| cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.slim.min.js | 104.17.25.14 | 200 OK | 22 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.slim.min.js IP104.17.25.14:443
Requested byhttps://jacksonweidenbachjmo0j.pages.dev/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65241) Hash1276065911521c5c22037a31365d179d d1c6704e94efe2d465fc161b6381e127d35acd81 bbb7b9921ca2b61948753a6edb63c78443663dc45d1621d18e102e1dcb34e512
GET /ajax/libs/jquery/3.6.0/jquery.slim.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jacksonweidenbachjmo0j.pages.dev/
Origin: https://jacksonweidenbachjmo0j.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 10:01:14 GMT
content-type: application/javascript; charset=utf-8
content-length: 22329
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "603e8adc-11ab4"
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 321941
expires: Thu, 24 Apr 2025 10:01:14 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PlV4JlCOmiLvpMSiB9eB8SBfKuVm4uuUDWLryUWOgDUwXRrmYSGy8Z38hdx3Z8JfzMzE3HXgwoz9B4RAy9QMSIxuu%2Bhbn7Ic7en99ck7c%2B0Pbnz%2Fqow6pQG8bPs5K9bSvwxVTYq4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87e7a5fc8aedb517-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.0/lazysizes.min.js | 104.17.25.14 | 200 OK | 3.2 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.0/lazysizes.min.js IP104.17.25.14:443
Requested byhttps://jacksonweidenbachjmo0j.pages.dev/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (7862) Hash96201abb62283557a9d7b97b4cab14ab a72f33d920d0ab863df4cb60edf44ec140304cdb 46112dbceed738f759d03f04b115d5256a7d73660b7795acb382192ad84d9f98
GET /ajax/libs/lazysizes/5.3.0/lazysizes.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jacksonweidenbachjmo0j.pages.dev/
Origin: https://jacksonweidenbachjmo0j.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 10:01:14 GMT
content-type: application/javascript; charset=utf-8
content-length: 3150
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5ff0b799-1ed1"
last-modified: Sat, 02 Jan 2021 18:12:41 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 318669
expires: Thu, 24 Apr 2025 10:01:14 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ID3gmmP%2B4F8dzWzrMRJi%2B4bwt%2B4geDwtAc5sKaYIZTaI%2Ful8%2FfrUwDwYarjDn2ir0TNu0AEdnR2ThyyzgRpfLpt4kYEc6qfKXbGfg6Y5pBA9wGxL%2Bo9sny1lbe8tizu6tzD1Ex7f"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87e7a5fc9b0ab517-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 3.bp.blogspot.com/-ZZSacDHLWlM/VhvlKTMjbLI/AAAAAAAAF2M/UDzU4rrvcaI/s1600/btn_close.gif | 142.250.74.161 | 200 OK | 362 B |
URL GET HTTP/23.bp.blogspot.com/-ZZSacDHLWlM/VhvlKTMjbLI/AAAAAAAAF2M/UDzU4rrvcaI/s1600/btn_close.gif IP142.250.74.161:443
Requested byhttps://jacksonweidenbachjmo0j.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectmisc-sni.blogspot.com FingerprintC4:7D:61:88:AB:F1:15:A1:36:2A:68:39:51:62:46:00:23:6D:39:00 ValidityTue, 16 Apr 2024 03:45:20 GMT - Tue, 09 Jul 2024 03:45:19 GMT
File typeGIF image data, version 89a, 52 x 15 Hashfd2c05a8c327ace309722b0a5fc4faf3 f446e97c43f8830be9f60644563dd846abe6b8e8 0450e2e1aa3c8b5435690d841f3e573c4f521864e1f8e01a5b6dbcdac922c8b4
GET /-ZZSacDHLWlM/VhvlKTMjbLI/AAAAAAAAF2M/UDzU4rrvcaI/s1600/btn_close.gif HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jacksonweidenbachjmo0j.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="btn_close.gif"
x-content-type-options: nosniff
server: fife
content-length: 362
x-xss-protection: 0
date: Sat, 04 May 2024 09:38:01 GMT
expires: Sun, 05 May 2024 09:38:01 GMT
cache-control: public, max-age=86400, no-transform
age: 1394
etag: "v1764"
content-type: image/gif
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.topcreativeformat.com/3dc4ca87e07d09e08b5aa5d2105c033d/invoke.js | 192.243.61.225 | 200 OK | 12 kB |
URL GET HTTP/1.1www.topcreativeformat.com/3dc4ca87e07d09e08b5aa5d2105c033d/invoke.js IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://jacksonweidenbachjmo0j.pages.dev/ CertificateIssuerLet's Encrypt Subjecttopcreativeformat.com Fingerprint6D:98:D9:61:FC:CF:D9:8C:FE:5E:1C:15:5A:A5:F2:28:38:04:A4:A4 ValidityWed, 20 Mar 2024 07:51:41 GMT - Tue, 18 Jun 2024 07:51:40 GMT
File typeJavaScript source, ASCII text, with very long lines (31273), with no line terminators Hash6dbdb2121d7e45457b740cc1e939d40b 35ed844b371f46c1d96211192e1f73e0aa128ebc 279ad6515f04e61fd0db1b1da6df035eca2f5839939ee0e9622f6a4c7e9484cf
GET /3dc4ca87e07d09e08b5aa5d2105c033d/invoke.js HTTP/1.1
Host: www.topcreativeformat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jacksonweidenbachjmo0j.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 10:01:15 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c1cfa43fd8c6e0b7d0f98a8c0dc86636
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| ocsp.r2m03.amazontrust.com/ | 143.204.53.97 | | 471 B |
URL ocsp.r2m03.amazontrust.com/ IP143.204.53.97:0
Hash353dbae1e1b45a750770ae51bef13ba7 465917a2a0bbb947e9727e7f08b584a82aa6fb81 9fa5becc3e07f31f2f08bf5f331d6bfda4f6386634ea524bc3a8c56ac1c0bc2b
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sat, 04 May 2024 10:01:16 GMT
Last-Modified: Sat, 04 May 2024 09:40:38 GMT
Server: ECAcc (ska/F6D2)
X-Cache: Miss from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 0cDIKPgbN9Ur7ITkXoKGt6wq1Ybk2zDRCXnTjRCyDemyTBuebBaXzg==
Age: 1238
|
|
| proftrafficcounter.com/stats | 18.185.9.67 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP18.185.9.67:443
Requested byhttps://jacksonweidenbachjmo0j.pages.dev/ CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash841bddef6ec5e658143ca22fede9dc0e dc487b29373de60f50a64a2c0d8cdd8ea2efe606 e11f221d6c945ac7868e76b8c06f46bdf61bce94b052b8e0230d3fecef15c704
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jacksonweidenbachjmo0j.pages.dev/
Origin: https://jacksonweidenbachjmo0j.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 10:01:16 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://jacksonweidenbachjmo0j.pages.dev
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=3460e8d9-d686-4348-97e9-bc54135ea342:1:1; expires=Tue, 02 May 2034 10:01:16 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| www.topcreativeformat.com/3dc4ca87e07d09e08b5aa5d2105c033d/invoke.js | 192.243.61.225 | 200 OK | 12 kB |
URL GET HTTP/1.1www.topcreativeformat.com/3dc4ca87e07d09e08b5aa5d2105c033d/invoke.js IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://jacksonweidenbachjmo0j.pages.dev/ CertificateIssuerLet's Encrypt Subjecttopcreativeformat.com Fingerprint6D:98:D9:61:FC:CF:D9:8C:FE:5E:1C:15:5A:A5:F2:28:38:04:A4:A4 ValidityWed, 20 Mar 2024 07:51:41 GMT - Tue, 18 Jun 2024 07:51:40 GMT
File typeJavaScript source, ASCII text, with very long lines (31279), with no line terminators Hash49e6459948758b73c9431678716ea1eb b036c6a6ea7a6b52a8e5eb830b30d2f2d11f7667 eb596593861c50b17b6c99bba184b68387a1bcf123342bdf9ad5f927596976bd
GET /3dc4ca87e07d09e08b5aa5d2105c033d/invoke.js HTTP/1.1
Host: www.topcreativeformat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jacksonweidenbachjmo0j.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 10:01:16 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b6df57f7833a7e35c1f5d01467dc3392
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| baskdisk.com/watch.218489327570.js?key=3dc4ca87e07d09e08b5aa5d2105c033d&kw=%5B%5D&refer=https%3A%2F%2Fjacksonweidenbachjmo0j.pages.dev%2F&tz=0&dev=e&res=14.2071&uuid=3460e8d9-d686-4348-97e9-bc54135ea342%3A1%3A1 | 192.243.59.13 | 307 Temporary Redirect | 0 B |
URL GET HTTP/1.1baskdisk.com/watch.218489327570.js?key=3dc4ca87e07d09e08b5aa5d2105c033d&kw=%5B%5D&refer=https%3A%2F%2Fjacksonweidenbachjmo0j.pages.dev%2F&tz=0&dev=e&res=14.2071&uuid=3460e8d9-d686-4348-97e9-bc54135ea342%3A1%3A1 IP192.243.59.13:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://jacksonweidenbachjmo0j.pages.dev/ CertificateIssuerLet's Encrypt Subjectbaskdisk.com Fingerprint38:F5:31:F3:64:B5:5C:ED:CA:6C:5E:FB:F7:04:F9:CE:A5:3C:74:BC ValidityMon, 29 Apr 2024 12:48:34 GMT - Sun, 28 Jul 2024 12:48:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /watch.218489327570.js?key=3dc4ca87e07d09e08b5aa5d2105c033d&kw=%5B%5D&refer=https%3A%2F%2Fjacksonweidenbachjmo0j.pages.dev%2F&tz=0&dev=e&res=14.2071&uuid=3460e8d9-d686-4348-97e9-bc54135ea342%3A1%3A1 HTTP/1.1
Host: baskdisk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jacksonweidenbachjmo0j.pages.dev/
Origin: https://jacksonweidenbachjmo0j.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sat, 04 May 2024 10:01:16 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://jacksonweidenbachjmo0j.pages.dev
Access-Control-Allow-Origin: https://jacksonweidenbachjmo0j.pages.dev
Access-Control-Allow-Credentials: true
Location: https://baskdisk.com/watch.218489327570.js?dev=e&key=3dc4ca87e07d09e08b5aa5d2105c033d&kw=%5B%5D&pst=1714816936&refer=https%3A%2F%2Fjacksonweidenbachjmo0j.pages.dev%2F&res=14.2071&rmtc=t&shu=d800ac71df840022dccf29e7c68951733a0456f34888025ccf60c9c6beba852dca09c1219304703be52b5563c224cd58bc01bc91be4854851865e8139baa69a51433b0419bca0da0ee52654bce3fc077c0edb0412acb5651e3d6c38d230d38&tz=0&uuid=3460e8d9-d686-4348-97e9-bc54135ea342%3A1%3A1
Set-Cookie: u_pl=17761257; expires=Sun, 05 May 2024 10:01:16 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzc2MTI1NywiayI6IjNkYzRjYTg3ZTA3ZDA5ZTA4YjVhYTVkMjEwNWMwMzNkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDEwODQ4LCJwaWQiOjQ2MTQ4NCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6InA0dmFnN3EwbSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2phY2tzb253ZWlkZW5iYWNoam1vMGoucGFnZXMuZGV2LyIsImFyIjpbXX19.D6wKmvsE2PXdpWyDZuZTIrXc4gmW6NSjJKpodC34B-E; expires=Sat, 04 May 2024 10:02:16 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5159b242543b976d919d8de10bd65659
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| www.topcreativeformat.com/1f00c6b60ce46955dbdc5d473dcaea71/invoke.js | 192.243.61.225 | 200 OK | 12 kB |
URL GET HTTP/1.1www.topcreativeformat.com/1f00c6b60ce46955dbdc5d473dcaea71/invoke.js IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://jacksonweidenbachjmo0j.pages.dev/ CertificateIssuerLet's Encrypt Subjecttopcreativeformat.com Fingerprint6D:98:D9:61:FC:CF:D9:8C:FE:5E:1C:15:5A:A5:F2:28:38:04:A4:A4 ValidityWed, 20 Mar 2024 07:51:41 GMT - Tue, 18 Jun 2024 07:51:40 GMT
File typeJavaScript source, ASCII text, with very long lines (31318), with no line terminators Hash82e1187c335456710ffe8885f2f2f75b 8653121d1010e5f4a42d1d4308f88d74fd8b537c 9167801c02222437070df916e94aa937916cffb4af3c319272ba72ef682de84a
GET /1f00c6b60ce46955dbdc5d473dcaea71/invoke.js HTTP/1.1
Host: www.topcreativeformat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jacksonweidenbachjmo0j.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 10:01:16 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b04db905c0ceebeeed08db5f2475cc9e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| baskdisk.com/watch.218489327570.js?dev=e&key=3dc4ca87e07d09e08b5aa5d2105c033d&kw=%5B%5D&pst=1714816936&refer=https%3A%2F%2Fjacksonweidenbachjmo0j.pages.dev%2F&res=14.2071&rmtc=t&shu=d800ac71df840022dccf29e7c68951733a0456f34888025ccf60c9c6beba852dca09c1219304703be52b5563c224cd58bc01bc91be4854851865e8139baa69a51433b0419bca0da0ee52654bce3fc077c0edb0412acb5651e3d6c38d230d38&tz=0&uuid=3460e8d9-d686-4348-97e9-bc54135ea342%3A1%3A1 | 192.243.59.13 | 200 OK | 2.0 kB |
URL GET HTTP/1.1baskdisk.com/watch.218489327570.js?dev=e&key=3dc4ca87e07d09e08b5aa5d2105c033d&kw=%5B%5D&pst=1714816936&refer=https%3A%2F%2Fjacksonweidenbachjmo0j.pages.dev%2F&res=14.2071&rmtc=t&shu=d800ac71df840022dccf29e7c68951733a0456f34888025ccf60c9c6beba852dca09c1219304703be52b5563c224cd58bc01bc91be4854851865e8139baa69a51433b0419bca0da0ee52654bce3fc077c0edb0412acb5651e3d6c38d230d38&tz=0&uuid=3460e8d9-d686-4348-97e9-bc54135ea342%3A1%3A1 IP192.243.59.13:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://jacksonweidenbachjmo0j.pages.dev/ CertificateIssuerLet's Encrypt Subjectbaskdisk.com Fingerprint38:F5:31:F3:64:B5:5C:ED:CA:6C:5E:FB:F7:04:F9:CE:A5:3C:74:BC ValidityMon, 29 Apr 2024 12:48:34 GMT - Sun, 28 Jul 2024 12:48:33 GMT
File typeJavaScript source, ASCII text, with very long lines (2430) Hash07e51a029f7497a0a791a92ac32ba7d8 641e927c1c57d5afeed091623f78467c6464757d 74643a7763113ade8ffbdc440ca73e06322f6c644606461e5ea775053cdafabe
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /watch.218489327570.js?dev=e&key=3dc4ca87e07d09e08b5aa5d2105c033d&kw=%5B%5D&pst=1714816936&refer=https%3A%2F%2Fjacksonweidenbachjmo0j.pages.dev%2F&res=14.2071&rmtc=t&shu=d800ac71df840022dccf29e7c68951733a0456f34888025ccf60c9c6beba852dca09c1219304703be52b5563c224cd58bc01bc91be4854851865e8139baa69a51433b0419bca0da0ee52654bce3fc077c0edb0412acb5651e3d6c38d230d38&tz=0&uuid=3460e8d9-d686-4348-97e9-bc54135ea342%3A1%3A1 HTTP/1.1
Host: baskdisk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jacksonweidenbachjmo0j.pages.dev
Referer: https://jacksonweidenbachjmo0j.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: u_pl=17761257; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzc2MTI1NywiayI6IjNkYzRjYTg3ZTA3ZDA5ZTA4YjVhYTVkMjEwNWMwMzNkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDEwODQ4LCJwaWQiOjQ2MTQ4NCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6InA0dmFnN3EwbSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2phY2tzb253ZWlkZW5iYWNoam1vMGoucGFnZXMuZGV2LyIsImFyIjpbXX19.D6wKmvsE2PXdpWyDZuZTIrXc4gmW6NSjJKpodC34B-E
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 10:01:16 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://jacksonweidenbachjmo0j.pages.dev
Access-Control-Allow-Origin: https://jacksonweidenbachjmo0j.pages.dev
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=3460e8d9-d686-4348-97e9-bc54135ea342:1:1; expires=Sat, 11 May 2024 10:01:16 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 05 May 2024 10:01:16 GMT; secure; SameSite=None
uncs=1; expires=Sun, 05 May 2024 10:01:16 GMT; secure; SameSite=None
pdhtkv5=true; expires=Sun, 05 May 2024 10:01:16 GMT; secure; SameSite=None
uncs5=1; expires=Sun, 05 May 2024 10:01:16 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 859ac8673e46aa6014ac5b9c2323c8b6
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| tse1.mm.bing.net/th?q= | 13.107.21.200 | 404 Not Found | 727 B |
IP13.107.21.200:443 ASN#8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://jacksonweidenbachjmo0j.pages.dev/ CertificateIssuerMicrosoft Corporation Subjectwww.bing.com Fingerprint02:83:27:F9:50:D8:BE:B9:5E:DF:1A:4A:45:3B:6D:3C:BC:30:F2:58 ValidityWed, 01 May 2024 01:58:25 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, baseline, precision 8, 80x80, components 3 Hash5116706c119475f5ae2fc135c3358037 7e5bdf3585153e317ebef05a9b8241d311e44cb3 7edda2585f580c167fd4e3a6c162534548cda437f8bef67c544f3aa9c162a17c
GET /th?q= HTTP/1.1
Host: tse1.mm.bing.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jacksonweidenbachjmo0j.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
cache-control: no-cache
pragma: no-cache
content-length: 727
expires: -1
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}&ndcParam=QUZE
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D2C350E6FA8143389AE3CE3A6095B2ED Ref B: OSL30EDGE0106 Ref C: 2024-05-04T10:01:16Z
date: Sat, 04 May 2024 10:01:16 GMT
X-Firefox-Spdy: h2
|
|
| fleckfound.com/watch.1575824402322.js?key=3dc4ca87e07d09e08b5aa5d2105c033d&kw=%5B%5D&refer=https%3A%2F%2Fjacksonweidenbachjmo0j.pages.dev%2F&tz=0&dev=e&res=14.2071&uuid=3460e8d9-d686-4348-97e9-bc54135ea342%3A1%3A1 | 192.243.59.13 | 307 Temporary Redirect | 0 B |
URL GET HTTP/1.1fleckfound.com/watch.1575824402322.js?key=3dc4ca87e07d09e08b5aa5d2105c033d&kw=%5B%5D&refer=https%3A%2F%2Fjacksonweidenbachjmo0j.pages.dev%2F&tz=0&dev=e&res=14.2071&uuid=3460e8d9-d686-4348-97e9-bc54135ea342%3A1%3A1 IP192.243.59.13:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://jacksonweidenbachjmo0j.pages.dev/ CertificateIssuerLet's Encrypt Subjectfleckfound.com Fingerprint06:C3:C5:8B:02:60:4C:0D:E3:E4:62:97:7A:84:1B:D5:9B:3F:49:F9 ValidityMon, 29 Apr 2024 12:52:40 GMT - Sun, 28 Jul 2024 12:52:39 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /watch.1575824402322.js?key=3dc4ca87e07d09e08b5aa5d2105c033d&kw=%5B%5D&refer=https%3A%2F%2Fjacksonweidenbachjmo0j.pages.dev%2F&tz=0&dev=e&res=14.2071&uuid=3460e8d9-d686-4348-97e9-bc54135ea342%3A1%3A1 HTTP/1.1
Host: fleckfound.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jacksonweidenbachjmo0j.pages.dev/
Origin: https://jacksonweidenbachjmo0j.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sat, 04 May 2024 10:01:17 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://jacksonweidenbachjmo0j.pages.dev
Access-Control-Allow-Origin: https://jacksonweidenbachjmo0j.pages.dev
Access-Control-Allow-Credentials: true
Location: https://fleckfound.com/watch.1575824402322.js?dev=e&key=3dc4ca87e07d09e08b5aa5d2105c033d&kw=%5B%5D&pst=1714816937&refer=https%3A%2F%2Fjacksonweidenbachjmo0j.pages.dev%2F&res=14.2071&rmtc=t&shu=35424650855ccb4b7436e6a09c7e1897343fdc374d02561401c68e316072ea31dc258587b8cd4451d108299dca6e9506c9e0c19de51066c8b7c2c7d400e12673b66d28ff97ade50786ab0d902d2d1dd07b17e2cdcc59002447b053c07c7c79&tz=0&uuid=3460e8d9-d686-4348-97e9-bc54135ea342%3A1%3A1
Set-Cookie: u_pl=17761257; expires=Sun, 05 May 2024 10:01:17 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzc2MTI1NywiayI6IjNkYzRjYTg3ZTA3ZDA5ZTA4YjVhYTVkMjEwNWMwMzNkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDEwODQ4LCJwaWQiOjQ2MTQ4NCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6InA0dmFnN3EwbSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2phY2tzb253ZWlkZW5iYWNoam1vMGoucGFnZXMuZGV2LyIsImFyIjpbXX19.D6wKmvsE2PXdpWyDZuZTIrXc4gmW6NSjJKpodC34B-E; expires=Sat, 04 May 2024 10:02:17 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a59d457389cea208e4b653be074c2b49
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| compositeclauseviscount.com/watch.1557647219855.js?key=1f00c6b60ce46955dbdc5d473dcaea71&kw=%5B%5D&refer=https%3A%2F%2Fjacksonweidenbachjmo0j.pages.dev%2F&tz=0&dev=e&res=14.2071&uuid=3460e8d9-d686-4348-97e9-bc54135ea342%3A1%3A1 | 192.243.59.20 | 307 Temporary Redirect | 0 B |
URL GET HTTP/1.1compositeclauseviscount.com/watch.1557647219855.js?key=1f00c6b60ce46955dbdc5d473dcaea71&kw=%5B%5D&refer=https%3A%2F%2Fjacksonweidenbachjmo0j.pages.dev%2F&tz=0&dev=e&res=14.2071&uuid=3460e8d9-d686-4348-97e9-bc54135ea342%3A1%3A1 IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://jacksonweidenbachjmo0j.pages.dev/ CertificateIssuerLet's Encrypt Subjectcompositeclauseviscount.com Fingerprint43:62:25:F8:16:A9:06:21:0F:31:1E:1E:A7:99:DC:0E:98:0D:E9:B0 ValidityTue, 30 Apr 2024 15:26:58 GMT - Mon, 29 Jul 2024 15:26:57 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /watch.1557647219855.js?key=1f00c6b60ce46955dbdc5d473dcaea71&kw=%5B%5D&refer=https%3A%2F%2Fjacksonweidenbachjmo0j.pages.dev%2F&tz=0&dev=e&res=14.2071&uuid=3460e8d9-d686-4348-97e9-bc54135ea342%3A1%3A1 HTTP/1.1
Host: compositeclauseviscount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jacksonweidenbachjmo0j.pages.dev/
Origin: https://jacksonweidenbachjmo0j.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sat, 04 May 2024 10:01:17 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://jacksonweidenbachjmo0j.pages.dev
Access-Control-Allow-Origin: https://jacksonweidenbachjmo0j.pages.dev
Access-Control-Allow-Credentials: true
Location: https://compositeclauseviscount.com/watch.1557647219855.js?dev=e&key=1f00c6b60ce46955dbdc5d473dcaea71&kw=%5B%5D&pst=1714816937&refer=https%3A%2F%2Fjacksonweidenbachjmo0j.pages.dev%2F&res=14.2071&rmtc=t&shu=eb0a04516464f1919a14360a1e2ecfeabf136844ee3be9441029a81a5aa558af420714585539929a80e84bd96ed97e0eaa8cbf6fb95f8f621f6860607af6f7b618d7550cf5505432576932043de33129f7b10c8cf894efa6ce93923ab0a1&tz=0&uuid=3460e8d9-d686-4348-97e9-bc54135ea342%3A1%3A1
Set-Cookie: u_pl=17761293; expires=Sun, 05 May 2024 10:01:17 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzc2MTI5MywiayI6IjFmMDBjNmI2MGNlNDY5NTVkYmRjNWQ0NzNkY2FlYTcxIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDEwODYyLCJwaWQiOjM5OTU3NSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6ImJ0cWthNWJmeiIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2phY2tzb253ZWlkZW5iYWNoam1vMGoucGFnZXMuZGV2LyIsImFyIjpbXX19.Lo52LQaJxPGdzmiGrrrLS8iKOWlbLo2mA6i1Njj6fuw; expires=Sat, 04 May 2024 10:02:17 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3edd643dd1e74dcf5197428d6787cd24
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| cdn.cloudimagesb.com/cti/a6/98/59/a69859f4eba916402d687172cccc4814/1708072295.png | 45.133.44.9 | 200 OK | 73 kB |
URL GET HTTP/2cdn.cloudimagesb.com/cti/a6/98/59/a69859f4eba916402d687172cccc4814/1708072295.png IP45.133.44.9:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://jacksonweidenbachjmo0j.pages.dev/ CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typePNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced Hash967ccbf525790b3d6e9ca46b436acef7 0351b0b4fab8bc70e1bce3872bc538fc976a7b44 1698a3cc4a295999590b0dd32fb7d21426a94d2578d3d9ebffa4b1b788aca43a
GET /cti/a6/98/59/a69859f4eba916402d687172cccc4814/1708072295.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 10:01:17 GMT
content-type: image/png
content-length: 73016
server: nginx/1.21.6
last-modified: Fri, 16 Feb 2024 08:31:43 GMT
etag: "65cf1d6f-11d38"
expires: Mon, 06 May 2024 10:01:17 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| fleckfound.com/watch.1575824402322.js?dev=e&key=3dc4ca87e07d09e08b5aa5d2105c033d&kw=%5B%5D&pst=1714816937&refer=https%3A%2F%2Fjacksonweidenbachjmo0j.pages.dev%2F&res=14.2071&rmtc=t&shu=35424650855ccb4b7436e6a09c7e1897343fdc374d02561401c68e316072ea31dc258587b8cd4451d108299dca6e9506c9e0c19de51066c8b7c2c7d400e12673b66d28ff97ade50786ab0d902d2d1dd07b17e2cdcc59002447b053c07c7c79&tz=0&uuid=3460e8d9-d686-4348-97e9-bc54135ea342%3A1%3A1 | 192.243.59.13 | 200 OK | 2.0 kB |
URL GET HTTP/1.1fleckfound.com/watch.1575824402322.js?dev=e&key=3dc4ca87e07d09e08b5aa5d2105c033d&kw=%5B%5D&pst=1714816937&refer=https%3A%2F%2Fjacksonweidenbachjmo0j.pages.dev%2F&res=14.2071&rmtc=t&shu=35424650855ccb4b7436e6a09c7e1897343fdc374d02561401c68e316072ea31dc258587b8cd4451d108299dca6e9506c9e0c19de51066c8b7c2c7d400e12673b66d28ff97ade50786ab0d902d2d1dd07b17e2cdcc59002447b053c07c7c79&tz=0&uuid=3460e8d9-d686-4348-97e9-bc54135ea342%3A1%3A1 IP192.243.59.13:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://jacksonweidenbachjmo0j.pages.dev/ CertificateIssuerLet's Encrypt Subjectfleckfound.com Fingerprint06:C3:C5:8B:02:60:4C:0D:E3:E4:62:97:7A:84:1B:D5:9B:3F:49:F9 ValidityMon, 29 Apr 2024 12:52:40 GMT - Sun, 28 Jul 2024 12:52:39 GMT
File typeJavaScript source, ASCII text, with very long lines (2429) Hash74104f97889be0828dfcc8d4235a0242 1b564281749fa671de726affcbc8ca64b3fa23e2 c78cbc5057998a2cf82e630560cc62e2c170fe778c50d1f4ab5fa4dc913075dc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /watch.1575824402322.js?dev=e&key=3dc4ca87e07d09e08b5aa5d2105c033d&kw=%5B%5D&pst=1714816937&refer=https%3A%2F%2Fjacksonweidenbachjmo0j.pages.dev%2F&res=14.2071&rmtc=t&shu=35424650855ccb4b7436e6a09c7e1897343fdc374d02561401c68e316072ea31dc258587b8cd4451d108299dca6e9506c9e0c19de51066c8b7c2c7d400e12673b66d28ff97ade50786ab0d902d2d1dd07b17e2cdcc59002447b053c07c7c79&tz=0&uuid=3460e8d9-d686-4348-97e9-bc54135ea342%3A1%3A1 HTTP/1.1
Host: fleckfound.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jacksonweidenbachjmo0j.pages.dev
Referer: https://jacksonweidenbachjmo0j.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: u_pl=17761257; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzc2MTI1NywiayI6IjNkYzRjYTg3ZTA3ZDA5ZTA4YjVhYTVkMjEwNWMwMzNkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDEwODQ4LCJwaWQiOjQ2MTQ4NCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6InA0dmFnN3EwbSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2phY2tzb253ZWlkZW5iYWNoam1vMGoucGFnZXMuZGV2LyIsImFyIjpbXX19.D6wKmvsE2PXdpWyDZuZTIrXc4gmW6NSjJKpodC34B-E
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 10:01:17 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://jacksonweidenbachjmo0j.pages.dev
Access-Control-Allow-Origin: https://jacksonweidenbachjmo0j.pages.dev
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=3460e8d9-d686-4348-97e9-bc54135ea342:1:1; expires=Sat, 11 May 2024 10:01:17 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 05 May 2024 10:01:17 GMT; secure; SameSite=None
uncs=1; expires=Sun, 05 May 2024 10:01:17 GMT; secure; SameSite=None
pdhtkv5=true; expires=Sun, 05 May 2024 10:01:17 GMT; secure; SameSite=None
uncs5=1; expires=Sun, 05 May 2024 10:01:17 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 49d8d6f0f9fdecdd1973f84b413906a1
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| compositeclauseviscount.com/watch.1557647219855.js?dev=e&key=1f00c6b60ce46955dbdc5d473dcaea71&kw=%5B%5D&pst=1714816937&refer=https%3A%2F%2Fjacksonweidenbachjmo0j.pages.dev%2F&res=14.2071&rmtc=t&shu=eb0a04516464f1919a14360a1e2ecfeabf136844ee3be9441029a81a5aa558af420714585539929a80e84bd96ed97e0eaa8cbf6fb95f8f621f6860607af6f7b618d7550cf5505432576932043de33129f7b10c8cf894efa6ce93923ab0a1&tz=0&uuid=3460e8d9-d686-4348-97e9-bc54135ea342%3A1%3A1 | 192.243.59.20 | 200 OK | 2.0 kB |
URL GET HTTP/1.1compositeclauseviscount.com/watch.1557647219855.js?dev=e&key=1f00c6b60ce46955dbdc5d473dcaea71&kw=%5B%5D&pst=1714816937&refer=https%3A%2F%2Fjacksonweidenbachjmo0j.pages.dev%2F&res=14.2071&rmtc=t&shu=eb0a04516464f1919a14360a1e2ecfeabf136844ee3be9441029a81a5aa558af420714585539929a80e84bd96ed97e0eaa8cbf6fb95f8f621f6860607af6f7b618d7550cf5505432576932043de33129f7b10c8cf894efa6ce93923ab0a1&tz=0&uuid=3460e8d9-d686-4348-97e9-bc54135ea342%3A1%3A1 IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://jacksonweidenbachjmo0j.pages.dev/ CertificateIssuerLet's Encrypt Subjectcompositeclauseviscount.com Fingerprint43:62:25:F8:16:A9:06:21:0F:31:1E:1E:A7:99:DC:0E:98:0D:E9:B0 ValidityTue, 30 Apr 2024 15:26:58 GMT - Mon, 29 Jul 2024 15:26:57 GMT
File typeJavaScript source, ASCII text, with very long lines (2469) Hash07abe1e242ff143becec44b3a865cb27 e6b077642af4304b2b2abc25eb925b9d607d6fc9 0eab1280cb823b601b2ad34cf4763e17e270356c703bad27a062e32db5e2113f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /watch.1557647219855.js?dev=e&key=1f00c6b60ce46955dbdc5d473dcaea71&kw=%5B%5D&pst=1714816937&refer=https%3A%2F%2Fjacksonweidenbachjmo0j.pages.dev%2F&res=14.2071&rmtc=t&shu=eb0a04516464f1919a14360a1e2ecfeabf136844ee3be9441029a81a5aa558af420714585539929a80e84bd96ed97e0eaa8cbf6fb95f8f621f6860607af6f7b618d7550cf5505432576932043de33129f7b10c8cf894efa6ce93923ab0a1&tz=0&uuid=3460e8d9-d686-4348-97e9-bc54135ea342%3A1%3A1 HTTP/1.1
Host: compositeclauseviscount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jacksonweidenbachjmo0j.pages.dev
Referer: https://jacksonweidenbachjmo0j.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: u_pl=17761293; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzc2MTI5MywiayI6IjFmMDBjNmI2MGNlNDY5NTVkYmRjNWQ0NzNkY2FlYTcxIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDEwODYyLCJwaWQiOjM5OTU3NSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6ImJ0cWthNWJmeiIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2phY2tzb253ZWlkZW5iYWNoam1vMGoucGFnZXMuZGV2LyIsImFyIjpbXX19.Lo52LQaJxPGdzmiGrrrLS8iKOWlbLo2mA6i1Njj6fuw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 10:01:17 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://jacksonweidenbachjmo0j.pages.dev
Access-Control-Allow-Origin: https://jacksonweidenbachjmo0j.pages.dev
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=3460e8d9-d686-4348-97e9-bc54135ea342:1:1; expires=Sat, 11 May 2024 10:01:17 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 05 May 2024 10:01:17 GMT; secure; SameSite=None
uncs=1; expires=Sun, 05 May 2024 10:01:17 GMT; secure; SameSite=None
pdhtkv5=true; expires=Sun, 05 May 2024 10:01:17 GMT; secure; SameSite=None
uncs5=1; expires=Sun, 05 May 2024 10:01:17 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ad7cfe92a68a800122b73680228c6385
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| cdn.cloudimagesb.com/cti/41/00/e1/4100e1ec48d8ae82b50d31d374fc4537/1707813732.png | 45.133.44.9 | 200 OK | 104 kB |
URL GET HTTP/2cdn.cloudimagesb.com/cti/41/00/e1/4100e1ec48d8ae82b50d31d374fc4537/1707813732.png IP45.133.44.9:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://jacksonweidenbachjmo0j.pages.dev/ CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typePNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced Size104 kB (103467 bytes) Hashe661e37b3ce102135ded3de19e25ca47 cf4180faec136ff3e1a04b059676bde9c9654bee b6f3a2708c6c43dfca6ee30be64a520089afce3736ec5cdad8a26336a9c4eff3
GET /cti/41/00/e1/4100e1ec48d8ae82b50d31d374fc4537/1707813732.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 10:01:17 GMT
content-type: image/png
content-length: 103467
server: nginx/1.21.6
last-modified: Tue, 13 Feb 2024 08:42:21 GMT
etag: "65cb2b6d-1942b"
expires: Mon, 06 May 2024 10:01:17 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| suggestqueries.google.com/complete/search?jsonp=autoRelated&hl=en&client=firefox&q= | 142.250.74.142 | 200 OK | 14 kB |
URL GET HTTP/2suggestqueries.google.com/complete/search?jsonp=autoRelated&hl=en&client=firefox&q= IP142.250.74.142:443
Requested byhttps://jacksonweidenbachjmo0j.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File typeASCII text, with no line terminators Hashfdbaede1a8136a6bd589d54e2f69fff8 883905e057c9b758a95c9ece940d089e3af85e0a 5ffae3c0e627b6a2083d67639bfa32ecfe695671ee25f8e1315d2067a4e28df4
GET /complete/search?jsonp=autoRelated&hl=en&client=firefox&q= HTTP/1.1
Host: suggestqueries.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jacksonweidenbachjmo0j.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 10:01:17 GMT
pragma: no-cache
expires: -1
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-8EcG1aJx_l5MsBwXCVmI-g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/fff
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/fff"}]}
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: gws
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| shayscholz.blogspot.com/favicon.ico | 142.250.74.161 | | 412 B |
URL GET shayscholz.blogspot.com/favicon.ico IP142.250.74.161:0
Requested byhttps://jacksonweidenbachjmo0j.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectmisc-sni.blogspot.com FingerprintC4:7D:61:88:AB:F1:15:A1:36:2A:68:39:51:62:46:00:23:6D:39:00 ValidityTue, 16 Apr 2024 03:45:20 GMT - Tue, 09 Jul 2024 03:45:19 GMT
File typeMS Windows icon resource - 2 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel Hash59a0c7b6e4848ccdabcea0636efda02b 30ef5c54b8bbc3487ea2b4c45cd11ea2932e4340 a1495da3cf3db37bf105a12658636ff628fee7b73975b9200049af7747e60b1f
GET /favicon.ico HTTP/1.1
Host: shayscholz.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jacksonweidenbachjmo0j.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/x-icon
expires: Sat, 04 May 2024 10:01:17 GMT
date: Sat, 04 May 2024 10:01:17 GMT
cache-control: private, max-age=86400
last-modified: Fri, 08 Mar 2024 19:12:27 GMT
etag: W/"53e1bb00e6929e879a040ee00d8ddd9c6a9b1f6c6c79cd1077a9390901619218"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 412
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| jacksonweidenbachjmo0j.pages.dev/ | 172.66.47.167 | 200 OK | 17 kB |
URL User Request GET HTTP/2jacksonweidenbachjmo0j.pages.dev/ IP172.66.47.167:443
CertificateIssuerGoogle Trust Services LLC Subjectjacksonweidenbachjmo0j.pages.dev Fingerprint84:72:8E:36:BA:6A:0F:61:BC:3F:63:4A:20:01:A1:A8:FC:05:AD:86 ValidityFri, 03 May 2024 23:04:40 GMT - Thu, 01 Aug 2024 23:04:39 GMT
File typeHTML document, ASCII text, with very long lines (7816) Hashe64597aedbb591b66e924eea8d0e15cc 750d28d027fe151b8bf930e955a96b15600a6e48 5ae74be6016b2e209459558aaa1380d1543764b4aa3433b79a9a4fd5e84804d4
GET / HTTP/1.1
Host: jacksonweidenbachjmo0j.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 10:01:14 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"f3e3f5b3678d53d83f0a063302e382c7"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zsNEwSvBEBQC7LQxgNxrGEj63aGuXk6fYzLdk5MlUCalMhXI9HQagL0aP2blQCeoUSKLHRJ6ovTrSaBC8AIdG6suURGkCoQ2ZgU028%2FvNUkvY94DzC7w8Nsw0xiZxtZhDO8%2B1Ub5KqJBekMH6QfGYDBzBg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e7a5f94cb8b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ads.bisniskini.biz.id/get/site/js/d6f51a1ed1d2f145512197f7cd7be46d | 172.67.214.128 | 200 OK | 293 B |
URL GET HTTP/3ads.bisniskini.biz.id/get/site/js/d6f51a1ed1d2f145512197f7cd7be46d IP172.67.214.128:443
Requested byhttps://jacksonweidenbachjmo0j.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectbisniskini.biz.id FingerprintCB:C5:50:71:58:97:D7:6D:B9:8F:63:0E:B9:30:B7:87:1D:05:E2:5A ValiditySun, 14 Apr 2024 15:48:05 GMT - Sat, 13 Jul 2024 15:48:04 GMT
File typeASCII text, with very long lines (324), with no line terminators Hasha5223bd949f2c0cdc96de4974db4ec79 7977787c575e7b5678788568271f9bf82002e585 a9b2970fb5aed07e36c33570baad602b483d88387e237c5719e32edf30d28377
GET /get/site/js/d6f51a1ed1d2f145512197f7cd7be46d HTTP/1.1
Host: ads.bisniskini.biz.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jacksonweidenbachjmo0j.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 10:01:16 GMT
content-type: application/javascript
set-cookie: PHPSESSID=tp7r5h13mehvs463hhkpp9ctvp; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bOv5HanvulAkTYk0NbB8UXTvLHSj2Ul2rXyc%2FStps%2BvdnH%2FmnK3O5CmLOfv7lSCKMy72VYpn8xBmxVxqhQxWHhVVGyt5NpxL2yV08AaKaDW57vmlPV3d39ykTavKUb%2FdRgYPwPUd4Xk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e7a6037af8b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdn.cloudimagesb.com/cti/9c/d2/69/9cd26933ebe985d5a8178516a98dc720/1708072332.png | 45.133.44.9 | 200 OK | 13 kB |
URL GET HTTP/2cdn.cloudimagesb.com/cti/9c/d2/69/9cd26933ebe985d5a8178516a98dc720/1708072332.png IP45.133.44.9:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://jacksonweidenbachjmo0j.pages.dev/ CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typePNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced Hashb5f47268030128e0d7f1606c06593e3f 1663d41fb8f733bdfcd7bc383c17ae15f775b375 3e35ff777c97b07f2ad899fc53f2ba10e0c50688c0394558b715ca24522b4098
GET /cti/9c/d2/69/9cd26933ebe985d5a8178516a98dc720/1708072332.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 10:01:17 GMT
content-type: image/png
content-length: 13443
server: nginx/1.21.6
last-modified: Fri, 16 Feb 2024 08:32:20 GMT
etag: "65cf1d94-3483"
expires: Mon, 06 May 2024 10:01:17 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| ads.bisniskini.biz.id/get/site/js/d6f51a1ed1d2f145512197f7cd7be46d | 172.67.214.128 | 200 OK | 293 B |
URL GET HTTP/2ads.bisniskini.biz.id/get/site/js/d6f51a1ed1d2f145512197f7cd7be46d IP172.67.214.128:443
Requested byhttps://jacksonweidenbachjmo0j.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectbisniskini.biz.id FingerprintCB:C5:50:71:58:97:D7:6D:B9:8F:63:0E:B9:30:B7:87:1D:05:E2:5A ValiditySun, 14 Apr 2024 15:48:05 GMT - Sat, 13 Jul 2024 15:48:04 GMT
File typeASCII text, with very long lines (324), with no line terminators Hasha5223bd949f2c0cdc96de4974db4ec79 7977787c575e7b5678788568271f9bf82002e585 a9b2970fb5aed07e36c33570baad602b483d88387e237c5719e32edf30d28377
GET /get/site/js/d6f51a1ed1d2f145512197f7cd7be46d HTTP/1.1
Host: ads.bisniskini.biz.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jacksonweidenbachjmo0j.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 10:01:15 GMT
content-type: application/javascript
set-cookie: PHPSESSID=hkq8bnhmk7dce97ttlaguvfp1e; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oee7xWWVCf3%2FfYnDd%2FMRrqo5%2B2%2F8ZoCKSJE5iz5gJNWji1Jb9BZ28S3qMfpqKo1kc%2BjT3TU9Vig%2BMsDZ4UBKOV5JPJf5cH4pxmnpmJPm38xQsj4CbQw4IR3YdLboAis8JbX2fu5MCwg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e7a5fcd8dd56b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ads.bisniskini.biz.id/get/site/js/9049b3a33fc36afe5806bf92a1b0bc1f | 172.67.214.128 | 200 OK | 292 B |
URL GET HTTP/2ads.bisniskini.biz.id/get/site/js/9049b3a33fc36afe5806bf92a1b0bc1f IP172.67.214.128:443
Requested byhttps://jacksonweidenbachjmo0j.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectbisniskini.biz.id FingerprintCB:C5:50:71:58:97:D7:6D:B9:8F:63:0E:B9:30:B7:87:1D:05:E2:5A ValiditySun, 14 Apr 2024 15:48:05 GMT - Sat, 13 Jul 2024 15:48:04 GMT
File typeASCII text, with very long lines (322), with no line terminators Hashb46491487b041497fbac58f26d655e90 4b78053eb393eeb64df4da5cf4426e45e3a80bc7 65b4b67308bfe8f49ac80fab447934a007a1120bcf1b9004533310a7d484668b
GET /get/site/js/9049b3a33fc36afe5806bf92a1b0bc1f HTTP/1.1
Host: ads.bisniskini.biz.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jacksonweidenbachjmo0j.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 10:01:15 GMT
content-type: application/javascript
set-cookie: PHPSESSID=8cl15ld6g2b6q3s6tot8tjohgc; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q3%2BAEFjtgVYrtI2PQqAojmRLjQN4vYtrm2FBuaUuOAEjWulwCn1c6uQ9Pk3avkOcJcLuqw8yILbt5ux%2FrOnuqFMJ2rmhuYz0fgY85r1PVXwlNyAbFG2%2FkCt7%2BStDiP0XkYW53lierhI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e7a5fcd8ca56b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|