| cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.slim.min.js |  104.17.24.14 | 200 OK | 22 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.slim.min.js IP104.17.24.14:443
Requested byhttps://bricegauthieruzdi1.pages.dev/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65241) Hash1276065911521c5c22037a31365d179d d1c6704e94efe2d465fc161b6381e127d35acd81 bbb7b9921ca2b61948753a6edb63c78443663dc45d1621d18e102e1dcb34e512
GET /ajax/libs/jquery/3.6.0/jquery.slim.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bricegauthieruzdi1.pages.dev/
Origin: https://bricegauthieruzdi1.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 14:36:58 GMT
content-type: application/javascript; charset=utf-8
content-length: 22329
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "603e8adc-11ab4"
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 338485
expires: Thu, 24 Apr 2025 14:36:58 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vYyhPMBU2b%2Fd8my5bbQFibRl5JwTVKKrkPJ%2Bp9EYCJydCWslYj7Y2R%2FCgHpCbwoV6mjllBGI4jxMktJ5ZuznpTDYxqNv4BKUvFJP%2BOZZK56iw7RXn%2Ff%2BdAzuM1TSUxyoeQf2J1OM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87e939e379dcb50f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.0/lazysizes.min.js | 104.17.24.14 | 200 OK | 3.2 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.0/lazysizes.min.js IP104.17.24.14:443
Requested byhttps://bricegauthieruzdi1.pages.dev/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (7862) Hash96201abb62283557a9d7b97b4cab14ab a72f33d920d0ab863df4cb60edf44ec140304cdb 46112dbceed738f759d03f04b115d5256a7d73660b7795acb382192ad84d9f98
GET /ajax/libs/lazysizes/5.3.0/lazysizes.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bricegauthieruzdi1.pages.dev/
Origin: https://bricegauthieruzdi1.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 14:36:58 GMT
content-type: application/javascript; charset=utf-8
content-length: 3150
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5ff0b799-1ed1"
last-modified: Sat, 02 Jan 2021 18:12:41 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 335213
expires: Thu, 24 Apr 2025 14:36:58 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JR%2FbDdVKagXADdxrqDBxDsqFPkwU4s%2BmQ3D%2BgzXDVmQzihiiZZK3hYdYRB96kE%2Bja3MYjOM7gHtg8UPVnDJsZHjG%2BfoXHcMCMY3uneQPEHBQDG9PSMNK2XEbIYM5nrF22YfvRl9f"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87e939e38a03b50f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 3.bp.blogspot.com/-ZZSacDHLWlM/VhvlKTMjbLI/AAAAAAAAF2M/UDzU4rrvcaI/s1600/btn_close.gif |  142.250.74.65 | 200 OK | 362 B |
URL GET HTTP/23.bp.blogspot.com/-ZZSacDHLWlM/VhvlKTMjbLI/AAAAAAAAF2M/UDzU4rrvcaI/s1600/btn_close.gif IP142.250.74.65:443
Requested byhttps://bricegauthieruzdi1.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectmisc-sni.blogspot.com FingerprintC4:7D:61:88:AB:F1:15:A1:36:2A:68:39:51:62:46:00:23:6D:39:00 ValidityTue, 16 Apr 2024 03:45:20 GMT - Tue, 09 Jul 2024 03:45:19 GMT
File typeGIF image data, version 89a, 52 x 15 Hashfd2c05a8c327ace309722b0a5fc4faf3 f446e97c43f8830be9f60644563dd846abe6b8e8 0450e2e1aa3c8b5435690d841f3e573c4f521864e1f8e01a5b6dbcdac922c8b4
GET /-ZZSacDHLWlM/VhvlKTMjbLI/AAAAAAAAF2M/UDzU4rrvcaI/s1600/btn_close.gif HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bricegauthieruzdi1.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="btn_close.gif"
x-content-type-options: nosniff
server: fife
content-length: 362
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
date: Sat, 04 May 2024 11:09:44 GMT
expires: Sun, 05 May 2024 11:09:44 GMT
cache-control: public, max-age=86400, no-transform
age: 12434
etag: "v1764"
content-type: image/gif
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.topcreativeformat.com/3dc4ca87e07d09e08b5aa5d2105c033d/invoke.js | 192.243.61.225 | 200 OK | 12 kB |
URL GET HTTP/1.1www.topcreativeformat.com/3dc4ca87e07d09e08b5aa5d2105c033d/invoke.js IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://bricegauthieruzdi1.pages.dev/ CertificateIssuerLet's Encrypt Subjecttopcreativeformat.com Fingerprint6D:98:D9:61:FC:CF:D9:8C:FE:5E:1C:15:5A:A5:F2:28:38:04:A4:A4 ValidityWed, 20 Mar 2024 07:51:41 GMT - Tue, 18 Jun 2024 07:51:40 GMT
File typeJavaScript source, ASCII text, with very long lines (31297), with no line terminators Hash4de46b73842ad86f0847654b30622c7b 0b9e8834189c4f2d4de44296f9a8e5b901207262 0a5c03d4cbde3b21c1fff983529e6436dac703696545964614ce5cffcda86ebc
GET /3dc4ca87e07d09e08b5aa5d2105c033d/invoke.js HTTP/1.1
Host: www.topcreativeformat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bricegauthieruzdi1.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 14:36:59 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a3592af46f5caedfa2fb63b60e9c3a2b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| ads.bisniskini.biz.id/get/site/js/d6f51a1ed1d2f145512197f7cd7be46d | 104.21.86.41 | 200 OK | 656 B |
URL GET HTTP/3ads.bisniskini.biz.id/get/site/js/d6f51a1ed1d2f145512197f7cd7be46d IP104.21.86.41:443
Requested byhttps://bricegauthieruzdi1.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectbisniskini.biz.id FingerprintCB:C5:50:71:58:97:D7:6D:B9:8F:63:0E:B9:30:B7:87:1D:05:E2:5A ValiditySun, 14 Apr 2024 15:48:05 GMT - Sat, 13 Jul 2024 15:48:04 GMT
File typeASCII text, with CRLF line terminators Hash500accfab8797557b0f922957a9319dd 8d35e1a694c6b6425f79cda1bdc33684b3a05435 29631aedec51cdf985b9ea2e0a34a4d72f4382bac37b5c0f0388f8c9f51fd8e4
GET /get/site/js/d6f51a1ed1d2f145512197f7cd7be46d HTTP/1.1
Host: ads.bisniskini.biz.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bricegauthieruzdi1.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 14:36:59 GMT
content-type: application/javascript
set-cookie: PHPSESSID=jluqcap14sqve7df6dff6ihv3i; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0NyI3%2F58kYf9e5TVUkim3sLwOyJaLo8mrbs1JGjH4noJXJSxrq1mfnWLU5g5n3RjdQK4FJd6BB0ll4MSrxsw%2Fu%2FPQ%2BK4Nvi71u%2FlSggmWwn5FtEfEf%2BfE62Bxfp6g3w3T5hg4UKR0Bg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e939e3ce985695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| proftrafficcounter.com/stats |  18.185.9.67 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP18.185.9.67:443
Requested byhttps://bricegauthieruzdi1.pages.dev/ CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hashd3e43f7af9b7462903887b2f2817454f 9c211045f91554dea38e32afcd91eeee0c607f59 f3e29fb552d64e544559bc8489429687c2ffcc6a6b9a8b6c056ae08cc5a679a1
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bricegauthieruzdi1.pages.dev/
Origin: https://bricegauthieruzdi1.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 14:37:00 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://bricegauthieruzdi1.pages.dev
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=bdfc0b4a-1be3-4c7a-8067-998a89bdf459:3:1; expires=Tue, 02 May 2034 14:37:00 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| bricegauthieruzdi1.pages.dev/ | 172.66.44.236 | 200 OK | 6.6 kB |
URL User Request GET HTTP/2bricegauthieruzdi1.pages.dev/ IP172.66.44.236:443
CertificateIssuerLet's Encrypt Subjectbricegauthieruzdi1.pages.dev Fingerprint11:14:EF:48:80:BE:85:D6:D9:24:3E:B5:26:3B:49:0F:5A:9B:32:4B ValidityFri, 03 May 2024 19:15:17 GMT - Thu, 01 Aug 2024 19:15:16 GMT
File typeHTML document, ASCII text, with very long lines (7816) Hash8bd9a236ea32ca3ea92aa1e5cb8ea991 f07fa14138b5dbf5d20a158457f094caf16368a0 cc72b9dc33b2c198e586678a53f7b95fd0359bc783e2e0ddb912eee6550ac120
GET / HTTP/1.1
Host: bricegauthieruzdi1.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 14:36:58 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"368a2c33b546232a69c15c843356953f"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=De7oI2JUUCnemBcbaVBeorjfs9U8MG70EbiWbtuNu0dlxUOqRQoulCarsWXfv9UA7DH3zsrYnMRuc6ry%2FKbc5%2BGZJzRXomIPKz6k6k9RtBum4HlPniwE6dNp6Xd6KD59Jp6DoI85gXp%2B4rgltPjI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e939e08f9056cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.topcreativeformat.com/3dc4ca87e07d09e08b5aa5d2105c033d/invoke.js | 192.243.61.225 | 200 OK | 12 kB |
URL GET HTTP/1.1www.topcreativeformat.com/3dc4ca87e07d09e08b5aa5d2105c033d/invoke.js IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://bricegauthieruzdi1.pages.dev/ CertificateIssuerLet's Encrypt Subjecttopcreativeformat.com Fingerprint6D:98:D9:61:FC:CF:D9:8C:FE:5E:1C:15:5A:A5:F2:28:38:04:A4:A4 ValidityWed, 20 Mar 2024 07:51:41 GMT - Tue, 18 Jun 2024 07:51:40 GMT
File typeJavaScript source, ASCII text, with very long lines (31333), with no line terminators Hash7a605b5fc4849d77c8c8acfa9a965585 a328829eb41b46c6c994376c43e9d9b48865887b ac09606f6b32047e3737275128f6e0dd7816ac1f3c0633bc7bd2007021f69757
GET /3dc4ca87e07d09e08b5aa5d2105c033d/invoke.js HTTP/1.1
Host: www.topcreativeformat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bricegauthieruzdi1.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 14:37:00 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a01ab05fc72bc1b771bbfe133fb71316
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| conceivedtowards.com/watch.245951566572.js?key=3dc4ca87e07d09e08b5aa5d2105c033d&kw=%5B%5D&refer=https%3A%2F%2Fbricegauthieruzdi1.pages.dev%2F&tz=0&dev=e&res=14.2071&uuid=bdfc0b4a-1be3-4c7a-8067-998a89bdf459%3A3%3A1 | 192.243.59.13 | 307 Temporary Redirect | 0 B |
URL GET HTTP/1.1conceivedtowards.com/watch.245951566572.js?key=3dc4ca87e07d09e08b5aa5d2105c033d&kw=%5B%5D&refer=https%3A%2F%2Fbricegauthieruzdi1.pages.dev%2F&tz=0&dev=e&res=14.2071&uuid=bdfc0b4a-1be3-4c7a-8067-998a89bdf459%3A3%3A1 IP192.243.59.13:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://bricegauthieruzdi1.pages.dev/ CertificateIssuerLet's Encrypt Subjectconceivedtowards.com Fingerprint7E:51:62:88:EF:9C:34:4E:AB:87:19:31:45:2C:B4:48:5F:E0:A7:6B ValidityMon, 29 Apr 2024 13:00:02 GMT - Sun, 28 Jul 2024 13:00:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /watch.245951566572.js?key=3dc4ca87e07d09e08b5aa5d2105c033d&kw=%5B%5D&refer=https%3A%2F%2Fbricegauthieruzdi1.pages.dev%2F&tz=0&dev=e&res=14.2071&uuid=bdfc0b4a-1be3-4c7a-8067-998a89bdf459%3A3%3A1 HTTP/1.1
Host: conceivedtowards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bricegauthieruzdi1.pages.dev/
Origin: https://bricegauthieruzdi1.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sat, 04 May 2024 14:37:00 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://bricegauthieruzdi1.pages.dev
Access-Control-Allow-Origin: https://bricegauthieruzdi1.pages.dev
Access-Control-Allow-Credentials: true
Location: https://conceivedtowards.com/watch.245951566572.js?dev=e&key=3dc4ca87e07d09e08b5aa5d2105c033d&kw=%5B%5D&pst=1714833480&refer=https%3A%2F%2Fbricegauthieruzdi1.pages.dev%2F&res=14.2071&rmtc=t&shu=92cf317e639ee25781e8eb625451c80c55df3f2bac2a6fb660e2f13807db7e47d5f0010eca8b5ac14dc92475f6e0ff8a097623e84742329d06a4946968b044bf169fb3e5f42593a9b94b8e813c6280960dd030c81fae6e7d8e363b25f2&tz=0&uuid=bdfc0b4a-1be3-4c7a-8067-998a89bdf459%3A3%3A1
Set-Cookie: u_pl=17761257; expires=Sun, 05 May 2024 14:37:00 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzc2MTI1NywiayI6IjNkYzRjYTg3ZTA3ZDA5ZTA4YjVhYTVkMjEwNWMwMzNkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDEwODQ4LCJwaWQiOjQ2MTQ4NCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6InA0dmFnN3EwbSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2JyaWNlZ2F1dGhpZXJ1emRpMS5wYWdlcy5kZXYvIiwiYXIiOltdfX0.rw7j-e3BCtVcVw5GwxThCYFaqlbgfi1XVh5sbIrBmWA; expires=Sat, 04 May 2024 14:38:00 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8f5f0c428a498cc667516f69c43dd313
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| www.topcreativeformat.com/1f00c6b60ce46955dbdc5d473dcaea71/invoke.js | 192.243.61.225 | 200 OK | 12 kB |
URL GET HTTP/1.1www.topcreativeformat.com/1f00c6b60ce46955dbdc5d473dcaea71/invoke.js IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://bricegauthieruzdi1.pages.dev/ CertificateIssuerLet's Encrypt Subjecttopcreativeformat.com Fingerprint6D:98:D9:61:FC:CF:D9:8C:FE:5E:1C:15:5A:A5:F2:28:38:04:A4:A4 ValidityWed, 20 Mar 2024 07:51:41 GMT - Tue, 18 Jun 2024 07:51:40 GMT
File typeJavaScript source, ASCII text, with very long lines (31300), with no line terminators Hash4851e83157399478bb775f77d84cb8e4 fc9cddd3d97f830f9e50c22b4bc0e8a9af1a929e 4d00de372aa956cefc3cb96d922d953380dcb5649cfdb21592f7192f22720354
GET /1f00c6b60ce46955dbdc5d473dcaea71/invoke.js HTTP/1.1
Host: www.topcreativeformat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bricegauthieruzdi1.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 14:37:00 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8ac5dfd116d1291000a07fa565a547fd
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| conceivedtowards.com/watch.245951566572.js?dev=e&key=3dc4ca87e07d09e08b5aa5d2105c033d&kw=%5B%5D&pst=1714833480&refer=https%3A%2F%2Fbricegauthieruzdi1.pages.dev%2F&res=14.2071&rmtc=t&shu=92cf317e639ee25781e8eb625451c80c55df3f2bac2a6fb660e2f13807db7e47d5f0010eca8b5ac14dc92475f6e0ff8a097623e84742329d06a4946968b044bf169fb3e5f42593a9b94b8e813c6280960dd030c81fae6e7d8e363b25f2&tz=0&uuid=bdfc0b4a-1be3-4c7a-8067-998a89bdf459%3A3%3A1 | 192.243.59.13 | 200 OK | 2.0 kB |
URL GET HTTP/1.1conceivedtowards.com/watch.245951566572.js?dev=e&key=3dc4ca87e07d09e08b5aa5d2105c033d&kw=%5B%5D&pst=1714833480&refer=https%3A%2F%2Fbricegauthieruzdi1.pages.dev%2F&res=14.2071&rmtc=t&shu=92cf317e639ee25781e8eb625451c80c55df3f2bac2a6fb660e2f13807db7e47d5f0010eca8b5ac14dc92475f6e0ff8a097623e84742329d06a4946968b044bf169fb3e5f42593a9b94b8e813c6280960dd030c81fae6e7d8e363b25f2&tz=0&uuid=bdfc0b4a-1be3-4c7a-8067-998a89bdf459%3A3%3A1 IP192.243.59.13:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://bricegauthieruzdi1.pages.dev/ CertificateIssuerLet's Encrypt Subjectconceivedtowards.com Fingerprint7E:51:62:88:EF:9C:34:4E:AB:87:19:31:45:2C:B4:48:5F:E0:A7:6B ValidityMon, 29 Apr 2024 13:00:02 GMT - Sun, 28 Jul 2024 13:00:01 GMT
File typeJavaScript source, ASCII text, with very long lines (2446) Hashf71b0c348f0ea56a4d3dc1d871a6694b c09e771f7fdf2ebb80313ae09944dfb1efde8a5c afa9ee2dedd5f8e755bba101537263391e31f855a725e672e0e252d01910db1b
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /watch.245951566572.js?dev=e&key=3dc4ca87e07d09e08b5aa5d2105c033d&kw=%5B%5D&pst=1714833480&refer=https%3A%2F%2Fbricegauthieruzdi1.pages.dev%2F&res=14.2071&rmtc=t&shu=92cf317e639ee25781e8eb625451c80c55df3f2bac2a6fb660e2f13807db7e47d5f0010eca8b5ac14dc92475f6e0ff8a097623e84742329d06a4946968b044bf169fb3e5f42593a9b94b8e813c6280960dd030c81fae6e7d8e363b25f2&tz=0&uuid=bdfc0b4a-1be3-4c7a-8067-998a89bdf459%3A3%3A1 HTTP/1.1
Host: conceivedtowards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bricegauthieruzdi1.pages.dev
Referer: https://bricegauthieruzdi1.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: u_pl=17761257; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzc2MTI1NywiayI6IjNkYzRjYTg3ZTA3ZDA5ZTA4YjVhYTVkMjEwNWMwMzNkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDEwODQ4LCJwaWQiOjQ2MTQ4NCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6InA0dmFnN3EwbSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2JyaWNlZ2F1dGhpZXJ1emRpMS5wYWdlcy5kZXYvIiwiYXIiOltdfX0.rw7j-e3BCtVcVw5GwxThCYFaqlbgfi1XVh5sbIrBmWA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 14:37:00 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://bricegauthieruzdi1.pages.dev
Access-Control-Allow-Origin: https://bricegauthieruzdi1.pages.dev
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=bdfc0b4a-1be3-4c7a-8067-998a89bdf459:3:1; expires=Sat, 11 May 2024 14:37:00 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 05 May 2024 14:37:00 GMT; secure; SameSite=None
uncs=1; expires=Sun, 05 May 2024 14:37:00 GMT; secure; SameSite=None
pdhtkv5=true; expires=Sun, 05 May 2024 14:37:00 GMT; secure; SameSite=None
uncs5=1; expires=Sun, 05 May 2024 14:37:00 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a1e55cbd890b1cf3e8e35c29c9a45721
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| tse1.mm.bing.net/th?q= | 13.107.21.200 | 404 Not Found | 727 B |
IP13.107.21.200:443 ASN#8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://bricegauthieruzdi1.pages.dev/ CertificateIssuerMicrosoft Corporation Subjectwww.bing.com Fingerprint02:83:27:F9:50:D8:BE:B9:5E:DF:1A:4A:45:3B:6D:3C:BC:30:F2:58 ValidityWed, 01 May 2024 01:58:25 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, baseline, precision 8, 80x80, components 3 Hash5116706c119475f5ae2fc135c3358037 7e5bdf3585153e317ebef05a9b8241d311e44cb3 7edda2585f580c167fd4e3a6c162534548cda437f8bef67c544f3aa9c162a17c
GET /th?q= HTTP/1.1
Host: tse1.mm.bing.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bricegauthieruzdi1.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
cache-control: no-cache
pragma: no-cache
content-length: 727
expires: -1
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}&ndcParam=QUZE
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 295C5DCE63A74889A15D1BAD234B23AF Ref B: OSL30EDGE0112 Ref C: 2024-05-04T14:37:00Z
date: Sat, 04 May 2024 14:37:00 GMT
X-Firefox-Spdy: h2
|
|
| disclosestockingsprestigious.com/watch.860135578444.js?key=3dc4ca87e07d09e08b5aa5d2105c033d&kw=%5B%5D&refer=https%3A%2F%2Fbricegauthieruzdi1.pages.dev%2F&tz=0&dev=e&res=14.2071&uuid=bdfc0b4a-1be3-4c7a-8067-998a89bdf459%3A3%3A1 | 192.243.59.12 | 307 Temporary Redirect | 0 B |
URL GET HTTP/1.1disclosestockingsprestigious.com/watch.860135578444.js?key=3dc4ca87e07d09e08b5aa5d2105c033d&kw=%5B%5D&refer=https%3A%2F%2Fbricegauthieruzdi1.pages.dev%2F&tz=0&dev=e&res=14.2071&uuid=bdfc0b4a-1be3-4c7a-8067-998a89bdf459%3A3%3A1 IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://bricegauthieruzdi1.pages.dev/ CertificateIssuerLet's Encrypt Subjectdisclosestockingsprestigious.com Fingerprint20:72:8C:30:EF:A7:E9:42:F4:69:4D:6F:83:5A:F6:44:B2:14:1F:F6 ValidityMon, 29 Apr 2024 13:01:45 GMT - Sun, 28 Jul 2024 13:01:44 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /watch.860135578444.js?key=3dc4ca87e07d09e08b5aa5d2105c033d&kw=%5B%5D&refer=https%3A%2F%2Fbricegauthieruzdi1.pages.dev%2F&tz=0&dev=e&res=14.2071&uuid=bdfc0b4a-1be3-4c7a-8067-998a89bdf459%3A3%3A1 HTTP/1.1
Host: disclosestockingsprestigious.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bricegauthieruzdi1.pages.dev/
Origin: https://bricegauthieruzdi1.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sat, 04 May 2024 14:37:00 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://bricegauthieruzdi1.pages.dev
Access-Control-Allow-Origin: https://bricegauthieruzdi1.pages.dev
Access-Control-Allow-Credentials: true
Location: https://disclosestockingsprestigious.com/watch.860135578444.js?dev=e&key=3dc4ca87e07d09e08b5aa5d2105c033d&kw=%5B%5D&pst=1714833480&refer=https%3A%2F%2Fbricegauthieruzdi1.pages.dev%2F&res=14.2071&rmtc=t&shu=ada10c3fc97540007bec29bb4d047c559cfae7ebd0113c15256ad7b8edd4da8651885bdd12a912e84ad9523647e9086927049e4683ce310cd7652f4907331aadcd1b31348a6163c75f570cce6c8c96505fc553507a9a63474bce6ed4c8949c&tz=0&uuid=bdfc0b4a-1be3-4c7a-8067-998a89bdf459%3A3%3A1
Set-Cookie: u_pl=17761257; expires=Sun, 05 May 2024 14:37:00 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzc2MTI1NywiayI6IjNkYzRjYTg3ZTA3ZDA5ZTA4YjVhYTVkMjEwNWMwMzNkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDEwODQ4LCJwaWQiOjQ2MTQ4NCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6InA0dmFnN3EwbSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2JyaWNlZ2F1dGhpZXJ1emRpMS5wYWdlcy5kZXYvIiwiYXIiOltdfX0.rw7j-e3BCtVcVw5GwxThCYFaqlbgfi1XVh5sbIrBmWA; expires=Sat, 04 May 2024 14:38:00 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 45e024836bba8bc8453843439e33886a
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| suggestqueries.google.com/complete/search?jsonp=autoRelated&hl=en&client=firefox&q= | 142.250.74.142 | 200 OK | 527 B |
URL GET HTTP/2suggestqueries.google.com/complete/search?jsonp=autoRelated&hl=en&client=firefox&q= IP142.250.74.142:443
Requested byhttps://bricegauthieruzdi1.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File typeASCII text, with no line terminators Hashfdbaede1a8136a6bd589d54e2f69fff8 883905e057c9b758a95c9ece940d089e3af85e0a 5ffae3c0e627b6a2083d67639bfa32ecfe695671ee25f8e1315d2067a4e28df4
GET /complete/search?jsonp=autoRelated&hl=en&client=firefox&q= HTTP/1.1
Host: suggestqueries.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bricegauthieruzdi1.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 14:37:00 GMT
pragma: no-cache
expires: -1
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-fGqgqZsd1oOkT4AWsq7V8g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/fff
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/fff"}]}
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: gws
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| failpendingoppose.com/watch.898278062341.js?key=1f00c6b60ce46955dbdc5d473dcaea71&kw=%5B%5D&refer=https%3A%2F%2Fbricegauthieruzdi1.pages.dev%2F&tz=0&dev=e&res=14.2071&uuid=bdfc0b4a-1be3-4c7a-8067-998a89bdf459%3A3%3A1 | 172.240.127.234 | 307 Temporary Redirect | 0 B |
URL GET HTTP/1.1failpendingoppose.com/watch.898278062341.js?key=1f00c6b60ce46955dbdc5d473dcaea71&kw=%5B%5D&refer=https%3A%2F%2Fbricegauthieruzdi1.pages.dev%2F&tz=0&dev=e&res=14.2071&uuid=bdfc0b4a-1be3-4c7a-8067-998a89bdf459%3A3%3A1 IP172.240.127.234:443
Requested byhttps://bricegauthieruzdi1.pages.dev/ CertificateIssuerLet's Encrypt Subjectfailpendingoppose.com FingerprintEA:8D:0F:1C:ED:4F:51:92:B0:7F:A5:55:40:65:12:08:79:3C:74:C1 ValidityMon, 29 Apr 2024 08:07:14 GMT - Sun, 28 Jul 2024 08:07:13 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /watch.898278062341.js?key=1f00c6b60ce46955dbdc5d473dcaea71&kw=%5B%5D&refer=https%3A%2F%2Fbricegauthieruzdi1.pages.dev%2F&tz=0&dev=e&res=14.2071&uuid=bdfc0b4a-1be3-4c7a-8067-998a89bdf459%3A3%3A1 HTTP/1.1
Host: failpendingoppose.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bricegauthieruzdi1.pages.dev/
Origin: https://bricegauthieruzdi1.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Sat, 04 May 2024 14:37:01 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://bricegauthieruzdi1.pages.dev
Access-Control-Allow-Origin: https://bricegauthieruzdi1.pages.dev
Access-Control-Allow-Credentials: true
Location: https://failpendingoppose.com/watch.898278062341.js?dev=e&key=1f00c6b60ce46955dbdc5d473dcaea71&kw=%5B%5D&pst=1714833481&refer=https%3A%2F%2Fbricegauthieruzdi1.pages.dev%2F&res=14.2071&rmtc=t&shu=dc8af34a74c4208190f803ee102cda403deddf66f76677ba2f6fdfc6815276c35204e67328a06fee848fbf13cf1bdd4227ca9091ee52556195c063e16b8f5a5a211dabd937eb5ee75f95ddf1040f3f54e0d2e4a95c789c6de0b1188d92e8&tz=0&uuid=bdfc0b4a-1be3-4c7a-8067-998a89bdf459%3A3%3A1
Set-Cookie: u_pl=17761293; expires=Sun, 05 May 2024 14:37:01 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzc2MTI5MywiayI6IjFmMDBjNmI2MGNlNDY5NTVkYmRjNWQ0NzNkY2FlYTcxIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDEwODYyLCJwaWQiOjM5OTU3NSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6ImJ0cWthNWJmeiIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2JyaWNlZ2F1dGhpZXJ1emRpMS5wYWdlcy5kZXYvIiwiYXIiOltdfX0.mNPGM24ElDSlm4DtakCIeqyS1lXLEea5kVAc09o3rsg; expires=Sat, 04 May 2024 14:38:01 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 191269b7165e8b8d5ff39f8fe9485cff
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| disclosestockingsprestigious.com/watch.860135578444.js?dev=e&key=3dc4ca87e07d09e08b5aa5d2105c033d&kw=%5B%5D&pst=1714833480&refer=https%3A%2F%2Fbricegauthieruzdi1.pages.dev%2F&res=14.2071&rmtc=t&shu=ada10c3fc97540007bec29bb4d047c559cfae7ebd0113c15256ad7b8edd4da8651885bdd12a912e84ad9523647e9086927049e4683ce310cd7652f4907331aadcd1b31348a6163c75f570cce6c8c96505fc553507a9a63474bce6ed4c8949c&tz=0&uuid=bdfc0b4a-1be3-4c7a-8067-998a89bdf459%3A3%3A1 | 192.243.59.12 | 200 OK | 2.0 kB |
URL GET HTTP/1.1disclosestockingsprestigious.com/watch.860135578444.js?dev=e&key=3dc4ca87e07d09e08b5aa5d2105c033d&kw=%5B%5D&pst=1714833480&refer=https%3A%2F%2Fbricegauthieruzdi1.pages.dev%2F&res=14.2071&rmtc=t&shu=ada10c3fc97540007bec29bb4d047c559cfae7ebd0113c15256ad7b8edd4da8651885bdd12a912e84ad9523647e9086927049e4683ce310cd7652f4907331aadcd1b31348a6163c75f570cce6c8c96505fc553507a9a63474bce6ed4c8949c&tz=0&uuid=bdfc0b4a-1be3-4c7a-8067-998a89bdf459%3A3%3A1 IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://bricegauthieruzdi1.pages.dev/ CertificateIssuerLet's Encrypt Subjectdisclosestockingsprestigious.com Fingerprint20:72:8C:30:EF:A7:E9:42:F4:69:4D:6F:83:5A:F6:44:B2:14:1F:F6 ValidityMon, 29 Apr 2024 13:01:45 GMT - Sun, 28 Jul 2024 13:01:44 GMT
File typeJavaScript source, ASCII text, with very long lines (2492) Hash45b7ccc95349e0a14552afb93516e1eb 9d3c104b3737e9c3a383cbb13476f4c320464a5e 2868f75e0c69afc39c15bd9fb68308c81cdc8cf6588b5d2d973b761cfb7d1ef2
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /watch.860135578444.js?dev=e&key=3dc4ca87e07d09e08b5aa5d2105c033d&kw=%5B%5D&pst=1714833480&refer=https%3A%2F%2Fbricegauthieruzdi1.pages.dev%2F&res=14.2071&rmtc=t&shu=ada10c3fc97540007bec29bb4d047c559cfae7ebd0113c15256ad7b8edd4da8651885bdd12a912e84ad9523647e9086927049e4683ce310cd7652f4907331aadcd1b31348a6163c75f570cce6c8c96505fc553507a9a63474bce6ed4c8949c&tz=0&uuid=bdfc0b4a-1be3-4c7a-8067-998a89bdf459%3A3%3A1 HTTP/1.1
Host: disclosestockingsprestigious.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bricegauthieruzdi1.pages.dev
Referer: https://bricegauthieruzdi1.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: u_pl=17761257; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzc2MTI1NywiayI6IjNkYzRjYTg3ZTA3ZDA5ZTA4YjVhYTVkMjEwNWMwMzNkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDEwODQ4LCJwaWQiOjQ2MTQ4NCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6InA0dmFnN3EwbSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2JyaWNlZ2F1dGhpZXJ1emRpMS5wYWdlcy5kZXYvIiwiYXIiOltdfX0.rw7j-e3BCtVcVw5GwxThCYFaqlbgfi1XVh5sbIrBmWA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 14:37:01 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://bricegauthieruzdi1.pages.dev
Access-Control-Allow-Origin: https://bricegauthieruzdi1.pages.dev
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=bdfc0b4a-1be3-4c7a-8067-998a89bdf459:3:1; expires=Sat, 11 May 2024 14:37:01 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 05 May 2024 14:37:01 GMT; secure; SameSite=None
uncs=1; expires=Sun, 05 May 2024 14:37:01 GMT; secure; SameSite=None
pdhtkv5=true; expires=Sun, 05 May 2024 14:37:01 GMT; secure; SameSite=None
uncs5=1; expires=Sun, 05 May 2024 14:37:01 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d3da1138de3507829b06b65abdbaab99
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| cdn.cloudimagesb.com/cti/c5/42/45/c54245f4d3810d4d3ce60ca261d6646e/1708072465.png | 45.133.44.9 | 200 OK | 17 kB |
URL GET HTTP/2cdn.cloudimagesb.com/cti/c5/42/45/c54245f4d3810d4d3ce60ca261d6646e/1708072465.png IP45.133.44.9:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://bricegauthieruzdi1.pages.dev/ CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typePNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced Hashebb2d660b0d32a47cd086320e0e0d66f ccc3eb4da1eb64e5729f6174ebd3a1ecae2e9eca 7380162c7f0cb3143a8abce1404574da9ac0e0a42a33361df98e85a1ee4fdaad
GET /cti/c5/42/45/c54245f4d3810d4d3ce60ca261d6646e/1708072465.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 14:37:01 GMT
content-type: image/png
content-length: 17397
server: nginx/1.21.6
last-modified: Fri, 16 Feb 2024 08:34:33 GMT
etag: "65cf1e19-43f5"
expires: Mon, 06 May 2024 14:37:01 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| failpendingoppose.com/watch.898278062341.js?dev=e&key=1f00c6b60ce46955dbdc5d473dcaea71&kw=%5B%5D&pst=1714833481&refer=https%3A%2F%2Fbricegauthieruzdi1.pages.dev%2F&res=14.2071&rmtc=t&shu=dc8af34a74c4208190f803ee102cda403deddf66f76677ba2f6fdfc6815276c35204e67328a06fee848fbf13cf1bdd4227ca9091ee52556195c063e16b8f5a5a211dabd937eb5ee75f95ddf1040f3f54e0d2e4a95c789c6de0b1188d92e8&tz=0&uuid=bdfc0b4a-1be3-4c7a-8067-998a89bdf459%3A3%3A1 | 172.240.127.234 | 200 OK | 2.0 kB |
URL GET HTTP/1.1failpendingoppose.com/watch.898278062341.js?dev=e&key=1f00c6b60ce46955dbdc5d473dcaea71&kw=%5B%5D&pst=1714833481&refer=https%3A%2F%2Fbricegauthieruzdi1.pages.dev%2F&res=14.2071&rmtc=t&shu=dc8af34a74c4208190f803ee102cda403deddf66f76677ba2f6fdfc6815276c35204e67328a06fee848fbf13cf1bdd4227ca9091ee52556195c063e16b8f5a5a211dabd937eb5ee75f95ddf1040f3f54e0d2e4a95c789c6de0b1188d92e8&tz=0&uuid=bdfc0b4a-1be3-4c7a-8067-998a89bdf459%3A3%3A1 IP172.240.127.234:443
Requested byhttps://bricegauthieruzdi1.pages.dev/ CertificateIssuerLet's Encrypt Subjectfailpendingoppose.com FingerprintEA:8D:0F:1C:ED:4F:51:92:B0:7F:A5:55:40:65:12:08:79:3C:74:C1 ValidityMon, 29 Apr 2024 08:07:14 GMT - Sun, 28 Jul 2024 08:07:13 GMT
File typeJavaScript source, ASCII text, with very long lines (2431) Hashba1fcbe15197044d967f02359843c1f3 31f4dff25a50f15b10d1bd144f202b0058839580 1434ca7c443cee318bd2b878363d0c5c8ab40edc17f51deadc3a28e0b9f3ca54
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /watch.898278062341.js?dev=e&key=1f00c6b60ce46955dbdc5d473dcaea71&kw=%5B%5D&pst=1714833481&refer=https%3A%2F%2Fbricegauthieruzdi1.pages.dev%2F&res=14.2071&rmtc=t&shu=dc8af34a74c4208190f803ee102cda403deddf66f76677ba2f6fdfc6815276c35204e67328a06fee848fbf13cf1bdd4227ca9091ee52556195c063e16b8f5a5a211dabd937eb5ee75f95ddf1040f3f54e0d2e4a95c789c6de0b1188d92e8&tz=0&uuid=bdfc0b4a-1be3-4c7a-8067-998a89bdf459%3A3%3A1 HTTP/1.1
Host: failpendingoppose.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bricegauthieruzdi1.pages.dev
Referer: https://bricegauthieruzdi1.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: u_pl=17761293; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzc2MTI5MywiayI6IjFmMDBjNmI2MGNlNDY5NTVkYmRjNWQ0NzNkY2FlYTcxIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDEwODYyLCJwaWQiOjM5OTU3NSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6ImJ0cWthNWJmeiIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2JyaWNlZ2F1dGhpZXJ1emRpMS5wYWdlcy5kZXYvIiwiYXIiOltdfX0.mNPGM24ElDSlm4DtakCIeqyS1lXLEea5kVAc09o3rsg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 14:37:01 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://bricegauthieruzdi1.pages.dev
Access-Control-Allow-Origin: https://bricegauthieruzdi1.pages.dev
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=bdfc0b4a-1be3-4c7a-8067-998a89bdf459:3:1; expires=Sat, 11 May 2024 14:37:01 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 05 May 2024 14:37:01 GMT; secure; SameSite=None
uncs=1; expires=Sun, 05 May 2024 14:37:01 GMT; secure; SameSite=None
pdhtkv5=true; expires=Sun, 05 May 2024 14:37:01 GMT; secure; SameSite=None
uncs5=1; expires=Sun, 05 May 2024 14:37:01 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3e6f3e71dcd15c8abb009d8fe986e296
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| cdn.cloudimagesb.com/cti/bb/ad/e5/bbade5cfcc3e33290c926b47a29f10ef/1707727941.png | 45.133.44.9 | 200 OK | 79 kB |
URL GET HTTP/2cdn.cloudimagesb.com/cti/bb/ad/e5/bbade5cfcc3e33290c926b47a29f10ef/1707727941.png IP45.133.44.9:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://bricegauthieruzdi1.pages.dev/ CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typePNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced Hashf6e4959e9da97ab3696e321e8e4516f7 82fb8d27a4180131dc17c389ffa23f0effffc9a1 d93a1fa2b40ec721a3addcd7f332c02e09d9d1d622e2ad7a5f9f4467686f2959
GET /cti/bb/ad/e5/bbade5cfcc3e33290c926b47a29f10ef/1707727941.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 14:37:01 GMT
content-type: image/png
content-length: 78975
server: nginx/1.21.6
last-modified: Mon, 12 Feb 2024 08:52:30 GMT
etag: "65c9dc4e-1347f"
expires: Mon, 06 May 2024 14:37:01 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cdn.cloudimagesb.com/cti/a6/98/59/a69859f4eba916402d687172cccc4814/1708072295.png | 45.133.44.9 | 200 OK | 73 kB |
URL GET HTTP/2cdn.cloudimagesb.com/cti/a6/98/59/a69859f4eba916402d687172cccc4814/1708072295.png IP45.133.44.9:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://bricegauthieruzdi1.pages.dev/ CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typePNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced Hash967ccbf525790b3d6e9ca46b436acef7 0351b0b4fab8bc70e1bce3872bc538fc976a7b44 1698a3cc4a295999590b0dd32fb7d21426a94d2578d3d9ebffa4b1b788aca43a
GET /cti/a6/98/59/a69859f4eba916402d687172cccc4814/1708072295.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 14:37:01 GMT
content-type: image/png
content-length: 73016
server: nginx/1.21.6
last-modified: Fri, 16 Feb 2024 08:31:43 GMT
etag: "65cf1d6f-11d38"
expires: Mon, 06 May 2024 14:37:01 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| shayscholz.blogspot.com/favicon.ico | 216.58.207.193 | | 412 B |
URL GET shayscholz.blogspot.com/favicon.ico IP216.58.207.193:0
Requested byhttps://bricegauthieruzdi1.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectmisc-sni.blogspot.com FingerprintC4:7D:61:88:AB:F1:15:A1:36:2A:68:39:51:62:46:00:23:6D:39:00 ValidityTue, 16 Apr 2024 03:45:20 GMT - Tue, 09 Jul 2024 03:45:19 GMT
File typeMS Windows icon resource - 2 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel Hash59a0c7b6e4848ccdabcea0636efda02b 30ef5c54b8bbc3487ea2b4c45cd11ea2932e4340 a1495da3cf3db37bf105a12658636ff628fee7b73975b9200049af7747e60b1f
GET /favicon.ico HTTP/1.1
Host: shayscholz.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bricegauthieruzdi1.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/x-icon
expires: Sat, 04 May 2024 14:37:01 GMT
date: Sat, 04 May 2024 14:37:01 GMT
cache-control: private, max-age=86400
last-modified: Fri, 08 Mar 2024 19:12:27 GMT
etag: W/"53e1bb00e6929e879a040ee00d8ddd9c6a9b1f6c6c79cd1077a9390901619218"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 412
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ads.bisniskini.biz.id/get/site/js/9049b3a33fc36afe5806bf92a1b0bc1f | 104.21.86.41 | 200 OK | 292 B |
URL GET HTTP/2ads.bisniskini.biz.id/get/site/js/9049b3a33fc36afe5806bf92a1b0bc1f IP104.21.86.41:443
Requested byhttps://bricegauthieruzdi1.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectbisniskini.biz.id FingerprintCB:C5:50:71:58:97:D7:6D:B9:8F:63:0E:B9:30:B7:87:1D:05:E2:5A ValiditySun, 14 Apr 2024 15:48:05 GMT - Sat, 13 Jul 2024 15:48:04 GMT
File typeASCII text, with very long lines (322), with no line terminators Hashb46491487b041497fbac58f26d655e90 4b78053eb393eeb64df4da5cf4426e45e3a80bc7 65b4b67308bfe8f49ac80fab447934a007a1120bcf1b9004533310a7d484668b
GET /get/site/js/9049b3a33fc36afe5806bf92a1b0bc1f HTTP/1.1
Host: ads.bisniskini.biz.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bricegauthieruzdi1.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 14:36:59 GMT
content-type: application/javascript
set-cookie: PHPSESSID=fhq4ffi716pldbln4967ftf1rb; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ACD7dE6OI9xL5E0FwI3Mn%2FChhvQZL6m2nL%2Fs5Yn44kx1aK54HdkR%2BaFrdeApw44eCu0Ao7c3YLoW2tRy3n64V87i6jZJBKGQKq2JJ20mEKucuUfGLA%2FJJSsmo3aSaGJqUo%2Fja%2BHW5uQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e939e3be8a5695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|