622b083b7cdbc80f f1a48073787f2ae0782b7ac362e394f067c0a2aa fbe96369e80e3a9f2c6975b77f11e60d9b06cc5683d39461b4d3ac508cfc40ee
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /sbar.json?key=dfd2e1c094b00a158058ce0068d7df84 HTTP/1.1
Host: ascensionunfinished.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://skibnatties.vercel.app
DNT: 1
Connection: keep-alive
Referer: https://skibnatties.vercel.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 14:54:30 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://skibnatties.vercel.app
Access-Control-Allow-Origin: https://skibnatties.vercel.app
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=22891010; expires=Sat, 11 May 2024 14:54:30 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 11 May 2024 14:54:30 GMT; secure; SameSite=None
uncs=1; expires=Sat, 11 May 2024 14:54:30 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sat, 11 May 2024 14:54:30 GMT; secure; SameSite=None
uncs29=1; expires=Sat, 11 May 2024 14:54:30 GMT; secure; SameSite=None
slecdfd2e1c094b00a158058ce0068d7df84=[5210994,5210995]; expires=Fri, 10 May 2024 14:54:35 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b919edfa3ddc5c01d698d9790ef1f6cd
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| skibnatties.vercel.app/assets/img/doge.jpg | 76.76.21.164 | 200 OK | 30 kB |
URL GET HTTP/2skibnatties.vercel.app/assets/img/doge.jpg IP76.76.21.164:443
Requested byhttps://skibnatties.vercel.app/ CertificateIssuerLet's Encrypt Subject*.vercel.app FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4 ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT
File typePNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced Hash844744c82db49de7ffc4f9fdaae63a89 8f3e4e1761e4ea13cf459be9ad791d8c4759f036 8c058804644b370c3f9ce437c8fb7be5f53c2a61f2f46ebf5018125f49656182
GET /assets/img/doge.jpg HTTP/1.1
Host: skibnatties.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://skibnatties.vercel.app/
Cookie: _ga_6YEQ7Q0XRC=GS1.1.1715352868.1.0.1715352868.0.0.0; _ga=GA1.1.756599698.1715352869
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 0
cache-control: public, max-age=0
content-type: image/jpeg
date: Fri, 10 May 2024 14:54:29 GMT
etag: W/"76e7-1668f272800"
last-modified: Sat, 20 Oct 2018 01:46:40 GMT
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-powered-by: Express
x-vercel-cache: MISS
x-vercel-id: arn1::iad1::z98hd-1715352869647-84efe1ef95d4
X-Firefox-Spdy: h2
|
|
| skibnatties.vercel.app/worker.js | 76.76.21.164 | 500 Internal Server Error | 28 B |
URL GET HTTP/2skibnatties.vercel.app/worker.js IP76.76.21.164:443
Requested byhttps://skibnatties.vercel.app/ CertificateIssuerLet's Encrypt Subject*.vercel.app FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4 ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT
File typeASCII text, with no line terminators Hash7305135e8c8844dec3bdaf6071604de8 76fae8ae6068e24b7fb57128fc00b8b867c56985 6a38227859da1b654cfdd0e54846f0692ed50f02be2c464feaaf15f123d53d6a
GET /worker.js HTTP/1.1
Host: skibnatties.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://skibnatties.vercel.app/
Cookie: _ga_6YEQ7Q0XRC=GS1.1.1715352868.1.0.1715352868.0.0.0; _ga=GA1.1.756599698.1715352869; sb_main_dfd2e1c094b00a158058ce0068d7df84=1; sb_count_dfd2e1c094b00a158058ce0068d7df84=1; dom3ic8zudi28v8lr6fgphwffqoz0j6c=32f6b343-e761-475a-8a0e-b39c6804e4a8%3A1%3A1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 500 Internal Server Error
age: 0
cache-control: public, max-age=0, must-revalidate
content-type: text/html; charset=utf-8
date: Fri, 10 May 2024 14:54:30 GMT
etag: W/"1c-dvrormBo4kt/tXEo/AC4uGfFaYU"
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-powered-by: Express
x-vercel-cache: MISS
x-vercel-id: arn1::iad1::z98hd-1715352870185-a58319fdd9e8
content-length: 28
X-Firefox-Spdy: h2
|
|
| skibnatties.vercel.app/uv/uv.bundle.js | 76.76.21.164 | 200 OK | 317 kB |
URL GET HTTP/2skibnatties.vercel.app/uv/uv.bundle.js IP76.76.21.164:443
Requested byhttps://skibnatties.vercel.app/ CertificateIssuerLet's Encrypt Subject*.vercel.app FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4 ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT
File typeJavaScript source, ASCII text, with CRLF line terminators Size317 kB (316808 bytes) Hash909cffc68d2798f32c62db56eeeb52f4 56be67b5b58876862ffec950d698b998b79e9a0c f98ba616d22ca9111e526f5145ad6efc23065cac82acb569b11b5835227b30e1
GET /uv/uv.bundle.js HTTP/1.1
Host: skibnatties.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://skibnatties.vercel.app/
Cookie: _ga_6YEQ7Q0XRC=GS1.1.1715352868.1.0.1715352868.0.0.0; _ga=GA1.1.756599698.1715352869
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
age: 0
cache-control: public, max-age=0
content-encoding: br
content-type: application/javascript; charset=UTF-8
date: Fri, 10 May 2024 14:54:28 GMT
etag: W/"1b9b27-1668f272800"
last-modified: Sat, 20 Oct 2018 01:46:40 GMT
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-powered-by: Express
x-vercel-cache: MISS
x-vercel-id: arn1::iad1::8k5qj-1715352868819-39974cdf17cb
X-Firefox-Spdy: h2
|
|
| skibnatties.vercel.app/assets/css/app.css | 76.76.21.164 | 200 OK | 8.1 kB |
URL GET HTTP/2skibnatties.vercel.app/assets/css/app.css IP76.76.21.164:443
Requested byhttps://skibnatties.vercel.app/ CertificateIssuerLet's Encrypt Subject*.vercel.app FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4 ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT
File typeASCII text, with CRLF line terminators Hash93258cba31ebdedaca35055930688742 8d62c4a16171937e96889e86aa3c0685fd7e01e6 b72c66a919e7a592ddd587c18fad6d5a0f0a9029dc55f8f7fa40591820645c65
GET /assets/css/app.css HTTP/1.1
Host: skibnatties.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://skibnatties.vercel.app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
age: 0
cache-control: public, max-age=0
content-encoding: br
content-type: text/css; charset=UTF-8
date: Fri, 10 May 2024 14:54:28 GMT
etag: W/"177c-1668f272800"
last-modified: Sat, 20 Oct 2018 01:46:40 GMT
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-powered-by: Express
x-vercel-cache: MISS
x-vercel-id: arn1::iad1::8g44g-1715352868358-63601b8dc866
X-Firefox-Spdy: h2
|
|
| skibnatties.vercel.app/assets/img/doge.jpg | 76.76.21.164 | 200 OK | 41 kB |
URL GET HTTP/2skibnatties.vercel.app/assets/img/doge.jpg IP76.76.21.164:443
Requested byhttps://skibnatties.vercel.app/ CertificateIssuerLet's Encrypt Subject*.vercel.app FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4 ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT
File typePNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced Hash3b9b8ca4ae2151f4d8eb31ac4f347fb6 0ae184412cbf36e9b63ca95d66c5fe58baee12c6 cfcedf7c833b760208d4fe3110631b58e8add299b58a74dacc1e1ee48582d65a
GET /assets/img/doge.jpg HTTP/1.1
Host: skibnatties.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://skibnatties.vercel.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 0
cache-control: public, max-age=0
content-type: image/jpeg
date: Fri, 10 May 2024 14:54:28 GMT
etag: W/"76e7-1668f272800"
last-modified: Sat, 20 Oct 2018 01:46:40 GMT
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-powered-by: Express
x-vercel-cache: MISS
x-vercel-id: arn1::iad1::b9skz-1715352868364-f676aba6d38c
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/interstitial/sweep/default/stories/1/img/icon.png | 188.114.97.1 | 200 OK | 12 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/interstitial/sweep/default/stories/1/img/icon.png IP188.114.97.1:443
Requested byhttps://skibnatties.vercel.app/ CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typePNG image data, 230 x 253, 8-bit colormap, non-interlaced Hashb1f546ae7b0fbf8f3d19946146456d8a 37792f4d6fb3482b3d0281139a61e2e426fa3056 2a0b851026a70a5da3b5f2fe9e7f5d098c4126c035a68de8e90f8408bab6fd33
GET /sb/interstitial/sweep/default/stories/1/img/icon.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 10 May 2024 14:54:30 GMT
content-type: image/png
content-length: 11963
last-modified: Fri, 19 Jan 2024 14:17:32 GMT
etag: "65aa847c-2ebb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 858990
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7h%2BiObkc8dWXLyODEQBEcEfbtZQESLB1Hct3ZC6900nxtgbGa3SlDdu1QGFXo0gpp%2BtTHVqHyIMOO83dKJuYzCg6fR1nac1FHXLwmSwevpax0N%2B8UU30fxKCD352LAeEVb4z6Bp3PSLV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881ac3d29b0756a9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ascensionunfinished.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fstories%2F1%2Findex.html&l=1125&fd=105 | 172.240.108.76 | 200 OK | 0 B |
URL GET HTTP/1.1ascensionunfinished.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fstories%2F1%2Findex.html&l=1125&fd=105 IP172.240.108.76:443
Requested byhttps://skibnatties.vercel.app/ CertificateIssuerLet's Encrypt Subjectascensionunfinished.com Fingerprint74:73:3B:0F:7A:C1:93:FB:B1:E0:8B:AE:39:45:B5:02:6D:2A:37:C8 ValidityMon, 06 May 2024 12:45:42 GMT - Sun, 04 Aug 2024 12:45:41 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fstories%2F1%2Findex.html&l=1125&fd=105 HTTP/1.1
Host: ascensionunfinished.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://skibnatties.vercel.app/
Cookie: u_pl=22891010; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecdfd2e1c094b00a158058ce0068d7df84=[5210994,5210995]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 14:54:30 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap | 142.250.74.106 | 200 OK | 1.2 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap IP142.250.74.106:443
Requested byhttps://skibnatties.vercel.app/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typegzip compressed data, max compression Hashd7b995a5cb78d4de092fc1dfcf2b4476 1a98a75678f1b86fe4aea0a1482402cb9a573537 074e3270372efc2bd01d196cbccd6144dd47d6acda2dc3d7f7dce005143a1332
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 14:54:30 GMT
date: Fri, 10 May 2024 14:54:30 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/interstitial/sweep/default/stories/1/js/jquery.min.js | 188.114.97.1 | 200 OK | 32 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/interstitial/sweep/default/stories/1/js/jquery.min.js IP188.114.97.1:443
Requested byhttps://skibnatties.vercel.app/ CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeJavaScript source, ASCII text, with very long lines (32058) Hashc9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
GET /sb/interstitial/sweep/default/stories/1/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 14:54:30 GMT
content-type: application/javascript
last-modified: Fri, 19 Jan 2024 14:17:32 GMT
etag: W/"65aa847c-15283"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 858990
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7iorqudDSmafm8E%2BdH8oIYSGHvTeGL8gsS6MzBkuiKdvPudC9ykF4cYOrAy56Hniv6s8MMCb%2BfbA82gVDyefb3gDk6hmf2tQCtEp0LSeCgws10o8tjwhzz1P%2Byd5SwDJYg10NTpEOo7W"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881ac3d29b0056a9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| unseenreport.com/pxf.gif?uuid=32f6b343-e761-475a-8a0e-b39c6804e4a8&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=dfd2e1c094b00a158058ce0068d7df84&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=14 | 192.243.59.12 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=32f6b343-e761-475a-8a0e-b39c6804e4a8&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=dfd2e1c094b00a158058ce0068d7df84&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=14 IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://skibnatties.vercel.app/ CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=32f6b343-e761-475a-8a0e-b39c6804e4a8&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=dfd2e1c094b00a158058ce0068d7df84&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=14 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://skibnatties.vercel.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 10 May 2024 14:54:31 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: de94a85c95f2a24106aafb53c63f7e3f
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| unseenreport.com/pxf.gif?uuid=32f6b343-e761-475a-8a0e-b39c6804e4a8&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=29fab7886bf7b6e324633f506204e65d&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=14 | 192.243.59.12 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=32f6b343-e761-475a-8a0e-b39c6804e4a8&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=29fab7886bf7b6e324633f506204e65d&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=14 IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://skibnatties.vercel.app/ CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=32f6b343-e761-475a-8a0e-b39c6804e4a8&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=29fab7886bf7b6e324633f506204e65d&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=14 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://skibnatties.vercel.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 10 May 2024 14:54:31 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a37a944d0dce4d0fc5f499a01f7bed10
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| ascensionunfinished.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fstories%2F1%2Fcss%2Fstyle.css&l=1434&fd=655 | 172.240.108.76 | 200 OK | 0 B |
URL GET HTTP/1.1ascensionunfinished.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fstories%2F1%2Fcss%2Fstyle.css&l=1434&fd=655 IP172.240.108.76:443
Requested byhttps://skibnatties.vercel.app/ CertificateIssuerLet's Encrypt Subjectascensionunfinished.com Fingerprint74:73:3B:0F:7A:C1:93:FB:B1:E0:8B:AE:39:45:B5:02:6D:2A:37:C8 ValidityMon, 06 May 2024 12:45:42 GMT - Sun, 04 Aug 2024 12:45:41 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fstories%2F1%2Fcss%2Fstyle.css&l=1434&fd=655 HTTP/1.1
Host: ascensionunfinished.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://skibnatties.vercel.app/
Cookie: u_pl=22891010; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecdfd2e1c094b00a158058ce0068d7df84=[5210994,5210995]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 14:54:31 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.creative-bars1.com/sb/interstitial/sweep/default/stories/1/css/animate.css | 188.114.97.1 | 200 OK | 4.9 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/interstitial/sweep/default/stories/1/css/animate.css IP188.114.97.1:443
Requested byhttps://skibnatties.vercel.app/ CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
Hash5982c5377696d20476871062646b253f 8bf2c93fa9ccc908f7df0fb7abb911bbac3e4242 4e23a6449e6ef4614f0107cecf5c9eda75d2041c7c71f4a55d45f2a7e75450f4
GET /sb/interstitial/sweep/default/stories/1/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://skibnatties.vercel.app
DNT: 1
Connection: keep-alive
Referer: https://skibnatties.vercel.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 14:54:31 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:17:32 GMT
etag: W/"65aa847c-13365"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PmQESohJP5vLC9uZeg1DyVZMi6tC259DFtg4gl8zoIsDe8WEnc%2B%2F%2BI%2Fwua%2BfrmOUn7b6Bj54LduO6XJUDvAgG3NWEvmuVvSXWCBAV%2FZH9P9zc%2F0LF66vkYqzhGLlaX9DVAsLl1QWbyzg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881ac3d2988c7131-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| downstairsnegotiatebarren.com/sfp.js | 188.114.97.1 | 200 OK | 28 kB |
URL GET HTTP/3downstairsnegotiatebarren.com/sfp.js IP188.114.97.1:443
Requested byhttps://skibnatties.vercel.app/ CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint5D:DB:CB:C6:CE:2A:8B:34:7D:BC:43:74:33:1D:5F:77:48:F7:BC:1B ValidityThu, 02 May 2024 21:26:34 GMT - Wed, 31 Jul 2024 21:26:33 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators Hashf4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://skibnatties.vercel.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 14:54:29 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 974a415a53b90e9e804669086d9e22ed
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Fri, 10 May 2024 14:54:29 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h%2FoMG5Y%2BNkK%2FpBLqWgDSmF0POrYMKBi1CS31aGuazPEwrh9xJkjNIioceTRHn5sXSnmrX16XhWM4gateqHKCvXGZMwuf2FV5VVhTEh8khIi2q4tp8Oqxe9%2B0sMQ4cWCZUFc%2FhxduzYUrVgYUNKKB2A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881ac3cbef6b0b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.227:443
Requested byhttps://skibnatties.vercel.app/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://skibnatties.vercel.app
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 09:28:37 GMT
expires: Sun, 04 May 2025 09:28:37 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 537954
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ascensionunfinished.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzWtc1Rs%2Bd5rFD34LUborwqxKC2Vy72Q%2BLVisaSQam9oqClbkfN3JMWfuuZxzz9xJVsGAdOfgxu3NM0mD2or%2BAbZyU3AREDLiIguzciO4EMSuXMhMg8EX7n3f9zzPged93vPJjj8hdXh6vPim2VRa0%2FlmLaxeei%2BKrlZXVOKH1WGn9WGrcbVqBy91W7XwcvU1ydfNfD2MwjAKo%2BqSsjI2w%2FkpCJU%2B6Ea1blhr1GtRs4Gh%2FW%2FvfABHA4jBCXkBSkzmngTnoXiJpP%2FNonTrmUmv3Oh7TTNjMRD77yTrickT9M%2FK2AaIk%2F1TNow7WnoEk%2BzN5MIM%2FiUyNSHBD4%2FAkv1TkWCD3ZlOpiETMPF%2F5IMSUpdQtAQ321DiiABc4OYqkv79m8bmdOMZSqfohMw9%2FRMqn5C5X84j6X99Xath9Y7RPlMmcRjGBdSwhOqVSP0Bss0KVH4Ann0MJX4k809XkPR3V502UKKYza5UCRWX0HIE6gL46acC%2BDiATwP0xXGVR1HUDgWnYafL%2BYJoS9YSYUTbcUSjsNWB51N5I2TpCFyPwO0WUruFdTWC9d%2FDrRVwIoDLJiR4awsDUSCXBLkjyClBrgjyjCAfFHtCu7or7gvtPItOc%2F00LxRjk%2FV26J7JejIhoHYEK4qd9IQ8P%2FUn%2BOD1CtblcVXEoi4jHnYbLAxp1OyEzQ6XYdjqiLaIOw04VUC5ymzkTTUhXfIQqZqQC7VtMHoApw%2FA1TlQ%2FyJoXoCuFdhMHsqktraRprLGtWcQpkCazSHbCHb0CbkwW9HqtoXkh9f%2B%2Fl908bfhz%2BC2QGoLfKSeEPT0vfFtk5Pd2yZ35NvVNFN9tUmn67uT0UzOffmG3MiNFcuLbvTFK3wKTMsHb0uXrdBEqKTnyFfXlRDSLhnLJflu2b0r2S3v1q57m%2Fh05darS8v91ErnlElKUHV043NwNSHPPb47e5dX3v8VypawvkDfH5LTgDIH4OkWXHp47fdLf5Wf3r0MZwisPuOwNEDui7Gts7NDrQi0POspK%2BDkmQVMHj7%2B4xk2tnR6m6pix91Dz1ZAs20k%2FQIDW2CgC1A9gvPnxllqD6%2F9tDALMF0ZM20ru0xb%2FdnM5OnPwanj6kIo2kzGss1ko9mIJRes2WQhjzlbEJ0OR%2BYm8cvNi%2F8AAAD%2F%2FwEAAP%2F%2FVGLzx3EEAAA%3D | 172.240.108.76 | 200 OK | 7 B |
URL GET HTTP/1.1ascensionunfinished.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzWtc1Rs%2Bd5rFD34LUborwqxKC2Vy72Q%2BLVisaSQam9oqClbkfN3JMWfuuZxzz9xJVsGAdOfgxu3NM0mD2or%2BAbZyU3AREDLiIguzciO4EMSuXMhMg8EX7n3f9zzPged93vPJjj8hdXh6vPim2VRa0%2FlmLaxeei%2BKrlZXVOKH1WGn9WGrcbVqBy91W7XwcvU1ydfNfD2MwjAKo%2BqSsjI2w%2FkpCJU%2B6Ea1blhr1GtRs4Gh%2FW%2FvfABHA4jBCXkBSkzmngTnoXiJpP%2FNonTrmUmv3Oh7TTNjMRD77yTrickT9M%2FK2AaIk%2F1TNow7WnoEk%2BzN5MIM%2FiUyNSHBD4%2FAkv1TkWCD3ZlOpiETMPF%2F5IMSUpdQtAQ321DiiABc4OYqkv79m8bmdOMZSqfohMw9%2FRMqn5C5X84j6X99Xath9Y7RPlMmcRjGBdSwhOqVSP0Bss0KVH4Ann0MJX4k809XkPR3V502UKKYza5UCRWX0HIE6gL46acC%2BDiATwP0xXGVR1HUDgWnYafL%2BYJoS9YSYUTbcUSjsNWB51N5I2TpCFyPwO0WUruFdTWC9d%2FDrRVwIoDLJiR4awsDUSCXBLkjyClBrgjyjCAfFHtCu7or7gvtPItOc%2F00LxRjk%2FV26J7JejIhoHYEK4qd9IQ8P%2FUn%2BOD1CtblcVXEoi4jHnYbLAxp1OyEzQ6XYdjqiLaIOw04VUC5ymzkTTUhXfIQqZqQC7VtMHoApw%2FA1TlQ%2FyJoXoCuFdhMHsqktraRprLGtWcQpkCazSHbCHb0CbkwW9HqtoXkh9f%2B%2Fl908bfhz%2BC2QGoLfKSeEPT0vfFtk5Pd2yZ35NvVNFN9tUmn67uT0UzOffmG3MiNFcuLbvTFK3wKTMsHb0uXrdBEqKTnyFfXlRDSLhnLJflu2b0r2S3v1q57m%2Fh05darS8v91ErnlElKUHV043NwNSHPPb47e5dX3v8VypawvkDfH5LTgDIH4OkWXHp47fdLf5Wf3r0MZwisPuOwNEDui7Gts7NDrQi0POspK%2BDkmQVMHj7%2B4xk2tnR6m6pix91Dz1ZAs20k%2FQIDW2CgC1A9gvPnxllqD6%2F9tDALMF0ZM20ru0xb%2FdnM5OnPwanj6kIo2kzGss1ko9mIJRes2WQhjzlbEJ0OR%2BYm8cvNi%2F8AAAD%2F%2FwEAAP%2F%2FVGLzx3EEAAA%3D IP172.240.108.76:443
Requested byhttps://skibnatties.vercel.app/ CertificateIssuerLet's Encrypt Subjectascensionunfinished.com Fingerprint74:73:3B:0F:7A:C1:93:FB:B1:E0:8B:AE:39:45:B5:02:6D:2A:37:C8 ValidityMon, 06 May 2024 12:45:42 GMT - Sun, 04 Aug 2024 12:45:41 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSzWtc1Rs%2Bd5rFD34LUborwqxKC2Vy72Q%2BLVisaSQam9oqClbkfN3JMWfuuZxzz9xJVsGAdOfgxu3NM0mD2or%2BAbZyU3AREDLiIguzciO4EMSuXMhMg8EX7n3f9zzPged93vPJjj8hdXh6vPim2VRa0%2FlmLaxeei%2BKrlZXVOKH1WGn9WGrcbVqBy91W7XwcvU1ydfNfD2MwjAKo%2BqSsjI2w%2FkpCJU%2B6Ea1blhr1GtRs4Gh%2FW%2FvfABHA4jBCXkBSkzmngTnoXiJpP%2FNonTrmUmv3Oh7TTNjMRD77yTrickT9M%2FK2AaIk%2F1TNow7WnoEk%2BzN5MIM%2FiUyNSHBD4%2FAkv1TkWCD3ZlOpiETMPF%2F5IMSUpdQtAQ321DiiABc4OYqkv79m8bmdOMZSqfohMw9%2FRMqn5C5X84j6X99Xath9Y7RPlMmcRjGBdSwhOqVSP0Bss0KVH4Ann0MJX4k809XkPR3V502UKKYza5UCRWX0HIE6gL46acC%2BDiATwP0xXGVR1HUDgWnYafL%2BYJoS9YSYUTbcUSjsNWB51N5I2TpCFyPwO0WUruFdTWC9d%2FDrRVwIoDLJiR4awsDUSCXBLkjyClBrgjyjCAfFHtCu7or7gvtPItOc%2F00LxRjk%2FV26J7JejIhoHYEK4qd9IQ8P%2FUn%2BOD1CtblcVXEoi4jHnYbLAxp1OyEzQ6XYdjqiLaIOw04VUC5ymzkTTUhXfIQqZqQC7VtMHoApw%2FA1TlQ%2FyJoXoCuFdhMHsqktraRprLGtWcQpkCazSHbCHb0CbkwW9HqtoXkh9f%2B%2Fl908bfhz%2BC2QGoLfKSeEPT0vfFtk5Pd2yZ35NvVNFN9tUmn67uT0UzOffmG3MiNFcuLbvTFK3wKTMsHb0uXrdBEqKTnyFfXlRDSLhnLJflu2b0r2S3v1q57m%2Fh05darS8v91ErnlElKUHV043NwNSHPPb47e5dX3v8VypawvkDfH5LTgDIH4OkWXHp47fdLf5Wf3r0MZwisPuOwNEDui7Gts7NDrQi0POspK%2BDkmQVMHj7%2B4xk2tnR6m6pix91Dz1ZAs20k%2FQIDW2CgC1A9gvPnxllqD6%2F9tDALMF0ZM20ru0xb%2FdnM5OnPwanj6kIo2kzGss1ko9mIJRes2WQhjzlbEJ0OR%2BYm8cvNi%2F8AAAD%2F%2FwEAAP%2F%2FVGLzx3EEAAA%3D HTTP/1.1
Host: ascensionunfinished.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://skibnatties.vercel.app/
Cookie: u_pl=22891010; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecdfd2e1c094b00a158058ce0068d7df84=[5210994,5210995]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 14:54:31 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c6d756655aba8dc9d56c621f45530bb5
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| ascensionunfinished.com/pixel/sbs?c=1 | 172.240.108.68 | 200 OK | 0 B |
URL GET HTTP/1.1ascensionunfinished.com/pixel/sbs?c=1 IP172.240.108.68:443
Requested byhttps://skibnatties.vercel.app/ CertificateIssuerLet's Encrypt Subjectascensionunfinished.com Fingerprint74:73:3B:0F:7A:C1:93:FB:B1:E0:8B:AE:39:45:B5:02:6D:2A:37:C8 ValidityMon, 06 May 2024 12:45:42 GMT - Sun, 04 Aug 2024 12:45:41 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbs?c=1 HTTP/1.1
Host: ascensionunfinished.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://skibnatties.vercel.app/
Cookie: u_pl=22891010; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecdfd2e1c094b00a158058ce0068d7df84=[5210994,5210995]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 14:54:31 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| skibnatties.vercel.app/assets/css/menu.css | 76.76.21.164 | 200 OK | 1.2 kB |
URL GET HTTP/2skibnatties.vercel.app/assets/css/menu.css IP76.76.21.164:443
Requested byhttps://skibnatties.vercel.app/ CertificateIssuerLet's Encrypt Subject*.vercel.app FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4 ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT
File typeASCII text, with very long lines (1298), with no line terminators Hashee57e56f32611c0095c6749708aebd14 f326b138f92fd7b9899a07a992a3f91f42fbbc18 315b914e4945c9b1a41b04c9c4b971377a41bc65fc79fc04de28e13e59bbe38b
GET /assets/css/menu.css HTTP/1.1
Host: skibnatties.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://skibnatties.vercel.app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
age: 0
cache-control: public, max-age=0
content-encoding: br
content-type: text/css; charset=UTF-8
date: Fri, 10 May 2024 14:54:28 GMT
etag: W/"4a4-1668f272800"
last-modified: Sat, 20 Oct 2018 01:46:40 GMT
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-powered-by: Express
x-vercel-cache: MISS
x-vercel-id: arn1::iad1::nr549-1715352868362-29f99abb5b08
X-Firefox-Spdy: h2
|
|
| skibnatties.vercel.app/assets/js/themes.js | 76.76.21.164 | 200 OK | 7.6 kB |
URL GET HTTP/2skibnatties.vercel.app/assets/js/themes.js IP76.76.21.164:443
Requested byhttps://skibnatties.vercel.app/ CertificateIssuerLet's Encrypt Subject*.vercel.app FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4 ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (7783), with no line terminators Hash0e9fa7a9c668b4aba84b0b9a19494639 ba80897a6a390b318702af380a30b4b16930bdcd 11f06271f1d96a1b8d71a98116528df77d35ee8bff5bb93048d5d00ddf200851
GET /assets/js/themes.js HTTP/1.1
Host: skibnatties.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://skibnatties.vercel.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
age: 0
cache-control: public, max-age=0
content-encoding: br
content-type: application/javascript; charset=UTF-8
date: Fri, 10 May 2024 14:54:28 GMT
etag: W/"1d8b-1668f272800"
last-modified: Sat, 20 Oct 2018 01:46:40 GMT
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-powered-by: Express
x-vercel-cache: MISS
x-vercel-id: arn1::iad1::9vdkv-1715352868369-ca45cdb900bc
X-Firefox-Spdy: h2
|
|
| ascensionunfinished.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRuuns3hg%2B8gyt4WYU7LLiyT7vk9LhiM2Ug0btZdRcEVqa6qnpSp7mqquqYnOQUDsjcHL147zyQb1F3RP8Bd6Sx4CAgZ8ZCDOXkRPAjinjzIzAaDL3S%2F71vPU%2FC8z1uf7LpTUoejJ0tv6i2pFJ1v1fzqlfeC4Hp1VSZuWB122x%2B2m9erZvBSr13zr1ZfE2xDz9f9wPcDP6guSyMiPZyfgpDpg15Q6%2Fm1Zr0WtJoYmv%2F21nmw1AMfnJIXIPlk7ol3EZKVSOJvloTdyHR67UbsFM20wYAfvJNsJDpPEJ%2BXkfEQJQdnbGh7vPwIOtmfyYUe%2FEsM5YR4PzxCmByciUQ42JvpDBVEgpD%2FH%2FmghFAlJC3B9A4kPyYA47i5hiS%2Bf1ObnG4%2BQ%2BkUnZC5p39C5hMy98tFJPHXi0oOq3e0cpnUicUwKiCHJWS%2FROoOkW1VIPNDsOxjSP4jmX%2B6iiTeW7NKQ%2FJiNruUJWRUQokRqPXgpp%2F04CIPLvUQ85MqC4Kg43NG%2FW6PsQbviLDN%2FYB2ooAGfrsLx6byRsjSEZgagZltpGYbG3IE476HXS9guQebTYj31jYGvEAuCHJLkFOCXBLkGUE%2BKPa5snVb3OfKujA4y%2FWz3CjGOuvv0n2d9UVCQM0Ihhe76Sl5fuqP98HrFWyIkyqPeF0EzO81Q9%2BnQavrt7pM%2BH67yzs86jZhZQFpK7ORt%2BSE9MhDpHJCLtV2ENJDWHUIJi%2BAuhdB8wJ0vcBW8lAktfXNNBU1plwIrguk2RyyTW9XnZJLsxWt7RgIdrTw9%2F%2BCy78NfwYzBVJT4CP5hKCv7o1v65zs3da5Jd%2BupZmM5Radru9ORjMx9%2BUbYjPXhq8s2dEXr7ApMC0fvC1stkoTLpO%2BJV8tSs6FWdaGCfLdin1XhLecXV90JnHp6q1Xl1fi1AhrpU5KUHl843MwOSHPPb47e5fX3v8V0pQwrkDsjshZQOpDsHQbNj1a%2BP3KX%2BWnd6%2FCagKjzjlh6iF3xdjUw%2FNDJQmUOO9pWMCKcwtCcfT4j2fY2NDpbSqLXXsPfVMBzXaQxAUGpsBAFaBqBOsujLPUHC381JgFQlUZh8pU9kJl1Gczk6c%2FCytPqp1Gw6ftXivodKjohM16N2oHnNJ6s11vt2kDmZ1EL7cu%2FwMAAP%2F%2FAQAA%2F%2F%2FUtiYvcQQAAA%3D%3D | 172.240.108.76 | 200 OK | 0 B |
URL GET HTTP/1.1ascensionunfinished.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRuuns3hg%2B8gyt4WYU7LLiyT7vk9LhiM2Ug0btZdRcEVqa6qnpSp7mqquqYnOQUDsjcHL147zyQb1F3RP8Bd6Sx4CAgZ8ZCDOXkRPAjinjzIzAaDL3S%2F71vPU%2FC8z1uf7LpTUoejJ0tv6i2pFJ1v1fzqlfeC4Hp1VSZuWB122x%2B2m9erZvBSr13zr1ZfE2xDz9f9wPcDP6guSyMiPZyfgpDpg15Q6%2Fm1Zr0WtJoYmv%2F21nmw1AMfnJIXIPlk7ol3EZKVSOJvloTdyHR67UbsFM20wYAfvJNsJDpPEJ%2BXkfEQJQdnbGh7vPwIOtmfyYUe%2FEsM5YR4PzxCmByciUQ42JvpDBVEgpD%2FH%2FmghFAlJC3B9A4kPyYA47i5hiS%2Bf1ObnG4%2BQ%2BkUnZC5p39C5hMy98tFJPHXi0oOq3e0cpnUicUwKiCHJWS%2FROoOkW1VIPNDsOxjSP4jmX%2B6iiTeW7NKQ%2FJiNruUJWRUQokRqPXgpp%2F04CIPLvUQ85MqC4Kg43NG%2FW6PsQbviLDN%2FYB2ooAGfrsLx6byRsjSEZgagZltpGYbG3IE476HXS9guQebTYj31jYGvEAuCHJLkFOCXBLkGUE%2BKPa5snVb3OfKujA4y%2FWz3CjGOuvv0n2d9UVCQM0Ihhe76Sl5fuqP98HrFWyIkyqPeF0EzO81Q9%2BnQavrt7pM%2BH67yzs86jZhZQFpK7ORt%2BSE9MhDpHJCLtV2ENJDWHUIJi%2BAuhdB8wJ0vcBW8lAktfXNNBU1plwIrguk2RyyTW9XnZJLsxWt7RgIdrTw9%2F%2BCy78NfwYzBVJT4CP5hKCv7o1v65zs3da5Jd%2BupZmM5Radru9ORjMx9%2BUbYjPXhq8s2dEXr7ApMC0fvC1stkoTLpO%2BJV8tSs6FWdaGCfLdin1XhLecXV90JnHp6q1Xl1fi1AhrpU5KUHl843MwOSHPPb47e5fX3v8V0pQwrkDsjshZQOpDsHQbNj1a%2BP3KX%2BWnd6%2FCagKjzjlh6iF3xdjUw%2FNDJQmUOO9pWMCKcwtCcfT4j2fY2NDpbSqLXXsPfVMBzXaQxAUGpsBAFaBqBOsujLPUHC381JgFQlUZh8pU9kJl1Gczk6c%2FCytPqp1Gw6ftXivodKjohM16N2oHnNJ6s11vt2kDmZ1EL7cu%2FwMAAP%2F%2FAQAA%2F%2F%2FUtiYvcQQAAA%3D%3D IP172.240.108.76:443
Requested byhttps://skibnatties.vercel.app/ CertificateIssuerLet's Encrypt Subjectascensionunfinished.com Fingerprint74:73:3B:0F:7A:C1:93:FB:B1:E0:8B:AE:39:45:B5:02:6D:2A:37:C8 ValidityMon, 06 May 2024 12:45:42 GMT - Sun, 04 Aug 2024 12:45:41 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRuuns3hg%2B8gyt4WYU7LLiyT7vk9LhiM2Ug0btZdRcEVqa6qnpSp7mqquqYnOQUDsjcHL147zyQb1F3RP8Bd6Sx4CAgZ8ZCDOXkRPAjinjzIzAaDL3S%2F71vPU%2FC8z1uf7LpTUoejJ0tv6i2pFJ1v1fzqlfeC4Hp1VSZuWB122x%2B2m9erZvBSr13zr1ZfE2xDz9f9wPcDP6guSyMiPZyfgpDpg15Q6%2Fm1Zr0WtJoYmv%2F21nmw1AMfnJIXIPlk7ol3EZKVSOJvloTdyHR67UbsFM20wYAfvJNsJDpPEJ%2BXkfEQJQdnbGh7vPwIOtmfyYUe%2FEsM5YR4PzxCmByciUQ42JvpDBVEgpD%2FH%2FmghFAlJC3B9A4kPyYA47i5hiS%2Bf1ObnG4%2BQ%2BkUnZC5p39C5hMy98tFJPHXi0oOq3e0cpnUicUwKiCHJWS%2FROoOkW1VIPNDsOxjSP4jmX%2B6iiTeW7NKQ%2FJiNruUJWRUQokRqPXgpp%2F04CIPLvUQ85MqC4Kg43NG%2FW6PsQbviLDN%2FYB2ooAGfrsLx6byRsjSEZgagZltpGYbG3IE476HXS9guQebTYj31jYGvEAuCHJLkFOCXBLkGUE%2BKPa5snVb3OfKujA4y%2FWz3CjGOuvv0n2d9UVCQM0Ihhe76Sl5fuqP98HrFWyIkyqPeF0EzO81Q9%2BnQavrt7pM%2BH67yzs86jZhZQFpK7ORt%2BSE9MhDpHJCLtV2ENJDWHUIJi%2BAuhdB8wJ0vcBW8lAktfXNNBU1plwIrguk2RyyTW9XnZJLsxWt7RgIdrTw9%2F%2BCy78NfwYzBVJT4CP5hKCv7o1v65zs3da5Jd%2BupZmM5Radru9ORjMx9%2BUbYjPXhq8s2dEXr7ApMC0fvC1stkoTLpO%2BJV8tSs6FWdaGCfLdin1XhLecXV90JnHp6q1Xl1fi1AhrpU5KUHl843MwOSHPPb47e5fX3v8V0pQwrkDsjshZQOpDsHQbNj1a%2BP3KX%2BWnd6%2FCagKjzjlh6iF3xdjUw%2FNDJQmUOO9pWMCKcwtCcfT4j2fY2NDpbSqLXXsPfVMBzXaQxAUGpsBAFaBqBOsujLPUHC381JgFQlUZh8pU9kJl1Gczk6c%2FCytPqp1Gw6ftXivodKjohM16N2oHnNJ6s11vt2kDmZ1EL7cu%2FwMAAP%2F%2FAQAA%2F%2F%2FUtiYvcQQAAA%3D%3D HTTP/1.1
Host: ascensionunfinished.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://skibnatties.vercel.app/
Cookie: u_pl=22891010; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecdfd2e1c094b00a158058ce0068d7df84=[5210994,5210995]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 14:54:30 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e6fe0567106b180bb9ecd3ed0e1f88d2
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| cdn.creative-bars1.com/sb/interstitial/sweep/default/stories/1/js/script.js | 188.114.97.1 | 200 OK | 321 B |
URL GET HTTP/2cdn.creative-bars1.com/sb/interstitial/sweep/default/stories/1/js/script.js IP188.114.97.1:443
Requested byhttps://skibnatties.vercel.app/ CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeASCII text, with very long lines (343), with no line terminators Hash4f46dc256e627bbc1fa54e2996e30b25 56ff1d7676599e3d1ddbee84dad29f2a2bece6ce 6933ea1db439c96d670e6ce25bcbfa19052ce0626fee500df36d11167636d6c3
GET /sb/interstitial/sweep/default/stories/1/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://skibnatties.vercel.app
DNT: 1
Connection: keep-alive
Referer: https://skibnatties.vercel.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 14:54:31 GMT
content-type: application/javascript
last-modified: Fri, 19 Jan 2024 14:17:32 GMT
etag: W/"65aa847c-141"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=raUa%2B6VyGIhpJljK8k1ikRXhaaUSsfq2Dldx%2B0HmORC%2F49CLAqpPA%2BiQz9nV%2BzGSRWBW8GCeOSlbvjJD5DR9fZgCkkqbDp%2BIfXigujLKXosbTw4jp76HtG4KAzB9gbAzQ19e9B82BXJP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881ac3d389a57131-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| skibnatties.vercel.app/assets/js/anym.js | 76.76.21.164 | 200 OK | 1.9 kB |
URL GET HTTP/2skibnatties.vercel.app/assets/js/anym.js IP76.76.21.164:443
Requested byhttps://skibnatties.vercel.app/ CertificateIssuerLet's Encrypt Subject*.vercel.app FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4 ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (2037), with no line terminators Hash4a22ad7ac8e80432ad1818f572e4d651 5cd9323bb41d58db37c36a12cace0065f84dd684 27330043a8ce7dcde02a22d1b720fd93275768766c9b5dbd64fd183801f3e338
GET /assets/js/anym.js HTTP/1.1
Host: skibnatties.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://skibnatties.vercel.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
age: 0
cache-control: public, max-age=0
content-encoding: br
content-type: application/javascript; charset=UTF-8
date: Fri, 10 May 2024 14:54:28 GMT
etag: W/"771-1668f272800"
last-modified: Sat, 20 Oct 2018 01:46:40 GMT
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-powered-by: Express
x-vercel-cache: MISS
x-vercel-id: arn1::iad1::fvzxp-1715352868363-fe0bd6d1be60
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/interstitial/sweep/default/stories/1/css/style.css | 188.114.97.1 | 200 OK | 1.4 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/interstitial/sweep/default/stories/1/css/style.css IP188.114.97.1:443
Requested byhttps://skibnatties.vercel.app/ CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeASCII text, with very long lines (1523), with no line terminators Hashaf8b297e908242d66890c4650aaffdd2 45fe0a1587b11f77bf71085d15dbae9750a97179 cc03ce0e52d2d5b339b37554d900c6ec631929d4d729ffbd1fb200eba267d5ad
GET /sb/interstitial/sweep/default/stories/1/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://skibnatties.vercel.app
DNT: 1
Connection: keep-alive
Referer: https://skibnatties.vercel.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 14:54:31 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:17:32 GMT
etag: W/"65aa847c-59a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tFkJNHN3QcKiwLO6VcyOx215ba%2FE3ihmmb1bddlMa46j6xF8znqXg6%2BvL73aB%2F%2Fd7LxLCOVRyuqKBOKhKNE715%2FYSwcCsuyjX%2FAzDpf%2FWU4ipBTsZc2JhsPGnyhJi93U%2BF0%2BZFs0V6Tu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881ac3d298887131-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/particles.js/2.0.0/particles.min.js | 151.101.193.229 | 200 OK | 23 kB |
URL GET HTTP/2cdn.jsdelivr.net/particles.js/2.0.0/particles.min.js IP151.101.193.229:443
Requested byhttps://skibnatties.vercel.app/ CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeASCII text, with very long lines (23002) Hash00debcf6cf0789a19cee2278011afcd4 8017f8b1869077db728573f1ca4684a00af69462 faee7815a5fd27e938d1e01c8392b66332024908eb118048f608eee671371df6
GET /particles.js/2.0.0/particles.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://skibnatties.vercel.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
etag: W/"5b44-gBf4sYaQd9tyhXPxykaEoAr2lGI"
content-encoding: br
accept-ranges: bytes
date: Fri, 10 May 2024 14:54:28 GMT
age: 2995858
x-served-by: cache-fra-eddf8230124-FRA, cache-hel1410025-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 6363
X-Firefox-Spdy: h2
|
|
| cdn.barscreative1.com/sb/interstitial/sweep/default/stories/1/index.html | 45.133.44.4 | 200 OK | 1.1 kB |
URL GET HTTP/2cdn.barscreative1.com/sb/interstitial/sweep/default/stories/1/index.html IP45.133.44.4:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://skibnatties.vercel.app/ CertificateIssuerLet's Encrypt Subjectcdn.barscreative1.com Fingerprint08:55:F0:C8:EA:24:54:0D:3C:B9:2C:95:3E:DC:BF:FB:A8:76:BA:BC ValidityThu, 09 May 2024 03:01:15 GMT - Wed, 07 Aug 2024 03:01:14 GMT
File typeHTML document, ASCII text, with very long lines (1191), with no line terminators Hash3cb5e6c9f01bfa7cb22cea97b0b797bd e7d11b7e73cef3077f1fd9422b02887a0a9b92a3 ff16f3fe2fabcd2e6ff096ae0c0c535ea1b9e3ad821158fe96dd38a673a24ca8
GET /sb/interstitial/sweep/default/stories/1/index.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://skibnatties.vercel.app
DNT: 1
Connection: keep-alive
Referer: https://skibnatties.vercel.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 14:54:30 GMT
content-type: text/html; charset=utf-8
server: nginx/1.21.6
last-modified: Fri, 19 Jan 2024 14:17:32 GMT
etag: W/"65aa847c-465"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Fri, 10 May 2024 15:54:30 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/interstitial/sweep/default/stories/1/img/close.svg | 188.114.97.1 | 200 OK | 1.3 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/interstitial/sweep/default/stories/1/img/close.svg IP188.114.97.1:443
Requested byhttps://skibnatties.vercel.app/ CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeSVG Scalable Vector Graphics image Hash5ff33e884803785a8002a2aa5fa03b0e a04406f2592e23e648bee499477f823da0c48362 6ba65121162b5b03e75501501ddaa928f73be8d1fe81c032a4879561de63ff58
GET /sb/interstitial/sweep/default/stories/1/img/close.svg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 14:54:30 GMT
content-type: image/svg+xml
last-modified: Fri, 19 Jan 2024 14:17:32 GMT
etag: W/"65aa847c-4ff"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2148092
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TLmJwBE58kYSh5OOJUNb4krnLUi4B0DMWNt2zYWtezWR98d9q48ZisPrgZ5lT%2Brl8eZGHs1qR9A5CmIErXG9Muid0%2Fu0fF7FH8TKyqkQNdwLljnia8iU1ArpLECSNpEGfda5xtRFU1eu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881ac3d29b1456a9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ascensionunfinished.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fstories%2F1%2Fcss%2Fanimate.css&l=78693&fd=658 | 172.240.108.76 | 200 OK | 0 B |
URL GET HTTP/1.1ascensionunfinished.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fstories%2F1%2Fcss%2Fanimate.css&l=78693&fd=658 IP172.240.108.76:443
Requested byhttps://skibnatties.vercel.app/ CertificateIssuerLet's Encrypt Subjectascensionunfinished.com Fingerprint74:73:3B:0F:7A:C1:93:FB:B1:E0:8B:AE:39:45:B5:02:6D:2A:37:C8 ValidityMon, 06 May 2024 12:45:42 GMT - Sun, 04 Aug 2024 12:45:41 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fstories%2F1%2Fcss%2Fanimate.css&l=78693&fd=658 HTTP/1.1
Host: ascensionunfinished.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://skibnatties.vercel.app/
Cookie: u_pl=22891010; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecdfd2e1c094b00a158058ce0068d7df84=[5210994,5210995]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 14:54:31 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| skibnatties.vercel.app/assets/js/functions.js | 76.76.21.164 | 200 OK | 7.5 kB |
URL GET HTTP/2skibnatties.vercel.app/assets/js/functions.js IP76.76.21.164:443
Requested byhttps://skibnatties.vercel.app/ CertificateIssuerLet's Encrypt Subject*.vercel.app FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4 ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT
File typeASCII text, with very long lines (8179), with no line terminators Hashcf3f70fb65205d2a3590b20b6187d3d2 1738ee1312394b94880ff0bac423405afc93deae a885bf3bfe57b6b8c827e6f157ed7686da0c42feba4e50f3e09c9ff142f28f02
GET /assets/js/functions.js HTTP/1.1
Host: skibnatties.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://skibnatties.vercel.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
age: 0
cache-control: public, max-age=0
content-encoding: br
content-type: application/javascript; charset=UTF-8
date: Fri, 10 May 2024 14:54:28 GMT
etag: W/"1d2f-1668f272800"
last-modified: Sat, 20 Oct 2018 01:46:40 GMT
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-powered-by: Express
x-vercel-cache: MISS
x-vercel-id: arn1::iad1::zxjvr-1715352868363-bd24d853c22f
X-Firefox-Spdy: h2
|
|
| skibnatties.vercel.app/assets/js/particles.js | 76.76.21.164 | 200 OK | 23 kB |
URL GET HTTP/2skibnatties.vercel.app/assets/js/particles.js IP76.76.21.164:443
Requested byhttps://skibnatties.vercel.app/ CertificateIssuerLet's Encrypt Subject*.vercel.app FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4 ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /assets/js/particles.js HTTP/1.1
Host: skibnatties.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://skibnatties.vercel.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
age: 0
cache-control: public, max-age=0
content-encoding: br
content-type: application/javascript; charset=UTF-8
date: Fri, 10 May 2024 14:54:28 GMT
etag: W/"584d-1668f272800"
last-modified: Sat, 20 Oct 2018 01:46:40 GMT
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-powered-by: Express
x-vercel-cache: MISS
x-vercel-id: arn1::iad1::p649p-1715352868369-d0c36cee7967
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/bootstrap-icons@1.11.1/font/fonts/bootstrap-icons.woff2?2820a3852bdb9a5832199cc61cec4e65 | 151.101.193.229 | 200 OK | 131 kB |
URL GET HTTP/3cdn.jsdelivr.net/npm/bootstrap-icons@1.11.1/font/fonts/bootstrap-icons.woff2?2820a3852bdb9a5832199cc61cec4e65 IP151.101.193.229:443
Requested byhttps://skibnatties.vercel.app/ CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 130608, version 1.0 Size131 kB (130608 bytes) Hashed62b9f1e0c75121f4d797a4a85730a2 d33714cb0836ea9ebe02f4ccc22806593903167a bacd70afda7da1deac2bbd49b5717a4dd133bcd59c379525d705b8492f678e95
GET /npm/bootstrap-icons@1.11.1/font/fonts/bootstrap-icons.woff2?2820a3852bdb9a5832199cc61cec4e65 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://skibnatties.vercel.app
DNT: 1
Connection: keep-alive
Referer: https://cdn.jsdelivr.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-length: 130608
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
x-jsd-version: 1.11.1
x-jsd-version-type: version
etag: W/"1fe30-0zcUywg26p6+AvTMwigGWTkDFno"
accept-ranges: bytes
date: Fri, 10 May 2024 14:54:28 GMT
age: 2908570
x-served-by: cache-fra-etou8220153-FRA, cache-hel1410034-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| ascensionunfinished.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fstories%2F1%2Fjs%2Fscript.js&l=321&fd=317 | 172.240.108.76 | 200 OK | 0 B |
URL GET HTTP/1.1ascensionunfinished.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fstories%2F1%2Fjs%2Fscript.js&l=321&fd=317 IP172.240.108.76:443
Requested byhttps://skibnatties.vercel.app/ CertificateIssuerLet's Encrypt Subjectascensionunfinished.com Fingerprint74:73:3B:0F:7A:C1:93:FB:B1:E0:8B:AE:39:45:B5:02:6D:2A:37:C8 ValidityMon, 06 May 2024 12:45:42 GMT - Sun, 04 Aug 2024 12:45:41 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fstories%2F1%2Fjs%2Fscript.js&l=321&fd=317 HTTP/1.1
Host: ascensionunfinished.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://skibnatties.vercel.app/
Cookie: u_pl=22891010; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecdfd2e1c094b00a158058ce0068d7df84=[5210994,5210995]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 14:54:31 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| skibnatties.vercel.app/assets/js/main.js | 76.76.21.164 | 200 OK | 3.7 kB |
URL GET HTTP/2skibnatties.vercel.app/assets/js/main.js IP76.76.21.164:443
Requested byhttps://skibnatties.vercel.app/ CertificateIssuerLet's Encrypt Subject*.vercel.app FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4 ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (3987), with no line terminators Hash28eb39f071c947e67068a1dd99aaf68b 5e57397c6bad5a88a3ada5f67df025414b9d2c09 0180fc73950c17ddfc7cc41825e9859983a185417956e67c1c4411ea835d8617
GET /assets/js/main.js HTTP/1.1
Host: skibnatties.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://skibnatties.vercel.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
age: 0
cache-control: public, max-age=0
content-encoding: br
content-type: application/javascript; charset=UTF-8
date: Fri, 10 May 2024 14:54:28 GMT
etag: W/"e66-1668f272800"
last-modified: Sat, 20 Oct 2018 01:46:40 GMT
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-powered-by: Express
x-vercel-cache: MISS
x-vercel-id: arn1::iad1::779m8-1715352868369-92f2a93874af
X-Firefox-Spdy: h2
|
|