| klarrisawbriney.pages.dev/wp-content/themes/blogic/assets/loader/style-6.gif | 172.66.44.118 | 200 OK | 90 kB |
URL GET HTTP/3klarrisawbriney.pages.dev/wp-content/themes/blogic/assets/loader/style-6.gif IP172.66.44.118:443
Requested byhttps://klarrisawbriney.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectklarrisawbriney.pages.dev Fingerprint22:97:23:E0:BB:3C:38:DA:DD:42:A4:74:D1:99:36:D6:CE:85:60:80 ValidityThu, 09 May 2024 19:51:43 GMT - Wed, 07 Aug 2024 19:51:42 GMT
File typeGIF image data, version 89a, 328 x 330 Hashae96659d15108b8cef70b16b6e3284c0 9d75e66a80901f18a33281f016b1f2e988f417ef afbc2aaf1a512aabb64b23add647fcbbeb1864d3626f23ecddfb41d277417ccc
GET /wp-content/themes/blogic/assets/loader/style-6.gif HTTP/1.1
Host: klarrisawbriney.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://klarrisawbriney.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 13:40:33 GMT
content-type: image/gif
content-length: 90247
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "893d33d35c4795fc8a75dd4daecb4488"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KEiuIXPpulPdIDUjCZCic4gDmTY8m0%2Firq6WVUYkx%2Bu5y0UeeHVFQ3sQ2QipgQSTOjR49ELUJp2%2FEYLGO49bMdGqdCJInLuYKChrdsVyld27xLI7hT1ibM9Ac1sNuq6BYGjd4FvY2iHVYOCu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881a577c7d03b4f3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| klarrisawbriney.pages.dev/wp-content/themes/blogic/assets/js/custom.js?ver=1.0.1 | 172.66.44.118 | 200 OK | 1.6 kB |
URL GET HTTP/3klarrisawbriney.pages.dev/wp-content/themes/blogic/assets/js/custom.js?ver=1.0.1 IP172.66.44.118:443
Requested byhttps://klarrisawbriney.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectklarrisawbriney.pages.dev Fingerprint22:97:23:E0:BB:3C:38:DA:DD:42:A4:74:D1:99:36:D6:CE:85:60:80 ValidityThu, 09 May 2024 19:51:43 GMT - Wed, 07 Aug 2024 19:51:42 GMT
File typeJavaScript source, ASCII text, with CRLF line terminators Hashd1bb72e8965722fd9ec88a5f2b07fa2b 6f27c1b3772f5d15d6268fd68abde7c3ab9cbc2b 7c94d6fe4c76596c96d1d5bc33f537389ac13e9e0098e8f27ced7c9cb2737af5
GET /wp-content/themes/blogic/assets/js/custom.js?ver=1.0.1 HTTP/1.1
Host: klarrisawbriney.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://klarrisawbriney.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 13:40:33 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"c801e895d9cb8cd22e1dc2820de9237c"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XSAk4%2BDj7IyesyQSjtwHioIzytcEv2qMkKkjSkhf55ch25L2nSHPvH8dxvdh68l%2BH%2B1VpbKukPHWZHu1zsk%2FQfjnerUlg4xlAk3gNjYd%2BJGO33N4b3G6I40atFhtcxETUk%2BlU7rqn%2BuYbBto"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881a577c9d27b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| actressdoleful.com/c3/31/f5/c331f53d8cb1f5b6cb7f7b13f9d18a13.js | 192.243.61.225 | 200 OK | 31 kB |
URL GET HTTP/1.1actressdoleful.com/c3/31/f5/c331f53d8cb1f5b6cb7f7b13f9d18a13.js IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://klarrisawbriney.pages.dev/ CertificateIssuerLet's Encrypt Subjectactressdoleful.com Fingerprint2D:0E:60:B8:63:9F:B1:22:4F:1C:82:92:36:74:6A:09:CA:D4:58:8C ValiditySat, 23 Mar 2024 06:03:40 GMT - Fri, 21 Jun 2024 06:03:39 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hashe59c8f485e338b1690a51c39356442c6 346c8861e80da46e9fcd3905e8f35ac204de7e81 becb02d2c87f4784a20c4e46d76c47c4d921e1499c101ae870f0f3134e40b4da
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /c3/31/f5/c331f53d8cb1f5b6cb7f7b13f9d18a13.js HTTP/1.1
Host: actressdoleful.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://klarrisawbriney.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 13:40:34 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 118fa096afbbb0d71080551d9f78aae4
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| ocsp.r2m03.amazontrust.com/ | 54.230.218.11 | | 471 B |
URL ocsp.r2m03.amazontrust.com/ IP54.230.218.11:0
Hashc1ae368dfcd18c3fe0a38f18783ecfe1 591b78d8c937af6063def58fa5d376d07e7d005e 58ceb2cb03a41de3ae12171e7359276ed8fcbc1881b071c2783b782667cf124b
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Fri, 10 May 2024 13:40:34 GMT
Last-Modified: Fri, 10 May 2024 12:41:07 GMT
Server: ECAcc (ska/F73C)
X-Cache: Miss from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: UmEGA3oa0dKuM9cnbRlJ8bnon5-OqCheeStwZ53Cjawld20ykPyClQ==
Age: 3567
|
|
| klarrisawbriney.pages.dev/wp-content/fonts/muli/7Auwp_0qiz-afTLGLQ.woff2 | 172.66.44.118 | 200 OK | 33 kB |
URL GET HTTP/3klarrisawbriney.pages.dev/wp-content/fonts/muli/7Auwp_0qiz-afTLGLQ.woff2 IP172.66.44.118:443
Requested byhttps://klarrisawbriney.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectklarrisawbriney.pages.dev Fingerprint22:97:23:E0:BB:3C:38:DA:DD:42:A4:74:D1:99:36:D6:CE:85:60:80 ValidityThu, 09 May 2024 19:51:43 GMT - Wed, 07 Aug 2024 19:51:42 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 32796, version 1.0 Hashb2a264e3e87b58b54b76483238805a40 169d6f17c82024fe0cfc2d19884a14dae2ec0bdb f68d37d474952b1fbe30def1b69e63e79c46a70263433285783b69ac0107b929
GET /wp-content/fonts/muli/7Auwp_0qiz-afTLGLQ.woff2 HTTP/1.1
Host: klarrisawbriney.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://klarrisawbriney.pages.dev/wp-content/fonts/cdb5aea3271d50d796723b2acf22deac.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 13:40:34 GMT
content-type: font/woff2
content-length: 32796
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "a78da580266133af49da6aab32d3d90e"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dR6yonPwNkwYopzZmflELacRiKQA2x%2F3zsbdI4ZFyLYAajcAOok68VrvV%2Fx%2Botky9vI9DhTr1%2FC4ar2cw6vasNrUkHC0LB4yksoenCqQM6ln08txwhFX9iRZj38cvO3UJ%2BQSIy8GKtowoRdY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881a57836f0eb4f3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| klarrisawbriney.pages.dev/wp-content/fonts/muli/7Auwp_0qiz-afTLGLQ.woff2 | 172.66.44.118 | 200 OK | 33 kB |
URL GET HTTP/3klarrisawbriney.pages.dev/wp-content/fonts/muli/7Auwp_0qiz-afTLGLQ.woff2 IP172.66.44.118:443
Requested byhttps://klarrisawbriney.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectklarrisawbriney.pages.dev Fingerprint22:97:23:E0:BB:3C:38:DA:DD:42:A4:74:D1:99:36:D6:CE:85:60:80 ValidityThu, 09 May 2024 19:51:43 GMT - Wed, 07 Aug 2024 19:51:42 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 32796, version 1.0 Hashb2a264e3e87b58b54b76483238805a40 169d6f17c82024fe0cfc2d19884a14dae2ec0bdb f68d37d474952b1fbe30def1b69e63e79c46a70263433285783b69ac0107b929
GET /wp-content/fonts/muli/7Auwp_0qiz-afTLGLQ.woff2 HTTP/1.1
Host: klarrisawbriney.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://klarrisawbriney.pages.dev/wp-content/fonts/cdb5aea3271d50d796723b2acf22deac.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 13:40:34 GMT
content-type: font/woff2
content-length: 32796
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "a78da580266133af49da6aab32d3d90e"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YcmCumuM3oQDtWTp7KndNj0M8woh%2FDHFsfU5DiNyC2B5xIoFgukw3mHtuEhLBkX4Y3YyfeUTv9fWiVPnQDGHyajeAsuxsJ4xXhh1WYhC%2BJRenolDfr9iMwhwJ0s8IohkbdzcJ4i4Wyi%2FbGlq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881a57836f18b4f3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| proftrafficcounter.com/stats | 3.124.83.201 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP3.124.83.201:443
Requested byhttps://klarrisawbriney.pages.dev/ CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash0f3127753ce1d4233372ea2cb21b23d0 8eb837792de5dec8d656f2ff9e65208276ca3d09 d161728d817b17d6647d3888682b83e7dc669fc13dd5dcabaea89db61013f945
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://klarrisawbriney.pages.dev/
Origin: https://klarrisawbriney.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 13:40:34 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://klarrisawbriney.pages.dev
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=03f2c65f-49d5-4fb7-9a5d-2318c1b34b49:2:1; expires=Mon, 08 May 2034 13:40:34 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| klarrisawbriney.pages.dev/wp-content/themes/blogic/assets/webfonts/fa-solid-900.woff2 | 172.66.44.118 | 200 OK | 78 kB |
URL GET HTTP/3klarrisawbriney.pages.dev/wp-content/themes/blogic/assets/webfonts/fa-solid-900.woff2 IP172.66.44.118:443
Requested byhttps://klarrisawbriney.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectklarrisawbriney.pages.dev Fingerprint22:97:23:E0:BB:3C:38:DA:DD:42:A4:74:D1:99:36:D6:CE:85:60:80 ValidityThu, 09 May 2024 19:51:43 GMT - Wed, 07 Aug 2024 19:51:42 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 78268, version 331.-31196 Hashd824df7eb2e268626a2dd9a6a741ac4e 0ccb2c814a7e4ca12c4778821633809cb0361eaa 9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
GET /wp-content/themes/blogic/assets/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: klarrisawbriney.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://klarrisawbriney.pages.dev/wp-content/themes/blogic/assets/css/fontawesome.css?ver=1.8.0
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 13:40:34 GMT
content-type: font/woff2
content-length: 78268
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "079a3d5bc90bae0b701fb4f0471943d6"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N6RXjkaA2ztN6yn81HntSmBDii0oEjBb6QTawTnSlv6VTfAvLDdmK2zlBancrCLrlY7vJL%2FzPGsjrPv7gSx7n%2BZZRSSUuk%2BfHODbN0s6gTvLBRubL9lkwMkfyvnzm9QxrJ%2BDkl0%2FU%2B2j%2B9%2Bz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881a57837f2db4f3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| klarrisawbriney.pages.dev/wp-content/fonts/roboto/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 172.66.44.118 | 200 OK | 16 kB |
URL GET HTTP/3klarrisawbriney.pages.dev/wp-content/fonts/roboto/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP172.66.44.118:443
Requested byhttps://klarrisawbriney.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectklarrisawbriney.pages.dev Fingerprint22:97:23:E0:BB:3C:38:DA:DD:42:A4:74:D1:99:36:D6:CE:85:60:80 ValidityThu, 09 May 2024 19:51:43 GMT - Wed, 07 Aug 2024 19:51:42 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0 Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /wp-content/fonts/roboto/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: klarrisawbriney.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://klarrisawbriney.pages.dev/wp-content/fonts/cdb5aea3271d50d796723b2acf22deac.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 13:40:34 GMT
content-type: font/woff2
content-length: 15860
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "327f51cb3be108945dba1bcce6ce309d"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tFKkd3orPF6Gj2OQeE6ApWDhgnIbGPIUz188vxv2oRDNCmyAqe7FjBeTyiZ4eAYmgPtf3AA5gRs5myKZ7giUjH6crFr2koDHOWxOYAGlTdkEVOUmwMADkJU8Zx5a3iJEZqss8tpVZiCs4RAj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881a57838f36b4f3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| actressdoleful.com/47e256568502d808b0f4997433da285b/invoke.js | 192.243.61.225 | 200 OK | 12 kB |
URL GET HTTP/1.1actressdoleful.com/47e256568502d808b0f4997433da285b/invoke.js IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://klarrisawbriney.pages.dev/ CertificateIssuerLet's Encrypt Subjectactressdoleful.com Fingerprint2D:0E:60:B8:63:9F:B1:22:4F:1C:82:92:36:74:6A:09:CA:D4:58:8C ValiditySat, 23 Mar 2024 06:03:40 GMT - Fri, 21 Jun 2024 06:03:39 GMT
File typeJavaScript source, ASCII text, with very long lines (31357), with no line terminators Hash29b2012b72e1dcb969a87052fe7367de ffb4b438d64e8f67aa9f35fc08b9516fdb5c442b fd42733a8e631fa7e1ce4f9899c4e6a083280d7103f730d9a8cdf58d6322ad7f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /47e256568502d808b0f4997433da285b/invoke.js HTTP/1.1
Host: actressdoleful.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://klarrisawbriney.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 13:40:34 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: abfe4647d171847bc0f4161381059fdc
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| proftrafficcounter.com/stats | 3.124.83.201 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP3.124.83.201:443
Requested byhttps://klarrisawbriney.pages.dev/ CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash0f3127753ce1d4233372ea2cb21b23d0 8eb837792de5dec8d656f2ff9e65208276ca3d09 d161728d817b17d6647d3888682b83e7dc669fc13dd5dcabaea89db61013f945
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://klarrisawbriney.pages.dev/
Origin: https://klarrisawbriney.pages.dev
DNT: 1
Connection: keep-alive
Cookie: uid_id2=03f2c65f-49d5-4fb7-9a5d-2318c1b34b49:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 10 May 2024 13:40:34 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://klarrisawbriney.pages.dev
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2
|
|
| abodedistributionpan.com/pixel/purst?dl=0&th=0&sc=0&rs=1480&rd=1480&fd=996&bv=24.5.6485&tmpl=70 | 172.240.127.234 | 200 OK | 0 B |
URL GET HTTP/1.1abodedistributionpan.com/pixel/purst?dl=0&th=0&sc=0&rs=1480&rd=1480&fd=996&bv=24.5.6485&tmpl=70 IP172.240.127.234:443
Requested byhttps://klarrisawbriney.pages.dev/ CertificateIssuerLet's Encrypt Subjectabodedistributionpan.com Fingerprint0A:F0:49:46:E9:89:77:CB:6E:7E:0C:A3:C6:E1:22:CA:19:69:A4:DC ValidityMon, 06 May 2024 08:18:50 GMT - Sun, 04 Aug 2024 08:18:49 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/purst?dl=0&th=0&sc=0&rs=1480&rd=1480&fd=996&bv=24.5.6485&tmpl=70 HTTP/1.1
Host: abodedistributionpan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://klarrisawbriney.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 13:40:34 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| criticizewiggle.com/watch.155213812675.js?key=47e256568502d808b0f4997433da285b&kw=%5B%22daisi%22%2C%22celeste%22%2C%22-%22%2C%22explore%22%2C%22ideas%22%2C%22tips%22%2C%22guide%22%2C%22and%22%2C%22info%22%2C%22daisi%22%2C%22celeste%22%5D&refer=https%3A%2F%2Fklarrisawbriney.pages.dev%2F&tz=0&dev=e&res=14.2071&uuid=03f2c65f-49d5-4fb7-9a5d-2318c1b34b49%3A2%3A1 | 192.243.61.225 | 307 Temporary Redirect | 0 B |
URL GET HTTP/1.1criticizewiggle.com/watch.155213812675.js?key=47e256568502d808b0f4997433da285b&kw=%5B%22daisi%22%2C%22celeste%22%2C%22-%22%2C%22explore%22%2C%22ideas%22%2C%22tips%22%2C%22guide%22%2C%22and%22%2C%22info%22%2C%22daisi%22%2C%22celeste%22%5D&refer=https%3A%2F%2Fklarrisawbriney.pages.dev%2F&tz=0&dev=e&res=14.2071&uuid=03f2c65f-49d5-4fb7-9a5d-2318c1b34b49%3A2%3A1 IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://klarrisawbriney.pages.dev/ CertificateIssuerLet's Encrypt Subjectcriticizewiggle.com FingerprintC8:8E:FD:EE:69:F8:E7:66:FB:24:08:6A:D6:14:8D:CE:FD:6C:A0:A1 ValidityMon, 29 Apr 2024 13:11:26 GMT - Sun, 28 Jul 2024 13:11:25 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /watch.155213812675.js?key=47e256568502d808b0f4997433da285b&kw=%5B%22daisi%22%2C%22celeste%22%2C%22-%22%2C%22explore%22%2C%22ideas%22%2C%22tips%22%2C%22guide%22%2C%22and%22%2C%22info%22%2C%22daisi%22%2C%22celeste%22%5D&refer=https%3A%2F%2Fklarrisawbriney.pages.dev%2F&tz=0&dev=e&res=14.2071&uuid=03f2c65f-49d5-4fb7-9a5d-2318c1b34b49%3A2%3A1 HTTP/1.1
Host: criticizewiggle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://klarrisawbriney.pages.dev/
Origin: https://klarrisawbriney.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Fri, 10 May 2024 13:40:35 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://klarrisawbriney.pages.dev
Access-Control-Allow-Origin: https://klarrisawbriney.pages.dev
Access-Control-Allow-Credentials: true
Location: https://criticizewiggle.com/watch.155213812675.js?dev=e&key=47e256568502d808b0f4997433da285b&kw=%5B%22daisi%22%2C%22celeste%22%2C%22-%22%2C%22explore%22%2C%22ideas%22%2C%22tips%22%2C%22guide%22%2C%22and%22%2C%22info%22%2C%22daisi%22%2C%22celeste%22%5D&pst=1715348495&refer=https%3A%2F%2Fklarrisawbriney.pages.dev%2F&res=14.2071&rmtc=t&shu=373d5ce64bc0450689919c0c1d10f36fb322c5fcf2b9060cf2362736929cfbe1fe69bd09af6894cedbd84e525f8b06aa8c5faa415d1a5015b443011d3dfdf42c117b487c8713a3d5f52cb86ad097d37075d8ad93d93dc5a7557ddbf907d5d9&tz=0&uuid=03f2c65f-49d5-4fb7-9a5d-2318c1b34b49%3A2%3A1
Set-Cookie: u_pl=16337114; expires=Sat, 11 May 2024 13:40:35 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjMzNzExNCwiayI6IjQ3ZTI1NjU2ODUwMmQ4MDhiMGY0OTk3NDMzZGEyODViIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzg0OTA0LCJwaWQiOjk1ODkzLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjMsImFpZCI6NSwicHQiOjQsInBrIjoicGt6Z2Rpc2RzIiwiY3BrcyI6eyIyOCI6IjM3ZWIzYzg4MDE5Yjg1OGZhYWZhMmZiMWQ5ODIwNDRlIiwiMjkiOiI3NmIxZTYwYTA3NzQxMTA2YWI1NTFjODE4Njc5MTIzOCJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9rbGFycmlzYXdicmluZXkucGFnZXMuZGV2LyIsImFyIjpbXX19.2BHH4QhMUPPl1ZuEDXdfrO1w-8e67M6uGckj-5QOl2E; expires=Fri, 10 May 2024 13:41:35 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 87b06e782c3f2da845df70a4fb4a2155
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| criticizewiggle.com/watch.155213812675.js?dev=e&key=47e256568502d808b0f4997433da285b&kw=%5B%22daisi%22%2C%22celeste%22%2C%22-%22%2C%22explore%22%2C%22ideas%22%2C%22tips%22%2C%22guide%22%2C%22and%22%2C%22info%22%2C%22daisi%22%2C%22celeste%22%5D&pst=1715348495&refer=https%3A%2F%2Fklarrisawbriney.pages.dev%2F&res=14.2071&rmtc=t&shu=373d5ce64bc0450689919c0c1d10f36fb322c5fcf2b9060cf2362736929cfbe1fe69bd09af6894cedbd84e525f8b06aa8c5faa415d1a5015b443011d3dfdf42c117b487c8713a3d5f52cb86ad097d37075d8ad93d93dc5a7557ddbf907d5d9&tz=0&uuid=03f2c65f-49d5-4fb7-9a5d-2318c1b34b49%3A2%3A1 | 192.243.61.225 | 200 OK | 2.0 kB |
URL GET HTTP/1.1criticizewiggle.com/watch.155213812675.js?dev=e&key=47e256568502d808b0f4997433da285b&kw=%5B%22daisi%22%2C%22celeste%22%2C%22-%22%2C%22explore%22%2C%22ideas%22%2C%22tips%22%2C%22guide%22%2C%22and%22%2C%22info%22%2C%22daisi%22%2C%22celeste%22%5D&pst=1715348495&refer=https%3A%2F%2Fklarrisawbriney.pages.dev%2F&res=14.2071&rmtc=t&shu=373d5ce64bc0450689919c0c1d10f36fb322c5fcf2b9060cf2362736929cfbe1fe69bd09af6894cedbd84e525f8b06aa8c5faa415d1a5015b443011d3dfdf42c117b487c8713a3d5f52cb86ad097d37075d8ad93d93dc5a7557ddbf907d5d9&tz=0&uuid=03f2c65f-49d5-4fb7-9a5d-2318c1b34b49%3A2%3A1 IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://klarrisawbriney.pages.dev/ CertificateIssuerLet's Encrypt Subjectcriticizewiggle.com FingerprintC8:8E:FD:EE:69:F8:E7:66:FB:24:08:6A:D6:14:8D:CE:FD:6C:A0:A1 ValidityMon, 29 Apr 2024 13:11:26 GMT - Sun, 28 Jul 2024 13:11:25 GMT
File typeJavaScript source, ASCII text, with very long lines (2469) Hashea85dc3d5a8e161db618480df85a63ad 65b61add789983c62d30c158437deba980effa22 21ae298b2a2d913e9cab6d90e1784bc35594ef531955f4c1e9d44601626ac703
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /watch.155213812675.js?dev=e&key=47e256568502d808b0f4997433da285b&kw=%5B%22daisi%22%2C%22celeste%22%2C%22-%22%2C%22explore%22%2C%22ideas%22%2C%22tips%22%2C%22guide%22%2C%22and%22%2C%22info%22%2C%22daisi%22%2C%22celeste%22%5D&pst=1715348495&refer=https%3A%2F%2Fklarrisawbriney.pages.dev%2F&res=14.2071&rmtc=t&shu=373d5ce64bc0450689919c0c1d10f36fb322c5fcf2b9060cf2362736929cfbe1fe69bd09af6894cedbd84e525f8b06aa8c5faa415d1a5015b443011d3dfdf42c117b487c8713a3d5f52cb86ad097d37075d8ad93d93dc5a7557ddbf907d5d9&tz=0&uuid=03f2c65f-49d5-4fb7-9a5d-2318c1b34b49%3A2%3A1 HTTP/1.1
Host: criticizewiggle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://klarrisawbriney.pages.dev
Referer: https://klarrisawbriney.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: u_pl=16337114; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjMzNzExNCwiayI6IjQ3ZTI1NjU2ODUwMmQ4MDhiMGY0OTk3NDMzZGEyODViIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzg0OTA0LCJwaWQiOjk1ODkzLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjMsImFpZCI6NSwicHQiOjQsInBrIjoicGt6Z2Rpc2RzIiwiY3BrcyI6eyIyOCI6IjM3ZWIzYzg4MDE5Yjg1OGZhYWZhMmZiMWQ5ODIwNDRlIiwiMjkiOiI3NmIxZTYwYTA3NzQxMTA2YWI1NTFjODE4Njc5MTIzOCJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9rbGFycmlzYXdicmluZXkucGFnZXMuZGV2LyIsImFyIjpbXX19.2BHH4QhMUPPl1ZuEDXdfrO1w-8e67M6uGckj-5QOl2E
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 13:40:35 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://klarrisawbriney.pages.dev
Access-Control-Allow-Origin: https://klarrisawbriney.pages.dev
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=03f2c65f-49d5-4fb7-9a5d-2318c1b34b49:2:1; expires=Fri, 17 May 2024 13:40:35 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 11 May 2024 13:40:35 GMT; secure; SameSite=None
uncs=1; expires=Sat, 11 May 2024 13:40:35 GMT; secure; SameSite=None
pdhtkv5=true; expires=Sat, 11 May 2024 13:40:35 GMT; secure; SameSite=None
uncs5=1; expires=Sat, 11 May 2024 13:40:35 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a253d8dba9556085c97bdefe615cc8f2
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| klarrisawbriney.pages.dev/wp-content/themes/blogic/assets/js/navigation.js?ver=1.0.1 | 172.66.44.118 | 200 OK | 6.6 kB |
URL GET HTTP/3klarrisawbriney.pages.dev/wp-content/themes/blogic/assets/js/navigation.js?ver=1.0.1 IP172.66.44.118:443
Requested byhttps://klarrisawbriney.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectklarrisawbriney.pages.dev Fingerprint22:97:23:E0:BB:3C:38:DA:DD:42:A4:74:D1:99:36:D6:CE:85:60:80 ValidityThu, 09 May 2024 19:51:43 GMT - Wed, 07 Aug 2024 19:51:42 GMT
File typeASCII text, with CRLF line terminators Hash6345329ae0a43bbbc781658a48064072 3deac4942970004c7bfd51dc2e68dd4d59ce41db 4f5cae0ba90fd633e411009efe47444bac6942a381e0a633771e7baf2b5805dd
GET /wp-content/themes/blogic/assets/js/navigation.js?ver=1.0.1 HTTP/1.1
Host: klarrisawbriney.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://klarrisawbriney.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 13:40:33 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"9915a44cc8bdd476cd4da683d8533e09"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TAWh9137Y3FHjgAw%2Fla9seVDIO9tXQPhsKkN3zC6Bc2UMqH85bLJ6284LnTz6NPPuY2d1Y42tJekcDj4bnHxjbgFsoUoID08CGCmiR3PvckgRAah5xb%2BaRnEZNtDigtCYZiX5qFhyfw4T9x9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881a577c8d1cb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| downstairsnegotiatebarren.com/sfp.js | 188.114.96.1 | 200 OK | 34 kB |
URL GET HTTP/3downstairsnegotiatebarren.com/sfp.js IP188.114.96.1:443
Requested byhttps://klarrisawbriney.pages.dev/ CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint5D:DB:CB:C6:CE:2A:8B:34:7D:BC:43:74:33:1D:5F:77:48:F7:BC:1B ValidityThu, 02 May 2024 21:26:34 GMT - Wed, 31 Jul 2024 21:26:33 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators Hashf4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://klarrisawbriney.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 13:40:34 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 2d6537a1969869444cf625898815b199
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Fri, 10 May 2024 13:40:34 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6cJ66Kf6sQdfQFxOmBPAKFZcE1rFPvXNj5oiq0%2BXR6U3FqlwuRxvpiPSiT5w1UJHAVaUy8hrW9pm3eS4CBLPg8%2FM48Plb6NyD8JkiafPJVRegxiLI5rzbD5WjT%2BZ5fbPs7Dno3tZs3Sy2NitOtA7Vw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881a57834fee56cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| criticizewiggle.com/76/b1/e6/76b1e60a07741106ab551c8186791238.js | 192.243.61.225 | 200 OK | 16 kB |
URL GET HTTP/1.1criticizewiggle.com/76/b1/e6/76b1e60a07741106ab551c8186791238.js IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://klarrisawbriney.pages.dev/ CertificateIssuerLet's Encrypt Subjectcriticizewiggle.com FingerprintC8:8E:FD:EE:69:F8:E7:66:FB:24:08:6A:D6:14:8D:CE:FD:6C:A0:A1 ValidityMon, 29 Apr 2024 13:11:26 GMT - Sun, 28 Jul 2024 13:11:25 GMT
File typeJavaScript source, ASCII text, with very long lines (44057), with no line terminators Hashd7995f2fb51987735b15afbc791ed75f cd22d33115f94568fc26a0201a17aaad5bd3e8c8 4f9491f941876f7d6c283accd4f26d9a1400385758d17f3b01f7bd5d74299ccc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /76/b1/e6/76b1e60a07741106ab551c8186791238.js HTTP/1.1
Host: criticizewiggle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://klarrisawbriney.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 13:40:35 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b89f7b117a143128b33d8a3556bd52ce
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| capaciousdrewreligion.com/advertisers.js | 172.240.253.132 | 200 OK | 0 B |
URL GET HTTP/1.1capaciousdrewreligion.com/advertisers.js IP172.240.253.132:443
Requested byhttps://klarrisawbriney.pages.dev/ CertificateIssuerLet's Encrypt Subjectcapaciousdrewreligion.com FingerprintBB:9C:12:88:24:43:D4:47:71:3F:F0:A4:BB:E1:85:65:CE:E7:92:E4 ValidityMon, 06 May 2024 02:35:23 GMT - Sun, 04 Aug 2024 02:35:22 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /advertisers.js HTTP/1.1
Host: capaciousdrewreligion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://klarrisawbriney.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 13:40:35 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: cd23dc2e2585441e3d7359e0ba371a6b
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| cdn.cloudimagesb.com/cti/6c/d9/14/6cd91448da7899cc6ea002250b1e662c/1708270272.jpg | 45.133.44.10 | 200 OK | 87 kB |
URL GET HTTP/2cdn.cloudimagesb.com/cti/6c/d9/14/6cd91448da7899cc6ea002250b1e662c/1708270272.jpg IP45.133.44.10:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://klarrisawbriney.pages.dev/ CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 24.5 (Windows), datetime=2024:02:16 15:10:10], progressive, precision 8, 300x250, components 3 Hash18c244854d43934c150dd0ca6b68a93b 56638de980812f54155699186dd04b19c29ebfd0 82951572f360d99180c429e813caf341dc5456524cbf0ec4c4f85dc9e4a9c3fa
GET /cti/6c/d9/14/6cd91448da7899cc6ea002250b1e662c/1708270272.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 13:40:35 GMT
content-type: image/jpeg
content-length: 87019
server: nginx/1.21.6
last-modified: Sun, 18 Feb 2024 15:31:21 GMT
etag: "65d222c9-153eb"
expires: Sun, 12 May 2024 13:40:35 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| customarydesolate.com/sbar.json?key=76b1e60a07741106ab551c8186791238&uuid=03f2c65f-49d5-4fb7-9a5d-2318c1b34b49%3A2%3A1 | 172.240.108.68 | 200 OK | 6.0 kB |
URL GET HTTP/1.1customarydesolate.com/sbar.json?key=76b1e60a07741106ab551c8186791238&uuid=03f2c65f-49d5-4fb7-9a5d-2318c1b34b49%3A2%3A1 IP172.240.108.68:443
Requested byhttps://klarrisawbriney.pages.dev/ CertificateIssuerLet's Encrypt Subjectcustomarydesolate.com Fingerprint00:D2:0D:86:8E:FB:C8:79:46:C6:0E:E5:71:C7:50:AC:0E:C1:D1:F8 ValidityMon, 06 May 2024 08:18:02 GMT - Sun, 04 Aug 2024 08:18:01 GMT
Hash71de452073298b4aa8a572fd430b17d3 c624324f63624d0777334c1d2c47b950d024cf7e 9f275a4dda783c32420e50a4b7e0f011285cd096ba06c71401a5b1473e349f78
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /sbar.json?key=76b1e60a07741106ab551c8186791238&uuid=03f2c65f-49d5-4fb7-9a5d-2318c1b34b49%3A2%3A1 HTTP/1.1
Host: customarydesolate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://klarrisawbriney.pages.dev/
Origin: https://klarrisawbriney.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 13:40:36 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://klarrisawbriney.pages.dev
Access-Control-Allow-Origin: https://klarrisawbriney.pages.dev
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=22919410; expires=Sat, 11 May 2024 13:40:36 GMT; secure; SameSite=None
uid_id2=03f2c65f-49d5-4fb7-9a5d-2318c1b34b49:2:1; expires=Fri, 17 May 2024 13:40:36 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 11 May 2024 13:40:36 GMT; secure; SameSite=None
uncs=1; expires=Sat, 11 May 2024 13:40:36 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sat, 11 May 2024 13:40:36 GMT; secure; SameSite=None
uncs29=1; expires=Sat, 11 May 2024 13:40:36 GMT; secure; SameSite=None
slec76b1e60a07741106ab551c8186791238=[5210994,5210995]; expires=Fri, 10 May 2024 13:40:41 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 21d8dd0bc7783ea9ab7e999628172f87
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| klarrisawbriney.pages.dev/favicon.ico | 172.66.44.118 | 200 OK | 10 kB |
URL GET HTTP/3klarrisawbriney.pages.dev/favicon.ico IP172.66.44.118:443
Requested byhttps://klarrisawbriney.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectklarrisawbriney.pages.dev Fingerprint22:97:23:E0:BB:3C:38:DA:DD:42:A4:74:D1:99:36:D6:CE:85:60:80 ValidityThu, 09 May 2024 19:51:43 GMT - Wed, 07 Aug 2024 19:51:42 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (9612), with CRLF, LF line terminators Hashb5386cd8ffd2451203fcce13ae3949f8 2cf601279fe4550a0846e0826cf7b085ee8cfd9a af2d6acbb11be2a02925f5c80b6adacf248d06f9a677976f9097a7212573cc45
GET /favicon.ico HTTP/1.1
Host: klarrisawbriney.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://klarrisawbriney.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=03f2c65f-49d5-4fb7-9a5d-2318c1b34b49%3A2%3A1; pp_main_c331f53d8cb1f5b6cb7f7b13f9d18a13=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 13:40:35 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"9a2cff753c054d9d76aa125ffec18155"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nM3keXr8yK7kR6EB1rR1rzPQxBT%2BzIJx%2FElFzZH5X2%2FXWbPJMeDUHwuw9ctty6WhkOaZvAootsp1zTGIajv75O5bIokBNaNbQgGGfo0OWc4MGybC9ibAVmkpxbA7BUqjwENbpHxEQToGq7bG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881a578a8959b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| customarydesolate.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRitnuzNgz%2FEkwgjelDIznb1zHTPGDAYk5XgJhsTRUFFqruqJ%2BVWdzVV%2FTOZi8GA5DgI4rX3zSbBGERvuZjIbEBhQcjoZQ%2FuyaMHfyAnDzKTwcXv0N%2F39XsFr96rT7eLA%2BKhYPunzuqRVIqtdVtu88V3KT3e3JBpMWwOe%2F6Hfud405Qv9%2F2W%2B1LzdRFt6TXPpa5LXdpcl0bEerg2ByGz233a6rutjtei3Q6G5v%2B7LRxY5oCXB%2BQpSD5bue8chYymSJNvTgm7levs2OmkUCzXBiW%2F%2BXa6leoqRXI4xsZBnN5csqHtg%2FW70On1hVzo8j9iKGfE%2BeEuwvTmUiTCcmehM1QQKUL%2BGKpyCqGmkGyKSF%2BF5A8IEHGc20Sa3DinTcUuP0LZHJ2RlYd%2FQ1YzsvLrUaTJ1yeVHDYvalXkUqcWw7iGHE4hB1NkxS7yUQOy2kWUfwLJfyJrDzeQJjubVmlIvv%2BC2469yO%2FGq50%2B76524jBY7bMuX%2FXatBfRsN0JO%2F2FQVJOIeMplBiD2QYK66CQDorYQZE5SPh%2BM6KUBi6PmNvrR1GbByL0uUtZEFNGXb%2BHIprfYYw8GyNSY0TmCjJzBVtyDFN8D3uphuUN2HxGnDc%2FRslrVIKgsgQVI6gkQZUTVGV9nSvr2foGV7YI6bJ7y96uJzofbLPrOh%2BIlICZMQyvt7MD8uTcROeDO39hS%2Bw3Az%2BkwneZGwQdSl2fhd0ujXq05wd96rV7sLKGtA0w62AkZ%2BTp535ENg%2B2%2FBwh24VVu4jkEbDiWbCqBrtUY5TeiVgilJJsZJhVrJWxgbAtLkpwXSPLV5BfdrbVAXlmEenmVQMR7Z3454nw7OzPW4hMjczU%2BEjeJxioa5MLuiI7F3RlybebWS4TOWLzuC%2FmLBcrt94Qlytt%2BJlTdvzlq9EcmI%2B33xI232Apl%2BnAkq9OSs6FWdcmEuS7M%2FYdEZ4v7KWThUmLbOP8a%2BtnkswIa6VOp2DywekvEMkZefze%2B4t3fOy93yDNFKaokRR7ZFmQehdRdgU22zvx%2B1K91QRGHXLCzEFV1BPjhYc%2FlSRQ4nBnYQ0rDi0Ixd69Px5hE8Pmp5mst%2B01DEwDLL%2BKNKlRmhqlqsHUGLY4Mskzs3fi5%2FaiEKrGJFSmsRMqoz5bmDz%2FWFi53wzabZf5%2FS4NAiaCsOP1Yp9yxryO7%2Fk%2BayO3s%2FiV53%2F5FwAA%2F%2F8BAAD%2F%2F%2Bq7NlihBAAA | 172.240.108.68 | 200 OK | 7 B |
URL GET HTTP/1.1customarydesolate.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRitnuzNgz%2FEkwgjelDIznb1zHTPGDAYk5XgJhsTRUFFqruqJ%2BVWdzVV%2FTOZi8GA5DgI4rX3zSbBGERvuZjIbEBhQcjoZQ%2FuyaMHfyAnDzKTwcXv0N%2F39XsFr96rT7eLA%2BKhYPunzuqRVIqtdVtu88V3KT3e3JBpMWwOe%2F6Hfud405Qv9%2F2W%2B1LzdRFt6TXPpa5LXdpcl0bEerg2ByGz233a6rutjtei3Q6G5v%2B7LRxY5oCXB%2BQpSD5bue8chYymSJNvTgm7levs2OmkUCzXBiW%2F%2BXa6leoqRXI4xsZBnN5csqHtg%2FW70On1hVzo8j9iKGfE%2BeEuwvTmUiTCcmehM1QQKUL%2BGKpyCqGmkGyKSF%2BF5A8IEHGc20Sa3DinTcUuP0LZHJ2RlYd%2FQ1YzsvLrUaTJ1yeVHDYvalXkUqcWw7iGHE4hB1NkxS7yUQOy2kWUfwLJfyJrDzeQJjubVmlIvv%2BC2469yO%2FGq50%2B76524jBY7bMuX%2FXatBfRsN0JO%2F2FQVJOIeMplBiD2QYK66CQDorYQZE5SPh%2BM6KUBi6PmNvrR1GbByL0uUtZEFNGXb%2BHIprfYYw8GyNSY0TmCjJzBVtyDFN8D3uphuUN2HxGnDc%2FRslrVIKgsgQVI6gkQZUTVGV9nSvr2foGV7YI6bJ7y96uJzofbLPrOh%2BIlICZMQyvt7MD8uTcROeDO39hS%2Bw3Az%2BkwneZGwQdSl2fhd0ujXq05wd96rV7sLKGtA0w62AkZ%2BTp535ENg%2B2%2FBwh24VVu4jkEbDiWbCqBrtUY5TeiVgilJJsZJhVrJWxgbAtLkpwXSPLV5BfdrbVAXlmEenmVQMR7Z3454nw7OzPW4hMjczU%2BEjeJxioa5MLuiI7F3RlybebWS4TOWLzuC%2FmLBcrt94Qlytt%2BJlTdvzlq9EcmI%2B33xI232Apl%2BnAkq9OSs6FWdcmEuS7M%2FYdEZ4v7KWThUmLbOP8a%2BtnkswIa6VOp2DywekvEMkZefze%2B4t3fOy93yDNFKaokRR7ZFmQehdRdgU22zvx%2B1K91QRGHXLCzEFV1BPjhYc%2FlSRQ4nBnYQ0rDi0Ixd69Px5hE8Pmp5mst%2B01DEwDLL%2BKNKlRmhqlqsHUGLY4Mskzs3fi5%2FaiEKrGJFSmsRMqoz5bmDz%2FWFi53wzabZf5%2FS4NAiaCsOP1Yp9yxryO7%2Fk%2BayO3s%2FiV53%2F5FwAA%2F%2F8BAAD%2F%2F%2Bq7NlihBAAA IP172.240.108.68:443
Requested byhttps://klarrisawbriney.pages.dev/ CertificateIssuerLet's Encrypt Subjectcustomarydesolate.com Fingerprint00:D2:0D:86:8E:FB:C8:79:46:C6:0E:E5:71:C7:50:AC:0E:C1:D1:F8 ValidityMon, 06 May 2024 08:18:02 GMT - Sun, 04 Aug 2024 08:18:01 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRitnuzNgz%2FEkwgjelDIznb1zHTPGDAYk5XgJhsTRUFFqruqJ%2BVWdzVV%2FTOZi8GA5DgI4rX3zSbBGERvuZjIbEBhQcjoZQ%2FuyaMHfyAnDzKTwcXv0N%2F39XsFr96rT7eLA%2BKhYPunzuqRVIqtdVtu88V3KT3e3JBpMWwOe%2F6Hfud405Qv9%2F2W%2B1LzdRFt6TXPpa5LXdpcl0bEerg2ByGz233a6rutjtei3Q6G5v%2B7LRxY5oCXB%2BQpSD5bue8chYymSJNvTgm7levs2OmkUCzXBiW%2F%2BXa6leoqRXI4xsZBnN5csqHtg%2FW70On1hVzo8j9iKGfE%2BeEuwvTmUiTCcmehM1QQKUL%2BGKpyCqGmkGyKSF%2BF5A8IEHGc20Sa3DinTcUuP0LZHJ2RlYd%2FQ1YzsvLrUaTJ1yeVHDYvalXkUqcWw7iGHE4hB1NkxS7yUQOy2kWUfwLJfyJrDzeQJjubVmlIvv%2BC2469yO%2FGq50%2B76524jBY7bMuX%2FXatBfRsN0JO%2F2FQVJOIeMplBiD2QYK66CQDorYQZE5SPh%2BM6KUBi6PmNvrR1GbByL0uUtZEFNGXb%2BHIprfYYw8GyNSY0TmCjJzBVtyDFN8D3uphuUN2HxGnDc%2FRslrVIKgsgQVI6gkQZUTVGV9nSvr2foGV7YI6bJ7y96uJzofbLPrOh%2BIlICZMQyvt7MD8uTcROeDO39hS%2Bw3Az%2BkwneZGwQdSl2fhd0ujXq05wd96rV7sLKGtA0w62AkZ%2BTp535ENg%2B2%2FBwh24VVu4jkEbDiWbCqBrtUY5TeiVgilJJsZJhVrJWxgbAtLkpwXSPLV5BfdrbVAXlmEenmVQMR7Z3454nw7OzPW4hMjczU%2BEjeJxioa5MLuiI7F3RlybebWS4TOWLzuC%2FmLBcrt94Qlytt%2BJlTdvzlq9EcmI%2B33xI232Apl%2BnAkq9OSs6FWdcmEuS7M%2FYdEZ4v7KWThUmLbOP8a%2BtnkswIa6VOp2DywekvEMkZefze%2B4t3fOy93yDNFKaokRR7ZFmQehdRdgU22zvx%2B1K91QRGHXLCzEFV1BPjhYc%2FlSRQ4nBnYQ0rDi0Ixd69Px5hE8Pmp5mst%2B01DEwDLL%2BKNKlRmhqlqsHUGLY4Mskzs3fi5%2FaiEKrGJFSmsRMqoz5bmDz%2FWFi53wzabZf5%2FS4NAiaCsOP1Yp9yxryO7%2Fk%2BayO3s%2FiV53%2F5FwAA%2F%2F8BAAD%2F%2F%2Bq7NlihBAAA HTTP/1.1
Host: customarydesolate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://klarrisawbriney.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: u_pl=22919410; uid_id2=03f2c65f-49d5-4fb7-9a5d-2318c1b34b49:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec76b1e60a07741106ab551c8186791238=[5210994,5210995]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 13:40:36 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 46efbbf3c6fe93107b61a0b684de2102
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| customarydesolate.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fstories%2F1%2Findex.html&l=1125&fd=93 | 172.240.108.68 | 200 OK | 0 B |
URL GET HTTP/1.1customarydesolate.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fstories%2F1%2Findex.html&l=1125&fd=93 IP172.240.108.68:443
Requested byhttps://klarrisawbriney.pages.dev/ CertificateIssuerLet's Encrypt Subjectcustomarydesolate.com Fingerprint00:D2:0D:86:8E:FB:C8:79:46:C6:0E:E5:71:C7:50:AC:0E:C1:D1:F8 ValidityMon, 06 May 2024 08:18:02 GMT - Sun, 04 Aug 2024 08:18:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fstories%2F1%2Findex.html&l=1125&fd=93 HTTP/1.1
Host: customarydesolate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://klarrisawbriney.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: u_pl=22919410; uid_id2=03f2c65f-49d5-4fb7-9a5d-2318c1b34b49:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec76b1e60a07741106ab551c8186791238=[5210994,5210995]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 13:40:36 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.creative-bars1.com/sb/interstitial/sweep/default/stories/1/img/icon.png | 104.21.70.253 | 200 OK | 12 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/interstitial/sweep/default/stories/1/img/icon.png IP104.21.70.253:443
Requested byhttps://klarrisawbriney.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typePNG image data, 230 x 253, 8-bit colormap, non-interlaced Hashb1f546ae7b0fbf8f3d19946146456d8a 37792f4d6fb3482b3d0281139a61e2e426fa3056 2a0b851026a70a5da3b5f2fe9e7f5d098c4126c035a68de8e90f8408bab6fd33
GET /sb/interstitial/sweep/default/stories/1/img/icon.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 10 May 2024 13:40:36 GMT
content-type: image/png
content-length: 11963
last-modified: Fri, 19 Jan 2024 14:17:32 GMT
etag: "65aa847c-2ebb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 854556
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U6Y%2BYS3KT13mYJHSpmXucZHvtdCnQPv1fyzgWVGYjEeZsyZYMufLw1aPI2Y0jhwjgPphF5ToIdiQTiE5oYQkBBehZRzZDsKxP6ikqxu2LIfZYmHuhJnLrvO%2FOJg0Wp%2B1H4CRtUy6uDke"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881a57916dba56aa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| unseenreport.com/pxf.gif?uuid=03f2c65f-49d5-4fb7-9a5d-2318c1b34b49&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=c331f53d8cb1f5b6cb7f7b13f9d18a13&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=13 | 192.243.59.20 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=03f2c65f-49d5-4fb7-9a5d-2318c1b34b49&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=c331f53d8cb1f5b6cb7f7b13f9d18a13&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=13 IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://klarrisawbriney.pages.dev/ CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=03f2c65f-49d5-4fb7-9a5d-2318c1b34b49&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=c331f53d8cb1f5b6cb7f7b13f9d18a13&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=13 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://klarrisawbriney.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 10 May 2024 13:40:36 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bb32391f6b6904c5143d86ad10f887db
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| unseenreport.com/pxf.gif?uuid=03f2c65f-49d5-4fb7-9a5d-2318c1b34b49&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=76b1e60a07741106ab551c8186791238&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=13 | 192.243.59.20 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=03f2c65f-49d5-4fb7-9a5d-2318c1b34b49&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=76b1e60a07741106ab551c8186791238&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=13 IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://klarrisawbriney.pages.dev/ CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=03f2c65f-49d5-4fb7-9a5d-2318c1b34b49&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=76b1e60a07741106ab551c8186791238&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=13 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://klarrisawbriney.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 10 May 2024 13:40:36 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 42d8f1e7eadc2742ee62bf5924d7e4aa
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| klarrisawbriney.pages.dev/wp-includes/css/dist/block-library/style.min.css?ver=6.5.2 | 172.66.44.118 | 200 OK | 16 kB |
URL GET HTTP/3klarrisawbriney.pages.dev/wp-includes/css/dist/block-library/style.min.css?ver=6.5.2 IP172.66.44.118:443
Requested byhttps://klarrisawbriney.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectklarrisawbriney.pages.dev Fingerprint22:97:23:E0:BB:3C:38:DA:DD:42:A4:74:D1:99:36:D6:CE:85:60:80 ValidityThu, 09 May 2024 19:51:43 GMT - Wed, 07 Aug 2024 19:51:42 GMT
File typeASCII text, with very long lines (59701) Hash51a8390b47aa0582cf2d9c96c5addee2 b16a640874025d085c38119a1a02a3460f83f2de 98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.5.2 HTTP/1.1
Host: klarrisawbriney.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://klarrisawbriney.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 13:40:33 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"9643bcd9e0073506ea0bed1be3828c42"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vYWufLzEAP4QYWYWjpXezjvCp8yh5dZvk1s%2BwpA%2BM2GWRI9K6T%2Bc9R8JbouBv%2BiSFrqKbzjSt3xxAl4TZaGT4NsT2icJfTOh129vSshQrK2o9vtYe9dl02eZ26vpPp%2F7LmSPy7K9rzPW%2FZYa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881a577c5cc3b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| customarydesolate.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fstories%2F1%2Fcss%2Fanimate.css&l=78693&fd=349 | 172.240.108.68 | 200 OK | 0 B |
URL GET HTTP/1.1customarydesolate.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fstories%2F1%2Fcss%2Fanimate.css&l=78693&fd=349 IP172.240.108.68:443
Requested byhttps://klarrisawbriney.pages.dev/ CertificateIssuerLet's Encrypt Subjectcustomarydesolate.com Fingerprint00:D2:0D:86:8E:FB:C8:79:46:C6:0E:E5:71:C7:50:AC:0E:C1:D1:F8 ValidityMon, 06 May 2024 08:18:02 GMT - Sun, 04 Aug 2024 08:18:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fstories%2F1%2Fcss%2Fanimate.css&l=78693&fd=349 HTTP/1.1
Host: customarydesolate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://klarrisawbriney.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: u_pl=22919410; uid_id2=03f2c65f-49d5-4fb7-9a5d-2318c1b34b49:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec76b1e60a07741106ab551c8186791238=[5210994,5210995]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 13:40:37 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap | 142.250.74.106 | 200 OK | 717 B |
URL GET HTTP/2fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap IP142.250.74.106:443
Requested byhttps://klarrisawbriney.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
Hash5e48f11f5e65274412215f94f73f8c49 4dd35e5b5136df76bd7ff9da1f119d0ec0e57ff7 40992eb57d95a0165a6d56399cd9afd60cc2cac6f06579b8d87079ccaab91e29
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 13:40:36 GMT
date: Fri, 10 May 2024 13:40:36 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| customarydesolate.com/pixel/sbs?c=1 | 172.240.108.68 | 200 OK | 0 B |
URL GET HTTP/1.1customarydesolate.com/pixel/sbs?c=1 IP172.240.108.68:443
Requested byhttps://klarrisawbriney.pages.dev/ CertificateIssuerLet's Encrypt Subjectcustomarydesolate.com Fingerprint00:D2:0D:86:8E:FB:C8:79:46:C6:0E:E5:71:C7:50:AC:0E:C1:D1:F8 ValidityMon, 06 May 2024 08:18:02 GMT - Sun, 04 Aug 2024 08:18:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbs?c=1 HTTP/1.1
Host: customarydesolate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://klarrisawbriney.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: u_pl=22919410; uid_id2=03f2c65f-49d5-4fb7-9a5d-2318c1b34b49:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec76b1e60a07741106ab551c8186791238=[5210994,5210995]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 13:40:37 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| customarydesolate.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRitnuzNgz%2FEkwgjelDIznbP%2FxgwGJOV4CYbE0VBReqvJ%2BVWdzVV%2FTOZi8EFyXEQxGvvm90sxiB6y8VEZgMKC8KOXvbgnjx68Ady8iAzGVz8Dv19X79X8Oq9%2BnQrOyJ1ZPTw3EUzVFrTlVbNr774bhCcrq6pOBtUB932h%2B3m6arNX%2B61a%2F5L1dcl3zArdT%2Fw%2FcAPqqvKytAMVmYgVHKnF9R6fq1ZrwWtJgb2%2F7vLPDjqQeRH5CkoMV164J2E4hPE0TfnpNtITXLqfJRpmhqLXOy%2BHW%2FEpogRHY%2Bh9RDGuws2jDtYvQcT78zlwuT%2FEZmaEu%2BHe2Dx7kIkWL4918k0ZAwmHkORTyD1BIpOwM0mlDggABe4tI44unXJ2IJef4TSGTolSw%2F%2FhiqmZOnXk4ijr89qNaheNTpLlYkdBmEJNZhA9SdIsj2kwwpUsQeefgIlfiIrD9cQR9vrThsocfiC3wjrvN0Kl5s90Vpuhqyz3KMtsVxvBF0esEaTNXtzg5SaQIUTaDkCdRVkzkOmPGShhyzxEInDKg%2BCoOMLTv1uj%2FOG6EjWFn5AO2FAA7%2FdRcZndxghTUbgegRubyCxN7ChRrDZ93DXSjhRgUunxHvzY%2BSiRCEJCkdQUIJCERQpQZGXO0K7uitvCe0yFix6fdEb5dik%2FS26Y9K%2BjAmoHcGKcis5Ik%2FOTPQ%2BuPsXNuRhtdNmgWz71O90mkHgtylrtQLeDbrtTi%2BoN7pwqoRyFVDnYaim5OnnfkQyCzb%2FHIzuwek9cHUCNHsWtChBr5UYxnc5jaTWig4tdZrWEtqXriZkDmFKJOkS0uvelj4iz8wjXd%2B0kHz%2FzD9PsIvTP2%2BD2xKJLfGRekDQ1zfHV0xBtq%2BYwpFv15NURWpIZ3FfTWkql26%2FIa8XxooL59zoy1f5DJiNd96SLl2jsVBx35GvziohpF01lkvy3QX3jmSXM3ftbGbjLFm7%2FNrqhSix0jll4gmoOjj%2FBbiaksfvvz9%2Fx6fe%2Bw3KTmCzElG2TxYFZfbAkxtwyf6Z3xfqnSGw%2BpjDEg9FVo5tnR3%2F1IpAy%2BOdshJOHlvA5P79Px5hY0tnp6kqt9xN9G0FNN1EHJXIbYlcl6B6BJedGKeJ3T%2Fzc2NeYLoyZtpWtpm2%2BrO5ybOPg1OH1YYvOkyGssNks9UMJRes1WI%2BDzlriG6XI3XT8JXnf%2FkXAAD%2F%2FwEAAP%2F%2Fam%2FjsKEEAAA%3D | 172.240.108.68 | 200 OK | 7 B |
URL GET HTTP/1.1customarydesolate.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRitnuzNgz%2FEkwgjelDIznbP%2FxgwGJOV4CYbE0VBReqvJ%2BVWdzVV%2FTOZi8EFyXEQxGvvm90sxiB6y8VEZgMKC8KOXvbgnjx68Ady8iAzGVz8Dv19X79X8Oq9%2BnQrOyJ1ZPTw3EUzVFrTlVbNr774bhCcrq6pOBtUB932h%2B3m6arNX%2B61a%2F5L1dcl3zArdT%2Fw%2FcAPqqvKytAMVmYgVHKnF9R6fq1ZrwWtJgb2%2F7vLPDjqQeRH5CkoMV164J2E4hPE0TfnpNtITXLqfJRpmhqLXOy%2BHW%2FEpogRHY%2Bh9RDGuws2jDtYvQcT78zlwuT%2FEZmaEu%2BHe2Dx7kIkWL4918k0ZAwmHkORTyD1BIpOwM0mlDggABe4tI44unXJ2IJef4TSGTolSw%2F%2FhiqmZOnXk4ijr89qNaheNTpLlYkdBmEJNZhA9SdIsj2kwwpUsQeefgIlfiIrD9cQR9vrThsocfiC3wjrvN0Kl5s90Vpuhqyz3KMtsVxvBF0esEaTNXtzg5SaQIUTaDkCdRVkzkOmPGShhyzxEInDKg%2BCoOMLTv1uj%2FOG6EjWFn5AO2FAA7%2FdRcZndxghTUbgegRubyCxN7ChRrDZ93DXSjhRgUunxHvzY%2BSiRCEJCkdQUIJCERQpQZGXO0K7uitvCe0yFix6fdEb5dik%2FS26Y9K%2BjAmoHcGKcis5Ik%2FOTPQ%2BuPsXNuRhtdNmgWz71O90mkHgtylrtQLeDbrtTi%2BoN7pwqoRyFVDnYaim5OnnfkQyCzb%2FHIzuwek9cHUCNHsWtChBr5UYxnc5jaTWig4tdZrWEtqXriZkDmFKJOkS0uvelj4iz8wjXd%2B0kHz%2FzD9PsIvTP2%2BD2xKJLfGRekDQ1zfHV0xBtq%2BYwpFv15NURWpIZ3FfTWkql26%2FIa8XxooL59zoy1f5DJiNd96SLl2jsVBx35GvziohpF01lkvy3QX3jmSXM3ftbGbjLFm7%2FNrqhSix0jll4gmoOjj%2FBbiaksfvvz9%2Fx6fe%2Bw3KTmCzElG2TxYFZfbAkxtwyf6Z3xfqnSGw%2BpjDEg9FVo5tnR3%2F1IpAy%2BOdshJOHlvA5P79Px5hY0tnp6kqt9xN9G0FNN1EHJXIbYlcl6B6BJedGKeJ3T%2Fzc2NeYLoyZtpWtpm2%2BrO5ybOPg1OH1YYvOkyGssNks9UMJRes1WI%2BDzlriG6XI3XT8JXnf%2FkXAAD%2F%2FwEAAP%2F%2Fam%2FjsKEEAAA%3D IP172.240.108.68:443
Requested byhttps://klarrisawbriney.pages.dev/ CertificateIssuerLet's Encrypt Subjectcustomarydesolate.com Fingerprint00:D2:0D:86:8E:FB:C8:79:46:C6:0E:E5:71:C7:50:AC:0E:C1:D1:F8 ValidityMon, 06 May 2024 08:18:02 GMT - Sun, 04 Aug 2024 08:18:01 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRitnuzNgz%2FEkwgjelDIznbP%2FxgwGJOV4CYbE0VBReqvJ%2BVWdzVV%2FTOZi8EFyXEQxGvvm90sxiB6y8VEZgMKC8KOXvbgnjx68Ady8iAzGVz8Dv19X79X8Oq9%2BnQrOyJ1ZPTw3EUzVFrTlVbNr774bhCcrq6pOBtUB932h%2B3m6arNX%2B61a%2F5L1dcl3zArdT%2Fw%2FcAPqqvKytAMVmYgVHKnF9R6fq1ZrwWtJgb2%2F7vLPDjqQeRH5CkoMV164J2E4hPE0TfnpNtITXLqfJRpmhqLXOy%2BHW%2FEpogRHY%2Bh9RDGuws2jDtYvQcT78zlwuT%2FEZmaEu%2BHe2Dx7kIkWL4918k0ZAwmHkORTyD1BIpOwM0mlDggABe4tI44unXJ2IJef4TSGTolSw%2F%2FhiqmZOnXk4ijr89qNaheNTpLlYkdBmEJNZhA9SdIsj2kwwpUsQeefgIlfiIrD9cQR9vrThsocfiC3wjrvN0Kl5s90Vpuhqyz3KMtsVxvBF0esEaTNXtzg5SaQIUTaDkCdRVkzkOmPGShhyzxEInDKg%2BCoOMLTv1uj%2FOG6EjWFn5AO2FAA7%2FdRcZndxghTUbgegRubyCxN7ChRrDZ93DXSjhRgUunxHvzY%2BSiRCEJCkdQUIJCERQpQZGXO0K7uitvCe0yFix6fdEb5dik%2FS26Y9K%2BjAmoHcGKcis5Ik%2FOTPQ%2BuPsXNuRhtdNmgWz71O90mkHgtylrtQLeDbrtTi%2BoN7pwqoRyFVDnYaim5OnnfkQyCzb%2FHIzuwek9cHUCNHsWtChBr5UYxnc5jaTWig4tdZrWEtqXriZkDmFKJOkS0uvelj4iz8wjXd%2B0kHz%2FzD9PsIvTP2%2BD2xKJLfGRekDQ1zfHV0xBtq%2BYwpFv15NURWpIZ3FfTWkql26%2FIa8XxooL59zoy1f5DJiNd96SLl2jsVBx35GvziohpF01lkvy3QX3jmSXM3ftbGbjLFm7%2FNrqhSix0jll4gmoOjj%2FBbiaksfvvz9%2Fx6fe%2Bw3KTmCzElG2TxYFZfbAkxtwyf6Z3xfqnSGw%2BpjDEg9FVo5tnR3%2F1IpAy%2BOdshJOHlvA5P79Px5hY0tnp6kqt9xN9G0FNN1EHJXIbYlcl6B6BJedGKeJ3T%2Fzc2NeYLoyZtpWtpm2%2BrO5ybOPg1OH1YYvOkyGssNks9UMJRes1WI%2BDzlriG6XI3XT8JXnf%2FkXAAD%2F%2FwEAAP%2F%2Fam%2FjsKEEAAA%3D HTTP/1.1
Host: customarydesolate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://klarrisawbriney.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: u_pl=22919410; uid_id2=03f2c65f-49d5-4fb7-9a5d-2318c1b34b49:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec76b1e60a07741106ab551c8186791238=[5210994,5210995]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 13:40:37 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c0217b02f18150b09c92a4786c320734
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 142.250.74.99 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP142.250.74.99:443
Requested byhttps://klarrisawbriney.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://klarrisawbriney.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 May 2024 06:08:19 GMT
expires: Sat, 10 May 2025 06:08:19 GMT
cache-control: public, max-age=31536000
age: 27138
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/interstitial/sweep/default/stories/1/img/close.svg | 104.21.70.253 | 200 OK | 1.0 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/interstitial/sweep/default/stories/1/img/close.svg IP104.21.70.253:443
Requested byhttps://klarrisawbriney.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeSVG Scalable Vector Graphics image Hash369850b9873659adf0951d845f57dba1 a64257186daa33b6b318943a457b6cf8d80b26b6 9630c142a8c074cc1809ebf4109538cf29cc0baeb6c27726191f1cf5376e2e21
GET /sb/interstitial/sweep/default/stories/1/img/close.svg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 10 May 2024 13:40:36 GMT
content-type: image/svg+xml
last-modified: Fri, 19 Jan 2024 14:17:32 GMT
etag: W/"65aa847c-4ff"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2143658
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=prOP%2Bzargo5k3Bis9oS5zKQ56LhL%2BPUp9j6SuhNk%2BxkGH1lNuN8etalbYC1uKTwOCcwgCLqDrTg1WtPFNeK7EzWJFnvFMYOWhipeOgG6A72xtkGz6qHY%2B63cdh7Un81auWNt%2F8RKQUIc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881a57915db856aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.barscreative1.com/sb/interstitial/sweep/default/stories/1/index.html | 45.133.44.3 | 200 OK | 7.0 kB |
URL GET HTTP/2cdn.barscreative1.com/sb/interstitial/sweep/default/stories/1/index.html IP45.133.44.3:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://klarrisawbriney.pages.dev/ CertificateIssuerLet's Encrypt Subjectcdn.barscreative1.com Fingerprint08:55:F0:C8:EA:24:54:0D:3C:B9:2C:95:3E:DC:BF:FB:A8:76:BA:BC ValidityThu, 09 May 2024 03:01:15 GMT - Wed, 07 Aug 2024 03:01:14 GMT
File typegzip compressed data, from Unix Hash2e213495eeed9cb112001d095fd8aa87 06a9a0d60b980c04e93333e884f06efafbd04be5 fb7e67a9c9b12b9499ef019402b654d2f0b7d276a23d848231c98ec546f27cf5
GET /sb/interstitial/sweep/default/stories/1/index.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://klarrisawbriney.pages.dev/
Origin: https://klarrisawbriney.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 13:40:36 GMT
content-type: text/html; charset=utf-8
server: nginx/1.21.6
last-modified: Fri, 19 Jan 2024 14:17:32 GMT
etag: W/"65aa847c-465"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Fri, 10 May 2024 14:40:36 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
|
|
| klarrisawbriney.pages.dev/wp-content/fonts/cdb5aea3271d50d796723b2acf22deac.css | 172.66.44.118 | 200 OK | 7.3 kB |
URL GET HTTP/3klarrisawbriney.pages.dev/wp-content/fonts/cdb5aea3271d50d796723b2acf22deac.css IP172.66.44.118:443
Requested byhttps://klarrisawbriney.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectklarrisawbriney.pages.dev Fingerprint22:97:23:E0:BB:3C:38:DA:DD:42:A4:74:D1:99:36:D6:CE:85:60:80 ValidityThu, 09 May 2024 19:51:43 GMT - Wed, 07 Aug 2024 19:51:42 GMT
File typeASCII text, with very long lines (7448), with no line terminators Hash05e4ab71e922c02141b51d645d894b9c 7eaf56f48713bb3474bf7c15781ee2ca6692559e c82d9603dae036c1b4564b9c6c5db644f0d0cbd7d2045214ee15d1ff033e73dd
GET /wp-content/fonts/cdb5aea3271d50d796723b2acf22deac.css HTTP/1.1
Host: klarrisawbriney.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://klarrisawbriney.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 13:40:33 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"23023960ad3d42400088fb96b2a83403"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x1cwkzTe%2Fo%2BrbupcDXRD2%2F2FZ3Fsgn2oIRhpPvvXMLWcBbMBcASL1vXigo%2FBJBrPlS08qHs0HNsATYBkbsrJRsO1WqeqpSjgDiQqvsda8TZBCpVMqsGMOCoaPDssM0BMOVVOMftd%2FaUNdia%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881a577c5cc9b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdn.creative-bars1.com/sb/interstitial/sweep/default/stories/1/css/animate.css | 104.21.70.253 | 200 OK | 79 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/interstitial/sweep/default/stories/1/css/animate.css IP104.21.70.253:443
Requested byhttps://klarrisawbriney.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
Hash5982c5377696d20476871062646b253f 8bf2c93fa9ccc908f7df0fb7abb911bbac3e4242 4e23a6449e6ef4614f0107cecf5c9eda75d2041c7c71f4a55d45f2a7e75450f4
GET /sb/interstitial/sweep/default/stories/1/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://klarrisawbriney.pages.dev/
Origin: https://klarrisawbriney.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 13:40:36 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:17:32 GMT
etag: W/"65aa847c-13365"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uK77VB00KU4YQJ95KPgRQcEdRmEeu7moGA6c%2BweVGQWrIKgKvLSZWyihXdfZLgS7YF%2FqZ%2FNObinx6aIE0nAPorclL23MERYwbKknF%2BGjqpAMuakulApRytX3snMNEM3uw1d1bFqngze%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881a5790dcde56aa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/interstitial/sweep/default/stories/1/css/style.css | 104.21.70.253 | 200 OK | 1.4 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/interstitial/sweep/default/stories/1/css/style.css IP104.21.70.253:443
Requested byhttps://klarrisawbriney.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeASCII text, with very long lines (1523), with no line terminators Hashaf8b297e908242d66890c4650aaffdd2 45fe0a1587b11f77bf71085d15dbae9750a97179 cc03ce0e52d2d5b339b37554d900c6ec631929d4d729ffbd1fb200eba267d5ad
GET /sb/interstitial/sweep/default/stories/1/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://klarrisawbriney.pages.dev/
Origin: https://klarrisawbriney.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 13:40:36 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:17:32 GMT
etag: W/"65aa847c-59a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rkWhbdoLMPGjQ%2F0mmTCejYxApxcZX5qdoiPTYZ%2BPCiFF6sIOMSyzQM%2BI9%2BoAflGKwnq5TIY2dwIgk%2BhfdkqsCpBvhc5lKrA2nChGBBuWV4HnPqNLEu4tOUZw5AcUwlEto%2F1a%2F68gkLwq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881a5790ccd656aa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| klarrisawbriney.pages.dev/wp-content/themes/blogic/assets/css/fontawesome.css?ver=1.8.0 | 172.66.44.118 | 200 OK | 74 kB |
URL GET HTTP/3klarrisawbriney.pages.dev/wp-content/themes/blogic/assets/css/fontawesome.css?ver=1.8.0 IP172.66.44.118:443
Requested byhttps://klarrisawbriney.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectklarrisawbriney.pages.dev Fingerprint22:97:23:E0:BB:3C:38:DA:DD:42:A4:74:D1:99:36:D6:CE:85:60:80 ValidityThu, 09 May 2024 19:51:43 GMT - Wed, 07 Aug 2024 19:51:42 GMT
Hash68653d91bbbe77a5fffb9466cbe16747 a74e184a24eeab03a1879cc1a99338365e4473e5 7dcb9444d9f6e487eff880768fc0a4437f128c59b5fae3055dbc10a6d65e0b3a
GET /wp-content/themes/blogic/assets/css/fontawesome.css?ver=1.8.0 HTTP/1.1
Host: klarrisawbriney.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://klarrisawbriney.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 13:40:33 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"412f5806557665c66410582976997566"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wr7vPzfc832QgmFVjL3mor07wTy9TJb4hNn6iwQXMTUrHhvfZ56cJv7cB9yh1zavNRCyvIUu0KIsJuptU42PoxuVUTqKWj7HNcmwRFfSZuQTSaob%2Fg%2FCUWYcEbnrezERkpi7yqKuv4uC8mo0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881a577c6ccfb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| klarrisawbriney.pages.dev/wp-content/themes/blogic/assets/css/blocks.css?ver=6.5.2 | 172.66.44.118 | 200 OK | 16 kB |
URL GET HTTP/3klarrisawbriney.pages.dev/wp-content/themes/blogic/assets/css/blocks.css?ver=6.5.2 IP172.66.44.118:443
Requested byhttps://klarrisawbriney.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectklarrisawbriney.pages.dev Fingerprint22:97:23:E0:BB:3C:38:DA:DD:42:A4:74:D1:99:36:D6:CE:85:60:80 ValidityThu, 09 May 2024 19:51:43 GMT - Wed, 07 Aug 2024 19:51:42 GMT
File typeASCII text, with CRLF line terminators Hash77dc916e88bc00d8b66bc30d5db62ebe 0d5d03e0c8636cb6fbcd6e504993cfdd752510fd 73a6ebe46361104290597a0ee9417472d9b7abbd6b03a147b0baab19cce4a129
GET /wp-content/themes/blogic/assets/css/blocks.css?ver=6.5.2 HTTP/1.1
Host: klarrisawbriney.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://klarrisawbriney.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 13:40:33 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"f190b0aaba2a75a52604e5bb9559b755"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KxyzbD3OyjjDavyYhBXNFmekWXoiO8j2avtT9LgwQEtzZeMFduMNA4R4MoCoeDixiXNie4BW06PlUROGLBQI%2B0hrCtGFcKAXJAHslEURqHyQRWgBWx1TqGeyob7cxD6EN9PCyRZ7oztNIywP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881a577c6cd4b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| klarrisawbriney.pages.dev/wp-content/plugins/wp-meta-and-date-remover/assets/js/inspector.js?ver=1.1 | 172.66.44.118 | 200 OK | 3.9 kB |
URL GET HTTP/3klarrisawbriney.pages.dev/wp-content/plugins/wp-meta-and-date-remover/assets/js/inspector.js?ver=1.1 IP172.66.44.118:443
Requested byhttps://klarrisawbriney.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectklarrisawbriney.pages.dev Fingerprint22:97:23:E0:BB:3C:38:DA:DD:42:A4:74:D1:99:36:D6:CE:85:60:80 ValidityThu, 09 May 2024 19:51:43 GMT - Wed, 07 Aug 2024 19:51:42 GMT
File typeJavaScript source, ASCII text, with very long lines (4077), with no line terminators Hash0107360725310915a1fd69ea43e81151 f8c18be2fe6c9fa7e412254387f614d2b8b05b54 18da3b371350a20b6fd8f70d0b6541c2826076fbd3f5663bc238dde7ac76142a
GET /wp-content/plugins/wp-meta-and-date-remover/assets/js/inspector.js?ver=1.1 HTTP/1.1
Host: klarrisawbriney.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://klarrisawbriney.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 13:40:33 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"155e673a0ef0fa0671bf62a6b4137ed9"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jwf353ev5qZZYPcdsHlQu2sw0f2Rbe9cKarjkiRTRy8Z4iJh3MlDVyrOSuByVMdekwYrX%2Bc%2B1mI4ErWiajSc6fwHROF8g%2FTjjnN5saVG0K2PFWzJ78BjDmkOwCB6fnq9zMur412dvg1nh8hf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881a577c8d1bb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdn.creative-bars1.com/sb/interstitial/sweep/default/stories/1/js/script.js | 104.21.70.253 | 200 OK | 321 B |
URL GET HTTP/2cdn.creative-bars1.com/sb/interstitial/sweep/default/stories/1/js/script.js IP104.21.70.253:443
Requested byhttps://klarrisawbriney.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeASCII text, with very long lines (343), with no line terminators Hash4f46dc256e627bbc1fa54e2996e30b25 56ff1d7676599e3d1ddbee84dad29f2a2bece6ce 6933ea1db439c96d670e6ce25bcbfa19052ce0626fee500df36d11167636d6c3
GET /sb/interstitial/sweep/default/stories/1/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://klarrisawbriney.pages.dev/
Origin: https://klarrisawbriney.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 13:40:37 GMT
content-type: application/javascript
last-modified: Fri, 19 Jan 2024 14:17:32 GMT
etag: W/"65aa847c-141"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n%2B7R7zTCz2miKAY3Zombx1IcHpzTmuov%2FoA2891hQeJXTecx6yY3Nj8tHHEkwrGZ4WsndTgkUkHdZe%2F8yhN6OCetmtaKgWBwIzVzP2O7bocQWQ3MAuJIg2M%2B0HX%2FMcFbhukj5BQIDMan"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881a5792af5556aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| klarrisawbriney.pages.dev/wp-content/themes/blogic/style.css?ver=1.0.1 | 172.66.44.118 | 200 OK | 80 kB |
URL GET HTTP/3klarrisawbriney.pages.dev/wp-content/themes/blogic/style.css?ver=1.0.1 IP172.66.44.118:443
Requested byhttps://klarrisawbriney.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectklarrisawbriney.pages.dev Fingerprint22:97:23:E0:BB:3C:38:DA:DD:42:A4:74:D1:99:36:D6:CE:85:60:80 ValidityThu, 09 May 2024 19:51:43 GMT - Wed, 07 Aug 2024 19:51:42 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/themes/blogic/style.css?ver=1.0.1 HTTP/1.1
Host: klarrisawbriney.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://klarrisawbriney.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 13:40:33 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"3756cd188be54b285ccdca0bd2f31ca5"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=80vO4fDICAe9poRSVEa%2BDk6dDK38KkmiQgOEbGghPuSNeAZbi0YnPOdMmxpK2xw9nqdGo30WC9taHWZcymY4UUWffAsbLnI5dnd8qMJc4c0YNOgZvOlAvXzKVe0COPgz9xNgtSnYSmLy5nOF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881a577c6cd7b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| klarrisawbriney.pages.dev/wp-content/themes/blogic/assets/js/slick.js?ver=1.8.0 | 172.66.44.118 | 200 OK | 90 kB |
URL GET HTTP/3klarrisawbriney.pages.dev/wp-content/themes/blogic/assets/js/slick.js?ver=1.8.0 IP172.66.44.118:443
Requested byhttps://klarrisawbriney.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectklarrisawbriney.pages.dev Fingerprint22:97:23:E0:BB:3C:38:DA:DD:42:A4:74:D1:99:36:D6:CE:85:60:80 ValidityThu, 09 May 2024 19:51:43 GMT - Wed, 07 Aug 2024 19:51:42 GMT
File typeJavaScript source, ASCII text Hash36f5dfaf4ab9fc2ebf345c1e348de969 17e74e5523f0d97bf2f925b884d560bc0cc7dd25 10f8b2a3c62832857180ce647110dcd7a71e73ad5f071055f42687659b364d28
GET /wp-content/themes/blogic/assets/js/slick.js?ver=1.8.0 HTTP/1.1
Host: klarrisawbriney.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://klarrisawbriney.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 13:40:33 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"3f81ff2978b6f708bf14c65a5a9767ec"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N786pNZBPsn5sYztszf7M4ShW3n3F7FjLfrV1asOE7qqwQyU55geahs5wx%2F%2BXLgUiOSgyRznOwnmYT%2Bc15aKWwkaVs30jDNr8mHx5dZJOEVVCaufwOhz4xqnOuonOR7YihG%2BTowJaPM03Klx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881a577c8d20b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdn.creative-bars1.com/sb/interstitial/sweep/default/stories/1/js/jquery.min.js | 104.21.70.253 | 200 OK | 87 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/interstitial/sweep/default/stories/1/js/jquery.min.js IP104.21.70.253:443
Requested byhttps://klarrisawbriney.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeJavaScript source, ASCII text, with very long lines (32058) Hashc9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
GET /sb/interstitial/sweep/default/stories/1/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 13:40:36 GMT
content-type: application/javascript
last-modified: Fri, 19 Jan 2024 14:17:32 GMT
etag: W/"65aa847c-15283"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 854556
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d4PI7v7HWIIv2vwNvbAJct5DYleFxJ%2FFd6jNquXd4c2bw73yDeK%2BW86WVdfTi0rOSiTBResQNpFzEpO9Ba%2Fl0aIRVNodMMgk7bY1FX6V5jB355%2BmGbXvhOj0oJY1KLZeuC0FFf4vOX4h"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881a57916dbe56aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| klarrisawbriney.pages.dev/ | 172.66.44.118 | 200 OK | 46 kB |
URL User Request GET HTTP/2klarrisawbriney.pages.dev/ IP172.66.44.118:443
CertificateIssuerGoogle Trust Services LLC Subjectklarrisawbriney.pages.dev Fingerprint22:97:23:E0:BB:3C:38:DA:DD:42:A4:74:D1:99:36:D6:CE:85:60:80 ValidityThu, 09 May 2024 19:51:43 GMT - Wed, 07 Aug 2024 19:51:42 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: klarrisawbriney.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 13:40:32 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"9a2cff753c054d9d76aa125ffec18155"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=80qIbMfRSa5UhDTex6glrnwyTvyBqm0Wt5RUWn0Phgc4LsQMobCzKVX0Mcv%2Fqk7gLiQlTzJ%2FRVYDPGNcEx49mIEl4D5ZHbT0q6q%2BAdRvvDZH2Fo2JyvD8UFPaYTVseKuX17rRVZj0KBNf6mh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881a57795ab756c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| klarrisawbriney.pages.dev/wp-content/plugins/advanced-random-posts-widget/assets/css/arpw-frontend.css?ver=6.5.2 | 172.66.44.118 | 200 OK | 275 B |
URL GET HTTP/3klarrisawbriney.pages.dev/wp-content/plugins/advanced-random-posts-widget/assets/css/arpw-frontend.css?ver=6.5.2 IP172.66.44.118:443
Requested byhttps://klarrisawbriney.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectklarrisawbriney.pages.dev Fingerprint22:97:23:E0:BB:3C:38:DA:DD:42:A4:74:D1:99:36:D6:CE:85:60:80 ValidityThu, 09 May 2024 19:51:43 GMT - Wed, 07 Aug 2024 19:51:42 GMT
File typeASCII text, with very long lines (312), with no line terminators Hash58e671c19d0c80d4cd0dfc871532c81d 1236a814bc62bb0f3eaa97ff3b3464969211d835 6ee0f5e3cc7aff02c7f1ff31581494303213619f7f31004c7c2a748891592301
GET /wp-content/plugins/advanced-random-posts-widget/assets/css/arpw-frontend.css?ver=6.5.2 HTTP/1.1
Host: klarrisawbriney.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://klarrisawbriney.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 13:40:33 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"89495a62273346014c21c363f32c166b"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jh%2F0ZLXdfaYcPuuRURxP6oS1NQVCnkM7phNI%2BD4Mnp9q0OlZfVnpi%2FGLYOYOpBf%2FZAyCaJiUVfvcnWubnGRoECfOpLqZSfT6Oo2KWX4ClyxbkUv67MWR9EPZPbLLRPnO87WB%2B8B8bP%2BhNiXp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881a577c6ce7b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| klarrisawbriney.pages.dev/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 | 172.66.44.118 | 200 OK | 88 kB |
URL GET HTTP/3klarrisawbriney.pages.dev/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 IP172.66.44.118:443
Requested byhttps://klarrisawbriney.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectklarrisawbriney.pages.dev Fingerprint22:97:23:E0:BB:3C:38:DA:DD:42:A4:74:D1:99:36:D6:CE:85:60:80 ValidityThu, 09 May 2024 19:51:43 GMT - Wed, 07 Aug 2024 19:51:42 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash826eb77e86b02ab7724fe3d0141ff87c 79cd3587d565afe290076a8d36c31c305a573d18 cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1
Host: klarrisawbriney.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://klarrisawbriney.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 13:40:33 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"4faaa9d1e8ac6b951abd4ab674ea9ec1"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DuRtjiTRIoqVGo4QYgOkiKZY1LlmATAptVOOCEs8gh9fYlJD4OOAJNRI6MD0fUJc%2BeBEJrJciWXdIKOXDGEKUEni%2F0B99Ylyu5aLyWJe5GyapTBw3hotemy0WJ%2FBYV%2F4fFtYa%2FrLQXu1fLqZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881a577c7cf4b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| customarydesolate.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fstories%2F1%2Fcss%2Fstyle.css&l=1434&fd=327 | 172.240.108.68 | 200 OK | 0 B |
URL GET HTTP/1.1customarydesolate.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fstories%2F1%2Fcss%2Fstyle.css&l=1434&fd=327 IP172.240.108.68:443
Requested byhttps://klarrisawbriney.pages.dev/ CertificateIssuerLet's Encrypt Subjectcustomarydesolate.com Fingerprint00:D2:0D:86:8E:FB:C8:79:46:C6:0E:E5:71:C7:50:AC:0E:C1:D1:F8 ValidityMon, 06 May 2024 08:18:02 GMT - Sun, 04 Aug 2024 08:18:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fstories%2F1%2Fcss%2Fstyle.css&l=1434&fd=327 HTTP/1.1
Host: customarydesolate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://klarrisawbriney.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: u_pl=22919410; uid_id2=03f2c65f-49d5-4fb7-9a5d-2318c1b34b49:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec76b1e60a07741106ab551c8186791238=[5210994,5210995]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 13:40:36 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| klarrisawbriney.pages.dev/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 | 172.66.44.118 | 200 OK | 14 kB |
URL GET HTTP/3klarrisawbriney.pages.dev/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 IP172.66.44.118:443
Requested byhttps://klarrisawbriney.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectklarrisawbriney.pages.dev Fingerprint22:97:23:E0:BB:3C:38:DA:DD:42:A4:74:D1:99:36:D6:CE:85:60:80 ValidityThu, 09 May 2024 19:51:43 GMT - Wed, 07 Aug 2024 19:51:42 GMT
File typeJavaScript source, ASCII text, with very long lines (13479) Hash9ffeb32e2d9efbf8f70caabded242267 3ad0c10e501ac2a9bfa18f9cd7e700219b378738 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1
Host: klarrisawbriney.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://klarrisawbriney.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 13:40:33 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"ff416357a541c2641e2808b797569af3"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GFi%2FcRBu5Ipa1u%2BiVWxmEJuQYkJRkbc4IonUWP%2B5uP4EEIemQppKAMUhfL0LKW713c2HQ0r7YgFLljPO3a50FZuv9f9yUMWcNxylZ1CuNyD1mdy7uF1HP3gOtrKob8WU2rM%2FiQCFK%2FcNDyzv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881a577c7cfbb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| klarrisawbriney.pages.dev/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2 | 172.66.44.118 | 200 OK | 0 B |
URL GET HTTP/3klarrisawbriney.pages.dev/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2 IP172.66.44.118:443
Requested byhttps://klarrisawbriney.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectklarrisawbriney.pages.dev Fingerprint22:97:23:E0:BB:3C:38:DA:DD:42:A4:74:D1:99:36:D6:CE:85:60:80 ValidityThu, 09 May 2024 19:51:43 GMT - Wed, 07 Aug 2024 19:51:42 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.5.2 HTTP/1.1
Host: klarrisawbriney.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://klarrisawbriney.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 13:40:34 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"9a2cff753c054d9d76aa125ffec18155"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CeN10XAK4ksdAmZsLiG%2FHf08EM4oEZ%2F4VxU9F3wAjqC8q6WU%2BJXwHIi194cbHp4Zwb6KzNFEGAN%2FgZ9%2FY6%2F%2BnGqKmocGLtilE7pk1ncxnVxQHEM01Fz7ypFxHec4jQKO5AnHrAKKfswUu%2B%2Fl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881a5785396ab4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| klarrisawbriney.pages.dev/wp-content/themes/blogic/assets/css/slick.css?ver=1.8.0 | 172.66.44.118 | 200 OK | 1.8 kB |
URL GET HTTP/3klarrisawbriney.pages.dev/wp-content/themes/blogic/assets/css/slick.css?ver=1.8.0 IP172.66.44.118:443
Requested byhttps://klarrisawbriney.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectklarrisawbriney.pages.dev Fingerprint22:97:23:E0:BB:3C:38:DA:DD:42:A4:74:D1:99:36:D6:CE:85:60:80 ValidityThu, 09 May 2024 19:51:43 GMT - Wed, 07 Aug 2024 19:51:42 GMT
File typeASCII text, with very long lines (1895), with no line terminators Hashb3f4dd9bd98c76eb638e0cc6d0184721 2fbbc2e81bf1ac6dde9bf24c013524df1973480a b2dce8f0973f7debc99cd2dfb90f65f37004c26c81a131def9cefa00c7fa00dd
GET /wp-content/themes/blogic/assets/css/slick.css?ver=1.8.0 HTTP/1.1
Host: klarrisawbriney.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://klarrisawbriney.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 13:40:33 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"d760ced64fb651ff2235b1d4a0c9ee99"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IQTD9dgCqnRaMtzEL3C%2F%2FYDeld0s0Vu3eCKimbP%2F9jH30WpITDLLNAkl0zpLznRs9cojGUD1oNSDDDYVJHobd8kB8UghHPNayHMQRQvtl9DjpOYync%2Fp5PJYf2wbjZEKWv15eNwRDzOfmm0i"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881a577c6ccdb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| customarydesolate.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fstories%2F1%2Fjs%2Fscript.js&l=321&fd=323 | 172.240.108.68 | 200 OK | 0 B |
URL GET HTTP/1.1customarydesolate.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fstories%2F1%2Fjs%2Fscript.js&l=321&fd=323 IP172.240.108.68:443
Requested byhttps://klarrisawbriney.pages.dev/ CertificateIssuerLet's Encrypt Subjectcustomarydesolate.com Fingerprint00:D2:0D:86:8E:FB:C8:79:46:C6:0E:E5:71:C7:50:AC:0E:C1:D1:F8 ValidityMon, 06 May 2024 08:18:02 GMT - Sun, 04 Aug 2024 08:18:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fstories%2F1%2Fjs%2Fscript.js&l=321&fd=323 HTTP/1.1
Host: customarydesolate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://klarrisawbriney.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: u_pl=22919410; uid_id2=03f2c65f-49d5-4fb7-9a5d-2318c1b34b49:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec76b1e60a07741106ab551c8186791238=[5210994,5210995]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 13:40:37 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|