| cache.cloudswiftcdn.com/ | 104.21.59.254 | 200 OK | 1.0 kB |
IP104.21.59.254:443
Requested byhttps://vidunderband.com/ CertificateIssuerGoogle Trust Services LLC Subjectcloudswiftcdn.com FingerprintEA:8A:AC:8F:2C:35:47:2B:86:E8:66:38:48:F5:23:15:41:35:65:8E ValiditySun, 05 May 2024 02:14:55 GMT - Sat, 03 Aug 2024 02:14:54 GMT
File typeJavaScript source, ASCII text, with very long lines (1139) Hashb005688932b77f5ee836d7e5e30fc5a0 b200a41adc3e9c5300180237f860059d73302c2c aab06f07d645295baa4c503c0b7f40972b3e4678b27aae74171b6177ce4f1c33
GET / HTTP/1.1
Host: cache.cloudswiftcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidunderband.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 23:39:08 GMT
content-type: application/javascript; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sLrp%2FcDDKMxpSqGG8ghXRU2jQbB53%2FShd%2Bbr7FdAbT9Ji5f6ql7ryWgtKjMn4J03OxPpzIBtvmpU0pOELVJIZlvOX7b4H9g4O%2Fq21%2F5jbsZHt%2BIj74blPWQAJgbpoIv6b0I4nMCegWHB%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88050c2fed9056a5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| aislot.matomo.cloud/matomo.php?action_name=Portal%20Berita%20Slot%20Online%20Gacor%20-%20vidunderband.com&idsite=1&rec=1&r=960404&h=23&m=39&s=8&url=https%3A%2F%2Fvidunderband.com%2F&_id=e30731685014f456&_idn=1&send_image=0&_refts=0&pv_id=JY9Rm3&pf_net=20&pf_srv=860&pf_tfr=217&uadata=%7B%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x1024 | 18.157.122.248 | 204 No Content | 0 B |
URL POST HTTP/2aislot.matomo.cloud/matomo.php?action_name=Portal%20Berita%20Slot%20Online%20Gacor%20-%20vidunderband.com&idsite=1&rec=1&r=960404&h=23&m=39&s=8&url=https%3A%2F%2Fvidunderband.com%2F&_id=e30731685014f456&_idn=1&send_image=0&_refts=0&pv_id=JY9Rm3&pf_net=20&pf_srv=860&pf_tfr=217&uadata=%7B%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x1024 IP18.157.122.248:443
Requested byhttps://vidunderband.com/ CertificateIssuerAmazon Subject*.matomo.cloud Fingerprint53:3D:4D:D3:BE:99:58:2D:15:19:20:CA:14:65:7A:20:AF:49:6F:CD ValidityWed, 21 Jun 2023 00:00:00 GMT - Fri, 19 Jul 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /matomo.php?action_name=Portal%20Berita%20Slot%20Online%20Gacor%20-%20vidunderband.com&idsite=1&rec=1&r=960404&h=23&m=39&s=8&url=https%3A%2F%2Fvidunderband.com%2F&_id=e30731685014f456&_idn=1&send_image=0&_refts=0&pv_id=JY9Rm3&pf_net=20&pf_srv=860&pf_tfr=217&uadata=%7B%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x1024 HTTP/1.1
Host: aislot.matomo.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Content-Length: 0
Origin: https://vidunderband.com
DNT: 1
Connection: keep-alive
Referer: https://vidunderband.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 07 May 2024 23:39:08 GMT
server: Apache
access-control-allow-origin: https://vidunderband.com
access-control-allow-credentials: true
vary: X-Forwarded-Port-Override,X-Forwarded-Proto-Override,User-Agent
X-Firefox-Spdy: h2
|
|
| jquery.restartyourchoices.com/cdncollect?r1=vidunderband.com | 104.21.19.43 | 200 OK | 4.6 kB |
URL GET HTTP/2jquery.restartyourchoices.com/cdncollect?r1=vidunderband.com IP104.21.19.43:443
Requested byhttps://vidunderband.com/ CertificateIssuerLet's Encrypt Subjectrestartyourchoices.com Fingerprint1E:64:C0:EA:CA:57:4F:66:CB:2A:33:CF:E5:2D:8D:F5:B1:21:CE:D6 ValidityThu, 02 May 2024 15:04:04 GMT - Wed, 31 Jul 2024 15:04:03 GMT
File typeJavaScript source, ASCII text, with very long lines (10370) Hasha670ec3dd6fa757de5d5aab7abddfe59 07efb08354a342ae821e52b60728a31945c95759 a9aa76d5655c965f1feceec22619fa26acb1c4832f76ea25a79201bbc2b2c2f0
GET /cdncollect?r1=vidunderband.com HTTP/1.1
Host: jquery.restartyourchoices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidunderband.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 23:39:08 GMT
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate
expires: Tue, 07 May 2024 23:39:08 GMT
set-cookie: _subid=376l60jii83so; expires=Fri, 07 Jun 2024 23:39:08 GMT; path=/
a4fba=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjQxXCI6MTcxNTEyNTE0OH0sXCJjYW1wYWlnbnNcIjp7XCIxM1wiOjE3MTUxMjUxNDh9LFwidGltZVwiOjE3MTUxMjUxNDh9In0.ie_xni0mO4sBXLZBJIIjflVgYbpsMgcwzsRcob0xR2Y; expires=Tue, 13 Sep 2078 23:18:16 GMT; path=/
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=szuaneLRVRdS3dOPpgbs8kNREc1VCOEBn6i4rxvF0tUzSL5pU22Fq%2FKtHnYzVE%2Bwn3bI5IvSLisWI%2BNo73QzvKdWmG4B5yond7Kvjtenp%2BUlA%2Fm0hwBSqF8UZif%2B9TAM9FnUkGmVCQ1mwU3Ofu9onA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88050c330f17b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| vidunderband.com/wp-content/themes/blossom-feminine/js/custom.min.js?ver=1.1.0 | 104.21.76.160 | 200 OK | 1.4 kB |
URL GET HTTP/3vidunderband.com/wp-content/themes/blossom-feminine/js/custom.min.js?ver=1.1.0 IP104.21.76.160:443
Requested byhttps://vidunderband.com/ CertificateIssuerGoogle Trust Services LLC Subjectvidunderband.com Fingerprint6C:F5:10:53:02:CA:5D:FE:79:53:1C:F5:F9:DE:14:70:1B:E7:10:90 ValidityTue, 26 Mar 2024 16:31:19 GMT - Mon, 24 Jun 2024 16:31:18 GMT
File typeJavaScript source, ASCII text, with very long lines (2841) Hashf6d1e4226f36966777af5398c2eb221a 1887c57cea2d88aefe7cb39f1887e6c74ad0bc2e c9db3ebd46c59675e9b958399f88d8714196e88c1def092c85341e26f2470aa5
GET /wp-content/themes/blossom-feminine/js/custom.min.js?ver=1.1.0 HTTP/1.1
Host: vidunderband.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidunderband.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 23:39:08 GMT
content-type: text/javascript
etag: W/"b4e-6312e979-3c81202;br"
last-modified: Sat, 03 Sep 2022 05:43:21 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lpmnmRm%2Bcb5yr9J6u8L2x5mACqKwAXCqNgcjrO8JTqMSJo0LIQnwZV6VoL1oAcFcOKao2pW4K5F9lga%2Fcp3EfCRxV4Iq6u%2B62VAWFnmfuUknwbC4oFL6zUwyZHm7W%2BeLr04E"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88050c301ee256b1-OSL
content-encoding: br
|
|
| vidunderband.com/wp-content/themes/blossom-feminine/js/owl.carousel.min.js?ver=2.2.1 | 104.21.76.160 | 200 OK | 12 kB |
URL GET HTTP/3vidunderband.com/wp-content/themes/blossom-feminine/js/owl.carousel.min.js?ver=2.2.1 IP104.21.76.160:443
Requested byhttps://vidunderband.com/ CertificateIssuerGoogle Trust Services LLC Subjectvidunderband.com Fingerprint6C:F5:10:53:02:CA:5D:FE:79:53:1C:F5:F9:DE:14:70:1B:E7:10:90 ValidityTue, 26 Mar 2024 16:31:19 GMT - Mon, 24 Jun 2024 16:31:18 GMT
File typeJavaScript source, ASCII text, with very long lines (32000), with CRLF line terminators Hash56b28ad35f1816c6894b14190a0a006d 967ceaa9e6f67e636d818f42b4d5d15c7a4a254e b5757aa153f991c82c949e638c56b4913042196240f3a41cec5a40c3366d1bdd
GET /wp-content/themes/blossom-feminine/js/owl.carousel.min.js?ver=2.2.1 HTTP/1.1
Host: vidunderband.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidunderband.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 23:39:08 GMT
content-type: text/javascript
etag: W/"a714-6312e979-3c81205;br"
last-modified: Sat, 03 Sep 2022 05:43:21 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sbRgLBSbJRH0vtLlCPdStMRAMEv%2B1dZ7zdt9DyT8wRBVzgK759pqkBKU5ULGtz4hHsZLEWrhIktMdZfbzWB2JqqqGGfq7tWoleJdQqFSZ5PXO93sYecMgdYA%2FEcFBYIGms8Y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88050c301edb56b1-OSL
content-encoding: br
|
|
| vidunderband.com/wp-content/themes/blossom-mommy-blog/js/custom.js?ver=1.1.0 | 104.21.76.160 | 200 OK | 4.3 kB |
URL GET HTTP/3vidunderband.com/wp-content/themes/blossom-mommy-blog/js/custom.js?ver=1.1.0 IP104.21.76.160:443
Requested byhttps://vidunderband.com/ CertificateIssuerGoogle Trust Services LLC Subjectvidunderband.com Fingerprint6C:F5:10:53:02:CA:5D:FE:79:53:1C:F5:F9:DE:14:70:1B:E7:10:90 ValidityTue, 26 Mar 2024 16:31:19 GMT - Mon, 24 Jun 2024 16:31:18 GMT
File typeJavaScript source, ASCII text, with CRLF line terminators Hash00e570591966b1763a342e7dde9f9e78 eaf5f160fcdba34d44c21b1834fda01ab35c5f1c 9b354269149f458d942ff6d413de3a542d54a220cfc9e84eacc1cf75c2b3c43b
GET /wp-content/themes/blossom-mommy-blog/js/custom.js?ver=1.1.0 HTTP/1.1
Host: vidunderband.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidunderband.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 23:39:08 GMT
content-type: text/javascript
etag: W/"2c4-6312e975-3c8121f;br"
last-modified: Sat, 03 Sep 2022 05:43:17 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xWj9VwZVG050zcJpQ8KmnPHKFGWHWl13Y5JN1GIyseFXRI04WlLPaMFWK7VCTyXoArLItqadkc1juIAa%2F2wAObvoStJYFKc3gFWNj6KkGKbW2tmIm21nvQ4gDptOnjrWwkv7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88050c300ed656b1-OSL
content-encoding: br
|
|
| js.cdntoswitchspirit.com/source/split.js | 104.21.93.126 | 200 OK | 18 kB |
URL GET HTTP/3js.cdntoswitchspirit.com/source/split.js IP104.21.93.126:443
Requested byhttps://vidunderband.com/ CertificateIssuerLet's Encrypt Subjectcdntoswitchspirit.com FingerprintDF:DB:EE:70:5A:39:BB:E7:A9:C6:4B:5C:24:04:56:6B:D0:D3:C0:AD ValidityMon, 29 Apr 2024 10:49:03 GMT - Sun, 28 Jul 2024 10:49:02 GMT
File typeJavaScript source, ASCII text, with very long lines (36341), with no line terminators Hashfe59aea1c787d361c69c43c46a747767 2cc61a29d05db4814718cc60450876419afc5d24 9763b6045876ff0f6ddf7f20e19d631346a2f132e675ff1601896b3625fd9816
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /source/split.js HTTP/1.1
Host: js.cdntoswitchspirit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidunderband.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 23:39:08 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 30 Apr 2024 15:35:14 GMT
vary: Accept-Encoding
etag: W/"66310fb2-8df5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 17058
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L3A%2FArEjYV8FqLTkwiCt8qc%2Fh94%2BJgxpNQU00mcRM0tmGvML1l3B0iIt0GWqm%2FLnTSWmaAUWYTTVSMHjdQNW7fO40DNBh5SWtr3ymrQ76oDxllltAxChgc7R7SVOV1EHiOAFpxtWiXDn4gE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88050c323867569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bind.bestresulttostart.com/scripts/statistics.js?s=11.4.2 | 193.163.7.113 | 200 OK | 12 kB |
URL GET HTTP/2bind.bestresulttostart.com/scripts/statistics.js?s=11.4.2 IP193.163.7.113:443
Requested byhttps://vidunderband.com/ CertificateIssuerLet's Encrypt Subjectbestresulttostart.com FingerprintF4:4C:F5:1D:A8:B6:9F:52:11:56:EC:A1:D7:C6:98:DF:2E:96:E0:4C ValidityMon, 08 Apr 2024 08:36:22 GMT - Sun, 07 Jul 2024 08:36:21 GMT
File typegzip compressed data, from Unix Hash52795061448500052b5ee4d202c014ce d53e0d7be9482caf111e0911f30818a07d6e9c9a 8b741fd5cf75637b1024ebfdc9bab2d9ef8f6bbf7a532b39f82123a7cf827ca0
Analyzer | Verdict | Alert | ThreatFox | malicious | Unknown malware | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /scripts/statistics.js?s=11.4.2 HTTP/1.1
Host: bind.bestresulttostart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidunderband.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 23:39:08 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 30 Apr 2024 15:15:36 GMT
vary: Accept-Encoding
etag: W/"66310b18-285b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000;
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| vidunderband.com/wp-content/themes/blossom-feminine/js/v4-shims.min.js?ver=6.1.1 | 104.21.76.160 | 200 OK | 21 kB |
URL GET HTTP/3vidunderband.com/wp-content/themes/blossom-feminine/js/v4-shims.min.js?ver=6.1.1 IP104.21.76.160:443
Requested byhttps://vidunderband.com/ CertificateIssuerGoogle Trust Services LLC Subjectvidunderband.com Fingerprint6C:F5:10:53:02:CA:5D:FE:79:53:1C:F5:F9:DE:14:70:1B:E7:10:90 ValidityTue, 26 Mar 2024 16:31:19 GMT - Mon, 24 Jun 2024 16:31:18 GMT
File typeJavaScript source, ASCII text, with very long lines (25929), with CRLF line terminators Hash3c32505e3df0fc7407f2ed5d5b41c3b3 2213983476d6ba3fc206457dc959959cc5af21ad 74110cf04c05b69b63f47ec3b5d7abb4fc7cefcf82a5bc8001c35eb501cc2d04
GET /wp-content/themes/blossom-feminine/js/v4-shims.min.js?ver=6.1.1 HTTP/1.1
Host: vidunderband.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidunderband.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 23:39:08 GMT
content-type: text/javascript
etag: W/"6629-6312e979-3c81208;br"
last-modified: Sat, 03 Sep 2022 05:43:21 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5s%2FeVLbZEq94npNIFFUeFa0%2BXjlKwo2dj9c8ByHe45EELx5Qa43vNWUhdAfWPN%2BpUa1keQ4mJ8funsMDq1d%2B2n9Fo4ZfnxZMJvw%2Bz8dfVYZH0M%2BUn0RpMA5xf67SJMzU0owI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88050c301ed856b1-OSL
content-encoding: br
|
|
| vidunderband.com/wp-content/themes/blossom-feminine/js/owlcarousel2-a11ylayer.min.js?ver=0.2.1 | 104.21.76.160 | 200 OK | 9.0 kB |
URL GET HTTP/3vidunderband.com/wp-content/themes/blossom-feminine/js/owlcarousel2-a11ylayer.min.js?ver=0.2.1 IP104.21.76.160:443
Requested byhttps://vidunderband.com/ CertificateIssuerGoogle Trust Services LLC Subjectvidunderband.com Fingerprint6C:F5:10:53:02:CA:5D:FE:79:53:1C:F5:F9:DE:14:70:1B:E7:10:90 ValidityTue, 26 Mar 2024 16:31:19 GMT - Mon, 24 Jun 2024 16:31:18 GMT
File typeJavaScript source, ASCII text, with very long lines (732), with CRLF line terminators Hash0075dbfa08cac4bdf9437810692087b0 2fc90ea042b695768b92941d345f8a3ea61959c8 e3722052d34b931f3204a6ba64f98635ff9832ee9ad971ec881bd86b0f83c8ad
GET /wp-content/themes/blossom-feminine/js/owlcarousel2-a11ylayer.min.js?ver=0.2.1 HTTP/1.1
Host: vidunderband.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidunderband.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 23:39:08 GMT
content-type: text/javascript
etag: W/"f53-6312e979-3c81206;br"
last-modified: Sat, 03 Sep 2022 05:43:21 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PIp3uUenf5oK3qbMJwlHKh%2F7i%2BsUV2cY1xO6uWCzQZ7HoIVMiAvCO576fZThLfKwHuzy%2B9FD4yrZOHXJVPCQPSEDNbLbxTWj6cCXtpMFLTc%2BXCRKBKW9Fz8dc1H7Z%2Fe7Y%2F96"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88050c301edc56b1-OSL
content-encoding: br
|
|
| fonts.gstatic.com/s/cabin/v27/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2 | 216.58.207.227 | 200 OK | 28 kB |
URL GET HTTP/2fonts.gstatic.com/s/cabin/v27/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2 IP216.58.207.227:443
Requested byhttps://vidunderband.com/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 28076, version 1.0 Hash876d74bcd0a927aba5be92bf7993f1aa 1ffc2b292eb17625a33feaf5460e84d137846811 dcb085ad0fca889c4a1b898ccc7458c5d586e5740e7b7bffe065ac6a5e247ada
GET /s/cabin/v27/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://vidunderband.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28076
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 19:16:45 GMT
expires: Fri, 02 May 2025 19:16:45 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 22:14:58 GMT
content-type: font/woff2
age: 447744
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| css.cdntoswitchspirit.com/scripts/class.js | 104.21.93.126 | 200 OK | 42 kB |
URL GET HTTP/3css.cdntoswitchspirit.com/scripts/class.js IP104.21.93.126:443
Requested byhttps://vidunderband.com/ CertificateIssuerLet's Encrypt Subjectcdntoswitchspirit.com FingerprintDF:DB:EE:70:5A:39:BB:E7:A9:C6:4B:5C:24:04:56:6B:D0:D3:C0:AD ValidityMon, 29 Apr 2024 10:49:03 GMT - Sun, 28 Jul 2024 10:49:02 GMT
File typeJavaScript source, ASCII text, with very long lines (35248), with no line terminators Hash9b5faa863a03cc97eca67fb8c63aea5d 8f5c6a97bb740bcf24f291e83a46e9aff626923b 4cb0f698f3957b9c8c6ce08c5f18d19fc90278a14f7fafe92dbe00d717bc2acb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /scripts/class.js HTTP/1.1
Host: css.cdntoswitchspirit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidunderband.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 23:39:09 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 30 Apr 2024 15:35:29 GMT
vary: Accept-Encoding
etag: W/"66310fc1-89b0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 17058
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FTkmNvf78M2fzz9tRHrtFjg1fWfhz2VpLDFNWIPFJdiIKUfkzG7NbTZOpYm0k9sqGZLQBL3ivrp0Y%2Frn%2BHy9HUFN3HfM%2FSRKAGVm9BZyPGJA2TtOMkKiMheI1fy8Tw88xudGNuD3zRhucPKR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88050c3589f5569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/cabin/v27/u-4g0qWljRw-Pd815fNqc8T_wAFcX-c37OnuHXg.woff2 | 216.58.207.227 | 200 OK | 30 kB |
URL GET HTTP/2fonts.gstatic.com/s/cabin/v27/u-4g0qWljRw-Pd815fNqc8T_wAFcX-c37OnuHXg.woff2 IP216.58.207.227:443
Requested byhttps://vidunderband.com/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 29608, version 1.0 Hash46dade4a0ed47b29dae963a3a5b7cb66 3261819d3944b3355426ccc77bf01d69b91a9d1d 984895040bbf61634f2ebc97c1c3f0e739786f7bc3b05e94d60d74a28b554c21
GET /s/cabin/v27/u-4g0qWljRw-Pd815fNqc8T_wAFcX-c37OnuHXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://vidunderband.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 29608
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 17:42:05 GMT
expires: Fri, 02 May 2025 17:42:05 GMT
cache-control: public, max-age=31536000
age: 453424
last-modified: Wed, 13 Sep 2023 22:15:24 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/cabin/v27/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2 | 216.58.207.227 | 200 OK | 28 kB |
URL GET HTTP/2fonts.gstatic.com/s/cabin/v27/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2 IP216.58.207.227:443
Requested byhttps://vidunderband.com/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 28076, version 1.0 Hash876d74bcd0a927aba5be92bf7993f1aa 1ffc2b292eb17625a33feaf5460e84d137846811 dcb085ad0fca889c4a1b898ccc7458c5d586e5740e7b7bffe065ac6a5e247ada
GET /s/cabin/v27/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://vidunderband.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28076
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 19:16:45 GMT
expires: Fri, 02 May 2025 19:16:45 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 22:14:58 GMT
content-type: font/woff2
age: 447744
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| vidunderband.com/wp-content/themes/blossom-feminine/js/sticky-kit.min.js?ver=1.1.3 | 104.21.76.160 | 200 OK | 47 kB |
URL GET HTTP/3vidunderband.com/wp-content/themes/blossom-feminine/js/sticky-kit.min.js?ver=1.1.3 IP104.21.76.160:443
Requested byhttps://vidunderband.com/ CertificateIssuerGoogle Trust Services LLC Subjectvidunderband.com Fingerprint6C:F5:10:53:02:CA:5D:FE:79:53:1C:F5:F9:DE:14:70:1B:E7:10:90 ValidityTue, 26 Mar 2024 16:31:19 GMT - Mon, 24 Jun 2024 16:31:18 GMT
File typeJavaScript source, ASCII text, with very long lines (546), with CRLF line terminators Hashd20fcbe82c44ac0c047590f86e0170b5 1a40b73ed16ebf19e675b800761df06c9812409b bee29a32ea5a0206cd8e7afa157bf0a170e907a44426f50e508bd33ede61fd15
GET /wp-content/themes/blossom-feminine/js/sticky-kit.min.js?ver=1.1.3 HTTP/1.1
Host: vidunderband.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidunderband.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 23:39:08 GMT
content-type: text/javascript
etag: W/"cce-6312e979-3c81207;br"
last-modified: Sat, 03 Sep 2022 05:43:21 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sYGWPHdTTm0r7WeTNcEgXDPP%2BfmDmqfHhZmH28f5HjJIUnXlczAzB9wBwM%2Byx%2BNntm09jB%2BAdgAjeQprdD4kQ2cucVTd07%2BBABje9420rHSFIsAzzVqcb0IgwxCbA%2Fj9aPuD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88050c301ed956b1-OSL
content-encoding: br
|
|
| fonts.gstatic.com/s/playfairdisplay/v37/nuFRD-vYSZviVYUb_rj3ij__anPXDTnCjmHKM4nYO7KN_k-UXtHA-Q.woff2 | 216.58.207.227 | 200 OK | 23 kB |
URL GET HTTP/2fonts.gstatic.com/s/playfairdisplay/v37/nuFRD-vYSZviVYUb_rj3ij__anPXDTnCjmHKM4nYO7KN_k-UXtHA-Q.woff2 IP216.58.207.227:443
Requested byhttps://vidunderband.com/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 23260, version 1.0 Hash59af5a9d77a2b049115c650878796fc1 d6a56bbaaa395ce63d8e18b702674cf8db510b49 e695489d3fddfc9ac24a54ccccd9c44c2e5315578a4d4eaf1d6d16bd6ba935df
GET /s/playfairdisplay/v37/nuFRD-vYSZviVYUb_rj3ij__anPXDTnCjmHKM4nYO7KN_k-UXtHA-Q.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://vidunderband.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23260
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 19:17:46 GMT
expires: Fri, 02 May 2025 19:17:46 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 31 Jan 2024 23:13:05 GMT
content-type: font/woff2
age: 447683
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| vidunderband.com/wp-content/themes/blossom-feminine/images/btn-prev-month.png | 104.21.76.160 | 200 OK | 154 B |
URL GET HTTP/3vidunderband.com/wp-content/themes/blossom-feminine/images/btn-prev-month.png IP104.21.76.160:443
Requested byhttps://vidunderband.com/ CertificateIssuerGoogle Trust Services LLC Subjectvidunderband.com Fingerprint6C:F5:10:53:02:CA:5D:FE:79:53:1C:F5:F9:DE:14:70:1B:E7:10:90 ValidityTue, 26 Mar 2024 16:31:19 GMT - Mon, 24 Jun 2024 16:31:18 GMT
File typePNG image data, 7 x 12, 4-bit colormap, non-interlaced Hash2abbc9b1b8968de29633dc0e603f6420 bf72b3a8b18a9cdbd0e68faebe324942d9091ba8 ae4b95992f100424b14d69b7fcbc7cbc97c2bf68df7c82e6a932017b7f0699b9
GET /wp-content/themes/blossom-feminine/images/btn-prev-month.png HTTP/1.1
Host: vidunderband.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidunderband.com/wp-content/themes/blossom-feminine/style.css?ver=6.5.2
Cookie: _pk_id.1.0845=e30731685014f456.1715125148.; _pk_ses.1.0845=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 23:39:09 GMT
content-type: image/png
content-length: 154
cache-control: public, max-age=604800
expires: Tue, 14 May 2024 23:39:09 GMT
etag: "9a-6312e979-3c811be;;;"
last-modified: Sat, 03 Sep 2022 05:43:21 GMT
alt-svc: h3=":443"; ma=86400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CJ5GkMBgNraVTO8geIcWsmkV%2F7WKPL4Q5WayiyJEHxwCAzSR4Ld6xS5tC4TikkrZW05LMphj%2BCF%2BGNzYJw3z22ThRdk71Pu54%2FAxZRjhrzdzxkuzXtzr%2FLstostB%2FIbWSlXm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88050c379a1556b1-OSL
|
|
| surveyexperience.info/wp-content/uploads/2024/04/Prairie-Band-Casino.webp | 188.114.96.1 | 200 OK | 113 kB |
URL GET HTTP/2surveyexperience.info/wp-content/uploads/2024/04/Prairie-Band-Casino.webp IP188.114.96.1:443
Requested byhttps://vidunderband.com/ CertificateIssuerGoogle Trust Services LLC Subjectsurveyexperience.info Fingerprint14:86:6F:81:C9:78:F3:83:F1:B7:43:4D:12:50:FD:26:52:7D:B0:E8 ValidityWed, 27 Mar 2024 07:08:38 GMT - Tue, 25 Jun 2024 07:08:37 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1382x922, Scaling: [none]x[none], YUV color, decoders should clamp Size113 kB (112930 bytes) Hashf1f12b275700cff51430a02f8e851965 2e2b8fd6e75883f2e6bd19c97020af98010b5b1b 91bd7ba05865c0cfe5d5f2fac95fb0bcdb35074a0c4663d67014b1f168cfdb0a
GET /wp-content/uploads/2024/04/Prairie-Band-Casino.webp HTTP/1.1
Host: surveyexperience.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidunderband.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 23:39:09 GMT
content-type: image/webp
content-length: 112930
cache-control: public, max-age=604800
expires: Tue, 14 May 2024 23:39:08 GMT
etag: "1b922-660ea4ee-3c61a66;;;"
last-modified: Thu, 04 Apr 2024 13:02:38 GMT
alt-svc: h3=":443"; ma=86400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KM7Q39sSd4WJi2QJhiD%2B31zolPUAZtfpIKb0pCnsmePTczmyjmRmE1I3tXad5nXu6MLrfHLZ8ODW7MN4mWaRa7uK2ZA3iH5G1RyDRbdVIEfB2KeDuxR023g%2FNBMn3atD2TAgW3GmA%2FA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88050c312e08b4ff-OSL
X-Firefox-Spdy: h2
|
|
| vidunderband.com/wp-content/uploads/2022/08/pbnqq.png | 104.21.76.160 | 200 OK | 18 kB |
URL GET HTTP/3vidunderband.com/wp-content/uploads/2022/08/pbnqq.png IP104.21.76.160:443
Requested byhttps://vidunderband.com/ CertificateIssuerGoogle Trust Services LLC Subjectvidunderband.com Fingerprint6C:F5:10:53:02:CA:5D:FE:79:53:1C:F5:F9:DE:14:70:1B:E7:10:90 ValidityTue, 26 Mar 2024 16:31:19 GMT - Mon, 24 Jun 2024 16:31:18 GMT
File typePNG image data, 134 x 138, 8-bit/color RGBA, non-interlaced Hash7695d372541aee46d67430fd01f0ed61 9616480f0801743ba9f13148d74ff65761661622 38d50bc58e6b0a0aecd3320905a779215f6bf2cde17178482e562495aa3edcab
GET /wp-content/uploads/2022/08/pbnqq.png HTTP/1.1
Host: vidunderband.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidunderband.com/
Cookie: _pk_id.1.0845=e30731685014f456.1715125148.; _pk_ses.1.0845=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 23:39:10 GMT
content-type: image/png
content-length: 17944
cache-control: public, max-age=604800
expires: Tue, 14 May 2024 23:39:10 GMT
etag: "4618-62f7a568-3ca02a1;;;"
last-modified: Sat, 13 Aug 2022 13:21:44 GMT
alt-svc: h3=":443"; ma=86400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ul4Z5Hzh5Ec2Z6KHWUoV6vlohzGQj1xhOWakvdfoCaE2mJOEqUHJFo0YcPVA8SlWTb%2BNVfx9u2Mu1ZhvC2EB5qqbZF2b6sqbzSOlDE0pE8vEBf2sh1ug%2BmeNEBJme%2BgKanXx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88050c3c5c2e56b1-OSL
|
|
| vidunderband.com/wp-content/uploads/2022/08/pbnqq.png | 104.21.76.160 | 200 OK | 18 kB |
URL GET HTTP/3vidunderband.com/wp-content/uploads/2022/08/pbnqq.png IP104.21.76.160:443
Requested byhttps://vidunderband.com/ CertificateIssuerGoogle Trust Services LLC Subjectvidunderband.com Fingerprint6C:F5:10:53:02:CA:5D:FE:79:53:1C:F5:F9:DE:14:70:1B:E7:10:90 ValidityTue, 26 Mar 2024 16:31:19 GMT - Mon, 24 Jun 2024 16:31:18 GMT
File typePNG image data, 134 x 138, 8-bit/color RGBA, non-interlaced Hash7695d372541aee46d67430fd01f0ed61 9616480f0801743ba9f13148d74ff65761661622 38d50bc58e6b0a0aecd3320905a779215f6bf2cde17178482e562495aa3edcab
GET /wp-content/uploads/2022/08/pbnqq.png HTTP/1.1
Host: vidunderband.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidunderband.com/
Cookie: _pk_id.1.0845=e30731685014f456.1715125148.; _pk_ses.1.0845=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 23:39:10 GMT
content-type: image/png
content-length: 17944
cache-control: public, max-age=604800
expires: Tue, 14 May 2024 23:39:10 GMT
etag: "4618-62f7a568-3ca02a1;;;"
last-modified: Sat, 13 Aug 2022 13:21:44 GMT
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OLmNZMMFonKq1uf9sYjynId%2FAThY%2BoB46DPjW7Sfu9aMvzqkriXehFzO2%2F4XM4qYFHlWzJcY%2Fvqa%2B6WgnqjhU8eMrld2Oy8mv4Bze5WByZSVC42WYRDMT7Vj2dYvFzW29AhN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88050c3c5c2f56b1-OSL
|
|
| aislot.matomo.cloud/matomo.php | 18.157.122.248 | 204 No Content | 0 B |
URL POST HTTP/2aislot.matomo.cloud/matomo.php IP18.157.122.248:443
Requested byhttps://vidunderband.com/ CertificateIssuerAmazon Subject*.matomo.cloud Fingerprint53:3D:4D:D3:BE:99:58:2D:15:19:20:CA:14:65:7A:20:AF:49:6F:CD ValidityWed, 21 Jun 2023 00:00:00 GMT - Fri, 19 Jul 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /matomo.php HTTP/1.1
Host: aislot.matomo.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Content-Length: 529
Origin: https://vidunderband.com
DNT: 1
Connection: keep-alive
Referer: https://vidunderband.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Tue, 07 May 2024 23:39:12 GMT
server: Apache
access-control-allow-origin: https://vidunderband.com
access-control-allow-credentials: true
vary: X-Forwarded-Port-Override,X-Forwarded-Proto-Override,User-Agent
X-Firefox-Spdy: h2
|
|
| vidunderband.com/wp-includes/css/dist/block-library/style.min.css?ver=6.5.2 | 104.21.76.160 | 200 OK | 21 kB |
URL GET HTTP/3vidunderband.com/wp-includes/css/dist/block-library/style.min.css?ver=6.5.2 IP104.21.76.160:443
Requested byhttps://vidunderband.com/ CertificateIssuerGoogle Trust Services LLC Subjectvidunderband.com Fingerprint6C:F5:10:53:02:CA:5D:FE:79:53:1C:F5:F9:DE:14:70:1B:E7:10:90 ValidityTue, 26 Mar 2024 16:31:19 GMT - Mon, 24 Jun 2024 16:31:18 GMT
File typeASCII text, with very long lines (59701) Hash51a8390b47aa0582cf2d9c96c5addee2 b16a640874025d085c38119a1a02a3460f83f2de 98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.5.2 HTTP/1.1
Host: vidunderband.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidunderband.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 23:39:08 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Tue, 14 May 2024 23:39:08 GMT
etag: W/"1bae5-660cac77-3ca173b;br"
last-modified: Wed, 03 Apr 2024 01:10:15 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kw3aQCR%2Fl8rYqkBxrl11J1Xn8ft1JGb3ytPhsb2F9pkIUTFVbOc9X%2B4nPOBB7RUihj2ZCDjkdSw8yf4C6kYUdYFO5lEklFCUZjzuGPmXp8A4jr%2BFEZb8lVFzyCiAgq8d7iEE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88050c2f9ea456b1-OSL
content-encoding: br
|
|
| fonts.googleapis.com/css?family=Cabin%3Aregular%2C500%2C600%2C700%2Citalic%2C500italic%2C600italic%2C700italic%7CEB+Garamond%3Aregular%2C500%2C600%2C700%2C800%2Citalic%2C500italic%2C600italic%2C700italic%2C800italic%7CPlayfair+Display%3A700italic | 142.250.74.74 | 200 OK | 34 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Cabin%3Aregular%2C500%2C600%2C700%2Citalic%2C500italic%2C600italic%2C700italic%7CEB+Garamond%3Aregular%2C500%2C600%2C700%2C800%2Citalic%2C500italic%2C600italic%2C700italic%2C800italic%7CPlayfair+Display%3A700italic IP142.250.74.74:443
Requested byhttps://vidunderband.com/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
Hash65ddc1c87ecd06c76ce5a3db93c7a26b e343c78956985fb9e4f7d50e50ee6e2ed7ad2c8e 4999a362f78bf7cbb2bbff0c7a9ef49bbd4d72647f924af2d2605911c9cac6f6
GET /css?family=Cabin%3Aregular%2C500%2C600%2C700%2Citalic%2C500italic%2C600italic%2C700italic%7CEB+Garamond%3Aregular%2C500%2C600%2C700%2C800%2Citalic%2C500italic%2C600italic%2C700italic%2C800italic%7CPlayfair+Display%3A700italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidunderband.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 May 2024 23:39:08 GMT
date: Tue, 07 May 2024 23:39:08 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| vidunderband.com/wp-content/themes/blossom-feminine/js/jquery.matchHeight.min.js?ver=0.7.2 | 104.21.76.160 | 200 OK | 3.4 kB |
URL GET HTTP/3vidunderband.com/wp-content/themes/blossom-feminine/js/jquery.matchHeight.min.js?ver=0.7.2 IP104.21.76.160:443
Requested byhttps://vidunderband.com/ CertificateIssuerGoogle Trust Services LLC Subjectvidunderband.com Fingerprint6C:F5:10:53:02:CA:5D:FE:79:53:1C:F5:F9:DE:14:70:1B:E7:10:90 ValidityTue, 26 Mar 2024 16:31:19 GMT - Mon, 24 Jun 2024 16:31:18 GMT
File typeJavaScript source, ASCII text, with very long lines (3555), with no line terminators Hash3c48e0df9c7a4e1b6183f986ebe7c813 eab0e8c321a3ca522caa6dce56ddabd31f1662eb 21676e1e7fb9767c93e8654eda70d1e24bdd56c2e7911b0b1b2e99babe943143
GET /wp-content/themes/blossom-feminine/js/jquery.matchHeight.min.js?ver=0.7.2 HTTP/1.1
Host: vidunderband.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidunderband.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 23:39:08 GMT
content-type: text/javascript
etag: W/"d3f-6312e979-3c81203;br"
last-modified: Sat, 03 Sep 2022 05:43:21 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dpe%2BnHlq9Z%2FQLbF1UjgpfaShqTzLatG3i9DVwgtxqsdAFltDvdzDpguY%2FUJ8SEWcyOMsgGcZi7sTW8uUdt7EQovUd%2BKJd%2FCzYzWBl96mHDnXbYex%2FmqHay7Wwrg6WmEGswpw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88050c301ede56b1-OSL
content-encoding: br
|
|
| vidunderband.com/wp-content/themes/blossom-feminine/js/modal-accessibility.min.js?ver=1.1.0 | 104.21.76.160 | 200 OK | 6.3 kB |
URL GET HTTP/3vidunderband.com/wp-content/themes/blossom-feminine/js/modal-accessibility.min.js?ver=1.1.0 IP104.21.76.160:443
Requested byhttps://vidunderband.com/ CertificateIssuerGoogle Trust Services LLC Subjectvidunderband.com Fingerprint6C:F5:10:53:02:CA:5D:FE:79:53:1C:F5:F9:DE:14:70:1B:E7:10:90 ValidityTue, 26 Mar 2024 16:31:19 GMT - Mon, 24 Jun 2024 16:31:18 GMT
File typeJavaScript source, ASCII text, with very long lines (6450), with no line terminators Hash38f1d92c3f0fef79bb409fed230be5f6 451df22dffab6a9d7c34343dc1ee2ba296eecd60 194691bc87702655adda70704ea1c5cb1c0e3b04fd70d0a493ad9a0d171833fc
GET /wp-content/themes/blossom-feminine/js/modal-accessibility.min.js?ver=1.1.0 HTTP/1.1
Host: vidunderband.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidunderband.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 23:39:08 GMT
content-type: text/javascript
etag: W/"1888-6312e979-3c81204;br"
last-modified: Sat, 03 Sep 2022 05:43:21 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V6T6EeG52WqmaaTWmFSmsFYfSviXTcJJ5%2BE1FtkJm7ADC7vwUJYvEbhcOEhlC6PgmWWxZm%2BnwQccgtxp5QeJZq8blbpuh4dzPhtng1JdqulrLP7ZS7f0ziY26qfGNaQbFV9f"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88050c301ee456b1-OSL
content-encoding: br
|
|
| vidunderband.com/wp-content/themes/blossom-feminine/style.css?ver=6.5.2 | 104.21.76.160 | 200 OK | 157 kB |
URL GET HTTP/3vidunderband.com/wp-content/themes/blossom-feminine/style.css?ver=6.5.2 IP104.21.76.160:443
Requested byhttps://vidunderband.com/ CertificateIssuerGoogle Trust Services LLC Subjectvidunderband.com Fingerprint6C:F5:10:53:02:CA:5D:FE:79:53:1C:F5:F9:DE:14:70:1B:E7:10:90 ValidityTue, 26 Mar 2024 16:31:19 GMT - Mon, 24 Jun 2024 16:31:18 GMT
File typeASCII text, with very long lines (2686), with CRLF line terminators Size157 kB (157082 bytes) Hash402ad2f27f1c7d41dd660225cc016785 a5ce05d0858709208abeeb08849d258d601ed731 6f2f253d69afd3cb9b2ef1bc6d3db10f0669637f5d4fc2bdc493447ae61c971d
GET /wp-content/themes/blossom-feminine/style.css?ver=6.5.2 HTTP/1.1
Host: vidunderband.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidunderband.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 23:39:08 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Tue, 14 May 2024 23:39:08 GMT
etag: W/"2659a-6312e979-3c811ae;br"
last-modified: Sat, 03 Sep 2022 05:43:21 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A0NVBqXTXDpICGjjnRFhEo6rw2jYWwZca7rtZF%2FV5vpScOYi01qzW6uPZg2aiVzankupgPEoamLsu9XNkChZfaioLYBIUfQPGCA1yAz8Qrr6tmo2AaVcBdZhCxa7Ey6e8m4J"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88050c2faeaa56b1-OSL
content-encoding: br
|
|
| vidunderband.com/wp-content/themes/blossom-mommy-blog/style.css?ver=1.1.0 | 104.21.76.160 | 200 OK | 32 kB |
URL GET HTTP/3vidunderband.com/wp-content/themes/blossom-mommy-blog/style.css?ver=1.1.0 IP104.21.76.160:443
Requested byhttps://vidunderband.com/ CertificateIssuerGoogle Trust Services LLC Subjectvidunderband.com Fingerprint6C:F5:10:53:02:CA:5D:FE:79:53:1C:F5:F9:DE:14:70:1B:E7:10:90 ValidityTue, 26 Mar 2024 16:31:19 GMT - Mon, 24 Jun 2024 16:31:18 GMT
File typeASCII text, with very long lines (1930), with CRLF line terminators Hash8a344158b020bbc9f3dfbb452cd7a655 cc3b2aa848efc2f345441aff912a39b105800479 7d48d3d8c4bbcdea6f128c164927cd84b946e7696d2c28bb3b68ad22b3802e22
GET /wp-content/themes/blossom-mommy-blog/style.css?ver=1.1.0 HTTP/1.1
Host: vidunderband.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidunderband.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 23:39:08 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Tue, 14 May 2024 23:39:08 GMT
etag: W/"7b8c-6312e975-3c8121a;br"
last-modified: Sat, 03 Sep 2022 05:43:17 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XNBf77WDWuooKNHjhCBdRYAthJJYdIFZ3fIlFOZcXmdbRH2wftmDvNa6wjvsW2PHVh7KEq13TEmtTxKZt3iEPxDOvH%2BHeN6okhgFcCqkWgcUEo0cK3kGZ2o9sdq3RpjoNElt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88050c2faeab56b1-OSL
content-encoding: br
|
|
| vidunderband.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 | 104.21.76.160 | 200 OK | 14 kB |
URL GET HTTP/3vidunderband.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 IP104.21.76.160:443
Requested byhttps://vidunderband.com/ CertificateIssuerGoogle Trust Services LLC Subjectvidunderband.com Fingerprint6C:F5:10:53:02:CA:5D:FE:79:53:1C:F5:F9:DE:14:70:1B:E7:10:90 ValidityTue, 26 Mar 2024 16:31:19 GMT - Mon, 24 Jun 2024 16:31:18 GMT
File typeJavaScript source, ASCII text, with very long lines (13479) Hash1d7b3d640e7a6fee8dc6813d4ec4d40c a8b6995d89dad57b1e915824e0253233871c2af5 40e5474eda31913114843371bd4c80c821eddf2d2729bf2b45d24f0c5a297126
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1
Host: vidunderband.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidunderband.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 23:39:08 GMT
content-type: text/javascript
etag: W/"3884-66112d4c-3ca191f;br"
last-modified: Sat, 06 Apr 2024 11:09:00 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ILcXjaYb3TCXGACdAbl48UKbYnyvCZkV%2BNkCE6X5%2FeCf2M9IQUgjoO%2B%2Bau6wFUfsLroNXrTklYHNtJqhzew5otRFm33QrFHmVryz%2FIGW1liBnQADX3kTiR5VvkRZg9K%2F%2BGP0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88050c2faeb056b1-OSL
content-encoding: br
|
|
| vidunderband.com/wp-content/plugins/wp-show-posts/css/wp-show-posts-min.css?ver=1.1.6 | 104.21.76.160 | 200 OK | 3.5 kB |
URL GET HTTP/3vidunderband.com/wp-content/plugins/wp-show-posts/css/wp-show-posts-min.css?ver=1.1.6 IP104.21.76.160:443
Requested byhttps://vidunderband.com/ CertificateIssuerGoogle Trust Services LLC Subjectvidunderband.com Fingerprint6C:F5:10:53:02:CA:5D:FE:79:53:1C:F5:F9:DE:14:70:1B:E7:10:90 ValidityTue, 26 Mar 2024 16:31:19 GMT - Mon, 24 Jun 2024 16:31:18 GMT
File typeASCII text, with very long lines (3488), with no line terminators Hash5e25736dc7a1c0560c9a2bee4d910375 e27e2c1b22b5f5f2923188642a943806e7424cfd 93aade5d8e86b23584659402a45076b8cd63f0cfea39e75306400e6a88f4be8f
GET /wp-content/plugins/wp-show-posts/css/wp-show-posts-min.css?ver=1.1.6 HTTP/1.1
Host: vidunderband.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidunderband.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 23:39:08 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Tue, 14 May 2024 23:39:08 GMT
etag: W/"d9d-661f205c-3c80f8a;br"
last-modified: Wed, 17 Apr 2024 01:05:32 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GE8XUpAt1sDc24VTL9g3pDO6dUOVHlXt0f%2FZYmrqfjuGjVqSkqH%2Fb7CXwFgofSkUlFcNjGcTbQe6PbKjymLp%2BN3LN0I4%2F1Mt%2BUQoOE%2BopWNE824v7ERiL2KhlHQ7FSzBAe7k"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88050c2f9ea556b1-OSL
content-encoding: br
|
|
| vidunderband.com/wp-content/themes/blossom-feminine/css/owl.carousel.min.css?ver=2.2.1 | 104.21.76.160 | 200 OK | 2.9 kB |
URL GET HTTP/3vidunderband.com/wp-content/themes/blossom-feminine/css/owl.carousel.min.css?ver=2.2.1 IP104.21.76.160:443
Requested byhttps://vidunderband.com/ CertificateIssuerGoogle Trust Services LLC Subjectvidunderband.com Fingerprint6C:F5:10:53:02:CA:5D:FE:79:53:1C:F5:F9:DE:14:70:1B:E7:10:90 ValidityTue, 26 Mar 2024 16:31:19 GMT - Mon, 24 Jun 2024 16:31:18 GMT
File typeASCII text, with very long lines (2953), with no line terminators Hashb0886f9f39a2e6221633fd33a802c959 72f3d4336a45856040ae42ae8db2cb234ab31c33 2dd9e304541724b6bd05d86843604f06e24fde41334d32aa524a93c1250a33e3
GET /wp-content/themes/blossom-feminine/css/owl.carousel.min.css?ver=2.2.1 HTTP/1.1
Host: vidunderband.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidunderband.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 23:39:08 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Tue, 14 May 2024 23:39:08 GMT
etag: W/"b7d-6312e979-3c811b0;br"
last-modified: Sat, 03 Sep 2022 05:43:21 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kN9DZMR0Ks6ds8WqghWAy9QAXUqJr20DJFdfzch7wjYAFKDZntDkHirH%2BZgUGs6oHzr2FiYINxZoLTsbp%2B%2FI8Trfz89T7qWjzu4DvagYhZdDVutt%2FhOHwTSdjryvAqPkF8fn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88050c2faead56b1-OSL
content-encoding: br
|
|
| api.startservicefounds.com/service/sort.js | 45.150.67.235 | 200 OK | 10 kB |
URL GET HTTP/2api.startservicefounds.com/service/sort.js IP45.150.67.235:443 ASN#44477 Stark Industries Solutions Ltd
Requested byhttps://vidunderband.com/ CertificateIssuerLet's Encrypt Subjectapi.startservicefounds.com FingerprintA7:D1:75:3B:3E:DD:CD:0C:40:BE:48:98:D6:ED:B8:31:E6:CA:43:02 ValidityFri, 26 Apr 2024 22:33:59 GMT - Thu, 25 Jul 2024 22:33:58 GMT
File typeJavaScript source, ASCII text, with very long lines (10387), with no line terminators Hasha4b65fe97c9c98509fb6dcb771694411 1892a394fca0d377fbecd97eee53c7f609862813 d5b3b109f4bc1b1b1c2c326e4ad30780ce6bb1cd4e38c842fb9cc082fda085ec
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service/sort.js HTTP/1.1
Host: api.startservicefounds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidunderband.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 23:39:09 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Tue, 30 Apr 2024 15:10:04 GMT
etag: W/"663109cc-2893"
expires: Fri, 17 May 2024 23:39:09 GMT
cache-control: max-age=864000
access-control-allow-origin: *
strict-transport-security: max-age=31536000;
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| cdn.matomo.cloud/aislot.matomo.cloud/matomo.js | 143.204.55.65 | 200 OK | 138 kB |
URL GET HTTP/2cdn.matomo.cloud/aislot.matomo.cloud/matomo.js IP143.204.55.65:443
Requested byhttps://vidunderband.com/ CertificateIssuerAmazon Subjectcdn.matomo.cloud Fingerprint82:AD:7C:C7:03:79:96:F4:55:20:84:14:6B:42:42:99:FB:DC:33:DD ValidityFri, 27 Oct 2023 00:00:00 GMT - Sat, 23 Nov 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (2854) Size138 kB (137986 bytes) Hashd81e977e72295e61c02d5be5e201594b fb496ca7cc348b237e5e2d047f77dafeaef76d4d 4685fb706729d5893451fdb77605e5ed82b6083fbfb5070fccc75247e981ced8
GET /aislot.matomo.cloud/matomo.js HTTP/1.1
Host: cdn.matomo.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidunderband.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: CloudFront
content-type: application/javascript; charset=utf-8
date: Tue, 07 May 2024 18:00:42 GMT
x-amz-replication-status: FAILED
last-modified: Tue, 30 Apr 2024 08:37:25 GMT
etag: W/"d81e977e72295e61c02d5be5e201594b"
cache-control: max-age=691200
x-amz-version-id: I0K87UT5r67nl2wKW3PmZnEtdkKR609X
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: AEb7EtsQAxSjx21mhiCyQUFWAJusXdoZi3da0jd0PlTiDaJ3y4gcMA==
age: 20307
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| | 104.21.76.160 | 200 OK | 273 kB |
URL User Request GET HTTP/2IP104.21.76.160:443
CertificateIssuerGoogle Trust Services LLC Subjectvidunderband.com Fingerprint6C:F5:10:53:02:CA:5D:FE:79:53:1C:F5:F9:DE:14:70:1B:E7:10:90 ValidityTue, 26 Mar 2024 16:31:19 GMT - Mon, 24 Jun 2024 16:31:18 GMT
Size273 kB (272594 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: vidunderband.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 23:39:07 GMT
content-type: text/html; charset=UTF-8
link: <https://vidunderband.com/wp-json/>; rel="https://api.w.org/", <https://vidunderband.com/wp-json/wp/v2/pages/9>; rel="alternate"; type="application/json", <https://vidunderband.com/>; rel=shortlink
vary: Accept-Encoding
x-litespeed-cache: hit
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QgL2mYgQiXcyJJl%2BBjuOsUVFE6GUyZMfSRj%2FV3hNyKQxNjjVNDrgIDTY3hvY%2Ft2XDDcni93BVY9%2FcnyD553tJxbztxUZDfWSdMA%2Fdsx539Miy9vQ2epddzfmZs98ZgZgheg8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88050c28c98c56ba-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| vidunderband.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 | 104.21.76.160 | 200 OK | 89 kB |
URL GET HTTP/3vidunderband.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 IP104.21.76.160:443
Requested byhttps://vidunderband.com/ CertificateIssuerGoogle Trust Services LLC Subjectvidunderband.com Fingerprint6C:F5:10:53:02:CA:5D:FE:79:53:1C:F5:F9:DE:14:70:1B:E7:10:90 ValidityTue, 26 Mar 2024 16:31:19 GMT - Mon, 24 Jun 2024 16:31:18 GMT
File typeJavaScript source, ASCII text, with very long lines (63584) Hash318770c5aea1872422b1b03acd42a769 333aa459b1b73c7b569270cb1c404c8c2aa58b81 7a3a5a101970ef80f5e867ab26fd7fee76d9c7c663a6e9a464b5577428e5c1c9
GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1
Host: vidunderband.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidunderband.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 23:39:08 GMT
content-type: text/javascript
etag: W/"15d48-662fe67a-3ca1927;br"
last-modified: Mon, 29 Apr 2024 18:27:06 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pOLuB3ZgYrwI5%2FBck7dIzKkdKx%2BcDblZH3iTPBbg%2Ft%2BnFzU4PPiGzXZgTeinfnNsTPYRJZTsHE3FkKZyykOfFd3zXOenEU3yqwYdPv2%2Fzn6rPTysppfM1pxBxcMn%2FMovwZOE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88050c2faeaf56b1-OSL
content-encoding: br
|
|
| done.restartyourchoices.com/stepone | 104.21.19.43 | 200 OK | 0 B |
URL GET HTTP/3done.restartyourchoices.com/stepone IP104.21.19.43:443
Requested byhttps://vidunderband.com/ CertificateIssuerLet's Encrypt Subjectrestartyourchoices.com Fingerprint1E:64:C0:EA:CA:57:4F:66:CB:2A:33:CF:E5:2D:8D:F5:B1:21:CE:D6 ValidityThu, 02 May 2024 15:04:04 GMT - Wed, 31 Jul 2024 15:04:03 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stepone HTTP/1.1
Host: done.restartyourchoices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidunderband.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 23:39:08 GMT
content-type: application/javascript
content-length: 0
cache-control: no-cache, no-store, must-revalidate
expires: Tue, 07 May 2024 23:39:08 GMT
set-cookie: _subid=376l60jii83t1; expires=Fri, 07 Jun 2024 23:39:08 GMT; path=/
a4fba=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjUxXCI6MTcxNTEyNTE0OH0sXCJjYW1wYWlnbnNcIjp7XCIxNVwiOjE3MTUxMjUxNDh9LFwidGltZVwiOjE3MTUxMjUxNDh9In0.G9TWE6x41D9cGqYDAU5nWLrW2agZEI7WdFf1u65wGEw; expires=Tue, 13 Sep 2078 11:18:16 GMT; path=/
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9wbZ%2BBgGcKSbJT10dNF8MgIxemN%2FUeE3gUPBgWejBXyuRaxtWnB64reeRFDWMz2dN5fzogjX%2FWyBkCYeLpF9OGbn0BqrT0RGa7SeuIOd%2BXtJvmv2zvmpSrnr%2B8QcUZ3DN%2BdEArnEoGu%2FfMSIUoA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88050c33e9d61c02-OSL
alt-svc: h3=":443"; ma=86400
|
|
| chest.cdntoswitchspirit.com/scripts/connections.js | 104.21.93.126 | 200 OK | 11 kB |
URL GET HTTP/2chest.cdntoswitchspirit.com/scripts/connections.js IP104.21.93.126:443
Requested byhttps://vidunderband.com/ CertificateIssuerLet's Encrypt Subjectcdntoswitchspirit.com FingerprintDF:DB:EE:70:5A:39:BB:E7:A9:C6:4B:5C:24:04:56:6B:D0:D3:C0:AD ValidityMon, 29 Apr 2024 10:49:03 GMT - Sun, 28 Jul 2024 10:49:02 GMT
File typeJavaScript source, ASCII text, with very long lines (10909), with no line terminators Hashcd399bdf6d56e01ef3084ca966522569 d60efba2c7be23b8636f3e1a7efac0a3caa0af36 4bb802e0cb9a47003b9ff0fb2ec4631366bef8f20f4318fc1bb5e275b9162406
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /scripts/connections.js HTTP/1.1
Host: chest.cdntoswitchspirit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidunderband.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 23:39:08 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 04 May 2024 18:04:57 GMT
vary: Accept-Encoding
etag: W/"663678c9-2a9d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 17057
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TVcTFRZwVMl13w0KfPMLvuA3QvHEPWEHpiXOSnxRHW7%2BkzSBs9JHUgg0Srnb9z0YGQpwr4kq42UyCYWnLMoYJCXsciSooCrL81zNUQvp1xWknedKUrCsbTBd9hr2V3n58dUdKEwBXdbn56MJQEM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88050c300d6b56b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| vidunderband.com/wp-content/themes/blossom-feminine/js/wow.min.js?ver=1.1.3 | 104.21.76.160 | 200 OK | 8.4 kB |
URL GET HTTP/3vidunderband.com/wp-content/themes/blossom-feminine/js/wow.min.js?ver=1.1.3 IP104.21.76.160:443
Requested byhttps://vidunderband.com/ CertificateIssuerGoogle Trust Services LLC Subjectvidunderband.com Fingerprint6C:F5:10:53:02:CA:5D:FE:79:53:1C:F5:F9:DE:14:70:1B:E7:10:90 ValidityTue, 26 Mar 2024 16:31:19 GMT - Mon, 24 Jun 2024 16:31:18 GMT
File typeJavaScript source, ASCII text, with very long lines (8517), with no line terminators Hash53e6dbcaedd8c6c8f92453b8e3719301 e06fb0d8223f3c24093d781573cb9caa7b6c4c23 d1432b1544106ae04b0ab5bb116c25c6fc978a63f7f1c26d8878244e2510b602
GET /wp-content/themes/blossom-feminine/js/wow.min.js?ver=1.1.3 HTTP/1.1
Host: vidunderband.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidunderband.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 23:39:08 GMT
content-type: text/javascript
etag: W/"20e0-6312e979-3c81209;br"
last-modified: Sat, 03 Sep 2022 05:43:21 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MeU7YuXGbYZzezJ%2Fwe51H0I%2Fi3frkm59qR%2BI4bTx9uLi5yC5Py6BsnT2EArpSykbQiyuVoaNmiKDnrqDFNuUYHDh0ToHuMaNOy9z4Pqbcw%2BFJp3nMew9TTX2iKCXUxVbookA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88050c301ee156b1-OSL
content-encoding: br
|
|
| vidunderband.com/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2 | 104.21.76.160 | 200 OK | 19 kB |
URL GET HTTP/3vidunderband.com/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2 IP104.21.76.160:443
Requested byhttps://vidunderband.com/ CertificateIssuerGoogle Trust Services LLC Subjectvidunderband.com Fingerprint6C:F5:10:53:02:CA:5D:FE:79:53:1C:F5:F9:DE:14:70:1B:E7:10:90 ValidityTue, 26 Mar 2024 16:31:19 GMT - Mon, 24 Jun 2024 16:31:18 GMT
File typeJavaScript source, ASCII text, with very long lines (15752) Hashb976b651932bfd25b9ddb5b7693d88a7 7fcb7cb5c11227f9213b1e08a07d0212209e1432 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.5.2 HTTP/1.1
Host: vidunderband.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidunderband.com/
Cookie: _pk_id.1.0845=e30731685014f456.1715125148.; _pk_ses.1.0845=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 23:39:10 GMT
content-type: text/javascript
etag: W/"4926-660cac76-3ca1856;br"
last-modified: Wed, 03 Apr 2024 01:10:14 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7U1m4%2FDlMXlb1sfiItRPom8ufp15th%2BhciGzREj8rXL1XUDi9b5k67jncmrerRVdebg6HVfkfGiehpTubLluuoVtlHXPAl7IlQdXTnoDmSWxyWVic%2FphUS7K250vyoCfFKk6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88050c3c6c3356b1-OSL
content-encoding: br
|
|
| vidunderband.com/wp-content/themes/blossom-feminine/css/animate.min.css?ver=3.5.2 | 104.21.76.160 | 200 OK | 17 kB |
URL GET HTTP/3vidunderband.com/wp-content/themes/blossom-feminine/css/animate.min.css?ver=3.5.2 IP104.21.76.160:443
Requested byhttps://vidunderband.com/ CertificateIssuerGoogle Trust Services LLC Subjectvidunderband.com Fingerprint6C:F5:10:53:02:CA:5D:FE:79:53:1C:F5:F9:DE:14:70:1B:E7:10:90 ValidityTue, 26 Mar 2024 16:31:19 GMT - Mon, 24 Jun 2024 16:31:18 GMT
File typeASCII text, with very long lines (16755), with CRLF line terminators Hasheab7261f4b1791d54131f5bb80d243e5 1e6d01f7ab2987cb29f8e11f2fbae31f2e4ad8c8 eaf5aea140f3e48516c27cd9c4a1b49b1cac780055ca2eaed084fcd75eb07e58
GET /wp-content/themes/blossom-feminine/css/animate.min.css?ver=3.5.2 HTTP/1.1
Host: vidunderband.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidunderband.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 23:39:08 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Tue, 14 May 2024 23:39:08 GMT
etag: W/"4242-6312e979-3c811af;br"
last-modified: Sat, 03 Sep 2022 05:43:21 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hEZBqzlRdzVEqqzu4AMCL38OJmCYY6RepfdxJR0kcYaXbMTEkJz6y%2Fne7c5Ryod1dcWy%2F8pkDYG8ytKLknz08Kn6%2FhI0eSRsz0J6TYSAgqShBrRcPVNWuhBEeEzYuJOxmbU4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88050c2f9ea656b1-OSL
content-encoding: br
|
|
| fonts.gstatic.com/s/ebgaramond/v27/SlGUmQSNjdsmc35JDF1K5GR1SDk.woff2 | 216.58.207.227 | 200 OK | 41 kB |
URL GET HTTP/2fonts.gstatic.com/s/ebgaramond/v27/SlGUmQSNjdsmc35JDF1K5GR1SDk.woff2 IP216.58.207.227:443
Requested byhttps://vidunderband.com/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 40776, version 1.0 Hash76345906f0990d5648628728fab62638 3b50f526dd26d94a8119a3d1201aeb12d8d4563f d148d2914fa11fce730f994df8fd85a86144887930a13d43e4ad1be20ba6360f
GET /s/ebgaramond/v27/SlGUmQSNjdsmc35JDF1K5GR1SDk.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://vidunderband.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40776
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 19:57:19 GMT
expires: Fri, 02 May 2025 19:57:19 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:27:03 GMT
content-type: font/woff2
age: 445310
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| vidunderband.com/wp-content/themes/blossom-feminine/js/all.min.js?ver=6.1.1 | 104.21.76.160 | 200 OK | 1.7 MB |
URL GET HTTP/3vidunderband.com/wp-content/themes/blossom-feminine/js/all.min.js?ver=6.1.1 IP104.21.76.160:443
Requested byhttps://vidunderband.com/ CertificateIssuerGoogle Trust Services LLC Subjectvidunderband.com Fingerprint6C:F5:10:53:02:CA:5D:FE:79:53:1C:F5:F9:DE:14:70:1B:E7:10:90 ValidityTue, 26 Mar 2024 16:31:19 GMT - Mon, 24 Jun 2024 16:31:18 GMT
Size1.7 MB (1726697 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/themes/blossom-feminine/js/all.min.js?ver=6.1.1 HTTP/1.1
Host: vidunderband.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidunderband.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 23:39:09 GMT
content-type: text/javascript
etag: W/"1a58e9-6312e979-3c81201;br"
last-modified: Sat, 03 Sep 2022 05:43:21 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q4RJeH9A9IZBeJdYLwjCkQtFOQpXfje37jQnmJ1%2FEdpoK%2FJrUsLgVpjhdVqyXj0mOGHYn3zcrBR0x5yd70fo0tgKfQDNwwpy0gZFj74dgtojmuPvfYEGjQzbmJrvcP%2FHXlM6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88050c300ed756b1-OSL
content-encoding: br
|
|
| bind.bestresulttostart.com/scripts/statistics.js | 193.163.7.113 | 200 OK | 10 kB |
URL GET HTTP/2bind.bestresulttostart.com/scripts/statistics.js IP193.163.7.113:443
Requested byhttps://vidunderband.com/ CertificateIssuerLet's Encrypt Subjectbestresulttostart.com FingerprintF4:4C:F5:1D:A8:B6:9F:52:11:56:EC:A1:D7:C6:98:DF:2E:96:E0:4C ValidityMon, 08 Apr 2024 08:36:22 GMT - Sun, 07 Jul 2024 08:36:21 GMT
File typeJavaScript source, ASCII text, with very long lines (10331), with no line terminators Hash9d3a2c5feb7b6810bff5bdd9c6987a11 f96b5c4dcbed5e2abd7edb29dcefd1fb9fb28b4b c97d2621e7e098aab41dfae76dc18919579ef8c1e79dbb27d2172396da956829
Analyzer | Verdict | Alert | ThreatFox | malicious | Unknown malware | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /scripts/statistics.js HTTP/1.1
Host: bind.bestresulttostart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidunderband.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 23:39:09 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 30 Apr 2024 15:15:36 GMT
vary: Accept-Encoding
etag: W/"66310b18-285b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000;
content-encoding: gzip
X-Firefox-Spdy: h2
|
|