Report - ila.jswords.xyz/

Report Overview

Visited public
2023-10-17 20:46:25
Tags
URL
ila.jswords.xyz/
Finishing URL
ila.jswords.xyz/
IP / ASN
129.213.82.186
#31898 ORACLE-BMC-31898
Title
Shadow Browser

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
offerimage.com	304078	2019-06-10	2019-06-10 13:11:53	2023-10-16 18:47:56	459 B	66 kB	104.22.32.172
interstitial-07.com	36198	2017-03-08	2017-03-09 01:00:07	2023-09-17 10:10:48	6.1 kB	234 kB	139.45.197.154
fundingchoicesmessages.google.com	2397	1997-09-15	2019-01-16 16:59:52	2023-10-17 18:12:19	440 B	22 kB	216.58.211.14
unpkg.com	11693	2016-01-06	2016-01-08 00:26:01	2023-10-17 18:15:18	437 B	231 kB	104.16.122.175
cdn.jsdelivr.net	439	2012-05-16	2012-09-30 02:15:09	2023-10-17 18:13:40	428 B	3.8 kB	151.101.193.229
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-10-17 18:11:52	3.4 kB	426 kB	216.58.207.227
gloaphoo.net	unknown	2022-09-09	2022-09-10 14:44:27	2023-10-16 18:47:55	3.3 kB	369 kB	139.45.197.239
ocsp.sectigo.com	487	2018-08-16	2019-11-29 12:50:24	2023-10-17 18:11:48	330 B	963 B	104.18.15.101
static.arc.io	40777	2013-02-28	2019-03-22 19:09:32	2023-10-17 19:36:25	7.8 kB	4.8 MB	194.242.11.186
region1.analytics.google.com	unknown	1997-09-15	2022-03-17 12:26:33	2023-10-17 18:11:31	1.3 kB	892 B	216.239.32.36
warden.arc.io	36855	2013-02-28	2019-12-05 12:59:40	2023-10-17 14:50:18	517 B	217 B	18.223.141.84
fz3dyeyxmebszwhuiky7vggmsu0rlkoy.lambda-url.us-west-2.on.aws	unknown	2021-09-29	2023-10-13 04:50:33	2023-10-17 14:50:19	966 B	1.5 kB	44.234.247.246
l1s.saturn.ms	unknown	2023-03-09	2023-05-10 21:27:49	2023-10-17 20:48:38	2.2 kB	513 kB	95.164.38.93
ocsp.pki.goog	175	2016-06-13	2018-07-01 08:43:07	2023-10-17 17:39:04	3.7 kB	7.7 kB	142.250.74.131
arc.io	21731	2013-02-28	2017-03-05 07:00:03	2023-10-17 19:36:21	794 B	12 kB	54.230.111.25
my.rtmark.net	9054	2014-10-29	2015-02-04 10:54:57	2023-10-17 18:18:18	1.5 kB	2.2 kB	139.45.195.8
ipfs.io	41400	2014-05-16	2015-09-09 06:41:36	2023-10-17 13:13:43	496 B	7.3 kB	209.94.90.1
cids.arc.io	unknown	2013-02-28	2023-05-09 09:40:23	2023-10-17 14:50:19	854 B	15 kB	194.242.11.186
socket.arc.io	49061	2013-02-28	2020-10-28 08:25:40	2023-10-17 14:50:19	586 B	0 B	0.0.0.0
www.google.no	25607	2001-02-26	2016-04-05 21:50:59	2023-10-17 18:12:09	525 B	580 B	142.250.74.163
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17 22:46:33	2023-10-17 18:11:24	4.1 kB	514 kB	104.17.25.14
tzegilo.com	unknown	2022-01-14	2022-01-14 16:27:15	2023-10-16 19:35:18	400 B	20 kB	104.21.6.68
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-10-17 18:11:52	1.8 kB	360 kB	142.250.74.168
ocsp.r2m02.amazontrust.com	unknown	2007-05-11	2022-10-12 16:01:39	2023-10-17 18:12:13	340 B	942 B	54.230.80.227
browser.sentry-cdn.com	4393	2018-05-30	2018-07-13 13:42:06	2023-10-17 18:13:18	902 B	42 kB	151.101.2.217
fleraprt.com	unknown	2022-01-14	2022-01-14 23:55:14	2023-10-16 19:35:19	529 B	483 B	139.45.195.254
twb3qukm2i654i3tnvx36char40aymqq.lambda-url.us-west-2.on.aws	unknown	2021-09-29	2022-09-16 08:50:10	2023-10-17 14:50:26	1.1 kB	772 B	54.68.68.86
tracker.arc.io	53912	2013-02-28	2019-04-24 21:36:18	2023-10-17 14:50:18	422 B	0 B	0.0.0.0
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-10-17 18:12:01	1.9 kB	152 kB	142.250.74.106
core.arc.io	60825	2013-02-28	2019-03-22 19:09:39	2023-10-17 14:50:17	520 B	36 kB	194.242.11.186
ila.jswords.xyz	unknown	2023-04-21	2023-08-08 21:20:24	2023-10-17 22:45:57	16 kB	513 kB	129.213.82.186
ophoacit.com	unknown	2022-07-08	2022-07-28 17:22:31	2023-10-17 09:50:52	5.4 kB	161 kB	139.45.197.242
ocsp.r2m01.amazontrust.com	unknown	2007-05-11	2022-10-12 22:43:53	2023-10-17 18:11:48	340 B	942 B	54.230.80.227
afsocse35xksgf3rwwqpkzhzsi0ftpck.lambda-url.us-west-2.on.aws	unknown	2021-09-29	2022-07-22 02:55:39	2023-10-16 16:14:18	529 B	381 B	44.240.81.160
tkr.arc.io	44376	2013-02-28	2021-06-25 14:12:42	2023-10-17 19:36:25	547 B	0 B	0.0.0.0

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-10-17 20:46:07	medium	Client IP	Internal IP	ET INFO Peer-to-Peer File Sharing Service Domain in DNS Lookup (ipfs .io)
2023-10-17 20:46:07	medium	Client IP	Internal IP	ET INFO Peer-to-Peer File Sharing Service Domain in DNS Lookup (ipfs .io)
2023-10-17 20:46:07	medium	Client IP	209.94.90.1	ET INFO Observed Peer-to-Peer File Sharing Service Domain (ipfs .io in TLS SNI)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-10-17	medium	ophoacit.com	Sinkholed
2023-10-17	medium	gloaphoo.net	Sinkholed
2023-10-17	medium	ophoacit.com	Sinkholed
2023-10-17	medium	fleraprt.com	Sinkholed
2023-10-17	medium	ophoacit.com	Sinkholed
2023-10-17	medium	gloaphoo.net	Sinkholed
2023-10-17	medium	gloaphoo.net	Sinkholed
2023-10-17	medium	gloaphoo.net	Sinkholed
2023-10-17	medium	ophoacit.com	Sinkholed
2023-10-17	medium	ophoacit.com	Sinkholed
2023-10-17	medium	ophoacit.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (45)

	URL	From	Size	First Seen	Last Seen
	unknown	Function	37 B	2023-04-11	2025-05-09
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:31 Last Seen2025-05-09 11:10 Times Seen263341 Hash 29d0c84b9d1d8da446a6062c6a840ad9 6d6b3a6065667c7c50d92f3889c85ed65a9ad784 3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1 Loading...

	unpkg.com/@filecoin-saturn/js-client@0.3.0/dist/strn.min.js	ScriptElement	230 kB	2023-10-13	2024-08-21
Pretty URL unpkg.com/@filecoin-saturn/js-client@0.3.0/dist/strn.min.js IP 104.16.122.175 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-13 20:11 Last Seen2024-08-21 04:49 Times Seen173 Hash e1474ba6630e54bb4feb5bb9a7aeaaf0 27f6ad42ded2ad63ca8546ba75a305a05cd2aec9 e8f5344e50a91f1c955e60756b01cd43a0023f800fe956e2b920131df2fd558d Loading...

	tzegilo.com/stattag.js	ScriptElement	19 kB	2023-09-07	2024-08-21
Pretty URL tzegilo.com/stattag.js IP 104.21.6.68 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-07 20:07 Last Seen2024-08-21 07:20 Times Seen2395 Hash 89e89aea544ea2785d49cc4cd9cf26f6 7d53437a89eb9861038ee27a8ff0e3bb70fa2a0b 86da38693fcea056d36588a4146e85392f784c457511de416fec32034aafa4f9 Loading...

	static.arc.io/widget/js/vendors~widget-ui.js?c9b0de53	ScriptElement	96 kB	2023-04-11	2024-08-21
Pretty URL static.arc.io/widget/js/vendors~widget-ui.js?c9b0de53 IP 194.242.11.186 ASN #34989 ServeTheWorld AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 22:59 Last Seen2024-08-21 09:43 Times Seen1413 Hash de8ab4879bd77ebe629c721339d42f65 fdb117223b56b52fc13256fa0288723785631d2a 7a4a51ab0b9301083e145526762d065e622a0ec8cfb5a866cd6b20c87087ff08 Loading...

	ila.jswords.xyz/settings/js/themes.js	ScriptElement	3.0 kB	2023-10-17	2024-08-29
Pretty URL ila.jswords.xyz/settings/js/themes.js IP 129.213.82.186 ASN #31898 ORACLE-BMC-31898 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-17 22:46 Last Seen2024-08-29 17:35 Times Seen37 Hash 347554b4e8b1e26d470f48337e9254ef 9f28939687bd6dd0bedf67b757b50c5595b5be7e b0bad635d8f11c85a8934bd69da460fc9d81526d477596a554b12c41d76f0763 Loading...

	ila.jswords.xyz/uv/uv.config.js	ScriptElement	298 B	2023-10-17	2024-08-29
Pretty URL ila.jswords.xyz/uv/uv.config.js IP 129.213.82.186 ASN #31898 ORACLE-BMC-31898 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-17 22:46 Last Seen2024-08-29 17:35 Times Seen36 Hash 4039930f4a0584461919811990c491cd bab13d7930e20f974a30b3ae857d381ae24b844d bf83978647efcd2a3dbf8d0fa9257c5b18e3b6b4f45d233d119976a269132707 Loading...

	browser.sentry-cdn.com/6.2.2/bundle.min.js	ScriptElement	67 kB	2023-03-07	2025-03-19
Pretty URL browser.sentry-cdn.com/6.2.2/bundle.min.js IP 151.101.2.217 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17 Last Seen2025-03-19 04:53 Times Seen1420 Hash 1112a55739f24ef7add32867ae13bc72 62b95d703a81e23f0c37e504c2dca4a341cb467f e593e95cfe0f3335088d5643951e90c8b4b3a4dfbe773614bb0070d544edb02e Loading...

	static.arc.io/widget/js/vendors~widget-sc-client.js?35fccb86	ScriptElement	61 kB	2023-05-04	2024-08-21
Pretty URL static.arc.io/widget/js/vendors~widget-sc-client.js?35fccb86 IP 194.242.11.186 ASN #34989 ServeTheWorld AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-04 07:48 Last Seen2024-08-21 09:43 Times Seen1377 Hash 1bfa017c8b068bd2857ce731fa38ab1d 583885e7d50ef1e7ee5499c98263e43c70c5b6bb 31501078b411835882c834ed620bebe77a2b8ff3664514358cda957fba8c247d Loading...

	static.arc.io/broker/js/chunk-vendors.5e1d8045.js	ScriptElement	50 kB	2023-04-28	2024-08-21
Pretty URL static.arc.io/broker/js/chunk-vendors.5e1d8045.js IP 194.242.11.186 ASN #34989 ServeTheWorld AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-28 14:52 Last Seen2024-08-21 09:43 Times Seen1418 Hash c78a505ea0c6b4622562567efbbeb847 dba9a0f392ea8b9834c424d854553050b9ffebb8 c4553db9c6f8ac8363f52730234c6e6978828fd5638df4d0dbcfd8bec71a08ca Loading...

	static.arc.io/widget/js/chunk-2d2088b3.js?85cee77e	ScriptElement	6.7 kB	2023-10-13	2024-08-21
Pretty URL static.arc.io/widget/js/chunk-2d2088b3.js?85cee77e IP 194.242.11.186 ASN #34989 ServeTheWorld AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-13 20:11 Last Seen2024-08-21 04:49 Times Seen93 Hash 52e5e8e21557810a0f270dfe332c0386 76835311d6f256a0f71dd93c5c02e7ba9d7872c9 c3c5bbc21f04c40eb6ca9210b23d22596c6d065e7ca6f4495e1704ccf92f2a80 Loading...

	ila.jswords.xyz/	ScriptElement	141 B	2023-10-17	2024-08-29
Pretty URL ila.jswords.xyz/ IP 129.213.82.186 ASN #31898 ORACLE-BMC-31898 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-17 22:46 Last Seen2024-08-29 17:35 Times Seen37 Hash 66b66370ad97ebc027087ae02e688fb5 9ffb6b3ad10cc1c34eb0097a2667aa59988ec9bf 893476bd8a66297b5576cda746b60919f847a1409d2d9d8905025e97437013d2 Loading...

	ila.jswords.xyz/	ScriptElement	59 kB	2023-10-17	2024-08-21
Pretty URL ila.jswords.xyz/ IP 129.213.82.186 ASN #31898 ORACLE-BMC-31898 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-17 22:46 Last Seen2024-08-21 04:19 Times Seen11 Hash 6edc6deb5738ca65ce339a19946d518a e75b3c71fcf24168ecfd48bd42886cd699c067a0 4f32a02cb6e9247b04bf92e040b5ac5e439dbe4cc8b59d15fd64a8bb5a080586 Loading...

	ophoacit.com/27/6bb872d7a3a0718b6120c3e523394afb	ScriptElement	412 kB	2023-10-06	2023-10-19
Pretty URL ophoacit.com/27/6bb872d7a3a0718b6120c3e523394afb IP 139.45.197.242 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-06 02:11 Last Seen2023-10-19 10:37 Times Seen166 Hash 6ba43c29abf74bdf200cd22dc9e4034f 1410370dcee62ff650e11d2e20e134d9bf41a1f1 039d49206b2255cd6257a88545684fbcfd9bbfd751a491554c4b8ecda8812cb4 Loading...

	ila.jswords.xyz/options.js	ScriptElement	2.6 kB	2023-10-17	2024-08-21
Pretty URL ila.jswords.xyz/options.js IP 129.213.82.186 ASN #31898 ORACLE-BMC-31898 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-17 22:46 Last Seen2024-08-21 04:19 Times Seen11 Hash c63690de91b74b83b64a34ed229bd538 2df315b2d1c7fff29fecda11393522f75c1feb8a d8b76bc5a0d97aae53d1d62e5e4cd03db9baab4e1e59280693ee1b3c4ce114c8 Loading...

	ila.jswords.xyz/	ScriptElement	232 B	2023-10-17	2024-08-21
Pretty URL ila.jswords.xyz/ IP 129.213.82.186 ASN #31898 ORACLE-BMC-31898 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-17 22:46 Last Seen2024-08-21 04:19 Times Seen11 Hash 86fd68e63c36d7dc4517d69b5d997218 cd61575d919338cb63aec623f22c735806bf9c48 be2b2d3a797350a58a8ed0fd6a94a86fa6ed1a119e258fb17e47addc15a48ac7 Loading...

	ila.jswords.xyz/register-sw.js	ScriptElement	699 B	2023-10-17	2024-08-29
Pretty URL ila.jswords.xyz/register-sw.js IP 129.213.82.186 ASN #31898 ORACLE-BMC-31898 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-17 22:46 Last Seen2024-08-29 17:35 Times Seen36 Hash dbfceee9fbe9541ee5e7fb7bae771db7 a220ac0abae9b850fd168851204295f084631748 b5fdef9f51bdb9b56e7f4e7749d77bcb6597a0301ead564c6ba9b4a016ac1a1e Loading...

	fundingchoicesmessages.google.com/i/pub-5756835229788588?ers=1	ScriptElement	20 kB	2023-10-16	2024-08-21
Pretty URL fundingchoicesmessages.google.com/i/pub-5756835229788588?ers=1 IP 216.58.211.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-16 21:39 Last Seen2024-08-21 04:29 Times Seen10 Hash 2c132d355c78cf200867abd35181e3a2 be66d7b60af7e6f90568b39f4f511d9e92f8ad0b 4dc499b26f68e4b89e16f0d8b28f43fc7b7e7fd9b92e067558af0491e41543c4 Loading...

	static.arc.io/broker/js/lazy-modules.a169b1ec.js	ScriptElement	47 kB	2023-05-06	2024-08-21
Pretty URL static.arc.io/broker/js/lazy-modules.a169b1ec.js IP 194.242.11.186 ASN #34989 ServeTheWorld AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-06 06:49 Last Seen2024-08-21 09:43 Times Seen1421 Hash d03c11be3537746519138d1fe06bd033 c915eed8fafdd69b7c2d6f28c5cb0d3f031888f7 2d69a91e3b105d9ced4a5c0244a9dc3905f8eb061e72cb5518db5ef6d0d0635d Loading...

	static.arc.io/widget/js/chunk-2d0cf2b3.js?d98d2542	ScriptElement	3.1 MB	2023-04-30	2024-08-21
Pretty URL static.arc.io/widget/js/chunk-2d0cf2b3.js?d98d2542 IP 194.242.11.186 ASN #34989 ServeTheWorld AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-30 23:43 Last Seen2024-08-21 09:43 Times Seen1371 Hash 3e9a577ca6bcba5cdf18d0dafd192870 818f781f98c3af488623340abbc297b4d7f41ae7 d5f83459cd7022769a57a436f24ed1540369eec2ebbec331275d46d8cfbea98c Loading...

	www.googletagmanager.com/gtag/js?id=G-NCTSG4T1B6	ScriptElement	281 kB	2023-10-17	2023-10-17
Pretty URL www.googletagmanager.com/gtag/js?id=G-NCTSG4T1B6 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-17 22:46 Last Seen2023-10-17 22:46 Times Seen1 Hash e237b1cd2311faaa915e006dbe75262f 79366f73755c65319291ecb84f712e71fd867178 5310c0c9cfb2e3c28fb63071902d73aef169c61bbc92a57832048061e92da648 Loading...

	arc.io/widget.min.js#eRPHFgiC	ScriptElement	7.6 kB	2023-10-13	2023-10-24
Pretty URL arc.io/widget.min.js#eRPHFgiC IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-13 20:11 Last Seen2023-10-24 01:31 Times Seen100 Hash bd9b6eaf2c54baf6f25a10b275239800 c7587880f2ad1f4c9990fd762df7ecf36a08f6df 87e16c394f1b529c12a8bdcf940d59c45cff44b81c3527594cad64410d9388d5 Loading...

	static.arc.io/widget/js/widget-sc-client.js?197dbd2e	ScriptElement	3.2 kB	2023-04-11	2024-08-21
Pretty URL static.arc.io/widget/js/widget-sc-client.js?197dbd2e IP 194.242.11.186 ASN #34989 ServeTheWorld AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 07:45 Last Seen2024-08-21 09:43 Times Seen1380 Hash 00fc1f9530439ec3d2415f9420e814d7 a8c010900e6ae4e49cbd26ffcd0de6f16ab67258 3465ab3f72d4c3ddc2943112cabd7d5bf5faec502ce18319571234957329a1b0 Loading...

	ila.jswords.xyz/tab.js	ScriptElement	16 kB	2023-10-17	2024-08-21
Pretty URL ila.jswords.xyz/tab.js IP 129.213.82.186 ASN #31898 ORACLE-BMC-31898 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-17 22:46 Last Seen2024-08-21 04:19 Times Seen11 Hash b5a1d8b482209e5de6b1c05a321cece5 85e5b6f32ea2444d4a4d8f8e862c66587a646a6a 4e0824222b2a7f91f31db14944401af00f5f22415e8b1f678b12812704bbd204 Loading...

	ila.jswords.xyz/	ScriptElement	236 B	2023-10-17	2024-08-21
Pretty URL ila.jswords.xyz/ IP 129.213.82.186 ASN #31898 ORACLE-BMC-31898 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-17 22:46 Last Seen2024-08-21 04:19 Times Seen11 Hash d6b705a04fd28cb512a7c613472ab395 ec131beb7ac524678c2a35478092c347a67aef86 b40c732bda3b9f40098f8e5e442b677bb5f18486feb83711ba56faa6fcabae90 Loading...

	ophoacit.com/1?z=6211840	ScriptElement	43 kB	2024-08-21	2024-08-21
Pretty URL ophoacit.com/1?z=6211840 IP 139.45.197.242 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-21 04:19 Last Seen2024-08-21 04:19 Times Seen1 Hash 9ef8540aee02957af9f855f05c92c11a 7aa990dc1cf2f0ba96f1fa34dbcd0c800a113369 0e75ca2c515418d7ec052ab93ea20e14c6c4494a725eb97e1ac63689e2e2ed57 Loading...

	core.arc.io/broker.html?944baab	ScriptElement	326 B	2023-04-05	2025-03-24
Pretty URL core.arc.io/broker.html?944baab IP 194.242.11.186 ASN #34989 ServeTheWorld AS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 06:29 Last Seen2025-03-24 23:46 Times Seen1515 Hash adf0bf30eb7db2ba8c08216ead395fac 54bd0ac302fdea9c391fb0e8aef1c20856fa47e9 2a7e220f5f3009d04fb9aa648e718af043672776c1c3139fee540933a323a38a Loading...

	ila.jswords.xyz/	ScriptElement	2.4 kB	2023-10-17	2024-08-21
Pretty URL ila.jswords.xyz/ IP 129.213.82.186 ASN #31898 ORACLE-BMC-31898 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-17 22:46 Last Seen2024-08-21 04:19 Times Seen10 Hash bc49d9139a3ec9afa7bf215fc6bc7514 6e40847705626093c544504e92c5011984133786 099af38589fce611b3ca8d64f45b6bdb3713bd9cbf492ff836c74e558d1a0279 Loading...

	ila.jswords.xyz/search.js	ScriptElement	634 B	2023-10-17	2023-12-02
Pretty URL ila.jswords.xyz/search.js IP 129.213.82.186 ASN #31898 ORACLE-BMC-31898 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-17 22:46 Last Seen2023-12-02 06:50 Times Seen11 Hash 6b0c4bde5ddd22ac5897889c283a22ef 07bb2aa166ebc1d3cbaf653824cdbb3e9bc680ec d5ac20ae9f32f37ed2b361331d65db05fd4266d9e22ddfa7d92117f3f9a8c8b8 Loading...

	static.arc.io/widget/js/core.js?944baab	ScriptElement	318 kB	2023-10-13	2023-10-24
Pretty URL static.arc.io/widget/js/core.js?944baab IP 194.242.11.186 ASN #34989 ServeTheWorld AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-13 20:11 Last Seen2023-10-24 01:31 Times Seen95 Hash d808c536efcdf8033cd54592b56c9536 fe570e848fae2faa7dee22492f19982499b682bd ab03c2b3acfd06b0b968bcc406c5c38f2dc0022db3785835af93cf6daad5ea4e Loading...

	static.arc.io/widget/js/widget-ui.js?c1390517	ScriptElement	42 kB	2023-10-13	2024-08-21
Pretty URL static.arc.io/widget/js/widget-ui.js?c1390517 IP 194.242.11.186 ASN #34989 ServeTheWorld AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-13 20:11 Last Seen2024-08-21 04:49 Times Seen180 Hash 992480bbfce7eefd73a1b43fd7e3bdec 3fba155916f4ffd519df2ae957bbb85558e184fa a366c96359ab19c42a4c50e436c30fa0b53aa7832220f65a8ca49c5b56627691 Loading...

	ila.jswords.xyz/uv/uv.bundle.js	ScriptElement	674 kB	2023-10-17	2024-09-19
Pretty URL ila.jswords.xyz/uv/uv.bundle.js IP 129.213.82.186 ASN #31898 ORACLE-BMC-31898 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-17 22:46 Last Seen2024-09-19 20:14 Times Seen37 Hash 4474857294352447e75928d902bbfda4 bd6b4ac6185bcb3a8716e08af9cedf460f8644ab b226b199ad4e04570aab93f2e964afda3936c47fec41a77aec254ce26ec1154a Loading...

	ila.jswords.xyz/	ScriptElement	395 B	2023-10-17	2024-08-21
Pretty URL ila.jswords.xyz/ IP 129.213.82.186 ASN #31898 ORACLE-BMC-31898 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-17 22:46 Last Seen2024-08-21 04:19 Times Seen11 Hash ba9222c936d552b7bf43f6325dd7e1cf 7618c873d2bab1cb3cb889697e90ac79654d6b3f 2a116ab14e2d5b51dd82e0b0127d840a718e71f1335b7062519e3f05fc0d06d4 Loading...

	interstitial-07.com/?l=ioqJg0I7Fg1lQjz&cd_meta_crid=50538&trkintimp&target_url=https%3A%2F%2Fophoacit.com%2F12%3Frnd%3D1517656814%26z%3D6211840%26b%3D15936367%26c%3D6377955%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Fbeesy.pro%253Fzoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%2526country%253D%257Bcountry%257D%2526browser%253D%257Bbrowser%257D%2526campaignid%253D%257Bcampaignid%257D%2526cost%253D%257Bcost%257D%2526clickid%253D%2524%257BSUBID%257D%26cln%3D1%26btp%3D7%26rb%3DJ1qT23D052OEeCjp3EOTs4f5FNmOOtlBp1fdrFRFj0AAzwBvSInI7iqjv0vu9jLGhH24rEVAYcmqdnHYyLQIuUA189vSrvwwVuBNLxWcQbU60wLFEyhu-08_B_VpOVevylHU7fl1SVCxcvTvN2-9GJrK3FJ7CzHAHkljPxkXT1uxTrT6ilDEwDJ9OPiUUJpEXvS2D65rkjghDN2GiQmGV1wcpNlsvrzSU49xqWyKbUakfFeDzRCCq8bigIbzkahiCD6Ycpe9PfZDqO9Tn-n4AIbfv2wfMfxVzGSM2jrK_XA8h6oTj8CquOKZG6As-UPveLY9a1HslUN5Yr44vYP6xbissNKudqLV8hmP-Uvi9Eo-aEauk3A8Yj9MYR_CG7TpMcI8-p-mB-ypK6yvFXtQzqtUD15xQ1VZBur76vo6S5OWz3f7H0HdLX9A80xm5qzKTXdKiTwQtqsk46HEBirD0_7oXBVxNGc9EbP2ZrdVPFIBtRLLgiBolp6fxC0erin0qAKDP4Vgpy2BHYQsncCICoyvhjnuafX-KCe3Js71lKqtyCyt96D0yLOSCUwl6OAwRXK7EjW5cu5-wtd3C5S2IVG1Hcb0pxoAeXHqgmh1FrUew0itLCVWKMp6yHbRquPWyMQycI5AU24edybOe_Oj2Oo-kMFZbSyFP9QlKA%3D%3D%26bag%3DKh3ZNesuHwchFbOw831bEA%3D%3D%26ruid%3D800af5d8-67bf-47df-abe6-2a398d5abaf2%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D5%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fila.jswords.xyz%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D1024%26wfc%3D2%26sah%3D1024%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0	ScriptElement	0 B	0001-01-01	2025-05-09
Pretty URL interstitial-07.com/?l=ioqJg0I7Fg1lQjz&cd_meta_crid=50538&trkintimp&target_url=https%3A%2F%2Fophoacit.com%2F12%3Frnd%3D1517656814%26z%3D6211840%26b%3D15936367%26c%3D6377955%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Fbeesy.pro%253Fzoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%2526country%253D%257Bcountry%257D%2526browser%253D%257Bbrowser%257D%2526campaignid%253D%257Bcampaignid%257D%2526cost%253D%257Bcost%257D%2526clickid%253D%2524%257BSUBID%257D%26cln%3D1%26btp%3D7%26rb%3DJ1qT23D052OEeCjp3EOTs4f5FNmOOtlBp1fdrFRFj0AAzwBvSInI7iqjv0vu9jLGhH24rEVAYcmqdnHYyLQIuUA189vSrvwwVuBNLxWcQbU60wLFEyhu-08_B_VpOVevylHU7fl1SVCxcvTvN2-9GJrK3FJ7CzHAHkljPxkXT1uxTrT6ilDEwDJ9OPiUUJpEXvS2D65rkjghDN2GiQmGV1wcpNlsvrzSU49xqWyKbUakfFeDzRCCq8bigIbzkahiCD6Ycpe9PfZDqO9Tn-n4AIbfv2wfMfxVzGSM2jrK_XA8h6oTj8CquOKZG6As-UPveLY9a1HslUN5Yr44vYP6xbissNKudqLV8hmP-Uvi9Eo-aEauk3A8Yj9MYR_CG7TpMcI8-p-mB-ypK6yvFXtQzqtUD15xQ1VZBur76vo6S5OWz3f7H0HdLX9A80xm5qzKTXdKiTwQtqsk46HEBirD0_7oXBVxNGc9EbP2ZrdVPFIBtRLLgiBolp6fxC0erin0qAKDP4Vgpy2BHYQsncCICoyvhjnuafX-KCe3Js71lKqtyCyt96D0yLOSCUwl6OAwRXK7EjW5cu5-wtd3C5S2IVG1Hcb0pxoAeXHqgmh1FrUew0itLCVWKMp6yHbRquPWyMQycI5AU24edybOe_Oj2Oo-kMFZbSyFP9QlKA%3D%3D%26bag%3DKh3ZNesuHwchFbOw831bEA%3D%3D%26ruid%3D800af5d8-67bf-47df-abe6-2a398d5abaf2%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D5%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fila.jswords.xyz%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D1024%26wfc%3D2%26sah%3D1024%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0 IP 139.45.197.154 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-09 11:11 Times Seen4635527 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	gloaphoo.net/400/6301604	ScriptElement	89 kB	2024-08-21	2024-08-21
Pretty URL gloaphoo.net/400/6301604 IP 139.45.197.239 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-21 04:19 Last Seen2024-08-21 04:19 Times Seen1 Hash f3f862c5c92e991317bca2511e8cbeb3 b8a2daecbbd1b17e939a6449f2c0893f36ed5a9b bb5b19a5b333b9e08efa8a7aef9436eaa755ee88809154194fdf6fd7637d4e49 Loading...

	ila.jswords.xyz/settings/js/index.js	ScriptElement	8.3 kB	2023-10-17	2024-08-21
Pretty URL ila.jswords.xyz/settings/js/index.js IP 129.213.82.186 ASN #31898 ORACLE-BMC-31898 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-17 22:46 Last Seen2024-08-21 04:19 Times Seen11 Hash c1f83bad4af90c7780e31fc3fd1e69c1 2281b0355bcf05e02e053efdfea3aad71cb1dfbb a8494bcb77b55cff23222c28fd4fbe9b63dc614cf37c2a965fbce21ce997ff2a Loading...

	static.arc.io/broker/js/broker.9e6bf337.js	ScriptElement	24 kB	2023-04-09	2024-08-21
Pretty URL static.arc.io/broker/js/broker.9e6bf337.js IP 194.242.11.186 ASN #34989 ServeTheWorld AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-09 23:37 Last Seen2024-08-21 09:43 Times Seen1420 Hash 0f4be176d7381439a060ff326b994fd2 a2157b6419a02054e10fd69cad0df08ee46c85a8 15dd17bc017fd6b5c5874bf0c0f127131b09f9f8a4a5f596aa846269f4bad7c9 Loading...

	static.arc.io/widget/js/lazy-modules.js?fe421cd5	ScriptElement	435 B	2023-05-06	2024-08-21
Pretty URL static.arc.io/widget/js/lazy-modules.js?fe421cd5 IP 194.242.11.186 ASN #34989 ServeTheWorld AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-06 06:49 Last Seen2024-08-21 09:43 Times Seen1389 Hash bf3693cfb405887329f70b7d8af75778 fda421baca4cc4e728b56401fa030b516289d854 67a059442ba90d139a2c5010109476b0819cab9a68047d5302f064123733ee57 Loading...

	static.arc.io/widget/js/lazy-iwc.js?8aedfc26	ScriptElement	14 kB	2023-05-05	2024-08-21
Pretty URL static.arc.io/widget/js/lazy-iwc.js?8aedfc26 IP 194.242.11.186 ASN #34989 ServeTheWorld AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-05 23:40 Last Seen2024-08-21 09:43 Times Seen1384 Hash 79f87bf000461a78e70050f0b33e54bd c9d31fe64b37cfee9161518de01368a25101d159 a10e7cded87daa4318d9448308e6e87e15e1da89d2d7f585da84ef0420f20690 Loading...

	static.arc.io/widget/js/brokers.js?cfaaa772	ScriptElement	23 kB	2023-05-05	2024-08-21
Pretty URL static.arc.io/widget/js/brokers.js?cfaaa772 IP 194.242.11.186 ASN #34989 ServeTheWorld AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-05 23:40 Last Seen2024-08-21 09:43 Times Seen1397 Hash e1f31a1f2266b21d5986026408c6b7ae 16583ba6436fb94cf4d05cb8ec6cb5d601d83926 58936974bff4521fdc89cd5eb181ec9187a06458235ddab4a1c36486bf3150a8 Loading...

	static.arc.io/widget/js/chunk-0565ec8a.js?801809a0	ScriptElement	74 kB	2023-10-13	2023-10-24
Pretty URL static.arc.io/widget/js/chunk-0565ec8a.js?801809a0 IP 194.242.11.186 ASN #34989 ServeTheWorld AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-13 20:11 Last Seen2023-10-24 01:31 Times Seen94 Hash 34fad9f53a697213e84b9ad8577fbf51 dda6d66542458e399c33252f3bc5759827635691 013e3acf5844be9dce9eccdf081a292253b00641b84b6606e03aaf94f6953b63 Loading...

	cdn.jsdelivr.net/gh/3kh0/3kh0.github.io/js/main.js	ScriptElement	3.0 kB	2023-03-29	2024-08-21
Pretty URL cdn.jsdelivr.net/gh/3kh0/3kh0.github.io/js/main.js IP 151.101.193.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:00 Last Seen2024-08-21 04:19 Times Seen11 Hash 50c7815b5b4458d1f922241c93a61ce0 4271eda96437a3b804e80498414d2e93711cdb66 155efc340f3ff42d00df38d46253905d214a3d064110bc86001516a33b8c459b Loading...

	unknown	ScriptElement	160 B	2023-03-11	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 08:29 Last Seen2024-08-21 04:19 Times Seen12 Hash 5d25a168d66a094120d3b95a584623ff f3288bcfd072af1444c90b0092f3d9f96fc5c53b e4e16a7c4f714cac4816c957d6b2ebbbc0b4b7d349f3daf9d3f9ad997b047c80 Loading...

	www.googletagmanager.com/gtag/js?id=G-98DP5VKS42	ScriptElement	250 kB	2023-10-17	2023-10-17
Pretty URL www.googletagmanager.com/gtag/js?id=G-98DP5VKS42 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-17 22:46 Last Seen2023-10-17 22:46 Times Seen1 Hash 3f47bd28ec1b410bb69360ab380fb47a 405d4744b830ef42602eb95d0ac36146861a5b22 5cfe1a7ea60270976d42cd3dbe15eb67a9235f3df116c568fcb8917c494942c4 Loading...

	www.googletagmanager.com/gtag/js?id=G-98DP5VKS42&l=dataLayer&cx=c	ScriptElement	250 kB	2023-10-17	2023-10-17
Pretty URL www.googletagmanager.com/gtag/js?id=G-98DP5VKS42&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-17 22:46 Last Seen2023-10-17 22:46 Times Seen1 Hash f977bc7d9cd85a9d91b235f7a70e5236 eafe08ddcd6ecaf5737e6c76343030d62f6ebc8e bfde9ffc2b0d0475d6aecd22dae4f5ba1e5cefa6b1c009236ace86dfee60d04c Loading...

		Size	First Seen	Last Seen
	#1 Eval - f0ffd3b7c2574ac324603ed00488c850	7 B	2023-03-07 01:03	2025-05-09 11:04
Pretty Observations First Seen2023-03-07 01:03 Last Seen2025-05-09 11:04 Times Seen31649 Hash f0ffd3b7c2574ac324603ed00488c850 623e76c36aa2a886542011e28412cc761d7ceb01 c4d0cf241a1bfa1c8bf4cf24e8f89d2ab786a284a39adb2fc8df7ea14e73c154 Loading...

HTTP Transactions (132)

URL IP Response Size

ila.jswords.xyz/

129.213.82.186

200 OK

21 kB

URL HEAD HTTP/1.1
ila.jswords.xyz/
IP
129.213.82.186:443
ASN
#31898 ORACLE-BMC-31898

Requested by
https://ila.jswords.xyz/
Certificate
IssuerLet's Encrypt
Subjectmath.centraloff.org
Fingerprint30:78:17:5E:EA:25:F0:5E:B1:CF:E4:31:49:C0:B5:D7:9D:AD:2D:84
ValiditySat, 14 Oct 2023 06:03:35 GMT - Fri, 12 Jan 2024 06:03:34 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (59234)
Size
21 kB (21139 bytes)
Hash
251bb4994733cf1814bbd803a999b465
fba3ab140b5416742c0b100e21bc7c7153a83f35
8ae91e29274a0bed57da41e13497c3b293e7eda9ee2e4fa7d54404a5b8f4ee36

HTTP Headers

GET / HTTP/1.1
Host: ila.jswords.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 17 Oct 2023 20:46:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=31536000
Last-Modified: Wed, 13 Sep 2023 03:10:27 GMT
ETag: W/"1043b-18a8c84ca2c"
Vary: Accept-Encoding
Content-Encoding: gzip

cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css

104.17.25.14

200 OK

15 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ila.jswords.xyz/home.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65311)
Size
15 kB (14850 bytes)
Hash
3d5ef2bf867c4054a2f336cdbad9e1dc
07228d1fa3245ee156a27a353f45758a3207849f
a361e7885c36bacb3fd9cb068da207c3b9329962cac022d06e28923939f575e8

HTTP Headers

GET /ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 17 Oct 2023 20:46:02 GMT
content-type: text/css; charset=utf-8
content-length: 14850
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "619c057b-3a02"
last-modified: Mon, 22 Nov 2021 21:02:51 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 435058
expires: Sun, 06 Oct 2024 20:46:02 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5HlY%2FMUvAaFAMbfb2HZMogxI9M80m6CK%2FDeetaQDN75kdSX1E9OEpjUhFhGn7MuN%2FLlr4wt96k34shdfFgtQdbu3VrjBjmRQrYshlOaKz%2Fx8pIPAsCfjrQ2%2F2Ms9JXj7PNJFDilz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 817b6380ade65696-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ila.jswords.xyz/CSS/index.css

129.213.82.186

200 OK

1.6 kB

URL GET HTTP/1.1
ila.jswords.xyz/CSS/index.css
IP
129.213.82.186:443
ASN
#31898 ORACLE-BMC-31898

Requested by
https://ila.jswords.xyz/
Certificate
IssuerLet's Encrypt
Subjectmath.centraloff.org
Fingerprint30:78:17:5E:EA:25:F0:5E:B1:CF:E4:31:49:C0:B5:D7:9D:AD:2D:84
ValiditySat, 14 Oct 2023 06:03:35 GMT - Fri, 12 Jan 2024 06:03:34 GMT

File type
ASCII text
Size
1.6 kB (1634 bytes)
Hash
ea9448c9e32ee8a3b9c225a348799c1c
8e47f763aec79216883bbdb87f2bfe63c1e17702
ee2a4004975d8d340effea4ee6a58fe709b191e24051ce8c85298069704b9f72

HTTP Headers

GET /CSS/index.css HTTP/1.1
Host: ila.jswords.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 17 Oct 2023 20:46:02 GMT
Content-Type: text/css; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 08 Aug 2023 20:36:22 GMT
ETag: W/"1d4b-189d6dd6be6"
Vary: Accept-Encoding
Content-Encoding: gzip

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
87d874e16161e60b13bd34c9dbb4fcf1
a4dbc700e79aa715720a7e7d3973c2c0a7f67fcf
2a2d26e9e4f8fb4e385cf21e3973474c876611b1ca3378d8fefe736b3f86323e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 17 Oct 2023 20:46:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
39dd09184e5d5383e6470268e098a292
9b3238b72a3808d9247189a6b52a2563a822a941
3fc2093bf3b7c521a55c2a42708957c872751257455628e2630c04afaa5f9d2f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 17 Oct 2023 20:46:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f057e7c2876f8d7a66dd7ae5665cfae6
e15404d3eb7ffb069c08309d7985ce648aa0aa6f
9019fedb4e1d2375d256463b8a04655899aff7c91aa147e5cee808df795e5d82

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 17 Oct 2023 20:46:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=G-NCTSG4T1B6

142.250.74.168

200 OK

93 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-NCTSG4T1B6
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://ila.jswords.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint54:FD:04:1B:2E:C7:46:95:DD:15:A3:A0:3F:CE:7F:03:02:53:36:8F
ValidityMon, 18 Sep 2023 08:19:25 GMT - Mon, 11 Dec 2023 08:19:24 GMT

File type
ASCII text, with very long lines (5788)
Size
93 kB (93004 bytes)
Hash
9d14c9f34da463a43e2aeb17aca616c9
8811cbf06c006b32856bb2986eddf72553cd6f55
0e1191d9fb6e50995e3bb27b80ba1d531b6d4afea7c48ba0f760d15e069a83bf

HTTP Headers

GET /gtag/js?id=G-NCTSG4T1B6 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 17 Oct 2023 20:46:02 GMT
expires: Tue, 17 Oct 2023 20:46:02 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 93004
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f057e7c2876f8d7a66dd7ae5665cfae6
e15404d3eb7ffb069c08309d7985ce648aa0aa6f
9019fedb4e1d2375d256463b8a04655899aff7c91aa147e5cee808df795e5d82

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 17 Oct 2023 20:46:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css2?family=Material+Symbols+Outlined:opsz,wght,FILL,GRAD@48,500,1,0

142.250.74.106

200 OK

908 B

URL GET HTTP/3
fonts.googleapis.com/css2?family=Material+Symbols+Outlined:opsz,wght,FILL,GRAD@48,500,1,0
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://ila.jswords.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint73:C0:B4:AB:41:0A:6A:68:D4:AE:EE:E2:11:A4:38:23:EF:D2:86:B7
ValidityMon, 18 Sep 2023 08:25:07 GMT - Mon, 11 Dec 2023 08:25:06 GMT

File type
gzip compressed data, max compression\012- data
Size
908 B (908 bytes)
Hash
3bad462af6101aedacfaea270254ff5a
565f9a2f0a176f290c170c2e1283512de0f6dab0
536c598f0b2f1c57cddb525173189f3fa96f2ddd3a1e342205f5e36ba2819eb1

HTTP Headers

GET /css2?family=Material+Symbols+Outlined:opsz,wght,FILL,GRAD@48,500,1,0 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 17 Oct 2023 20:46:02 GMT
date: Tue, 17 Oct 2023 20:46:02 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ila.jswords.xyz/uv/uv.config.js

129.213.82.186

200 OK

298 B

URL GET HTTP/1.1
ila.jswords.xyz/uv/uv.config.js
IP
129.213.82.186:443
ASN
#31898 ORACLE-BMC-31898

Requested by
https://ila.jswords.xyz/
Certificate
IssuerLet's Encrypt
Subjectmath.centraloff.org
Fingerprint30:78:17:5E:EA:25:F0:5E:B1:CF:E4:31:49:C0:B5:D7:9D:AD:2D:84
ValiditySat, 14 Oct 2023 06:03:35 GMT - Fri, 12 Jan 2024 06:03:34 GMT

File type
ASCII text
Size
298 B (298 bytes)
Hash
4039930f4a0584461919811990c491cd
bab13d7930e20f974a30b3ae857d381ae24b844d
bf83978647efcd2a3dbf8d0fa9257c5b18e3b6b4f45d233d119976a269132707

HTTP Headers

GET /uv/uv.config.js HTTP/1.1
Host: ila.jswords.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 17 Oct 2023 20:46:02 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 298
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 08 Aug 2023 20:36:22 GMT
ETag: W/"12a-189d6dd6bf2"
Vary: Accept-Encoding

ila.jswords.xyz/register-sw.js

129.213.82.186

200 OK

699 B

URL GET HTTP/1.1
ila.jswords.xyz/register-sw.js
IP
129.213.82.186:443
ASN
#31898 ORACLE-BMC-31898

Requested by
https://ila.jswords.xyz/
Certificate
IssuerLet's Encrypt
Subjectmath.centraloff.org
Fingerprint30:78:17:5E:EA:25:F0:5E:B1:CF:E4:31:49:C0:B5:D7:9D:AD:2D:84
ValiditySat, 14 Oct 2023 06:03:35 GMT - Fri, 12 Jan 2024 06:03:34 GMT

File type
ASCII text
Size
699 B (699 bytes)
Hash
dbfceee9fbe9541ee5e7fb7bae771db7
a220ac0abae9b850fd168851204295f084631748
b5fdef9f51bdb9b56e7f4e7749d77bcb6597a0301ead564c6ba9b4a016ac1a1e

HTTP Headers

GET /register-sw.js HTTP/1.1
Host: ila.jswords.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 17 Oct 2023 20:46:02 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 699
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 08 Aug 2023 20:36:22 GMT
ETag: W/"2bb-189d6dd6bea"
Vary: Accept-Encoding

ila.jswords.xyz/search.js

129.213.82.186

200 OK

634 B

URL GET HTTP/1.1
ila.jswords.xyz/search.js
IP
129.213.82.186:443
ASN
#31898 ORACLE-BMC-31898

Requested by
https://ila.jswords.xyz/
Certificate
IssuerLet's Encrypt
Subjectmath.centraloff.org
Fingerprint30:78:17:5E:EA:25:F0:5E:B1:CF:E4:31:49:C0:B5:D7:9D:AD:2D:84
ValiditySat, 14 Oct 2023 06:03:35 GMT - Fri, 12 Jan 2024 06:03:34 GMT

File type
Algol 68 source text\012- Pascal source, ASCII text
Size
634 B (634 bytes)
Hash
6b0c4bde5ddd22ac5897889c283a22ef
07bb2aa166ebc1d3cbaf653824cdbb3e9bc680ec
d5ac20ae9f32f37ed2b361331d65db05fd4266d9e22ddfa7d92117f3f9a8c8b8

HTTP Headers

GET /search.js HTTP/1.1
Host: ila.jswords.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 17 Oct 2023 20:46:02 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 634
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 08 Aug 2023 20:36:22 GMT
ETag: W/"27a-189d6dd6bea"
Vary: Accept-Encoding

ila.jswords.xyz/index.js

129.213.82.186

404 Not Found

1.8 kB

URL GET HTTP/1.1
ila.jswords.xyz/index.js
IP
129.213.82.186:443
ASN
#31898 ORACLE-BMC-31898

Requested by
https://ila.jswords.xyz/
Certificate
IssuerLet's Encrypt
Subjectmath.centraloff.org
Fingerprint30:78:17:5E:EA:25:F0:5E:B1:CF:E4:31:49:C0:B5:D7:9D:AD:2D:84
ValiditySat, 14 Oct 2023 06:03:35 GMT - Fri, 12 Jan 2024 06:03:34 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.8 kB (1834 bytes)
Hash
06682f07380834c6729bda62352bfa34
cd759c0e15cb0fad298d4510f5012b0fd551b9f9
8cac808e0498c71c0e0f21bd6601edb7c5d390d671faebba74dbdcf871b411ba

HTTP Headers

GET /index.js HTTP/1.1
Host: ila.jswords.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 17 Oct 2023 20:46:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 08 Aug 2023 20:36:22 GMT
ETag: W/"15e7-189d6dd6be6"
Vary: Accept-Encoding
Content-Encoding: gzip

ila.jswords.xyz/settings/js/themes.js

129.213.82.186

200 OK

728 B

URL GET HTTP/1.1
ila.jswords.xyz/settings/js/themes.js
IP
129.213.82.186:443
ASN
#31898 ORACLE-BMC-31898

Requested by
https://ila.jswords.xyz/
Certificate
IssuerLet's Encrypt
Subjectmath.centraloff.org
Fingerprint30:78:17:5E:EA:25:F0:5E:B1:CF:E4:31:49:C0:B5:D7:9D:AD:2D:84
ValiditySat, 14 Oct 2023 06:03:35 GMT - Fri, 12 Jan 2024 06:03:34 GMT

File type
ASCII text
Size
728 B (728 bytes)
Hash
347554b4e8b1e26d470f48337e9254ef
9f28939687bd6dd0bedf67b757b50c5595b5be7e
b0bad635d8f11c85a8934bd69da460fc9d81526d477596a554b12c41d76f0763

HTTP Headers

GET /settings/js/themes.js HTTP/1.1
Host: ila.jswords.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 17 Oct 2023 20:46:02 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 08 Aug 2023 20:36:22 GMT
ETag: W/"bcb-189d6dd6bea"
Vary: Accept-Encoding
Content-Encoding: gzip

ila.jswords.xyz/options.js

129.213.82.186

200 OK

846 B

URL GET HTTP/1.1
ila.jswords.xyz/options.js
IP
129.213.82.186:443
ASN
#31898 ORACLE-BMC-31898

Requested by
https://ila.jswords.xyz/
Certificate
IssuerLet's Encrypt
Subjectmath.centraloff.org
Fingerprint30:78:17:5E:EA:25:F0:5E:B1:CF:E4:31:49:C0:B5:D7:9D:AD:2D:84
ValiditySat, 14 Oct 2023 06:03:35 GMT - Fri, 12 Jan 2024 06:03:34 GMT

File type
HTML document, ASCII text
Size
846 B (846 bytes)
Hash
c63690de91b74b83b64a34ed229bd538
2df315b2d1c7fff29fecda11393522f75c1feb8a
d8b76bc5a0d97aae53d1d62e5e4cd03db9baab4e1e59280693ee1b3c4ce114c8

HTTP Headers

GET /options.js HTTP/1.1
Host: ila.jswords.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 17 Oct 2023 20:46:02 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 08 Aug 2023 20:36:22 GMT
ETag: W/"a0a-189d6dd6bea"
Vary: Accept-Encoding
Content-Encoding: gzip

ila.jswords.xyz/settings/js/index.js

129.213.82.186

200 OK

2.5 kB

URL GET HTTP/1.1
ila.jswords.xyz/settings/js/index.js
IP
129.213.82.186:443
ASN
#31898 ORACLE-BMC-31898

Requested by
https://ila.jswords.xyz/
Certificate
IssuerLet's Encrypt
Subjectmath.centraloff.org
Fingerprint30:78:17:5E:EA:25:F0:5E:B1:CF:E4:31:49:C0:B5:D7:9D:AD:2D:84
ValiditySat, 14 Oct 2023 06:03:35 GMT - Fri, 12 Jan 2024 06:03:34 GMT

File type
HTML document, ASCII text
Size
2.5 kB (2480 bytes)
Hash
c1f83bad4af90c7780e31fc3fd1e69c1
2281b0355bcf05e02e053efdfea3aad71cb1dfbb
a8494bcb77b55cff23222c28fd4fbe9b63dc614cf37c2a965fbce21ce997ff2a

HTTP Headers

GET /settings/js/index.js HTTP/1.1
Host: ila.jswords.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 17 Oct 2023 20:46:02 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 08 Aug 2023 20:36:22 GMT
ETag: W/"2064-189d6dd6bea"
Vary: Accept-Encoding
Content-Encoding: gzip

ila.jswords.xyz/tab.js

129.213.82.186

200 OK

3.6 kB

URL GET HTTP/1.1
ila.jswords.xyz/tab.js
IP
129.213.82.186:443
ASN
#31898 ORACLE-BMC-31898

Requested by
https://ila.jswords.xyz/
Certificate
IssuerLet's Encrypt
Subjectmath.centraloff.org
Fingerprint30:78:17:5E:EA:25:F0:5E:B1:CF:E4:31:49:C0:B5:D7:9D:AD:2D:84
ValiditySat, 14 Oct 2023 06:03:35 GMT - Fri, 12 Jan 2024 06:03:34 GMT

File type
ASCII text
Size
3.6 kB (3559 bytes)
Hash
b5a1d8b482209e5de6b1c05a321cece5
85e5b6f32ea2444d4a4d8f8e862c66587a646a6a
4e0824222b2a7f91f31db14944401af00f5f22415e8b1f678b12812704bbd204

HTTP Headers

GET /tab.js HTTP/1.1
Host: ila.jswords.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 17 Oct 2023 20:46:02 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 08 Aug 2023 20:36:22 GMT
ETag: W/"3d2e-189d6dd6bf2"
Vary: Accept-Encoding
Content-Encoding: gzip

ila.jswords.xyz/uv/uv.bundle.js

129.213.82.186

200 OK

182 kB

URL GET HTTP/1.1
ila.jswords.xyz/uv/uv.bundle.js
IP
129.213.82.186:443
ASN
#31898 ORACLE-BMC-31898

Requested by
https://ila.jswords.xyz/
Certificate
IssuerLet's Encrypt
Subjectmath.centraloff.org
Fingerprint30:78:17:5E:EA:25:F0:5E:B1:CF:E4:31:49:C0:B5:D7:9D:AD:2D:84
ValiditySat, 14 Oct 2023 06:03:35 GMT - Fri, 12 Jan 2024 06:03:34 GMT

File type
Unicode text, UTF-8 text, with very long lines (63963)
Size
182 kB (181459 bytes)
Hash
4474857294352447e75928d902bbfda4
bd6b4ac6185bcb3a8716e08af9cedf460f8644ab
b226b199ad4e04570aab93f2e964afda3936c47fec41a77aec254ce26ec1154a

HTTP Headers

GET /uv/uv.bundle.js HTTP/1.1
Host: ila.jswords.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 17 Oct 2023 20:46:02 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 08 Aug 2023 20:36:27 GMT
ETag: W/"a472e-189d6dd7d1e"
Vary: Accept-Encoding
Content-Encoding: gzip

ila.jswords.xyz/settings/js/panic.js

129.213.82.186

404 Not Found

1.8 kB

URL GET HTTP/1.1
ila.jswords.xyz/settings/js/panic.js
IP
129.213.82.186:443
ASN
#31898 ORACLE-BMC-31898

Requested by
https://ila.jswords.xyz/
Certificate
IssuerLet's Encrypt
Subjectmath.centraloff.org
Fingerprint30:78:17:5E:EA:25:F0:5E:B1:CF:E4:31:49:C0:B5:D7:9D:AD:2D:84
ValiditySat, 14 Oct 2023 06:03:35 GMT - Fri, 12 Jan 2024 06:03:34 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.8 kB (1834 bytes)
Hash
06682f07380834c6729bda62352bfa34
cd759c0e15cb0fad298d4510f5012b0fd551b9f9
8cac808e0498c71c0e0f21bd6601edb7c5d390d671faebba74dbdcf871b411ba

HTTP Headers

GET /settings/js/panic.js HTTP/1.1
Host: ila.jswords.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 17 Oct 2023 20:46:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 08 Aug 2023 20:36:22 GMT
ETag: W/"15e7-189d6dd6be6"
Vary: Accept-Encoding
Content-Encoding: gzip

ophoacit.com/1?z=6211840

139.45.197.242

200 OK

18 kB

URL GET HTTP/2
ophoacit.com/1?z=6211840
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://ila.jswords.xyz/
Certificate
IssuerLet's Encrypt
Subjectophoacit.com
FingerprintBA:22:E5:6C:16:E2:40:EC:4F:D5:BC:70:BD:70:0F:C0:76:C0:39:8F
ValidityWed, 16 Aug 2023 07:14:02 GMT - Tue, 14 Nov 2023 07:14:01 GMT

File type
ASCII text, with very long lines (41880)
Size
18 kB (17573 bytes)
Hash
19d1206e6dd95d8ad13e39a58fc9341f
cd91d7c8c92888c1752d51bc6e5b943c73e4e686
48246fad7e70e3b73950e645964215cb182d8d4f281c10be7282cf80225a4746

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1?z=6211840 HTTP/1.1
Host: ophoacit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 17 Oct 2023 20:46:02 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: 3b5ac7e65b2e0102b65953367d00e2e7
access-control-expose-headers: X-Sc
x-sc: 8va9P_GDouXHbP61KbLfE-Yq3nnHI4G11aM4rVbvtWAiDgs6uUIh2zZEYj5VVHjfPyveiAf6GPqdMnXNIwWLr_2fPrA=
set-cookie: scm=1; expires=Wed, 16 Oct 2024 20:46:02 GMT; secure; SameSite=None
OAID=3dc8589174ea464e94084a5f2ee18c82; expires=Wed, 16 Oct 2024 20:46:02 GMT; secure; SameSite=None
oaidts=1697575562; expires=Wed, 16 Oct 2024 20:46:02 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/webfonts/fa-solid-900.woff2

104.17.25.14

200 OK

125 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/webfonts/fa-solid-900.woff2
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ila.jswords.xyz/home.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 125064, version 768.67\012- data
Size
125 kB (125064 bytes)
Hash
57b380d27f14f16e737bcca7e849cf79
2e4280929d4d76fc0e31601c98f167f14630c209
94e1bbc1c2a41ebc73fa5253fd563256c0035b4d69181e48f9aef9e474a11251

HTTP Headers

GET /ajax/libs/font-awesome/6.0.0-beta3/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ila.jswords.xyz
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 17 Oct 2023 20:46:02 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 125064
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "619c057b-1e888"
last-modified: Mon, 22 Nov 2021 21:02:51 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 678812
expires: Sun, 06 Oct 2024 20:46:02 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8o1t68bXPmVMsXXJKKAjpcq%2BEJhXfB5P4ZKkkYxtEo6CGB3hHFeuu3NG8RJWDjX2h2PdoSNtSh2OWQa2UHMx9F0qm5OxH%2BZWW5WsGtRjN1KrwxRUf2P3549IqxW%2FhBkguK0MIyks"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 817b63844c5356cb-OSL
alt-svc: h3=":443"; ma=86400

cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/webfonts/fa-brands-400.woff2

104.17.25.14

200 OK

105 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/webfonts/fa-brands-400.woff2
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ila.jswords.xyz/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 105204, version 768.67\012- data
Size
105 kB (105204 bytes)
Hash
ee91e640b5449fb98d9320c877a9866e
7fdc6b3926b1dd023f9f2ad7d53bc22694694281
33a252d6393cbd6debe0ac517229c7aa258a0ee68fc0253f8be6a7cee8b65ee9

HTTP Headers

GET /ajax/libs/font-awesome/6.0.0-beta3/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ila.jswords.xyz
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 17 Oct 2023 20:46:02 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 105204
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "64942a3c-19af4"
last-modified: Thu, 22 Jun 2023 11:02:20 GMT
cf-cdnjs-via: cfworker/r2
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 4094697
expires: Sun, 06 Oct 2024 20:46:02 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fbul5PHU9NzP5cXrO7lRw8AFjJ0T0rYpoAh4ppmm%2FGfgMMOw69AOnBDGgkKxPYhwUh%2BKij4O2MqYel%2FiqAwM27MzMJgU8%2BtTcPgaMgBOEpH3x%2FP8a871d1vOs8Kq%2FJ4n7T1iGYj5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 817b63844c5556cb-OSL
alt-svc: h3=":443"; ma=86400

ila.jswords.xyz/

129.213.82.186

200 OK

0 B

URL HEAD HTTP/1.1
ila.jswords.xyz/
IP
129.213.82.186:443
ASN
#31898 ORACLE-BMC-31898

Requested by
https://ila.jswords.xyz/
Certificate
IssuerLet's Encrypt
Subjectmath.centraloff.org
Fingerprint30:78:17:5E:EA:25:F0:5E:B1:CF:E4:31:49:C0:B5:D7:9D:AD:2D:84
ValiditySat, 14 Oct 2023 06:03:35 GMT - Fri, 12 Jan 2024 06:03:34 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD / HTTP/1.1
Host: ila.jswords.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 17 Oct 2023 20:46:02 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Last-Modified: Wed, 13 Sep 2023 03:10:27 GMT
ETag: W/"1043b-18a8c84ca2c"
Vary: Accept-Encoding
Content-Encoding: gzip

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
4e3d632834f367982e02547ed01f3c2e
e6de16d3f26695de5e45b6aed6bce1f0c8504fef
5af172e50ca188e53368a2b368ef9b1c69fe0ca984d46d0993ec663ae1251d83

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 17 Oct 2023 20:46:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f02b76bfd6055df0d880bf655b413dfa
5e7d3a2cd417a20a13c521ececdd73785a01e1ec
49ed95035f613a90e9364a9bf733da44a45ed81c343f84af0e95c01f98edc4ae

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 17 Oct 2023 20:46:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/comfortaa/v45/1Pt_g8LJRfWJmhDAuUsSQamb1W0lwk4S4WjMDrMfIA.woff2

216.58.207.227

200 OK

14 kB

URL GET HTTP/2
fonts.gstatic.com/s/comfortaa/v45/1Pt_g8LJRfWJmhDAuUsSQamb1W0lwk4S4WjMDrMfIA.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://ila.jswords.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint24:E0:20:DC:DE:E3:A8:D9:A8:17:BA:26:F5:41:32:19:98:D0:30:F3
ValidityMon, 18 Sep 2023 08:25:05 GMT - Mon, 11 Dec 2023 08:25:04 GMT

File type
Web Open Font Format (Version 2), TrueType, length 13620, version 1.0\012- data
Size
14 kB (13620 bytes)
Hash
fb9f3b92ba47a506c571a6cdc822ee33
603746b9b81c8687a95e1a5743ddb087c9b71b5a
a60cbbc3a467d154735820b68c3840319e675c0048dd2c10a8561e92263423c7

HTTP Headers

GET /s/comfortaa/v45/1Pt_g8LJRfWJmhDAuUsSQamb1W0lwk4S4WjMDrMfIA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ila.jswords.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 13 Oct 2023 22:21:15 GMT
expires: Sat, 12 Oct 2024 22:21:15 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 24 Aug 2023 20:50:16 GMT
content-type: font/woff2
age: 339888
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/materialsymbolsoutlined/v141/kJF1BvYX7BgnkSrUwT8OhrdQw4oELdPIeeII9v6oDMzByHX9rA6RzazHD_dY43zj-jCxv3fzvRNU22ZXGJpEpjC_1n-q_4MrImHCIJIZrDCdHOej.woff2

216.58.207.227

200 OK

330 kB

URL GET HTTP/2
fonts.gstatic.com/s/materialsymbolsoutlined/v141/kJF1BvYX7BgnkSrUwT8OhrdQw4oELdPIeeII9v6oDMzByHX9rA6RzazHD_dY43zj-jCxv3fzvRNU22ZXGJpEpjC_1n-q_4MrImHCIJIZrDCdHOej.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://ila.jswords.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint24:E0:20:DC:DE:E3:A8:D9:A8:17:BA:26:F5:41:32:19:98:D0:30:F3
ValidityMon, 18 Sep 2023 08:25:05 GMT - Mon, 11 Dec 2023 08:25:04 GMT

File type
Web Open Font Format (Version 2), TrueType, length 329972, version 1.0\012- data
Size
330 kB (329972 bytes)
Hash
1891fbf57840212c9d33bd988c443f16
6bd09f8f2166f362874c828b61cf7b4b2c47a7a1
d7328b0b5b6f2ea589d28f85ea740c7554b372f67d6fb750018d285601737cb8

HTTP Headers

GET /s/materialsymbolsoutlined/v141/kJF1BvYX7BgnkSrUwT8OhrdQw4oELdPIeeII9v6oDMzByHX9rA6RzazHD_dY43zj-jCxv3fzvRNU22ZXGJpEpjC_1n-q_4MrImHCIJIZrDCdHOej.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ila.jswords.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 329972
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 17 Oct 2023 06:19:59 GMT
expires: Wed, 16 Oct 2024 06:19:59 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 12 Oct 2023 18:41:31 GMT
content-type: font/woff2
age: 51964
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f02b76bfd6055df0d880bf655b413dfa
5e7d3a2cd417a20a13c521ececdd73785a01e1ec
49ed95035f613a90e9364a9bf733da44a45ed81c343f84af0e95c01f98edc4ae

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 17 Oct 2023 20:46:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ila.jswords.xyz/

129.213.82.186

200 OK

21 kB

URL HEAD HTTP/1.1
ila.jswords.xyz/
IP
129.213.82.186:443
ASN
#31898 ORACLE-BMC-31898

Requested by
https://ila.jswords.xyz/
Certificate
IssuerLet's Encrypt
Subjectmath.centraloff.org
Fingerprint30:78:17:5E:EA:25:F0:5E:B1:CF:E4:31:49:C0:B5:D7:9D:AD:2D:84
ValiditySat, 14 Oct 2023 06:03:35 GMT - Fri, 12 Jan 2024 06:03:34 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (59234)
Size
21 kB (21139 bytes)
Hash
251bb4994733cf1814bbd803a999b465
fba3ab140b5416742c0b100e21bc7c7153a83f35
8ae91e29274a0bed57da41e13497c3b293e7eda9ee2e4fa7d54404a5b8f4ee36

HTTP Headers

GET / HTTP/1.1
Host: ila.jswords.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: _ga_NCTSG4T1B6=GS1.1.1697575563.1.0.1697575563.0.0.0; _ga=GA1.1.80435394.1697575564
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 17 Oct 2023 20:46:03 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=31536000
Last-Modified: Wed, 13 Sep 2023 03:10:27 GMT
ETag: W/"1043b-18a8c84ca2c"
Vary: Accept-Encoding
Content-Encoding: gzip

cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css

104.17.25.14

200 OK

15 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ila.jswords.xyz/home.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65311)
Size
15 kB (14850 bytes)
Hash
3d5ef2bf867c4054a2f336cdbad9e1dc
07228d1fa3245ee156a27a353f45758a3207849f
a361e7885c36bacb3fd9cb068da207c3b9329962cac022d06e28923939f575e8

HTTP Headers

GET /ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 17 Oct 2023 20:46:03 GMT
content-type: text/css; charset=utf-8
content-length: 14850
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "619c057b-3a02"
last-modified: Mon, 22 Nov 2021 21:02:51 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 435059
expires: Sun, 06 Oct 2024 20:46:03 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MUv5dJ6HD62%2FIm4bK6qVZQU13rUaBGFbkSJlb%2BCbxav0Dmh61mO8Gb10E39sS67FwTrAdHlpgv9XKRmcMK%2BReiw7MJ%2F%2BLmtZir8KWnXykAsjafIA%2BveFWHsIqjTQAocrt%2BEexN16"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 817b6387aa46b511-OSL
alt-svc: h3=":443"; ma=86400

www.googletagmanager.com/gtag/js?id=G-NCTSG4T1B6

142.250.74.168

200 OK

93 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-NCTSG4T1B6
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://ila.jswords.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint54:FD:04:1B:2E:C7:46:95:DD:15:A3:A0:3F:CE:7F:03:02:53:36:8F
ValidityMon, 18 Sep 2023 08:19:25 GMT - Mon, 11 Dec 2023 08:19:24 GMT

File type
ASCII text, with very long lines (5788)
Size
93 kB (93029 bytes)
Hash
e237b1cd2311faaa915e006dbe75262f
79366f73755c65319291ecb84f712e71fd867178
5310c0c9cfb2e3c28fb63071902d73aef169c61bbc92a57832048061e92da648

HTTP Headers

GET /gtag/js?id=G-NCTSG4T1B6 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 17 Oct 2023 20:46:03 GMT
expires: Tue, 17 Oct 2023 20:46:03 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 93029
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ila.jswords.xyz/uv/uv.config.js

129.213.82.186

200 OK

298 B

URL GET HTTP/1.1
ila.jswords.xyz/uv/uv.config.js
IP
129.213.82.186:443
ASN
#31898 ORACLE-BMC-31898

Requested by
https://ila.jswords.xyz/
Certificate
IssuerLet's Encrypt
Subjectmath.centraloff.org
Fingerprint30:78:17:5E:EA:25:F0:5E:B1:CF:E4:31:49:C0:B5:D7:9D:AD:2D:84
ValiditySat, 14 Oct 2023 06:03:35 GMT - Fri, 12 Jan 2024 06:03:34 GMT

File type
ASCII text
Size
298 B (298 bytes)
Hash
4039930f4a0584461919811990c491cd
bab13d7930e20f974a30b3ae857d381ae24b844d
bf83978647efcd2a3dbf8d0fa9257c5b18e3b6b4f45d233d119976a269132707

HTTP Headers

GET /uv/uv.config.js HTTP/1.1
Host: ila.jswords.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Cookie: _ga_NCTSG4T1B6=GS1.1.1697575563.1.0.1697575563.0.0.0; _ga=GA1.1.80435394.1697575564
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 17 Oct 2023 20:46:03 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 298
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 08 Aug 2023 20:36:22 GMT
ETag: W/"12a-189d6dd6bf2"
Vary: Accept-Encoding

ila.jswords.xyz/CSS/index.css

129.213.82.186

200 OK

1.6 kB

URL GET HTTP/1.1
ila.jswords.xyz/CSS/index.css
IP
129.213.82.186:443
ASN
#31898 ORACLE-BMC-31898

Requested by
https://ila.jswords.xyz/
Certificate
IssuerLet's Encrypt
Subjectmath.centraloff.org
Fingerprint30:78:17:5E:EA:25:F0:5E:B1:CF:E4:31:49:C0:B5:D7:9D:AD:2D:84
ValiditySat, 14 Oct 2023 06:03:35 GMT - Fri, 12 Jan 2024 06:03:34 GMT

File type
ASCII text
Size
1.6 kB (1634 bytes)
Hash
ea9448c9e32ee8a3b9c225a348799c1c
8e47f763aec79216883bbdb87f2bfe63c1e17702
ee2a4004975d8d340effea4ee6a58fe709b191e24051ce8c85298069704b9f72

HTTP Headers

GET /CSS/index.css HTTP/1.1
Host: ila.jswords.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Cookie: _ga_NCTSG4T1B6=GS1.1.1697575563.1.0.1697575563.0.0.0; _ga=GA1.1.80435394.1697575564
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 17 Oct 2023 20:46:03 GMT
Content-Type: text/css; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 08 Aug 2023 20:36:22 GMT
ETag: W/"1d4b-189d6dd6be6"
Vary: Accept-Encoding
Content-Encoding: gzip

ila.jswords.xyz/settings/js/themes.js

129.213.82.186

200 OK

728 B

URL GET HTTP/1.1
ila.jswords.xyz/settings/js/themes.js
IP
129.213.82.186:443
ASN
#31898 ORACLE-BMC-31898

Requested by
https://ila.jswords.xyz/
Certificate
IssuerLet's Encrypt
Subjectmath.centraloff.org
Fingerprint30:78:17:5E:EA:25:F0:5E:B1:CF:E4:31:49:C0:B5:D7:9D:AD:2D:84
ValiditySat, 14 Oct 2023 06:03:35 GMT - Fri, 12 Jan 2024 06:03:34 GMT

File type
ASCII text
Size
728 B (728 bytes)
Hash
347554b4e8b1e26d470f48337e9254ef
9f28939687bd6dd0bedf67b757b50c5595b5be7e
b0bad635d8f11c85a8934bd69da460fc9d81526d477596a554b12c41d76f0763

HTTP Headers

GET /settings/js/themes.js HTTP/1.1
Host: ila.jswords.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Cookie: _ga_NCTSG4T1B6=GS1.1.1697575563.1.0.1697575563.0.0.0; _ga=GA1.1.80435394.1697575564
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 17 Oct 2023 20:46:03 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 08 Aug 2023 20:36:22 GMT
ETag: W/"bcb-189d6dd6bea"
Vary: Accept-Encoding
Content-Encoding: gzip

ila.jswords.xyz/index.js

129.213.82.186

404 Not Found

1.8 kB

URL GET HTTP/1.1
ila.jswords.xyz/index.js
IP
129.213.82.186:443
ASN
#31898 ORACLE-BMC-31898

Requested by
https://ila.jswords.xyz/
Certificate
IssuerLet's Encrypt
Subjectmath.centraloff.org
Fingerprint30:78:17:5E:EA:25:F0:5E:B1:CF:E4:31:49:C0:B5:D7:9D:AD:2D:84
ValiditySat, 14 Oct 2023 06:03:35 GMT - Fri, 12 Jan 2024 06:03:34 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.8 kB (1834 bytes)
Hash
06682f07380834c6729bda62352bfa34
cd759c0e15cb0fad298d4510f5012b0fd551b9f9
8cac808e0498c71c0e0f21bd6601edb7c5d390d671faebba74dbdcf871b411ba

HTTP Headers

GET /index.js HTTP/1.1
Host: ila.jswords.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Cookie: _ga_NCTSG4T1B6=GS1.1.1697575563.1.0.1697575563.0.0.0; _ga=GA1.1.80435394.1697575564
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 17 Oct 2023 20:46:03 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 08 Aug 2023 20:36:22 GMT
ETag: W/"15e7-189d6dd6be6"
Vary: Accept-Encoding
Content-Encoding: gzip

fonts.googleapis.com/css2?family=Material+Symbols+Outlined:opsz,wght,FILL,GRAD@48,500,1,0

142.250.74.106

200 OK

126 kB

URL GET HTTP/3
fonts.googleapis.com/css2?family=Material+Symbols+Outlined:opsz,wght,FILL,GRAD@48,500,1,0
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://ila.jswords.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint73:C0:B4:AB:41:0A:6A:68:D4:AE:EE:E2:11:A4:38:23:EF:D2:86:B7
ValidityMon, 18 Sep 2023 08:25:07 GMT - Mon, 11 Dec 2023 08:25:06 GMT

File type
gzip compressed data, max compression\012- data
Size
126 kB (125501 bytes)
Hash
17ef43461e578bbc435b244cb5dfa74c
8bc1cc913e6419f6d9760a582f28216841e78769
d15d6bc5891fceffaa10e0c4b5a9c5f7787cbdd62d98004268f4d9bf1b7196c8

HTTP Headers

GET /css2?family=Material+Symbols+Outlined:opsz,wght,FILL,GRAD@48,500,1,0 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 17 Oct 2023 20:46:03 GMT
date: Tue, 17 Oct 2023 20:46:03 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.googleapis.com/css2?family=Comfortaa&display=swap

142.250.74.106

200 OK

14 kB

URL GET HTTP/3
fonts.googleapis.com/css2?family=Comfortaa&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://ila.jswords.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint73:C0:B4:AB:41:0A:6A:68:D4:AE:EE:E2:11:A4:38:23:EF:D2:86:B7
ValidityMon, 18 Sep 2023 08:25:07 GMT - Mon, 11 Dec 2023 08:25:06 GMT

File type
gzip compressed data, max compression\012- data
Size
14 kB (14182 bytes)
Hash
89d28ce22dd8374732befd047c854b83
03c8dc8730161a1ac5d23bdada3b0785d3c185d6
7d3fa68b9a4a804dd5f66248b1d068aa2888e36f8ebaa0b6f327392f0163a364

HTTP Headers

GET /css2?family=Comfortaa&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 17 Oct 2023 20:46:03 GMT
date: Tue, 17 Oct 2023 20:46:03 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/webfonts/fa-brands-400.woff2

104.17.25.14

200 OK

105 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/webfonts/fa-brands-400.woff2
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ila.jswords.xyz/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 105204, version 768.67\012- data
Size
105 kB (105204 bytes)
Hash
ee91e640b5449fb98d9320c877a9866e
7fdc6b3926b1dd023f9f2ad7d53bc22694694281
33a252d6393cbd6debe0ac517229c7aa258a0ee68fc0253f8be6a7cee8b65ee9

HTTP Headers

GET /ajax/libs/font-awesome/6.0.0-beta3/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ila.jswords.xyz
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 17 Oct 2023 20:46:03 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 105204
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "64942a3c-19af4"
last-modified: Thu, 22 Jun 2023 11:02:20 GMT
cf-cdnjs-via: cfworker/r2
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 4094698
expires: Sun, 06 Oct 2024 20:46:03 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R1AgpBK3%2FfK8%2BNURd6SzqMC0SRIIJefYQOmz9kEf3lGsSmp2BURNlBiN7HapKqDMOj%2FGSdOK1oUFBMDeZvRh3ovZ7lYkBKy2zOoRXPeZlLikltIPZ8OOcE%2FMwRI5FrAjCoVFmWzw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 817b638968a956cb-OSL
alt-svc: h3=":443"; ma=86400

gloaphoo.net/400/6301604

139.45.197.239

200 OK

364 kB

URL GET HTTP/2
gloaphoo.net/400/6301604
IP
139.45.197.239:443
ASN
#9002 RETN Limited

Requested by
https://ila.jswords.xyz/
Certificate
IssuerLet's Encrypt
Subjectgloaphoo.net
Fingerprint5F:C6:15:A3:C5:AC:09:1F:66:72:F9:C8:1E:EF:45:4D:F6:8D:73:1B
ValiditySat, 14 Oct 2023 05:09:27 GMT - Fri, 12 Jan 2024 05:09:26 GMT

File type
gzip compressed data, max speed, from Unix\012- data
Size
364 kB (364338 bytes)
Hash
393ec828f61175916139a45014dd0d8a
b4c64a7bb22be992381e3058594752a665b98eb5
9c9eabfc9fba2d32819b57770597ed00972c12e236c9f8e1bfdbba0dd0504000

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /400/6301604 HTTP/1.1
Host: gloaphoo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 17 Oct 2023 20:46:03 GMT
content-type: application/javascript
x-trace-id: 2e7c2835ea4ce3573401adc0ba69d0af
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
set-cookie: OAID=db9a8bd74c3640e59001066a9c209933; expires=Wed, 16 Oct 2024 20:46:03 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

ila.jswords.xyz/settings/js/index.js

129.213.82.186

200 OK

2.5 kB

URL GET HTTP/1.1
ila.jswords.xyz/settings/js/index.js
IP
129.213.82.186:443
ASN
#31898 ORACLE-BMC-31898

Requested by
https://ila.jswords.xyz/
Certificate
IssuerLet's Encrypt
Subjectmath.centraloff.org
Fingerprint30:78:17:5E:EA:25:F0:5E:B1:CF:E4:31:49:C0:B5:D7:9D:AD:2D:84
ValiditySat, 14 Oct 2023 06:03:35 GMT - Fri, 12 Jan 2024 06:03:34 GMT

File type
HTML document, ASCII text
Size
2.5 kB (2480 bytes)
Hash
c1f83bad4af90c7780e31fc3fd1e69c1
2281b0355bcf05e02e053efdfea3aad71cb1dfbb
a8494bcb77b55cff23222c28fd4fbe9b63dc614cf37c2a965fbce21ce997ff2a

HTTP Headers

GET /settings/js/index.js HTTP/1.1
Host: ila.jswords.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Cookie: _ga_NCTSG4T1B6=GS1.1.1697575563.1.0.1697575563.0.0.0; _ga=GA1.1.80435394.1697575564
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 17 Oct 2023 20:46:03 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 08 Aug 2023 20:36:22 GMT
ETag: W/"2064-189d6dd6bea"
Vary: Accept-Encoding
Content-Encoding: gzip

ila.jswords.xyz/tab.js

129.213.82.186

200 OK

3.6 kB

URL GET HTTP/1.1
ila.jswords.xyz/tab.js
IP
129.213.82.186:443
ASN
#31898 ORACLE-BMC-31898

Requested by
https://ila.jswords.xyz/
Certificate
IssuerLet's Encrypt
Subjectmath.centraloff.org
Fingerprint30:78:17:5E:EA:25:F0:5E:B1:CF:E4:31:49:C0:B5:D7:9D:AD:2D:84
ValiditySat, 14 Oct 2023 06:03:35 GMT - Fri, 12 Jan 2024 06:03:34 GMT

File type
ASCII text
Size
3.6 kB (3559 bytes)
Hash
b5a1d8b482209e5de6b1c05a321cece5
85e5b6f32ea2444d4a4d8f8e862c66587a646a6a
4e0824222b2a7f91f31db14944401af00f5f22415e8b1f678b12812704bbd204

HTTP Headers

GET /tab.js HTTP/1.1
Host: ila.jswords.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Cookie: _ga_NCTSG4T1B6=GS1.1.1697575563.1.0.1697575563.0.0.0; _ga=GA1.1.80435394.1697575564
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 17 Oct 2023 20:46:03 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 08 Aug 2023 20:36:22 GMT
ETag: W/"3d2e-189d6dd6bf2"
Vary: Accept-Encoding
Content-Encoding: gzip

ila.jswords.xyz/options.js

129.213.82.186

200 OK

846 B

URL GET HTTP/1.1
ila.jswords.xyz/options.js
IP
129.213.82.186:443
ASN
#31898 ORACLE-BMC-31898

Requested by
https://ila.jswords.xyz/
Certificate
IssuerLet's Encrypt
Subjectmath.centraloff.org
Fingerprint30:78:17:5E:EA:25:F0:5E:B1:CF:E4:31:49:C0:B5:D7:9D:AD:2D:84
ValiditySat, 14 Oct 2023 06:03:35 GMT - Fri, 12 Jan 2024 06:03:34 GMT

File type
HTML document, ASCII text
Size
846 B (846 bytes)
Hash
c63690de91b74b83b64a34ed229bd538
2df315b2d1c7fff29fecda11393522f75c1feb8a
d8b76bc5a0d97aae53d1d62e5e4cd03db9baab4e1e59280693ee1b3c4ce114c8

HTTP Headers

GET /options.js HTTP/1.1
Host: ila.jswords.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Cookie: _ga_NCTSG4T1B6=GS1.1.1697575563.1.0.1697575563.0.0.0; _ga=GA1.1.80435394.1697575564
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 17 Oct 2023 20:46:03 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 08 Aug 2023 20:36:22 GMT
ETag: W/"a0a-189d6dd6bea"
Vary: Accept-Encoding
Content-Encoding: gzip

ila.jswords.xyz/register-sw.js

129.213.82.186

200 OK

699 B

URL GET HTTP/1.1
ila.jswords.xyz/register-sw.js
IP
129.213.82.186:443
ASN
#31898 ORACLE-BMC-31898

Requested by
https://ila.jswords.xyz/
Certificate
IssuerLet's Encrypt
Subjectmath.centraloff.org
Fingerprint30:78:17:5E:EA:25:F0:5E:B1:CF:E4:31:49:C0:B5:D7:9D:AD:2D:84
ValiditySat, 14 Oct 2023 06:03:35 GMT - Fri, 12 Jan 2024 06:03:34 GMT

File type
ASCII text
Size
699 B (699 bytes)
Hash
dbfceee9fbe9541ee5e7fb7bae771db7
a220ac0abae9b850fd168851204295f084631748
b5fdef9f51bdb9b56e7f4e7749d77bcb6597a0301ead564c6ba9b4a016ac1a1e

HTTP Headers

GET /register-sw.js HTTP/1.1
Host: ila.jswords.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Cookie: _ga_NCTSG4T1B6=GS1.1.1697575563.1.0.1697575563.0.0.0; _ga=GA1.1.80435394.1697575564
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 17 Oct 2023 20:46:03 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 699
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 08 Aug 2023 20:36:22 GMT
ETag: W/"2bb-189d6dd6bea"
Vary: Accept-Encoding

ila.jswords.xyz/search.js

129.213.82.186

200 OK

634 B

URL GET HTTP/1.1
ila.jswords.xyz/search.js
IP
129.213.82.186:443
ASN
#31898 ORACLE-BMC-31898

Requested by
https://ila.jswords.xyz/
Certificate
IssuerLet's Encrypt
Subjectmath.centraloff.org
Fingerprint30:78:17:5E:EA:25:F0:5E:B1:CF:E4:31:49:C0:B5:D7:9D:AD:2D:84
ValiditySat, 14 Oct 2023 06:03:35 GMT - Fri, 12 Jan 2024 06:03:34 GMT

File type
Algol 68 source text\012- Pascal source, ASCII text
Size
634 B (634 bytes)
Hash
6b0c4bde5ddd22ac5897889c283a22ef
07bb2aa166ebc1d3cbaf653824cdbb3e9bc680ec
d5ac20ae9f32f37ed2b361331d65db05fd4266d9e22ddfa7d92117f3f9a8c8b8

HTTP Headers

GET /search.js HTTP/1.1
Host: ila.jswords.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Cookie: _ga_NCTSG4T1B6=GS1.1.1697575563.1.0.1697575563.0.0.0; _ga=GA1.1.80435394.1697575564
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 17 Oct 2023 20:46:03 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 634
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 08 Aug 2023 20:36:22 GMT
ETag: W/"27a-189d6dd6bea"
Vary: Accept-Encoding

ila.jswords.xyz/settings/js/panic.js

129.213.82.186

404 Not Found

1.8 kB

URL GET HTTP/1.1
ila.jswords.xyz/settings/js/panic.js
IP
129.213.82.186:443
ASN
#31898 ORACLE-BMC-31898

Requested by
https://ila.jswords.xyz/
Certificate
IssuerLet's Encrypt
Subjectmath.centraloff.org
Fingerprint30:78:17:5E:EA:25:F0:5E:B1:CF:E4:31:49:C0:B5:D7:9D:AD:2D:84
ValiditySat, 14 Oct 2023 06:03:35 GMT - Fri, 12 Jan 2024 06:03:34 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.8 kB (1834 bytes)
Hash
06682f07380834c6729bda62352bfa34
cd759c0e15cb0fad298d4510f5012b0fd551b9f9
8cac808e0498c71c0e0f21bd6601edb7c5d390d671faebba74dbdcf871b411ba

HTTP Headers

GET /settings/js/panic.js HTTP/1.1
Host: ila.jswords.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Cookie: _ga_NCTSG4T1B6=GS1.1.1697575563.1.0.1697575563.0.0.0; _ga=GA1.1.80435394.1697575564
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 17 Oct 2023 20:46:03 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 08 Aug 2023 20:36:22 GMT
ETag: W/"15e7-189d6dd6be6"
Vary: Accept-Encoding
Content-Encoding: gzip

ila.jswords.xyz/

129.213.82.186

200 OK

0 B

URL HEAD HTTP/1.1
ila.jswords.xyz/
IP
129.213.82.186:443
ASN
#31898 ORACLE-BMC-31898

Requested by
https://ila.jswords.xyz/
Certificate
IssuerLet's Encrypt
Subjectmath.centraloff.org
Fingerprint30:78:17:5E:EA:25:F0:5E:B1:CF:E4:31:49:C0:B5:D7:9D:AD:2D:84
ValiditySat, 14 Oct 2023 06:03:35 GMT - Fri, 12 Jan 2024 06:03:34 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD / HTTP/1.1
Host: ila.jswords.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Cookie: _ga_NCTSG4T1B6=GS1.1.1697575563.1.0.1697575563.0.0.0; _ga=GA1.1.80435394.1697575564
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 17 Oct 2023 20:46:03 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Last-Modified: Wed, 13 Sep 2023 03:10:27 GMT
ETag: W/"1043b-18a8c84ca2c"
Vary: Accept-Encoding
Content-Encoding: gzip

ophoacit.com/27/6bb872d7a3a0718b6120c3e523394afb

139.45.197.242

200 OK

132 kB

URL GET HTTP/2
ophoacit.com/27/6bb872d7a3a0718b6120c3e523394afb
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://ila.jswords.xyz/
Certificate
IssuerLet's Encrypt
Subjectophoacit.com
FingerprintBA:22:E5:6C:16:E2:40:EC:4F:D5:BC:70:BD:70:0F:C0:76:C0:39:8F
ValidityWed, 16 Aug 2023 07:14:02 GMT - Tue, 14 Nov 2023 07:14:01 GMT

File type
gzip compressed data, max speed, from Unix\012- data
Size
132 kB (131658 bytes)
Hash
6a597afde88ed98a757166df5f4f5f69
83a88132a98d60c876175cdf24905585ed6fc9b1
98cc3752dea57f8bc03a942bea8401200fbf963ba60f6507914b60f4e7891cdc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /27/6bb872d7a3a0718b6120c3e523394afb HTTP/1.1
Host: ophoacit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Cookie: scm=1; OAID=3dc8589174ea464e94084a5f2ee18c82; oaidts=1697575562
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 17 Oct 2023 20:46:03 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: a7115775e1ff3fbce457b51055582919
cache-control: max-age:290304000, public
last-modified: Thu, 05 Oct 2023 08:56:45 GMT
expires: Thu, 04 Nov 2083 08:56:45 GMT
access-control-expose-headers: X-Sc
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

ila.jswords.xyz/assets/json/cdns.json

129.213.82.186

404 Not Found

1.8 kB

URL GET HTTP/1.1
ila.jswords.xyz/assets/json/cdns.json
IP
129.213.82.186:443
ASN
#31898 ORACLE-BMC-31898

Requested by
https://ila.jswords.xyz/
Certificate
IssuerLet's Encrypt
Subjectmath.centraloff.org
Fingerprint30:78:17:5E:EA:25:F0:5E:B1:CF:E4:31:49:C0:B5:D7:9D:AD:2D:84
ValiditySat, 14 Oct 2023 06:03:35 GMT - Fri, 12 Jan 2024 06:03:34 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.8 kB (1834 bytes)
Hash
06682f07380834c6729bda62352bfa34
cd759c0e15cb0fad298d4510f5012b0fd551b9f9
8cac808e0498c71c0e0f21bd6601edb7c5d390d671faebba74dbdcf871b411ba

HTTP Headers

GET /assets/json/cdns.json HTTP/1.1
Host: ila.jswords.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ila.jswords.xyz/
DNT: 1
Connection: keep-alive
Cookie: _ga_NCTSG4T1B6=GS1.1.1697575563.1.0.1697575563.0.0.0; _ga=GA1.1.80435394.1697575564
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 17 Oct 2023 20:46:03 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 08 Aug 2023 20:36:22 GMT
ETag: W/"15e7-189d6dd6be6"
Vary: Accept-Encoding
Content-Encoding: gzip

ila.jswords.xyz/assets/json/themes.json

129.213.82.186

404 Not Found

1.8 kB

URL GET HTTP/1.1
ila.jswords.xyz/assets/json/themes.json
IP
129.213.82.186:443
ASN
#31898 ORACLE-BMC-31898

Requested by
https://ila.jswords.xyz/
Certificate
IssuerLet's Encrypt
Subjectmath.centraloff.org
Fingerprint30:78:17:5E:EA:25:F0:5E:B1:CF:E4:31:49:C0:B5:D7:9D:AD:2D:84
ValiditySat, 14 Oct 2023 06:03:35 GMT - Fri, 12 Jan 2024 06:03:34 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.8 kB (1834 bytes)
Hash
06682f07380834c6729bda62352bfa34
cd759c0e15cb0fad298d4510f5012b0fd551b9f9
8cac808e0498c71c0e0f21bd6601edb7c5d390d671faebba74dbdcf871b411ba

HTTP Headers

GET /assets/json/themes.json HTTP/1.1
Host: ila.jswords.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ila.jswords.xyz/
DNT: 1
Connection: keep-alive
Cookie: _ga_NCTSG4T1B6=GS1.1.1697575563.1.0.1697575563.0.0.0; _ga=GA1.1.80435394.1697575564
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 17 Oct 2023 20:46:03 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 08 Aug 2023 20:36:22 GMT
ETag: W/"15e7-189d6dd6be6"
Vary: Accept-Encoding
Content-Encoding: gzip

ila.jswords.xyz/uv/uv.bundle.js

129.213.82.186

200 OK

182 kB

URL GET HTTP/1.1
ila.jswords.xyz/uv/uv.bundle.js
IP
129.213.82.186:443
ASN
#31898 ORACLE-BMC-31898

Requested by
https://ila.jswords.xyz/
Certificate
IssuerLet's Encrypt
Subjectmath.centraloff.org
Fingerprint30:78:17:5E:EA:25:F0:5E:B1:CF:E4:31:49:C0:B5:D7:9D:AD:2D:84
ValiditySat, 14 Oct 2023 06:03:35 GMT - Fri, 12 Jan 2024 06:03:34 GMT

File type
Unicode text, UTF-8 text, with very long lines (63963)
Size
182 kB (181459 bytes)
Hash
4474857294352447e75928d902bbfda4
bd6b4ac6185bcb3a8716e08af9cedf460f8644ab
b226b199ad4e04570aab93f2e964afda3936c47fec41a77aec254ce26ec1154a

HTTP Headers

GET /uv/uv.bundle.js HTTP/1.1
Host: ila.jswords.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Cookie: _ga_NCTSG4T1B6=GS1.1.1697575563.1.0.1697575563.0.0.0; _ga=GA1.1.80435394.1697575564
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 17 Oct 2023 20:46:03 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 08 Aug 2023 20:36:27 GMT
ETag: W/"a472e-189d6dd7d1e"
Vary: Accept-Encoding
Content-Encoding: gzip

www.googletagmanager.com/gtag/js?id=G-98DP5VKS42

142.250.74.168

200 OK

86 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-98DP5VKS42
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://ila.jswords.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint54:FD:04:1B:2E:C7:46:95:DD:15:A3:A0:3F:CE:7F:03:02:53:36:8F
ValidityMon, 18 Sep 2023 08:19:25 GMT - Mon, 11 Dec 2023 08:19:24 GMT

File type
ASCII text, with very long lines (3184)
Size
86 kB (86022 bytes)
Hash
3f47bd28ec1b410bb69360ab380fb47a
405d4744b830ef42602eb95d0ac36146861a5b22
5cfe1a7ea60270976d42cd3dbe15eb67a9235f3df116c568fcb8917c494942c4

HTTP Headers

GET /gtag/js?id=G-98DP5VKS42 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 17 Oct 2023 20:46:04 GMT
expires: Tue, 17 Oct 2023 20:46:04 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 86022
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/gtag/js?id=G-98DP5VKS42&l=dataLayer&cx=c

142.250.74.168

200 OK

86 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-98DP5VKS42&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://ila.jswords.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint54:FD:04:1B:2E:C7:46:95:DD:15:A3:A0:3F:CE:7F:03:02:53:36:8F
ValidityMon, 18 Sep 2023 08:19:25 GMT - Mon, 11 Dec 2023 08:19:24 GMT

File type
ASCII text, with very long lines (3184)
Size
86 kB (85906 bytes)
Hash
f977bc7d9cd85a9d91b235f7a70e5236
eafe08ddcd6ecaf5737e6c76343030d62f6ebc8e
bfde9ffc2b0d0475d6aecd22dae4f5ba1e5cefa6b1c009236ace86dfee60d04c

HTTP Headers

GET /gtag/js?id=G-98DP5VKS42&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 17 Oct 2023 20:46:04 GMT
expires: Tue, 17 Oct 2023 20:46:04 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 85906
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ocsp.r2m02.amazontrust.com/

54.230.80.227

471 B

URL
ocsp.r2m02.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
57b6387625d5a6263e629e4b6c38dc60
963ba09aa207a4346bb57f14f9ad1bcbb3018e14
f783ed306e100d06373c64d4a68b362bbbce64ef1c146c037d4f8eb6151ec37f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Tue, 17 Oct 2023 20:46:04 GMT
Last-Modified: Tue, 17 Oct 2023 20:03:59 GMT
Server: ECAcc (amb/6AEA)
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: KHOElEqUVVkqp4kS6xqR2SiMW-VD3TceZaRGjoNx5TS0cF659eIT1Q==
Age: 2525

arc.io/widget.min.js

54.230.111.25

2.9 kB

URL
arc.io/widget.min.js
IP
54.230.111.25:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (7592)
Size
2.9 kB (2948 bytes)
Hash
bd9b6eaf2c54baf6f25a10b275239800
c7587880f2ad1f4c9990fd762df7ecf36a08f6df
87e16c394f1b529c12a8bdcf940d59c45cff44b81c3527594cad64410d9388d5

HTTP Headers

GET /widget.min.js HTTP/1.1
Host: arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
content-length: 2948
date: Tue, 17 Oct 2023 20:06:55 GMT
last-modified: Fri, 13 Oct 2023 17:06:17 GMT
content-encoding: br
cache-control: public, max-age=3600, stale-while-revalidate=864000
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
etag: "65297909-b84"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Cbrk9oVYg64ngWz1FfBZGxQRUpnuCSy71QnuNyzopFR-PRVgYFh7hg==
age: 2349
X-Firefox-Spdy: h2

my.rtmark.net/gid.js

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://ila.jswords.xyz/
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
FingerprintB4:02:64:AF:5C:AB:27:5B:1B:80:CF:C8:FF:EB:BF:43:29:C3:C5:C1
ValidityTue, 25 Jul 2023 06:29:27 GMT - Mon, 23 Oct 2023 06:29:26 GMT

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
0fba973662edaa0442eb13f675be34c6
3d32f78aabb667d41998bfd891b035ad1af461cc
10a7bebbb819883f14af0abd94d029dc77e365942dc2da25ed5418c305a27ea8

HTTP Headers

GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ila.jswords.xyz
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 17 Oct 2023 20:46:04 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://ila.jswords.xyz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=50a1300c91cc43cdaa721d6f8c1d5459; expires=Wed, 16 Oct 2024 20:46:04 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
92c66a077e2d56a10cb3919ab0fcb616
e0b68920b8eace24f3b492aa3c71359479a55c28
784f9288b19eb3b1f8608377ce54750ee9a8c1a1309d3f5107af2e7f0a611f6f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 17 Oct 2023 20:46:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ila.jswords.xyz/favicon/favicon-16x16.png

129.213.82.186

200 OK

924 B

URL GET HTTP/1.1
ila.jswords.xyz/favicon/favicon-16x16.png
IP
129.213.82.186:443
ASN
#31898 ORACLE-BMC-31898

Requested by
https://ila.jswords.xyz/
Certificate
IssuerLet's Encrypt
Subjectmath.centraloff.org
Fingerprint30:78:17:5E:EA:25:F0:5E:B1:CF:E4:31:49:C0:B5:D7:9D:AD:2D:84
ValiditySat, 14 Oct 2023 06:03:35 GMT - Fri, 12 Jan 2024 06:03:34 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
924 B (924 bytes)
Hash
1e100fc49918e90f521458da3c487cac
ff9584df1d6c2fabfe3f9b3a0fb2fdfa034988a2
1551286464b809cbf9896018171dd6c079df54007ed16e07a38e76c89072f86f

HTTP Headers

GET /favicon/favicon-16x16.png HTTP/1.1
Host: ila.jswords.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Cookie: _ga_NCTSG4T1B6=GS1.1.1697575563.1.1.1697575564.0.0.0; _ga=GA1.1.80435394.1697575564
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 17 Oct 2023 20:46:04 GMT
Content-Type: image/png
Content-Length: 924
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 08 Aug 2023 20:36:22 GMT
ETag: W/"39c-189d6dd6bea"

ila.jswords.xyz/favicon/apple-touch-icon.png

129.213.82.186

200 OK

58 kB

URL GET HTTP/1.1
ila.jswords.xyz/favicon/apple-touch-icon.png
IP
129.213.82.186:443
ASN
#31898 ORACLE-BMC-31898

Requested by
https://ila.jswords.xyz/
Certificate
IssuerLet's Encrypt
Subjectmath.centraloff.org
Fingerprint30:78:17:5E:EA:25:F0:5E:B1:CF:E4:31:49:C0:B5:D7:9D:AD:2D:84
ValiditySat, 14 Oct 2023 06:03:35 GMT - Fri, 12 Jan 2024 06:03:34 GMT

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size
58 kB (58354 bytes)
Hash
fcdae33086073da02a6c6218312b6c6f
47421bb417f48c274a66fa149d2b75ad75e5cecc
f0998afa9857ee64da83d99b9c56e8a18af2b3a1c00ace2e542dd122f4689d00

HTTP Headers

GET /favicon/apple-touch-icon.png HTTP/1.1
Host: ila.jswords.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Cookie: _ga_NCTSG4T1B6=GS1.1.1697575563.1.1.1697575564.0.0.0; _ga=GA1.1.80435394.1697575564
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 17 Oct 2023 20:46:04 GMT
Content-Type: image/png
Content-Length: 58354
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 08 Aug 2023 20:36:22 GMT
ETag: W/"e3f2-189d6dd6bea"

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
92c66a077e2d56a10cb3919ab0fcb616
e0b68920b8eace24f3b492aa3c71359479a55c28
784f9288b19eb3b1f8608377ce54750ee9a8c1a1309d3f5107af2e7f0a611f6f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 17 Oct 2023 20:46:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sectigo.com/

104.18.15.101

471 B

URL
ocsp.sectigo.com/
IP
104.18.15.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
d688574568233c35ed80876b3d9bb7be
b8c2e972d8d1a1f37eb2619327750d1ab310e86c
b32a61ae0fc13f30f8f7fa34f1854a8654b470aaa5ae4b086d2730e85cf54811

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 17 Oct 2023 20:46:04 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 15 Oct 2023 03:49:35 GMT
Expires: Sun, 22 Oct 2023 03:49:34 GMT
Etag: "b8c2e972d8d1a1f37eb2619327750d1ab310e86c"
Cache-Control: max-age=370958,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 817b638fabf30afe-OSL

browser.sentry-cdn.com/6.2.2/bundle.min.js

151.101.2.217

200 OK

21 kB

URL GET HTTP/2
browser.sentry-cdn.com/6.2.2/bundle.min.js
IP
151.101.2.217:443
ASN
#54113 FASTLY

Requested by
https://ila.jswords.xyz/
Certificate
IssuerGlobalSign nv-sa
Subject*.sentry-cdn.com
FingerprintF4:BF:96:D1:20:5D:BA:52:63:EB:1F:F7:56:39:FA:81:01:A3:64:DE
ValidityTue, 01 Aug 2023 14:42:24 GMT - Sun, 01 Sep 2024 14:42:23 GMT

File type
ASCII text, with very long lines (65448)
Size
21 kB (20633 bytes)
Hash
1112a55739f24ef7add32867ae13bc72
62b95d703a81e23f0c37e504c2dca4a341cb467f
e593e95cfe0f3335088d5643951e90c8b4b3a4dfbe773614bb0070d544edb02e

HTTP Headers

GET /6.2.2/bundle.min.js HTTP/1.1
Host: browser.sentry-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ila.jswords.xyz
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 08 May 2024 12:32:02 GMT
last-modified: Thu, 11 Mar 2021 09:25:54 GMT
etag: "a948fc086ec14683f3f2270913c7f702"
content-type: application/javascript; charset=utf-8
content-encoding: gzip
accept-ranges: bytes
date: Tue, 17 Oct 2023 20:46:04 GMT
age: 13940042
vary: Accept-Encoding
access-control-allow-origin: *
server: Fastly
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 20633
X-Firefox-Spdy: h2

fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f

139.45.195.254

200 OK

12 B

URL POST HTTP/1.1
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP
139.45.195.254:443
ASN
#9002 RETN Limited

Requested by
https://ila.jswords.xyz/
Certificate
IssuerSectigo Limited
Subjectfleraprt.com
FingerprintA4:AF:A0:00:99:C9:85:E5:30:F6:F3:F2:B5:4F:AE:4F:D0:46:74:A9
ValidityMon, 09 Jan 2023 00:00:00 GMT - Sun, 14 Jan 2024 23:59:59 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1341
Origin: https://ila.jswords.xyz
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Tue, 17 Oct 2023 20:46:23 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://ila.jswords.xyz
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

my.rtmark.net/gid.js?userId=q8qf623731wl065182052c2x6eiuh056

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js?userId=q8qf623731wl065182052c2x6eiuh056
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://ila.jswords.xyz/
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
FingerprintB4:02:64:AF:5C:AB:27:5B:1B:80:CF:C8:FF:EB:BF:43:29:C3:C5:C1
ValidityTue, 25 Jul 2023 06:29:27 GMT - Mon, 23 Oct 2023 06:29:26 GMT

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
0fba973662edaa0442eb13f675be34c6
3d32f78aabb667d41998bfd891b035ad1af461cc
10a7bebbb819883f14af0abd94d029dc77e365942dc2da25ed5418c305a27ea8

HTTP Headers

GET /gid.js?userId=q8qf623731wl065182052c2x6eiuh056 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ila.jswords.xyz
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Cookie: ID=50a1300c91cc43cdaa721d6f8c1d5459
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 17 Oct 2023 20:46:04 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://ila.jswords.xyz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=50a1300c91cc43cdaa721d6f8c1d5459; expires=Wed, 16 Oct 2024 20:46:04 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

static.arc.io/broker/js/lazy-iwc.9b430e25.js

194.242.11.186

200 OK

4.9 kB

URL GET HTTP/2
static.arc.io/broker/js/lazy-iwc.9b430e25.js
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://core.arc.io/broker.html?944baab
Certificate
IssuerLet's Encrypt
Subjectstatic.arc.io
FingerprintD9:B2:57:1E:FB:96:4A:5C:9A:10:26:01:5E:16:F0:36:97:F6:80:91
ValiditySun, 10 Sep 2023 00:09:00 GMT - Sat, 09 Dec 2023 00:08:59 GMT

File type
ASCII text, with very long lines (14147)
Size
4.9 kB (4850 bytes)
Hash
1343454a1c763177d59f06c307b3a5a2
82626af192e064ca2eb37deb3cf49c5d306c1a0a
170fc28046efe0a2310c72af9f6d88c39458c227d4b9d7f77738f78cf1c3a11f

HTTP Headers

GET /broker/js/lazy-iwc.9b430e25.js HTTP/1.1
Host: static.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://core.arc.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 17 Oct 2023 20:46:04 GMT
content-type: text/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 786569
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
access-control-max-age: 86400
cache-control: public, max-age=2592000
etag: W/"1343454a1c763177d59f06c307b3a5a2"
last-modified: Sun, 09 Apr 2023 20:16:26 GMT
x-amz-id-2: R0bXjzba5k5qIXg12/rYK6V2z+b6sscWZoAvutxA0p8nPqI7+BXlETrHUNI3zZEb0wW8yqwqCpY=
x-amz-request-id: GAFR431XB16DAY5Q
x-amz-server-side-encryption: AES256
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 05/01/2023 23:11:01
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 8a395dd33aac6285d8738bdcc0e296b4
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

static.arc.io/broker/js/lazy-modules.a169b1ec.js

194.242.11.186

200 OK

16 kB

URL GET HTTP/2
static.arc.io/broker/js/lazy-modules.a169b1ec.js
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://core.arc.io/broker.html?944baab
Certificate
IssuerLet's Encrypt
Subjectstatic.arc.io
FingerprintD9:B2:57:1E:FB:96:4A:5C:9A:10:26:01:5E:16:F0:36:97:F6:80:91
ValiditySun, 10 Sep 2023 00:09:00 GMT - Sat, 09 Dec 2023 00:08:59 GMT

File type
ASCII text, with very long lines (25027)
Size
16 kB (15692 bytes)
Hash
d03c11be3537746519138d1fe06bd033
c915eed8fafdd69b7c2d6f28c5cb0d3f031888f7
2d69a91e3b105d9ced4a5c0244a9dc3905f8eb061e72cb5518db5ef6d0d0635d

HTTP Headers

GET /broker/js/lazy-modules.a169b1ec.js HTTP/1.1
Host: static.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://core.arc.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 17 Oct 2023 20:46:04 GMT
content-type: text/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 786569
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
access-control-max-age: 86400
cache-control: public, max-age=2592000
etag: W/"d03c11be3537746519138d1fe06bd033"
last-modified: Sun, 09 Apr 2023 20:16:26 GMT
x-amz-id-2: c+i3k9IP9d0Ir4X4D/lPkyIVAn2/4fCy87N/+2WuLlSTFug7GE4FWsOHYrb77pKgf/Xko9ttKNg=
x-amz-request-id: 9VDGDBQ2QZNHPTS5
x-amz-server-side-encryption: AES256
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 05/06/2023 02:17:48
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 9bb55d730895c570d829a1da3d0c77de
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
787d6f83bd7df3856ac5d4af76e581a2
1ea60d5eeabe66b4e858fcc9c0711e89276b57b2
baa5fce8a952c22c350338e09ccc888edfe74ccb9b3937a16b1fd855a80365e9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 17 Oct 2023 20:46:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

my.rtmark.net/gid.js?userId=q8qf623731wl065182052c2x6eiuh056

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js?userId=q8qf623731wl065182052c2x6eiuh056
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://ila.jswords.xyz/
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
FingerprintB4:02:64:AF:5C:AB:27:5B:1B:80:CF:C8:FF:EB:BF:43:29:C3:C5:C1
ValidityTue, 25 Jul 2023 06:29:27 GMT - Mon, 23 Oct 2023 06:29:26 GMT

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
0fba973662edaa0442eb13f675be34c6
3d32f78aabb667d41998bfd891b035ad1af461cc
10a7bebbb819883f14af0abd94d029dc77e365942dc2da25ed5418c305a27ea8

HTTP Headers

GET /gid.js?userId=q8qf623731wl065182052c2x6eiuh056 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ila.jswords.xyz
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Cookie: ID=50a1300c91cc43cdaa721d6f8c1d5459
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 17 Oct 2023 20:46:04 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://ila.jswords.xyz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=50a1300c91cc43cdaa721d6f8c1d5459; expires=Wed, 16 Oct 2024 20:46:04 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

static.arc.io/broker/js/lazy-modules.a169b1ec.js

194.242.11.186

200 OK

16 kB

URL GET HTTP/2
static.arc.io/broker/js/lazy-modules.a169b1ec.js
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://core.arc.io/broker.html?944baab
Certificate
IssuerLet's Encrypt
Subjectstatic.arc.io
FingerprintD9:B2:57:1E:FB:96:4A:5C:9A:10:26:01:5E:16:F0:36:97:F6:80:91
ValiditySun, 10 Sep 2023 00:09:00 GMT - Sat, 09 Dec 2023 00:08:59 GMT

File type
ASCII text, with very long lines (25027)
Size
16 kB (15734 bytes)
Hash
d03c11be3537746519138d1fe06bd033
c915eed8fafdd69b7c2d6f28c5cb0d3f031888f7
2d69a91e3b105d9ced4a5c0244a9dc3905f8eb061e72cb5518db5ef6d0d0635d

HTTP Headers

GET /broker/js/lazy-modules.a169b1ec.js HTTP/1.1
Host: static.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://core.arc.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 17 Oct 2023 20:46:04 GMT
content-type: text/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 786569
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
access-control-max-age: 86400
cache-control: public, max-age=2592000
etag: W/"d03c11be3537746519138d1fe06bd033"
last-modified: Sun, 09 Apr 2023 20:16:26 GMT
x-amz-id-2: c+i3k9IP9d0Ir4X4D/lPkyIVAn2/4fCy87N/+2WuLlSTFug7GE4FWsOHYrb77pKgf/Xko9ttKNg=
x-amz-request-id: 9VDGDBQ2QZNHPTS5
x-amz-server-side-encryption: AES256
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 05/06/2023 02:17:48
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: be2c8cebf9bddb55a077a13242db68bf
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
787d6f83bd7df3856ac5d4af76e581a2
1ea60d5eeabe66b4e858fcc9c0711e89276b57b2
baa5fce8a952c22c350338e09ccc888edfe74ccb9b3937a16b1fd855a80365e9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 17 Oct 2023 20:46:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

browser.sentry-cdn.com/6.2.2/bundle.min.js

151.101.2.217

200 OK

21 kB

URL GET HTTP/2
browser.sentry-cdn.com/6.2.2/bundle.min.js
IP
151.101.2.217:443
ASN
#54113 FASTLY

Requested by
https://ila.jswords.xyz/
Certificate
IssuerGlobalSign nv-sa
Subject*.sentry-cdn.com
FingerprintF4:BF:96:D1:20:5D:BA:52:63:EB:1F:F7:56:39:FA:81:01:A3:64:DE
ValidityTue, 01 Aug 2023 14:42:24 GMT - Sun, 01 Sep 2024 14:42:23 GMT

File type
ASCII text, with very long lines (65448)
Size
21 kB (20633 bytes)
Hash
1112a55739f24ef7add32867ae13bc72
62b95d703a81e23f0c37e504c2dca4a341cb467f
e593e95cfe0f3335088d5643951e90c8b4b3a4dfbe773614bb0070d544edb02e

HTTP Headers

GET /6.2.2/bundle.min.js HTTP/1.1
Host: browser.sentry-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://core.arc.io
DNT: 1
Connection: keep-alive
Referer: https://core.arc.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 08 May 2024 12:32:02 GMT
last-modified: Thu, 11 Mar 2021 09:25:54 GMT
etag: "a948fc086ec14683f3f2270913c7f702"
content-type: application/javascript; charset=utf-8
content-encoding: gzip
accept-ranges: bytes
date: Tue, 17 Oct 2023 20:46:05 GMT
age: 13940042
vary: Accept-Encoding
access-control-allow-origin: *
server: Fastly
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 20633
X-Firefox-Spdy: h2

core.arc.io/broker.html?944baab

194.242.11.186

200 OK

35 kB

URL GET HTTP/2
core.arc.io/broker.html?944baab
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://ila.jswords.xyz/
Certificate
IssuerLet's Encrypt
Subjectcore.arc.io
Fingerprint44:85:C6:1F:94:2C:B2:DE:90:BF:CE:A2:59:61:BA:A7:0C:C2:29:3F
ValiditySun, 10 Sep 2023 00:09:02 GMT - Sat, 09 Dec 2023 00:09:01 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (920)
Size
35 kB (35130 bytes)
Hash
729ed8cf68dc2bb3af0b9e88942c5e94
a9afee9cae5086ada59fa9067fdac32b755764b2
fba7b9242113390e99277bd207daba9b5b1bf029ae5a5867472cf0d8c589b05d

HTTP Headers

GET /broker.html?944baab HTTP/1.1
Host: core.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 17 Oct 2023 20:46:04 GMT
content-type: text/html
vary: Accept-Encoding
server: BunnyCDN-NO1-830
cdn-pullzone: 786568
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=2592000
etag: W/"64331d06-612"
expires: Sun, 12 Nov 2023 17:23:47 GMT
last-modified: Sun, 09 Apr 2023 20:16:06 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 10/13/2023 17:23:47
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 1621c995d020c50f22a81097b31e7042
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

ila.jswords.xyz/home.html

129.213.82.186

200 OK

1.0 kB

URL GET HTTP/1.1
ila.jswords.xyz/home.html
IP
129.213.82.186:443
ASN
#31898 ORACLE-BMC-31898

Requested by
https://ila.jswords.xyz/
Certificate
IssuerLet's Encrypt
Subjectmath.centraloff.org
Fingerprint30:78:17:5E:EA:25:F0:5E:B1:CF:E4:31:49:C0:B5:D7:9D:AD:2D:84
ValiditySat, 14 Oct 2023 06:03:35 GMT - Fri, 12 Jan 2024 06:03:34 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.0 kB (1016 bytes)
Hash
46cf47c21464b9ba81d61730ca9c9e83
2c01480f0e56f2f8df9479bf22e91be6ebd992f2
69692a72430bbfedf4ddf93f62a2a798af9b18d8b2a0d17ddf07555e0d446212

HTTP Headers

GET /home.html HTTP/1.1
Host: ila.jswords.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Cookie: _ga_NCTSG4T1B6=GS1.1.1697575563.1.1.1697575564.0.0.0; _ga=GA1.1.80435394.1697575564; _ga_98DP5VKS42=GS1.1.1697575565.1.0.1697575565.60.0.0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 17 Oct 2023 20:46:05 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 08 Aug 2023 20:36:22 GMT
ETag: W/"8d8-189d6dd6bea"
Vary: Accept-Encoding
Content-Encoding: gzip

cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/normalize.min.css

104.17.25.14

200 OK

632 B

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/normalize.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ila.jswords.xyz/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1796)
Size
632 B (632 bytes)
Hash
877f174ba71fcbb4bd316accf30ab613
0efbe27a5658c93f3e2ae08b57204ba7fe5e3900
a12ac29d1617bc71b7d520627ea3f63ccd6e8deed2254c97d274f03b6449579e

HTTP Headers

GET /ajax/libs/normalize/8.0.0/normalize.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 17 Oct 2023 20:46:05 GMT
content-type: text/css; charset=utf-8
content-length: 632
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "64942c28-278"
last-modified: Thu, 22 Jun 2023 11:10:32 GMT
cf-cdnjs-via: cfworker/r2
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 4088051
expires: Sun, 06 Oct 2024 20:46:05 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U5qazuTepZ8Jwci2rXt%2BDu%2Fzo7RvDBjjk4EaeXhcx%2BhJuUbpLchLE%2FmLDp4cp0p9ysSrEox%2Fhh3ZMvzOD7ptk47%2FJjllsnYCv%2Bmb23vC9L9ZsSsm4vSg6dhXtX9ApMpQ%2Bnwg%2BGFa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 817b6391fc69b511-OSL
alt-svc: h3=":443"; ma=86400

offerimage.com/www/images/3d08aacb36c7474e0d13b60f8f4adc14.png

104.22.32.172

200 OK

66 kB

URL GET HTTP/2
offerimage.com/www/images/3d08aacb36c7474e0d13b60f8f4adc14.png
IP
104.22.32.172:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ila.jswords.xyz/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintDB:4D:42:F8:E2:4C:E3:E4:BB:22:D8:D1:F7:64:B5:9A:10:B6:25:E0
ValiditySun, 07 May 2023 00:00:00 GMT - Mon, 06 May 2024 23:59:59 GMT

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
66 kB (66121 bytes)
Hash
3d08aacb36c7474e0d13b60f8f4adc14
e4af2de372b5e3a2211579a5973ef7ed160e7be4
54b0569cf052e12dd373e86031009d0a54a893275a21c2ef863277a9a978ab1c

HTTP Headers

GET /www/images/3d08aacb36c7474e0d13b60f8f4adc14.png HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 17 Oct 2023 20:46:05 GMT
content-type: image/png
content-length: 66121
last-modified: Mon, 12 Oct 2020 05:50:58 GMT
etag: "5f83eec2-10249"
expires: Wed, 18 Oct 2023 19:31:45 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 4460
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 817b63921dca95e4-ARN
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css

104.17.25.14

200 OK

15 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ila.jswords.xyz/home.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65311)
Size
15 kB (14850 bytes)
Hash
3d5ef2bf867c4054a2f336cdbad9e1dc
07228d1fa3245ee156a27a353f45758a3207849f
a361e7885c36bacb3fd9cb068da207c3b9329962cac022d06e28923939f575e8

HTTP Headers

GET /ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 17 Oct 2023 20:46:05 GMT
content-type: text/css; charset=utf-8
content-length: 14850
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "619c057b-3a02"
last-modified: Mon, 22 Nov 2021 21:02:51 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 435061
expires: Sun, 06 Oct 2024 20:46:05 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4aImzjFORD1oNGWaLg7QG%2B8spaenSSx8Igtv1qx1HboCUZNSCN5%2F8sBVf079QJz%2FBytATkpXEDwDtnAqdDi4Qa4hkevGzkG98hR08RC%2F%2B4pyjvLyCyKqyOhYRX1U1B6NRMg%2BQo73"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 817b63927ceab511-OSL
alt-svc: h3=":443"; ma=86400

ila.jswords.xyz/settings/js/themes.js

129.213.82.186

200 OK

728 B

URL GET HTTP/1.1
ila.jswords.xyz/settings/js/themes.js
IP
129.213.82.186:443
ASN
#31898 ORACLE-BMC-31898

Requested by
https://ila.jswords.xyz/
Certificate
IssuerLet's Encrypt
Subjectmath.centraloff.org
Fingerprint30:78:17:5E:EA:25:F0:5E:B1:CF:E4:31:49:C0:B5:D7:9D:AD:2D:84
ValiditySat, 14 Oct 2023 06:03:35 GMT - Fri, 12 Jan 2024 06:03:34 GMT

File type
ASCII text
Size
728 B (728 bytes)
Hash
347554b4e8b1e26d470f48337e9254ef
9f28939687bd6dd0bedf67b757b50c5595b5be7e
b0bad635d8f11c85a8934bd69da460fc9d81526d477596a554b12c41d76f0763

HTTP Headers

GET /settings/js/themes.js HTTP/1.1
Host: ila.jswords.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/home.html
Cookie: _ga_NCTSG4T1B6=GS1.1.1697575563.1.1.1697575564.0.0.0; _ga=GA1.1.80435394.1697575564; _ga_98DP5VKS42=GS1.1.1697575565.1.0.1697575565.60.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 17 Oct 2023 20:46:05 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 08 Aug 2023 20:36:22 GMT
ETag: W/"bcb-189d6dd6bea"
Vary: Accept-Encoding
Content-Encoding: gzip

ila.jswords.xyz/CSS/home.css

129.213.82.186

200 OK

543 B

URL GET HTTP/1.1
ila.jswords.xyz/CSS/home.css
IP
129.213.82.186:443
ASN
#31898 ORACLE-BMC-31898

Requested by
https://ila.jswords.xyz/home.html
Certificate
IssuerLet's Encrypt
Subjectmath.centraloff.org
Fingerprint30:78:17:5E:EA:25:F0:5E:B1:CF:E4:31:49:C0:B5:D7:9D:AD:2D:84
ValiditySat, 14 Oct 2023 06:03:35 GMT - Fri, 12 Jan 2024 06:03:34 GMT

File type
ASCII text
Size
543 B (543 bytes)
Hash
c141132e42ee79ea7faed48b13624f92
0cb2633b1f67bfd3d4aae7cdc7c0275d9b3157fb
0b787f106942a6a0376eeb3fa63c85c0d880943272ceea9017b9fef33eea3f0c

HTTP Headers

GET /CSS/home.css HTTP/1.1
Host: ila.jswords.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/home.html
Cookie: _ga_NCTSG4T1B6=GS1.1.1697575563.1.1.1697575564.0.0.0; _ga=GA1.1.80435394.1697575564; _ga_98DP5VKS42=GS1.1.1697575565.1.0.1697575565.60.0.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 17 Oct 2023 20:46:05 GMT
Content-Type: text/css; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 08 Aug 2023 20:36:22 GMT
ETag: W/"657-189d6dd6be6"
Vary: Accept-Encoding
Content-Encoding: gzip

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://ila.jswords.xyz/home.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint24:E0:20:DC:DE:E3:A8:D9:A8:17:BA:26:F5:41:32:19:98:D0:30:F3
ValidityMon, 18 Sep 2023 08:25:05 GMT - Mon, 11 Dec 2023 08:25:04 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ila.jswords.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 13 Oct 2023 10:05:24 GMT
expires: Sat, 12 Oct 2024 10:05:24 GMT
cache-control: public, max-age=31536000
age: 384041
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/webfonts/fa-solid-900.woff2

104.17.25.14

200 OK

125 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/webfonts/fa-solid-900.woff2
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ila.jswords.xyz/home.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 125064, version 768.67\012- data
Size
125 kB (125064 bytes)
Hash
57b380d27f14f16e737bcca7e849cf79
2e4280929d4d76fc0e31601c98f167f14630c209
94e1bbc1c2a41ebc73fa5253fd563256c0035b4d69181e48f9aef9e474a11251

HTTP Headers

GET /ajax/libs/font-awesome/6.0.0-beta3/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ila.jswords.xyz
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 17 Oct 2023 20:46:05 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 125064
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "619c057b-1e888"
last-modified: Mon, 22 Nov 2021 21:02:51 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 678815
expires: Sun, 06 Oct 2024 20:46:05 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bIEoDo%2BeIlEJDbc1GAFE%2BOBSbWqZD3TlvN0yiyWyyT71Mkqld6SYJlPnFULFr4Qy3ZsiDx%2FGE4EABA86s1FD%2FgfkZdr2tiw6uGKPlOPlQXrVcFuiVtSkiEuNrIunpb8yDUC4%2BdTw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 817b639359fc56cb-OSL
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://ila.jswords.xyz/home.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint24:E0:20:DC:DE:E3:A8:D9:A8:17:BA:26:F5:41:32:19:98:D0:30:F3
ValidityMon, 18 Sep 2023 08:25:05 GMT - Mon, 11 Dec 2023 08:25:04 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ila.jswords.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 13 Oct 2023 02:00:44 GMT
expires: Sat, 12 Oct 2024 02:00:44 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 413121
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/comfortaa/v45/1PtCg8LJRfWJmhDAuUsSQamb1W0lwk4S4WjMXL830efAesmwYSFoxBEP_I0.woff2

216.58.207.227

200 OK

23 kB

URL GET HTTP/3
fonts.gstatic.com/s/comfortaa/v45/1PtCg8LJRfWJmhDAuUsSQamb1W0lwk4S4WjMXL830efAesmwYSFoxBEP_I0.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://ila.jswords.xyz/home.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint24:E0:20:DC:DE:E3:A8:D9:A8:17:BA:26:F5:41:32:19:98:D0:30:F3
ValidityMon, 18 Sep 2023 08:25:05 GMT - Mon, 11 Dec 2023 08:25:04 GMT

File type
Web Open Font Format (Version 2), TrueType, length 22804, version 1.0\012- data
Size
23 kB (22804 bytes)
Hash
90b4e60f87beffe9ead6a5a60e1b91d5
3b74db0420de81ecaf95ca80ae6ab53a71875f85
def10bc23a3e7b06586d1ac6451dea370c1011622cc0d0a000f88a2f61158078

HTTP Headers

GET /s/comfortaa/v45/1PtCg8LJRfWJmhDAuUsSQamb1W0lwk4S4WjMXL830efAesmwYSFoxBEP_I0.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ila.jswords.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22804
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 13 Oct 2023 18:03:49 GMT
expires: Sat, 12 Oct 2024 18:03:49 GMT
cache-control: public, max-age=31536000
age: 355336
last-modified: Thu, 24 Aug 2023 21:00:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/comfortaa/v45/1PtCg8LJRfWJmhDAuUsSQamb1W0lwk4S4WjMXL830efAesmwYSFoxBEP_I0.woff2

216.58.207.227

200 OK

23 kB

URL GET HTTP/3
fonts.gstatic.com/s/comfortaa/v45/1PtCg8LJRfWJmhDAuUsSQamb1W0lwk4S4WjMXL830efAesmwYSFoxBEP_I0.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://ila.jswords.xyz/home.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint24:E0:20:DC:DE:E3:A8:D9:A8:17:BA:26:F5:41:32:19:98:D0:30:F3
ValidityMon, 18 Sep 2023 08:25:05 GMT - Mon, 11 Dec 2023 08:25:04 GMT

File type
Web Open Font Format (Version 2), TrueType, length 22804, version 1.0\012- data
Size
23 kB (22804 bytes)
Hash
90b4e60f87beffe9ead6a5a60e1b91d5
3b74db0420de81ecaf95ca80ae6ab53a71875f85
def10bc23a3e7b06586d1ac6451dea370c1011622cc0d0a000f88a2f61158078

HTTP Headers

GET /s/comfortaa/v45/1PtCg8LJRfWJmhDAuUsSQamb1W0lwk4S4WjMXL830efAesmwYSFoxBEP_I0.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ila.jswords.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22804
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 13 Oct 2023 18:03:49 GMT
expires: Sat, 12 Oct 2024 18:03:49 GMT
cache-control: public, max-age=31536000
age: 355336
last-modified: Thu, 24 Aug 2023 21:00:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

interstitial-07.com/contents/s/ab/75/0f/feca63ef6c43fcd306f0acca0f/01217366813920.png

139.45.197.154

200 OK

10 kB

URL GET HTTP/2
interstitial-07.com/contents/s/ab/75/0f/feca63ef6c43fcd306f0acca0f/01217366813920.png
IP
139.45.197.154:443
ASN
#9002 RETN Limited

Requested by
https://interstitial-07.com/?l=ioqJg0I7Fg1lQjz&cd_meta_crid=50538&trkintimp&target_url=https%3A%2F%2Fophoacit.com%2F12%3Frnd%3D1517656814%26z%3D6211840%26b%3D15936367%26c%3D6377955%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Fbeesy.pro%253Fzoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%2526country%253D%257Bcountry%257D%2526browser%253D%257Bbrowser%257D%2526campaignid%253D%257Bcampaignid%257D%2526cost%253D%257Bcost%257D%2526clickid%253D%2524%257BSUBID%257D%26cln%3D1%26btp%3D7%26rb%3DJ1qT23D052OEeCjp3EOTs4f5FNmOOtlBp1fdrFRFj0AAzwBvSInI7iqjv0vu9jLGhH24rEVAYcmqdnHYyLQIuUA189vSrvwwVuBNLxWcQbU60wLFEyhu-08_B_VpOVevylHU7fl1SVCxcvTvN2-9GJrK3FJ7CzHAHkljPxkXT1uxTrT6ilDEwDJ9OPiUUJpEXvS2D65rkjghDN2GiQmGV1wcpNlsvrzSU49xqWyKbUakfFeDzRCCq8bigIbzkahiCD6Ycpe9PfZDqO9Tn-n4AIbfv2wfMfxVzGSM2jrK_XA8h6oTj8CquOKZG6As-UPveLY9a1HslUN5Yr44vYP6xbissNKudqLV8hmP-Uvi9Eo-aEauk3A8Yj9MYR_CG7TpMcI8-p-mB-ypK6yvFXtQzqtUD15xQ1VZBur76vo6S5OWz3f7H0HdLX9A80xm5qzKTXdKiTwQtqsk46HEBirD0_7oXBVxNGc9EbP2ZrdVPFIBtRLLgiBolp6fxC0erin0qAKDP4Vgpy2BHYQsncCICoyvhjnuafX-KCe3Js71lKqtyCyt96D0yLOSCUwl6OAwRXK7EjW5cu5-wtd3C5S2IVG1Hcb0pxoAeXHqgmh1FrUew0itLCVWKMp6yHbRquPWyMQycI5AU24edybOe_Oj2Oo-kMFZbSyFP9QlKA%3D%3D%26bag%3DKh3ZNesuHwchFbOw831bEA%3D%3D%26ruid%3D800af5d8-67bf-47df-abe6-2a398d5abaf2%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D5%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fila.jswords.xyz%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D1024%26wfc%3D2%26sah%3D1024%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Certificate
IssuerLet's Encrypt
Subjectinterstitial-07.com
Fingerprint00:E7:2A:13:61:9D:57:92:3C:7C:19:C4:A0:BC:74:4D:3C:10:4B:15
ValidityTue, 03 Oct 2023 05:11:58 GMT - Mon, 01 Jan 2024 05:11:57 GMT

File type
PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Size
10 kB (10337 bytes)
Hash
ab750ffeca63ef6c43fcd306f0acca0f
ca03763826f6eb5ecab58aabb703bf4f8ed70f6d
d30a6314b4cea1873ea02ae3d9b4c36f35840bb2f91573a5b4192f28f5ce0fef

HTTP Headers

GET /contents/s/ab/75/0f/feca63ef6c43fcd306f0acca0f/01217366813920.png HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://interstitial-07.com/?l=ioqJg0I7Fg1lQjz&cd_meta_crid=50538&trkintimp&target_url=https%3A%2F%2Fophoacit.com%2F12%3Frnd%3D1517656814%26z%3D6211840%26b%3D15936367%26c%3D6377955%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Fbeesy.pro%253Fzoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%2526country%253D%257Bcountry%257D%2526browser%253D%257Bbrowser%257D%2526campaignid%253D%257Bcampaignid%257D%2526cost%253D%257Bcost%257D%2526clickid%253D%2524%257BSUBID%257D%26cln%3D1%26btp%3D7%26rb%3DJ1qT23D052OEeCjp3EOTs4f5FNmOOtlBp1fdrFRFj0AAzwBvSInI7iqjv0vu9jLGhH24rEVAYcmqdnHYyLQIuUA189vSrvwwVuBNLxWcQbU60wLFEyhu-08_B_VpOVevylHU7fl1SVCxcvTvN2-9GJrK3FJ7CzHAHkljPxkXT1uxTrT6ilDEwDJ9OPiUUJpEXvS2D65rkjghDN2GiQmGV1wcpNlsvrzSU49xqWyKbUakfFeDzRCCq8bigIbzkahiCD6Ycpe9PfZDqO9Tn-n4AIbfv2wfMfxVzGSM2jrK_XA8h6oTj8CquOKZG6As-UPveLY9a1HslUN5Yr44vYP6xbissNKudqLV8hmP-Uvi9Eo-aEauk3A8Yj9MYR_CG7TpMcI8-p-mB-ypK6yvFXtQzqtUD15xQ1VZBur76vo6S5OWz3f7H0HdLX9A80xm5qzKTXdKiTwQtqsk46HEBirD0_7oXBVxNGc9EbP2ZrdVPFIBtRLLgiBolp6fxC0erin0qAKDP4Vgpy2BHYQsncCICoyvhjnuafX-KCe3Js71lKqtyCyt96D0yLOSCUwl6OAwRXK7EjW5cu5-wtd3C5S2IVG1Hcb0pxoAeXHqgmh1FrUew0itLCVWKMp6yHbRquPWyMQycI5AU24edybOe_Oj2Oo-kMFZbSyFP9QlKA%3D%3D%26bag%3DKh3ZNesuHwchFbOw831bEA%3D%3D%26ruid%3D800af5d8-67bf-47df-abe6-2a398d5abaf2%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D5%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fila.jswords.xyz%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D1024%26wfc%3D2%26sah%3D1024%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 17 Oct 2023 20:46:05 GMT
content-type: image/png
content-length: 10337
last-modified: Thu, 01 Dec 2022 07:51:57 GMT
vary: Accept-Encoding
etag: "63885d1d-2861"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-98DP5VKS42&gtm=45je3ab0&_p=1481683033&_gaz=1&cid=80435394.1697575564&ul=en-us&sr=1280x1024&_s=1&sid=1697575565&sct=1&seg=0&dl=https%3A%2F%2Fila.jswords.xyz%2F&dt=Shadow%20Browser&en=page_view&_fv=2&_ss=2&_c=1&_ee=1

216.239.32.36

204 No Content

0 B

URL POST HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-98DP5VKS42&gtm=45je3ab0&_p=1481683033&_gaz=1&cid=80435394.1697575564&ul=en-us&sr=1280x1024&_s=1&sid=1697575565&sct=1&seg=0&dl=https%3A%2F%2Fila.jswords.xyz%2F&dt=Shadow%20Browser&en=page_view&_fv=2&_ss=2&_c=1&_ee=1
IP
216.239.32.36:443
ASN
#15169 GOOGLE

Requested by
https://ila.jswords.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint54:FD:04:1B:2E:C7:46:95:DD:15:A3:A0:3F:CE:7F:03:02:53:36:8F
ValidityMon, 18 Sep 2023 08:19:25 GMT - Mon, 11 Dec 2023 08:19:24 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-98DP5VKS42&gtm=45je3ab0&_p=1481683033&_gaz=1&cid=80435394.1697575564&ul=en-us&sr=1280x1024&_s=1&sid=1697575565&sct=1&seg=0&dl=https%3A%2F%2Fila.jswords.xyz%2F&dt=Shadow%20Browser&en=page_view&_fv=2&_ss=2&_c=1&_ee=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ila.jswords.xyz
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://ila.jswords.xyz
date: Tue, 17 Oct 2023 20:46:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-98DP5VKS42&gtm=45je3ab0&_p=1481683033&cid=80435394.1697575564&ul=en-us&sr=1280x1024&_eu=AEA&_s=2&sid=1697575565&sct=1&seg=0&dl=https%3A%2F%2Fila.jswords.xyz%2F&dt=Shadow%20Browser&en=scroll&_c=1&epn.percent_scrolled=90

216.239.32.36

204 No Content

0 B

URL POST HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-98DP5VKS42&gtm=45je3ab0&_p=1481683033&cid=80435394.1697575564&ul=en-us&sr=1280x1024&_eu=AEA&_s=2&sid=1697575565&sct=1&seg=0&dl=https%3A%2F%2Fila.jswords.xyz%2F&dt=Shadow%20Browser&en=scroll&_c=1&epn.percent_scrolled=90
IP
216.239.32.36:443
ASN
#15169 GOOGLE

Requested by
https://ila.jswords.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint54:FD:04:1B:2E:C7:46:95:DD:15:A3:A0:3F:CE:7F:03:02:53:36:8F
ValidityMon, 18 Sep 2023 08:19:25 GMT - Mon, 11 Dec 2023 08:19:24 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-98DP5VKS42&gtm=45je3ab0&_p=1481683033&cid=80435394.1697575564&ul=en-us&sr=1280x1024&_eu=AEA&_s=2&sid=1697575565&sct=1&seg=0&dl=https%3A%2F%2Fila.jswords.xyz%2F&dt=Shadow%20Browser&en=scroll&_c=1&epn.percent_scrolled=90 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ila.jswords.xyz
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://ila.jswords.xyz
date: Tue, 17 Oct 2023 20:46:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

interstitial-07.com/contents/s/2a/17/5b/cc78239de2b9044d166aa4c502/01089907575878.jpeg

139.45.197.154

200 OK

212 kB

URL GET HTTP/2
interstitial-07.com/contents/s/2a/17/5b/cc78239de2b9044d166aa4c502/01089907575878.jpeg
IP
139.45.197.154:443
ASN
#9002 RETN Limited

Requested by
https://interstitial-07.com/?l=ioqJg0I7Fg1lQjz&cd_meta_crid=50538&trkintimp&target_url=https%3A%2F%2Fophoacit.com%2F12%3Frnd%3D1517656814%26z%3D6211840%26b%3D15936367%26c%3D6377955%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Fbeesy.pro%253Fzoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%2526country%253D%257Bcountry%257D%2526browser%253D%257Bbrowser%257D%2526campaignid%253D%257Bcampaignid%257D%2526cost%253D%257Bcost%257D%2526clickid%253D%2524%257BSUBID%257D%26cln%3D1%26btp%3D7%26rb%3DJ1qT23D052OEeCjp3EOTs4f5FNmOOtlBp1fdrFRFj0AAzwBvSInI7iqjv0vu9jLGhH24rEVAYcmqdnHYyLQIuUA189vSrvwwVuBNLxWcQbU60wLFEyhu-08_B_VpOVevylHU7fl1SVCxcvTvN2-9GJrK3FJ7CzHAHkljPxkXT1uxTrT6ilDEwDJ9OPiUUJpEXvS2D65rkjghDN2GiQmGV1wcpNlsvrzSU49xqWyKbUakfFeDzRCCq8bigIbzkahiCD6Ycpe9PfZDqO9Tn-n4AIbfv2wfMfxVzGSM2jrK_XA8h6oTj8CquOKZG6As-UPveLY9a1HslUN5Yr44vYP6xbissNKudqLV8hmP-Uvi9Eo-aEauk3A8Yj9MYR_CG7TpMcI8-p-mB-ypK6yvFXtQzqtUD15xQ1VZBur76vo6S5OWz3f7H0HdLX9A80xm5qzKTXdKiTwQtqsk46HEBirD0_7oXBVxNGc9EbP2ZrdVPFIBtRLLgiBolp6fxC0erin0qAKDP4Vgpy2BHYQsncCICoyvhjnuafX-KCe3Js71lKqtyCyt96D0yLOSCUwl6OAwRXK7EjW5cu5-wtd3C5S2IVG1Hcb0pxoAeXHqgmh1FrUew0itLCVWKMp6yHbRquPWyMQycI5AU24edybOe_Oj2Oo-kMFZbSyFP9QlKA%3D%3D%26bag%3DKh3ZNesuHwchFbOw831bEA%3D%3D%26ruid%3D800af5d8-67bf-47df-abe6-2a398d5abaf2%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D5%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fila.jswords.xyz%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D1024%26wfc%3D2%26sah%3D1024%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Certificate
IssuerLet's Encrypt
Subjectinterstitial-07.com
Fingerprint00:E7:2A:13:61:9D:57:92:3C:7C:19:C4:A0:BC:74:4D:3C:10:4B:15
ValidityTue, 03 Oct 2023 05:11:58 GMT - Mon, 01 Jan 2024 05:11:57 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 900x600, components 3\012- data
Size
212 kB (211588 bytes)
Hash
2a175bcc78239de2b9044d166aa4c502
8f183da1ea237ad3e44d9e61afee78068a26f336
0cd667d4bd296e336c3c331d44d76863a4f5a132fa09057f8a5feca67182754e

HTTP Headers

GET /contents/s/2a/17/5b/cc78239de2b9044d166aa4c502/01089907575878.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://interstitial-07.com/?l=ioqJg0I7Fg1lQjz&cd_meta_crid=50538&trkintimp&target_url=https%3A%2F%2Fophoacit.com%2F12%3Frnd%3D1517656814%26z%3D6211840%26b%3D15936367%26c%3D6377955%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Fbeesy.pro%253Fzoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%2526country%253D%257Bcountry%257D%2526browser%253D%257Bbrowser%257D%2526campaignid%253D%257Bcampaignid%257D%2526cost%253D%257Bcost%257D%2526clickid%253D%2524%257BSUBID%257D%26cln%3D1%26btp%3D7%26rb%3DJ1qT23D052OEeCjp3EOTs4f5FNmOOtlBp1fdrFRFj0AAzwBvSInI7iqjv0vu9jLGhH24rEVAYcmqdnHYyLQIuUA189vSrvwwVuBNLxWcQbU60wLFEyhu-08_B_VpOVevylHU7fl1SVCxcvTvN2-9GJrK3FJ7CzHAHkljPxkXT1uxTrT6ilDEwDJ9OPiUUJpEXvS2D65rkjghDN2GiQmGV1wcpNlsvrzSU49xqWyKbUakfFeDzRCCq8bigIbzkahiCD6Ycpe9PfZDqO9Tn-n4AIbfv2wfMfxVzGSM2jrK_XA8h6oTj8CquOKZG6As-UPveLY9a1HslUN5Yr44vYP6xbissNKudqLV8hmP-Uvi9Eo-aEauk3A8Yj9MYR_CG7TpMcI8-p-mB-ypK6yvFXtQzqtUD15xQ1VZBur76vo6S5OWz3f7H0HdLX9A80xm5qzKTXdKiTwQtqsk46HEBirD0_7oXBVxNGc9EbP2ZrdVPFIBtRLLgiBolp6fxC0erin0qAKDP4Vgpy2BHYQsncCICoyvhjnuafX-KCe3Js71lKqtyCyt96D0yLOSCUwl6OAwRXK7EjW5cu5-wtd3C5S2IVG1Hcb0pxoAeXHqgmh1FrUew0itLCVWKMp6yHbRquPWyMQycI5AU24edybOe_Oj2Oo-kMFZbSyFP9QlKA%3D%3D%26bag%3DKh3ZNesuHwchFbOw831bEA%3D%3D%26ruid%3D800af5d8-67bf-47df-abe6-2a398d5abaf2%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D5%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fila.jswords.xyz%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D1024%26wfc%3D2%26sah%3D1024%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 17 Oct 2023 20:46:05 GMT
content-type: image/jpeg
content-length: 211588
last-modified: Thu, 01 Dec 2022 07:52:03 GMT
vary: Accept-Encoding
etag: "63885d23-33a84"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2

ophoacit.com/11?rnd=2593403572&z=6211840&b=15936367&var=&varid=0&rqtdbc=0&rcvdbc=0&btp=7&rb=J1qT23D052OEeCjp3EOTs4f5FNmOOtlBp1fdrFRFj0AAzwBvSInI7iqjv0vu9jLGhH24rEVAYcmqdnHYyLQIuUA189vSrvwwVuBNLxWcQbU60wLFEyhu-08_B_VpOVevylHU7fl1SVCxcvTvN2-9GJrK3FJ7CzHAHkljPxkXT1uxTrT6ilDEwDJ9OPiUUJpEXvS2D65rkjghDN2GiQmGV1wcpNlsvrzSU49xqWyKbUakfFeDzRCCq8bigIbzkahiCD6Ycpe9PfZDqO9Tn-n4AIbfv2wfMfxVzGSM2jrK_XA8h6oTj8CquOKZG6As-UPveLY9a1HslUN5Yr44vYP6xbissNKudqLV8hmP-Uvi9Eo-aEauk3A8Yj9MYR_CG7TpMcI8-p-mB-ypK6yvFXtQzqtUD15xQ1VZBur76vo6S5OWz3f7H0HdLX9A80xm5qzKTXdKiTwQtqsk46HEBirD0_7oXBVxNGc9EbP2ZrdVPFIBtRLLgiBolp6fxC0erin0qAKDP4Vgpy2BHYQsncCICoyvhjnuafX-KCe3Js71lKqtyCyt96D0yLOSCUwl6OAwRXK7EjW5cu5-wtd3C5S2IVG1Hcb0pxoAeXHqgmh1FrUew0itLCVWKMp6yHbRquPWyMQycI5AU24edybOe_Oj2Oo-kMFZbSyFP9QlKA==&ruid=800af5d8-67bf-47df-abe6-2a398d5abaf2&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fila.jswords.xyz%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&sah=1024&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1

139.45.197.242

200 OK

0 B

URL GET HTTP/2
ophoacit.com/11?rnd=2593403572&z=6211840&b=15936367&var=&varid=0&rqtdbc=0&rcvdbc=0&btp=7&rb=J1qT23D052OEeCjp3EOTs4f5FNmOOtlBp1fdrFRFj0AAzwBvSInI7iqjv0vu9jLGhH24rEVAYcmqdnHYyLQIuUA189vSrvwwVuBNLxWcQbU60wLFEyhu-08_B_VpOVevylHU7fl1SVCxcvTvN2-9GJrK3FJ7CzHAHkljPxkXT1uxTrT6ilDEwDJ9OPiUUJpEXvS2D65rkjghDN2GiQmGV1wcpNlsvrzSU49xqWyKbUakfFeDzRCCq8bigIbzkahiCD6Ycpe9PfZDqO9Tn-n4AIbfv2wfMfxVzGSM2jrK_XA8h6oTj8CquOKZG6As-UPveLY9a1HslUN5Yr44vYP6xbissNKudqLV8hmP-Uvi9Eo-aEauk3A8Yj9MYR_CG7TpMcI8-p-mB-ypK6yvFXtQzqtUD15xQ1VZBur76vo6S5OWz3f7H0HdLX9A80xm5qzKTXdKiTwQtqsk46HEBirD0_7oXBVxNGc9EbP2ZrdVPFIBtRLLgiBolp6fxC0erin0qAKDP4Vgpy2BHYQsncCICoyvhjnuafX-KCe3Js71lKqtyCyt96D0yLOSCUwl6OAwRXK7EjW5cu5-wtd3C5S2IVG1Hcb0pxoAeXHqgmh1FrUew0itLCVWKMp6yHbRquPWyMQycI5AU24edybOe_Oj2Oo-kMFZbSyFP9QlKA==&ruid=800af5d8-67bf-47df-abe6-2a398d5abaf2&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fila.jswords.xyz%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&sah=1024&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://ila.jswords.xyz/
Certificate
IssuerLet's Encrypt
Subjectophoacit.com
FingerprintBA:22:E5:6C:16:E2:40:EC:4F:D5:BC:70:BD:70:0F:C0:76:C0:39:8F
ValidityWed, 16 Aug 2023 07:14:02 GMT - Tue, 14 Nov 2023 07:14:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /11?rnd=2593403572&z=6211840&b=15936367&var=&varid=0&rqtdbc=0&rcvdbc=0&btp=7&rb=J1qT23D052OEeCjp3EOTs4f5FNmOOtlBp1fdrFRFj0AAzwBvSInI7iqjv0vu9jLGhH24rEVAYcmqdnHYyLQIuUA189vSrvwwVuBNLxWcQbU60wLFEyhu-08_B_VpOVevylHU7fl1SVCxcvTvN2-9GJrK3FJ7CzHAHkljPxkXT1uxTrT6ilDEwDJ9OPiUUJpEXvS2D65rkjghDN2GiQmGV1wcpNlsvrzSU49xqWyKbUakfFeDzRCCq8bigIbzkahiCD6Ycpe9PfZDqO9Tn-n4AIbfv2wfMfxVzGSM2jrK_XA8h6oTj8CquOKZG6As-UPveLY9a1HslUN5Yr44vYP6xbissNKudqLV8hmP-Uvi9Eo-aEauk3A8Yj9MYR_CG7TpMcI8-p-mB-ypK6yvFXtQzqtUD15xQ1VZBur76vo6S5OWz3f7H0HdLX9A80xm5qzKTXdKiTwQtqsk46HEBirD0_7oXBVxNGc9EbP2ZrdVPFIBtRLLgiBolp6fxC0erin0qAKDP4Vgpy2BHYQsncCICoyvhjnuafX-KCe3Js71lKqtyCyt96D0yLOSCUwl6OAwRXK7EjW5cu5-wtd3C5S2IVG1Hcb0pxoAeXHqgmh1FrUew0itLCVWKMp6yHbRquPWyMQycI5AU24edybOe_Oj2Oo-kMFZbSyFP9QlKA==&ruid=800af5d8-67bf-47df-abe6-2a398d5abaf2&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fila.jswords.xyz%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&sah=1024&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1 HTTP/1.1
Host: ophoacit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ila.jswords.xyz
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Cookie: scm=1; OAID=q8qf623731wl065182052c2x6eiuh056; oaidts=1697575562
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 17 Oct 2023 20:46:05 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://ila.jswords.xyz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: 6935f79ddd08d98e386271f2f5f60a8d
access-control-expose-headers: X-Sc
set-cookie: OAID=q8qf623731wl065182052c2x6eiuh056; expires=Wed, 16 Oct 2024 20:46:05 GMT; secure; SameSite=None
oaidts=1697575562; expires=Wed, 16 Oct 2024 20:46:05 GMT; secure; SameSite=None
oaidvc=1; expires=Wed, 16 Oct 2024 20:46:05 GMT; secure; SameSite=None
CNT=1_v1_byvzAAEAAAC_TAAA; expires=Tue, 17 Oct 2023 21:46:05 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

warden.arc.io/mailbox/nodes/R441erkG1J2kAbihxWTxBe

18.223.141.84

204 No Content

0 B

URL POST HTTP/2
warden.arc.io/mailbox/nodes/R441erkG1J2kAbihxWTxBe
IP
18.223.141.84:443
ASN
#16509 AMAZON-02

Requested by
https://ila.jswords.xyz/
Certificate
IssuerLet's Encrypt
Subjectarc.io
Fingerprint65:9E:E7:9A:61:A1:B0:0A:38:E4:48:15:D0:45:68:D3:30:5D:12:CA
ValidityWed, 04 Oct 2023 00:54:55 GMT - Tue, 02 Jan 2024 00:54:54 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /mailbox/nodes/R441erkG1J2kAbihxWTxBe HTTP/1.1
Host: warden.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ila.jswords.xyz/
Content-Type: text/plain;charset=UTF-8
Content-Length: 285
Origin: https://ila.jswords.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Tue, 17 Oct 2023 20:46:05 GMT
access-control-allow-origin: *
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

static.arc.io/widget/js/widget-ui.js?c1390517

194.242.11.186

200 OK

815 kB

URL GET HTTP/2
static.arc.io/widget/js/widget-ui.js?c1390517
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://ila.jswords.xyz/
Certificate
IssuerLet's Encrypt
Subjectstatic.arc.io
FingerprintD9:B2:57:1E:FB:96:4A:5C:9A:10:26:01:5E:16:F0:36:97:F6:80:91
ValiditySun, 10 Sep 2023 00:09:00 GMT - Sat, 09 Dec 2023 00:08:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (41498)
Size
815 kB (815310 bytes)
Hash
992480bbfce7eefd73a1b43fd7e3bdec
3fba155916f4ffd519df2ae957bbb85558e184fa
a366c96359ab19c42a4c50e436c30fa0b53aa7832220f65a8ca49c5b56627691

HTTP Headers

GET /widget/js/widget-ui.js?c1390517 HTTP/1.1
Host: static.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 17 Oct 2023 20:46:04 GMT
content-type: text/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 786569
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
access-control-max-age: 86400
cache-control: public, max-age=2592000, stale-while-revalidate=864000
etag: W/"992480bbfce7eefd73a1b43fd7e3bdec"
last-modified: Fri, 13 Oct 2023 17:06:45 GMT
x-amz-id-2: sDfuVYKVU0HM19WJSjCk6qoFR9cMvD9t6xNt17qeNvoNsJuLweklnUx7upZtlzTQbD1DW+gM4wg=
x-amz-request-id: R3AK6H0X6AV8XE40
x-amz-server-side-encryption: AES256
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 10/13/2023 18:07:21
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 8e3ddd818f68b354caa9b6f8ee415dad
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

ipfs.io/ipfs/QmRYoNskukBNN6LsR92cV4LazUJwwCkqs7tDJAKHfyFtCA/570?format=car&dag-scope=entity

209.94.90.1

410 Gone

6.7 kB

URL GET HTTP/2
ipfs.io/ipfs/QmRYoNskukBNN6LsR92cV4LazUJwwCkqs7tDJAKHfyFtCA/570?format=car&dag-scope=entity
IP
209.94.90.1:443
ASN
#40680 PROTOCOL

Requested by
https://ila.jswords.xyz/
Certificate
IssuerLet's Encrypt
Subjectdweb.link
FingerprintDC:9D:6C:D8:0D:F2:9C:6C:A8:73:22:4E:0D:D5:B5:9B:81:78:F1:39
ValiditySat, 26 Aug 2023 17:15:50 GMT - Fri, 24 Nov 2023 17:15:49 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source, ASCII text, with very long lines (1632)
Size
6.7 kB (6672 bytes)
Hash
f2ce39c9881b4a12aff800f6713c69d1
0f047ecc756d17f61d81da4b3bede1d80575bfe1
86f21e29947180f7b68e81b82992f786fc08b694ac4c714352f072768788f150

HTTP Headers

GET /ipfs/QmRYoNskukBNN6LsR92cV4LazUJwwCkqs7tDJAKHfyFtCA/570?format=car&dag-scope=entity HTTP/1.1
Host: ipfs.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ila.jswords.xyz/
Origin: https://ila.jswords.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 410 Gone
server: openresty
date: Tue, 17 Oct 2023 20:46:06 GMT
content-type: text/html
content-length: 6672
etag: "650c2b77-1a10"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: X-Requested-With, Range, Content-Range, X-Chunked-Output, X-Stream-Output
access-control-expose-headers: Content-Range, X-Chunked-Output, X-Stream-Output
x-ipfs-lb-pop: gateway-bank3-fr2
x-bfid: 001b1b90547ad8195f60769f62ca664f
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

ocsp.r2m01.amazontrust.com/

54.230.80.227

471 B

URL
ocsp.r2m01.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
b960c5790b1a784aa132aadf37c73a29
00ea7fb4c979063a67598f3a7ed11b2f84808c1e
db4b107f06a1606ffb8d56db5ce9f4e0de0bc1587797264834238c3107a941a3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Tue, 17 Oct 2023 20:46:07 GMT
Last-Modified: Tue, 17 Oct 2023 19:42:23 GMT
Server: ECAcc (ska/F7B0)
X-Cache: Miss from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 1R5XxXbECT2iZEP0A98Ly9HMuNxnwoaVIiPlte90FOobhKWgwEkh5w==
Age: 3824

fz3dyeyxmebszwhuiky7vggmsu0rlkoy.lambda-url.us-west-2.on.aws/?clientKey=abc123

44.234.247.246

200 OK

318 B

URL GET HTTP/1.1
fz3dyeyxmebszwhuiky7vggmsu0rlkoy.lambda-url.us-west-2.on.aws/?clientKey=abc123
IP
44.234.247.246:443
ASN
#16509 AMAZON-02

Requested by
https://ila.jswords.xyz/
Certificate
IssuerAmazon
Subject*.lambda-url.us-west-2.on.aws
Fingerprint55:BD:28:32:33:D1:C0:F5:60:B5:F9:0C:89:78:17:E5:A4:73:4A:A7
ValidityWed, 25 Jan 2023 00:00:00 GMT - Sat, 24 Feb 2024 23:59:59 GMT

File type
JSON data\012- , ASCII text, with very long lines (318), with no line terminators
Size
318 B (318 bytes)
Hash
023b443586455aa6b1d96f449a4f0b5f
d6bbf716b6c92a54bd829c29677e250145b0005c
6d058fdb85f3b2557adf981903f051e12e654c3630e88095464211892e54d0de

HTTP Headers

GET /?clientKey=abc123 HTTP/1.1
Host: fz3dyeyxmebszwhuiky7vggmsu0rlkoy.lambda-url.us-west-2.on.aws
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ila.jswords.xyz/
Origin: https://ila.jswords.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 17 Oct 2023 20:46:07 GMT
Content-Type: application/json
Content-Length: 318
Connection: keep-alive
x-amzn-RequestId: 0a786685-cd4c-42c2-9d2f-e010b8e9be91
Access-Control-Allow-Origin: https://ila.jswords.xyz
Vary: Origin
cache-control: no-cache, no-store, must-revalidate
X-Amzn-Trace-Id: root=1-652ef28f-18630cd329e6db85516111b7;sampled=0;lineage=12fb34d5:0
Access-Control-Allow-Credentials: true

gloaphoo.net/impression/7HP4z5jfHbHbOf5Ud_b9Mr376uLFAKr9wdQm8B5pgshjtY81OuqdkZHWScjFcnt7wiKQtkGQq4V53RtuwD6WVU8qbMS_sKYCt6AMLKNaCW5xzupUx77ck1Fmh11ECjsgclOsG4GxwmhkK5FldPuNiW1iatJlTW7gugRYgBjHj_8n4d5DjPM2Hfpi0Pazru1KtSW3uaKyhdymMRfndrnn3dc00xRPW1J985Lf_OvswTvY2Z0qrxRaU_HDOOFSk3QowU4nyNihddJwq_T38kIboSaLd1UaLkedlvS9pUmSMxQr1xJWHNarq5qVAuqkyinnI6f5cthLhBOdxdmDjFInITlz_InmLMC_gEwcdfScp0C0svbLX7uthsQTYOV30_0K8fQhs9POOQae4_YonyQMYzoCHA-sgjRtfXijMxY1RJpbgx-gTPv3-Gdq4gFR1StpDhvsqkpBs5Ie0Csyxl0GVsjdJIT6K9QjRLErtnqD6mitksl2xhWu55iy5HLoS3i71TNfhFboqeltuU7X5LmGifK2kYG3QvCuCj87IN1cLoxKm9XSnfIrrDb2nDik9GsCNc2td6uf8qQ_4VW1qYKfLALC2EmpIpxr3gN-EtDTxbgDtje1_Oz6GbLlTBv0n1pXrDzanQ==?_z=6301604&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=10&pl=https%3A%2F%2Fila.jswords.xyz%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.303.0

139.45.197.239

200 OK

43 B

URL GET HTTP/2
gloaphoo.net/impression/7HP4z5jfHbHbOf5Ud_b9Mr376uLFAKr9wdQm8B5pgshjtY81OuqdkZHWScjFcnt7wiKQtkGQq4V53RtuwD6WVU8qbMS_sKYCt6AMLKNaCW5xzupUx77ck1Fmh11ECjsgclOsG4GxwmhkK5FldPuNiW1iatJlTW7gugRYgBjHj_8n4d5DjPM2Hfpi0Pazru1KtSW3uaKyhdymMRfndrnn3dc00xRPW1J985Lf_OvswTvY2Z0qrxRaU_HDOOFSk3QowU4nyNihddJwq_T38kIboSaLd1UaLkedlvS9pUmSMxQr1xJWHNarq5qVAuqkyinnI6f5cthLhBOdxdmDjFInITlz_InmLMC_gEwcdfScp0C0svbLX7uthsQTYOV30_0K8fQhs9POOQae4_YonyQMYzoCHA-sgjRtfXijMxY1RJpbgx-gTPv3-Gdq4gFR1StpDhvsqkpBs5Ie0Csyxl0GVsjdJIT6K9QjRLErtnqD6mitksl2xhWu55iy5HLoS3i71TNfhFboqeltuU7X5LmGifK2kYG3QvCuCj87IN1cLoxKm9XSnfIrrDb2nDik9GsCNc2td6uf8qQ_4VW1qYKfLALC2EmpIpxr3gN-EtDTxbgDtje1_Oz6GbLlTBv0n1pXrDzanQ==?_z=6301604&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=10&pl=https%3A%2F%2Fila.jswords.xyz%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.303.0
IP
139.45.197.239:443
ASN
#9002 RETN Limited

Requested by
https://ila.jswords.xyz/
Certificate
IssuerLet's Encrypt
Subjectgloaphoo.net
Fingerprint5F:C6:15:A3:C5:AC:09:1F:66:72:F9:C8:1E:EF:45:4D:F6:8D:73:1B
ValiditySat, 14 Oct 2023 05:09:27 GMT - Fri, 12 Jan 2024 05:09:26 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impression/7HP4z5jfHbHbOf5Ud_b9Mr376uLFAKr9wdQm8B5pgshjtY81OuqdkZHWScjFcnt7wiKQtkGQq4V53RtuwD6WVU8qbMS_sKYCt6AMLKNaCW5xzupUx77ck1Fmh11ECjsgclOsG4GxwmhkK5FldPuNiW1iatJlTW7gugRYgBjHj_8n4d5DjPM2Hfpi0Pazru1KtSW3uaKyhdymMRfndrnn3dc00xRPW1J985Lf_OvswTvY2Z0qrxRaU_HDOOFSk3QowU4nyNihddJwq_T38kIboSaLd1UaLkedlvS9pUmSMxQr1xJWHNarq5qVAuqkyinnI6f5cthLhBOdxdmDjFInITlz_InmLMC_gEwcdfScp0C0svbLX7uthsQTYOV30_0K8fQhs9POOQae4_YonyQMYzoCHA-sgjRtfXijMxY1RJpbgx-gTPv3-Gdq4gFR1StpDhvsqkpBs5Ie0Csyxl0GVsjdJIT6K9QjRLErtnqD6mitksl2xhWu55iy5HLoS3i71TNfhFboqeltuU7X5LmGifK2kYG3QvCuCj87IN1cLoxKm9XSnfIrrDb2nDik9GsCNc2td6uf8qQ_4VW1qYKfLALC2EmpIpxr3gN-EtDTxbgDtje1_Oz6GbLlTBv0n1pXrDzanQ==?_z=6301604&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=10&pl=https%3A%2F%2Fila.jswords.xyz%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.303.0 HTTP/1.1
Host: gloaphoo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Cookie: OAID=q8qf623731wl065182052c2x6eiuh056
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 17 Oct 2023 20:46:08 GMT
content-type: image/gif
content-length: 43
x-trace-id: 33fcae1c25194cc8d616847ce07e5988
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

fz3dyeyxmebszwhuiky7vggmsu0rlkoy.lambda-url.us-west-2.on.aws/?clientKey=abc123

44.234.247.246

200 OK

318 B

URL GET HTTP/1.1
fz3dyeyxmebszwhuiky7vggmsu0rlkoy.lambda-url.us-west-2.on.aws/?clientKey=abc123
IP
44.234.247.246:443
ASN
#16509 AMAZON-02

Requested by
https://ila.jswords.xyz/
Certificate
IssuerAmazon
Subject*.lambda-url.us-west-2.on.aws
Fingerprint55:BD:28:32:33:D1:C0:F5:60:B5:F9:0C:89:78:17:E5:A4:73:4A:A7
ValidityWed, 25 Jan 2023 00:00:00 GMT - Sat, 24 Feb 2024 23:59:59 GMT

File type
JSON data\012- , ASCII text, with very long lines (318), with no line terminators
Size
318 B (318 bytes)
Hash
aaeaf9393d15cdf18ba52558b95222e5
ed1a1e742152e7da560e1a56dd04a95893d9d79c
b5b8e7f3621bcaa08795f625abb689981be8804ebf88d590e7fc4407e0daea25

HTTP Headers

GET /?clientKey=abc123 HTTP/1.1
Host: fz3dyeyxmebszwhuiky7vggmsu0rlkoy.lambda-url.us-west-2.on.aws
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ila.jswords.xyz/
Origin: https://ila.jswords.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 17 Oct 2023 20:46:09 GMT
Content-Type: application/json
Content-Length: 318
Connection: keep-alive
x-amzn-RequestId: bdd3d51a-6af6-4e52-80e3-9c9fb5a81ded
Access-Control-Allow-Origin: https://ila.jswords.xyz
Vary: Origin
cache-control: no-cache, no-store, must-revalidate
X-Amzn-Trace-Id: root=1-652ef291-4bd848ec28ad83233117778a;sampled=0;lineage=12fb34d5:0
Access-Control-Allow-Credentials: true

afsocse35xksgf3rwwqpkzhzsi0ftpck.lambda-url.us-west-2.on.aws/

44.240.81.160

200 OK

0 B

URL POST HTTP/1.1
afsocse35xksgf3rwwqpkzhzsi0ftpck.lambda-url.us-west-2.on.aws/
IP
44.240.81.160:443
ASN
#16509 AMAZON-02

Requested by
https://ila.jswords.xyz/
Certificate
IssuerAmazon
Subject*.lambda-url.us-west-2.on.aws
Fingerprint55:BD:28:32:33:D1:C0:F5:60:B5:F9:0C:89:78:17:E5:A4:73:4A:A7
ValidityWed, 25 Jan 2023 00:00:00 GMT - Sat, 24 Feb 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST / HTTP/1.1
Host: afsocse35xksgf3rwwqpkzhzsi0ftpck.lambda-url.us-west-2.on.aws
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ila.jswords.xyz/
Content-Type: text/plain;charset=UTF-8
Content-Length: 1277
Origin: https://ila.jswords.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 17 Oct 2023 20:46:10 GMT
Content-Type: application/json
Content-Length: 0
Connection: keep-alive
x-amzn-RequestId: 1c6ca72a-df33-458c-b086-3ea30d011b6d
Access-Control-Allow-Origin: https://ila.jswords.xyz
Vary: Origin
X-Amzn-Trace-Id: root=1-652ef292-5a70b43455f4cda1429c6f47;sampled=0;lineage=88543475:0
Access-Control-Allow-Credentials: true

twb3qukm2i654i3tnvx36char40aymqq.lambda-url.us-west-2.on.aws/

54.68.68.86

201 Created

0 B

URL POST HTTP/1.1
twb3qukm2i654i3tnvx36char40aymqq.lambda-url.us-west-2.on.aws/
IP
54.68.68.86:443
ASN
#16509 AMAZON-02

Requested by
https://ila.jswords.xyz/
Certificate
IssuerAmazon
Subject*.lambda-url.us-west-2.on.aws
Fingerprint55:BD:28:32:33:D1:C0:F5:60:B5:F9:0C:89:78:17:E5:A4:73:4A:A7
ValidityWed, 25 Jan 2023 00:00:00 GMT - Sat, 24 Feb 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST / HTTP/1.1
Host: twb3qukm2i654i3tnvx36char40aymqq.lambda-url.us-west-2.on.aws
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ila.jswords.xyz/
Content-Type: text/plain;charset=UTF-8
Content-Length: 464
Origin: https://ila.jswords.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 201 Created
Date: Tue, 17 Oct 2023 20:46:11 GMT
Content-Type: application/json
Content-Length: 0
Connection: keep-alive
x-amzn-RequestId: bd98c453-3c4c-434e-835f-c6abbe26d9e0
Access-Control-Allow-Origin: https://ila.jswords.xyz
Vary: Origin
X-Amzn-Trace-Id: root=1-652ef293-74eb33bd5611e836637634ce;sampled=0;lineage=93f9df3c:0
Access-Control-Allow-Credentials: true

twb3qukm2i654i3tnvx36char40aymqq.lambda-url.us-west-2.on.aws/

54.68.68.86

201 Created

0 B

URL POST HTTP/1.1
twb3qukm2i654i3tnvx36char40aymqq.lambda-url.us-west-2.on.aws/
IP
54.68.68.86:443
ASN
#16509 AMAZON-02

Requested by
https://ila.jswords.xyz/
Certificate
IssuerAmazon
Subject*.lambda-url.us-west-2.on.aws
Fingerprint55:BD:28:32:33:D1:C0:F5:60:B5:F9:0C:89:78:17:E5:A4:73:4A:A7
ValidityWed, 25 Jan 2023 00:00:00 GMT - Sat, 24 Feb 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST / HTTP/1.1
Host: twb3qukm2i654i3tnvx36char40aymqq.lambda-url.us-west-2.on.aws
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ila.jswords.xyz/
Content-Type: text/plain;charset=UTF-8
Content-Length: 1459
Origin: https://ila.jswords.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 201 Created
Date: Tue, 17 Oct 2023 20:46:12 GMT
Content-Type: application/json
Content-Length: 0
Connection: keep-alive
x-amzn-RequestId: 1d22c5ec-610f-4d19-bf70-627fa81163b4
Access-Control-Allow-Origin: https://ila.jswords.xyz
Vary: Origin
X-Amzn-Trace-Id: root=1-652ef294-208790c61e0762701e4ab80a;sampled=0;lineage=93f9df3c:0
Access-Control-Allow-Credentials: true

cdn.jsdelivr.net/gh/3kh0/3kh0.github.io/js/main.js

151.101.193.229

200 OK

3.0 kB

URL GET HTTP/2
cdn.jsdelivr.net/gh/3kh0/3kh0.github.io/js/main.js
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
https://ila.jswords.xyz/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
ASCII text, with very long lines (3142), with no line terminators
Size
3.0 kB (3010 bytes)
Hash
47d4b3afdc3a7f4735bbd8bb2884b4c8
61fcb8c4316c05333346bc5597b786f6c38edd7c
c1c425baec3b6bfcf6c238103688a0901e296699d856355344862cf0dda57423

HTTP Headers

GET /gh/3kh0/3kh0.github.io/js/main.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 4.3.5
x-jsd-version-type: version
etag: W/"bc2-QnHtqWQ3o7gE6ASYQU0uk3Ec22Y"
content-encoding: br
accept-ranges: bytes
date: Tue, 17 Oct 2023 20:46:03 GMT
age: 26630
x-served-by: cache-fra-etou8220063-FRA, cache-bma1647-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1255
X-Firefox-Spdy: h2

static.arc.io/widget/css/widget.css?944baab

194.242.11.186

200 OK

87 kB

URL GET HTTP/2
static.arc.io/widget/css/widget.css?944baab
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://ila.jswords.xyz/
Certificate
IssuerLet's Encrypt
Subjectstatic.arc.io
FingerprintD9:B2:57:1E:FB:96:4A:5C:9A:10:26:01:5E:16:F0:36:97:F6:80:91
ValiditySun, 10 Sep 2023 00:09:00 GMT - Sat, 09 Dec 2023 00:08:59 GMT

File type
ASCII text, with very long lines (13320)
Size
87 kB (86599 bytes)
Hash
ee456231e74aa00d0fab8a5f15697904
178661694c4c8002bfd7b7b54b84350ea3e661fe
fa793d6c9ee094829d884c39ff48c47194444f18626638071232e3ab02102742

HTTP Headers

GET /widget/css/widget.css?944baab HTTP/1.1
Host: static.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 17 Oct 2023 20:46:05 GMT
content-type: text/css
server: BunnyCDN-NO1-830
cdn-pullzone: 786569
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-allow-methods: GET, HEAD
access-control-max-age: 86400
cache-control: public, max-age=2592000, stale-while-revalidate=864000
etag: W/"ee456231e74aa00d0fab8a5f15697904"
last-modified: Fri, 13 Oct 2023 17:06:45 GMT
x-amz-id-2: KJyuU+XDBT/eDSfOnKYWvCMPv1J8+hAnIhJWfsXq0wXUE4SvnFq64ATH0H0R5QzEwX+PkVklXYU=
x-amz-request-id: R3ANXBHBDBFXP4EA
x-amz-server-side-encryption: AES256
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 10/13/2023 18:07:21
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: d5d730aacdd88dbea950c8e1dc5f5c06
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

tracker.arc.io/

0.0.0.0

0 B

URL GET
tracker.arc.io/
IP
0.0.0.0:0
ASN
#0

Requested by
https://ila.jswords.xyz/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: tracker.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ila.jswords.xyz/
Origin: https://ila.jswords.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

static.arc.io/widget/js/widget-sc-client.js?197dbd2e

194.242.11.186

200 OK

3.2 kB

URL GET HTTP/2
static.arc.io/widget/js/widget-sc-client.js?197dbd2e
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://ila.jswords.xyz/
Certificate
IssuerLet's Encrypt
Subjectstatic.arc.io
FingerprintD9:B2:57:1E:FB:96:4A:5C:9A:10:26:01:5E:16:F0:36:97:F6:80:91
ValiditySun, 10 Sep 2023 00:09:00 GMT - Sat, 09 Dec 2023 00:08:59 GMT

File type
ASCII text, with very long lines (3296), with no line terminators
Size
3.2 kB (3205 bytes)
Hash
b99f617367312fb9a38e9ad42beafe19
641b3bc44b86c4025b926f445b498d8a1bbc3361
2651ce033e5908306643263171c004c20652eecb9b6242d146cd21346658a1d7

HTTP Headers

GET /widget/js/widget-sc-client.js?197dbd2e HTTP/1.1
Host: static.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 17 Oct 2023 20:46:06 GMT
content-type: text/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 786569
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
access-control-max-age: 86400
cache-control: public, max-age=2592000, stale-while-revalidate=864000
etag: W/"00fc1f9530439ec3d2415f9420e814d7"
last-modified: Sun, 09 Apr 2023 20:18:37 GMT
x-amz-id-2: noO6bQ5uMzkOysjHrgek5aLiq8jjh6XNo1/mXtmtp/n4TCIubEJ4LNjx0g2vmTKLG3PKcfhk2VM=
x-amz-request-id: 0SJKM9YE58VQ9WQD
x-amz-server-side-encryption: AES256
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 04/10/2023 19:28:16
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 76259b7f3277d4a7dcbdb90c4ef80660
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

gloaphoo.net/500/6301604?excludes=&oaid=q8qf623731wl065182052c2x6eiuh056&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=6&pl=https%3A%2F%2Fila.jswords.xyz%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.303.0

139.45.197.239

200 OK

0 B

URL OPTIONS HTTP/2
gloaphoo.net/500/6301604?excludes=&oaid=q8qf623731wl065182052c2x6eiuh056&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=6&pl=https%3A%2F%2Fila.jswords.xyz%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.303.0
IP
139.45.197.239:443
ASN
#9002 RETN Limited

Requested by
https://ila.jswords.xyz/
Certificate
IssuerLet's Encrypt
Subjectgloaphoo.net
Fingerprint5F:C6:15:A3:C5:AC:09:1F:66:72:F9:C8:1E:EF:45:4D:F6:8D:73:1B
ValiditySat, 14 Oct 2023 05:09:27 GMT - Fri, 12 Jan 2024 05:09:26 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /500/6301604?excludes=&oaid=q8qf623731wl065182052c2x6eiuh056&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=6&pl=https%3A%2F%2Fila.jswords.xyz%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.303.0 HTTP/1.1
Host: gloaphoo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://ila.jswords.xyz/
Origin: https://ila.jswords.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 17 Oct 2023 20:46:04 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://ila.jswords.xyz
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-credentials: true
access-control-max-age: 600
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

l1s.saturn.ms/ipfs/Qma5FeanAKrnK9o8XwHj5t8XHMKXC6CpCnvFji5nzkmFA5/108?format=car&dag-scope=entity&jwt=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiIwNzUxOWVmYS0yZjRiLTRhYTQtYTQ5Mi05YTQyYTNiN2MwMTAiLCJzdWIiOiJhYmMxMjMiLCJzdWJUeXBlIjoiY2xpZW50S2V5IiwiYWxsb3dfbGlzdCI6WyIqIl0sImlhdCI6MTY5NzU3NTU2NywiZXhwIjoxNjk3NTc5MTY3fQ.a0WDn2c52ZBjFhGEuHI_f8hKp68Lznv5FV7dKi0MDEDT88lEi36uXoQSYYUMjQGkEYOrY_033lr-DHxqo271nA

95.164.38.93

200 OK

23 kB

URL GET HTTP/2
l1s.saturn.ms/ipfs/Qma5FeanAKrnK9o8XwHj5t8XHMKXC6CpCnvFji5nzkmFA5/108?format=car&dag-scope=entity&jwt=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiIwNzUxOWVmYS0yZjRiLTRhYTQtYTQ5Mi05YTQyYTNiN2MwMTAiLCJzdWIiOiJhYmMxMjMiLCJzdWJUeXBlIjoiY2xpZW50S2V5IiwiYWxsb3dfbGlzdCI6WyIqIl0sImlhdCI6MTY5NzU3NTU2NywiZXhwIjoxNjk3NTc5MTY3fQ.a0WDn2c52ZBjFhGEuHI_f8hKp68Lznv5FV7dKi0MDEDT88lEi36uXoQSYYUMjQGkEYOrY_033lr-DHxqo271nA
IP
95.164.38.93:443
ASN
#29632 Netassist Limited

Requested by
https://ila.jswords.xyz/
Certificate
IssuerZeroSSL
Subjectl1s.saturn.ms
Fingerprint9C:0C:6D:D1:C0:EF:A1:26:1D:1A:E6:DD:26:2F:72:95:FE:1A:AA:42
ValidityWed, 11 Oct 2023 00:00:00 GMT - Tue, 09 Jan 2024 23:59:59 GMT

File type
data
Size
23 kB (23357 bytes)
Hash
288d3ffffc38c5592e192f58247dacc6
392656d42b80af82d2b977782bf32688d14b329e
1725b1796b2bfa4d7164a200f8c1bb19d6d0a160bb8111b7c9486009d2cb62f7

HTTP Headers

GET /ipfs/Qma5FeanAKrnK9o8XwHj5t8XHMKXC6CpCnvFji5nzkmFA5/108?format=car&dag-scope=entity&jwt=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiIwNzUxOWVmYS0yZjRiLTRhYTQtYTQ5Mi05YTQyYTNiN2MwMTAiLCJzdWIiOiJhYmMxMjMiLCJzdWJUeXBlIjoiY2xpZW50S2V5IiwiYWxsb3dfbGlzdCI6WyIqIl0sImlhdCI6MTY5NzU3NTU2NywiZXhwIjoxNjk3NTc5MTY3fQ.a0WDn2c52ZBjFhGEuHI_f8hKp68Lznv5FV7dKi0MDEDT88lEi36uXoQSYYUMjQGkEYOrY_033lr-DHxqo271nA HTTP/1.1
Host: l1s.saturn.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ila.jswords.xyz/
Origin: https://ila.jswords.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 17 Oct 2023 20:46:07 GMT
content-type: application/vnd.ipld.car;version=1;order=dfs;dups=y
cache-control: public, max-age=29030400, immutable
x-lassie-version: lassie/v0.19.2-f7b051a
server-timing: started-finding-candidates;dur=0.047469;candidates-found=35771063;candidates-filtered=35790620,retrieval-Bitswap;dur=35.863957;first-byte-received=290960755, shim; dur=328.238044, shim_lassie; dur=328.176087, shim_lassie_headers; dur=328.05065199999996, shim_lassie_body; dur=0.183444, nginx;dur=0, nginx_uct;dur=, nginx_uht;dur=, nginx_urt;dur=
etag: "Qma5FeanAKrnK9o8XwHj5t8XHMKXC6CpCnvFji5nzkmFA5.car.ejv1e5ni7o4ut"
x-ipfs-path: /ipfs/Qma5FeanAKrnK9o8XwHj5t8XHMKXC6CpCnvFji5nzkmFA5/108
x-content-type-options: nosniff
content-disposition: attachment; filename="Qma5FeanAKrnK9o8XwHj5t8XHMKXC6CpCnvFji5nzkmFA5_108.car"
saturn-node-id: d30a45ca-e2cb-4b52-8417-e0031f67156a
saturn-node-version: 1081_1ebf12f
saturn-transfer-id: 8bfecc93bf55561c865e3544815a9f02
saturn-cache-status: HIT
timing-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Traceparent
access-control-expose-headers: *
accept-ranges: none
X-Firefox-Spdy: h2

139.45.197.239

200 OK

1.5 kB

URL GET HTTP/2
gloaphoo.net/500/6301604?excludes=&oaid=q8qf623731wl065182052c2x6eiuh056&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=6&pl=https%3A%2F%2Fila.jswords.xyz%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.303.0
IP
139.45.197.239:443
ASN
#9002 RETN Limited

Requested by
https://ila.jswords.xyz/
Certificate
IssuerLet's Encrypt
Subjectgloaphoo.net
Fingerprint5F:C6:15:A3:C5:AC:09:1F:66:72:F9:C8:1E:EF:45:4D:F6:8D:73:1B
ValiditySat, 14 Oct 2023 05:09:27 GMT - Fri, 12 Jan 2024 05:09:26 GMT

File type
troff or preprocessor input, Unicode text, UTF-8 text, with very long lines (1543), with no line terminators
Size
1.5 kB (1520 bytes)
Hash
8fe63c4aed1a768e196ff7f17317f672
31d54074f2fedac386050565c0c840c040ccd437
b78d1e89b8cdf507908448d431943584b919a73bfd735a333359f302c87a0064

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /500/6301604?excludes=&oaid=q8qf623731wl065182052c2x6eiuh056&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=6&pl=https%3A%2F%2Fila.jswords.xyz%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.303.0 HTTP/1.1
Host: gloaphoo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://ila.jswords.xyz
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Cookie: OAID=db9a8bd74c3640e59001066a9c209933
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 17 Oct 2023 20:46:04 GMT
content-type: application/javascript
x-trace-id: 6dee8680690a1d22dd6b174d9d473438
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: https://ila.jswords.xyz
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
set-cookie: OAID=q8qf623731wl065182052c2x6eiuh056; expires=Wed, 16 Oct 2024 20:46:04 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

static.arc.io/widget/js/core.js?944baab

194.242.11.186

200 OK

318 kB

URL GET HTTP/2
static.arc.io/widget/js/core.js?944baab
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://ila.jswords.xyz/
Certificate
IssuerLet's Encrypt
Subjectstatic.arc.io
FingerprintD9:B2:57:1E:FB:96:4A:5C:9A:10:26:01:5E:16:F0:36:97:F6:80:91
ValiditySun, 10 Sep 2023 00:09:00 GMT - Sat, 09 Dec 2023 00:08:59 GMT

File type

Size
318 kB (317541 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /widget/js/core.js?944baab HTTP/1.1
Host: static.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ila.jswords.xyz
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 17 Oct 2023 20:46:04 GMT
content-type: text/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 786569
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
access-control-max-age: 86400
cache-control: public, max-age=2592000, stale-while-revalidate=864000
etag: W/"d808c536efcdf8033cd54592b56c9536"
last-modified: Fri, 13 Oct 2023 17:06:45 GMT
x-amz-id-2: 1bGK7eGnX2rtADeqWdkWRMsS9n/Z+mRkBgtqWLQzHTbTsrPgtEbtQ3VhdVL2975O8+JuEvwAl/k=
x-amz-request-id: R1JSATG5KRE7CSRT
x-amz-server-side-encryption: AES256
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 10/13/2023 18:02:24
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 1851c3fcf6978a19e225157e3277e712
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

l1s.saturn.ms/ipfs/QmRYoNskukBNN6LsR92cV4LazUJwwCkqs7tDJAKHfyFtCA/570?clientId=68ea096a-274e-44c8-ac00-3f03b15200da&format=car&dag-scope=entity

95.164.38.93

200 OK

282 kB

URL GET HTTP/2
l1s.saturn.ms/ipfs/QmRYoNskukBNN6LsR92cV4LazUJwwCkqs7tDJAKHfyFtCA/570?clientId=68ea096a-274e-44c8-ac00-3f03b15200da&format=car&dag-scope=entity
IP
95.164.38.93:443
ASN
#29632 Netassist Limited

Requested by
https://ila.jswords.xyz/
Certificate
IssuerZeroSSL
Subjectl1s.saturn.ms
Fingerprint9C:0C:6D:D1:C0:EF:A1:26:1D:1A:E6:DD:26:2F:72:95:FE:1A:AA:42
ValidityWed, 11 Oct 2023 00:00:00 GMT - Tue, 09 Jan 2024 23:59:59 GMT

File type
data
Size
282 kB (281877 bytes)
Hash
ef4b825405d66619f8d427010a88d756
5d08af6ee2c6e291a779f164821c23af1540049d
47047de0cc94596476750d19c77908a667c5991f554fe79b64907a628cdd60e7

HTTP Headers

GET /ipfs/QmRYoNskukBNN6LsR92cV4LazUJwwCkqs7tDJAKHfyFtCA/570?clientId=68ea096a-274e-44c8-ac00-3f03b15200da&format=car&dag-scope=entity HTTP/1.1
Host: l1s.saturn.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ila.jswords.xyz/
Origin: https://ila.jswords.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 17 Oct 2023 20:46:06 GMT
content-type: application/vnd.ipld.car;version=1;order=dfs;dups=y
cache-control: public, max-age=29030400, immutable
x-lassie-version: lassie/v0.19.2-f7b051a
server-timing: started-finding-candidates;dur=0.053511;candidates-found=35113069;candidates-filtered=35133287,retrieval-Bitswap;dur=35.207978;first-byte-received=311875653, shim; dur=349.03466099999997, shim_lassie; dur=348.966343, shim_lassie_headers; dur=348.83419399999997, shim_lassie_body; dur=0.20832099999999998, nginx;dur=0, nginx_uct;dur=, nginx_uht;dur=, nginx_urt;dur=
etag: "QmRYoNskukBNN6LsR92cV4LazUJwwCkqs7tDJAKHfyFtCA.car.b0vu43g9rqr7q"
x-ipfs-path: /ipfs/QmRYoNskukBNN6LsR92cV4LazUJwwCkqs7tDJAKHfyFtCA/570
x-content-type-options: nosniff
content-disposition: attachment; filename="QmRYoNskukBNN6LsR92cV4LazUJwwCkqs7tDJAKHfyFtCA_570.car"
saturn-node-id: d30a45ca-e2cb-4b52-8417-e0031f67156a
saturn-node-version: 1081_1ebf12f
saturn-transfer-id: 42a0b3cd81bf90736212da69bb55ee98
saturn-cache-status: HIT
timing-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Traceparent
access-control-expose-headers: *
accept-ranges: none
X-Firefox-Spdy: h2

l1s.saturn.ms/ipfs/QmaF8FYeqmWpm3EG1gknFAM9k7MamBoRG48auYGh6tpYYD/999?format=car&dag-scope=entity&jwt=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiI1OWIwOWU0ZC1jYWZkLTQ4OGYtOTU5Ni1iNDM3ODhmY2NlNzMiLCJzdWIiOiJhYmMxMjMiLCJzdWJUeXBlIjoiY2xpZW50S2V5IiwiYWxsb3dfbGlzdCI6WyIqIl0sImlhdCI6MTY5NzU3NTU2OSwiZXhwIjoxNjk3NTc5MTY5fQ.gtptU5CuK-cOqBeao2GnbUgGx2CNqStT70kwDyqVjGMrCEu6Wn9BNRG1ladPjxUDD9WwsS309WFTma-Kgcto2A

95.164.38.93

200 OK

204 kB

URL GET HTTP/2
l1s.saturn.ms/ipfs/QmaF8FYeqmWpm3EG1gknFAM9k7MamBoRG48auYGh6tpYYD/999?format=car&dag-scope=entity&jwt=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiI1OWIwOWU0ZC1jYWZkLTQ4OGYtOTU5Ni1iNDM3ODhmY2NlNzMiLCJzdWIiOiJhYmMxMjMiLCJzdWJUeXBlIjoiY2xpZW50S2V5IiwiYWxsb3dfbGlzdCI6WyIqIl0sImlhdCI6MTY5NzU3NTU2OSwiZXhwIjoxNjk3NTc5MTY5fQ.gtptU5CuK-cOqBeao2GnbUgGx2CNqStT70kwDyqVjGMrCEu6Wn9BNRG1ladPjxUDD9WwsS309WFTma-Kgcto2A
IP
95.164.38.93:443
ASN
#29632 Netassist Limited

Requested by
https://ila.jswords.xyz/
Certificate
IssuerZeroSSL
Subjectl1s.saturn.ms
Fingerprint9C:0C:6D:D1:C0:EF:A1:26:1D:1A:E6:DD:26:2F:72:95:FE:1A:AA:42
ValidityWed, 11 Oct 2023 00:00:00 GMT - Tue, 09 Jan 2024 23:59:59 GMT

File type
data
Size
204 kB (203537 bytes)
Hash
663c1d6e19bc64beb9e0f327dbc0b393
08d447c1660d413858671dabef124276377f9f7d
7ba9d32c3b4f15e8ddcd85f695f982b33fb6fa11839b0f526ad72b7e71df55ad

HTTP Headers

GET /ipfs/QmaF8FYeqmWpm3EG1gknFAM9k7MamBoRG48auYGh6tpYYD/999?format=car&dag-scope=entity&jwt=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiI1OWIwOWU0ZC1jYWZkLTQ4OGYtOTU5Ni1iNDM3ODhmY2NlNzMiLCJzdWIiOiJhYmMxMjMiLCJzdWJUeXBlIjoiY2xpZW50S2V5IiwiYWxsb3dfbGlzdCI6WyIqIl0sImlhdCI6MTY5NzU3NTU2OSwiZXhwIjoxNjk3NTc5MTY5fQ.gtptU5CuK-cOqBeao2GnbUgGx2CNqStT70kwDyqVjGMrCEu6Wn9BNRG1ladPjxUDD9WwsS309WFTma-Kgcto2A HTTP/1.1
Host: l1s.saturn.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ila.jswords.xyz/
Origin: https://ila.jswords.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 17 Oct 2023 20:46:09 GMT
content-type: application/vnd.ipld.car;version=1;order=dfs;dups=y
cache-control: public, max-age=29030400, immutable
x-lassie-version: lassie/v0.19.2-f7b051a
server-timing: started-finding-candidates;dur=0.041618;candidates-found=242883019;candidates-filtered=242908637,retrieval-Bitswap;dur=162.960003;first-byte-received=236386133, shim; dur=402.53132, shim_lassie; dur=402.436993, shim_lassie_headers; dur=402.26471999999995, shim_lassie_body; dur=0.19541599999999998, nginx;dur=0, nginx_uct;dur=, nginx_uht;dur=, nginx_urt;dur=
etag: "QmaF8FYeqmWpm3EG1gknFAM9k7MamBoRG48auYGh6tpYYD.car.3uguuka7ugcim"
x-ipfs-path: /ipfs/QmaF8FYeqmWpm3EG1gknFAM9k7MamBoRG48auYGh6tpYYD/999
x-content-type-options: nosniff
content-disposition: attachment; filename="QmaF8FYeqmWpm3EG1gknFAM9k7MamBoRG48auYGh6tpYYD_999.car"
saturn-node-id: d30a45ca-e2cb-4b52-8417-e0031f67156a
saturn-node-version: 1081_1ebf12f
saturn-transfer-id: 42c1cd7b96b9ea9219ad374a1df34c50
saturn-cache-status: HIT
timing-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Traceparent
access-control-expose-headers: *
accept-ranges: none
X-Firefox-Spdy: h2

arc.io/widget.min.js

54.230.111.25

200 OK

7.6 kB

URL GET HTTP/2
arc.io/widget.min.js
IP
54.230.111.25:443
ASN
#16509 AMAZON-02

Requested by
https://ila.jswords.xyz/
Certificate
IssuerAmazon
Subjectarc.io
FingerprintF6:AE:3C:13:39:4E:15:7E:83:F8:01:A2:BB:B7:E6:6B:BC:09:D0:19
ValidityTue, 21 Feb 2023 00:00:00 GMT - Thu, 21 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (7892), with no line terminators
Size
7.6 kB (7627 bytes)
Hash
986f78602be9cdf7d99895dd851a769d
5d640e8442d13ac51291238b5a6c1e2984d7c718
6317db31bde17cffc12b02daeaab8cea32484eb7d067d7fa03a7883b5cbe5cbd

HTTP Headers

GET /widget.min.js HTTP/1.1
Host: arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
content-length: 2948
date: Tue, 17 Oct 2023 20:06:55 GMT
last-modified: Fri, 13 Oct 2023 17:06:17 GMT
content-encoding: br
cache-control: public, max-age=3600, stale-while-revalidate=864000
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
etag: "65297909-b84"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Cbrk9oVYg64ngWz1FfBZGxQRUpnuCSy71QnuNyzopFR-PRVgYFh7hg==
age: 2349
X-Firefox-Spdy: h2

static.arc.io/widget/js/vendors~widget-ui.js?c9b0de53

194.242.11.186

200 OK

96 kB

URL GET HTTP/2
static.arc.io/widget/js/vendors~widget-ui.js?c9b0de53
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://ila.jswords.xyz/
Certificate
IssuerLet's Encrypt
Subjectstatic.arc.io
FingerprintD9:B2:57:1E:FB:96:4A:5C:9A:10:26:01:5E:16:F0:36:97:F6:80:91
ValiditySun, 10 Sep 2023 00:09:00 GMT - Sat, 09 Dec 2023 00:08:59 GMT

File type
ASCII text, with very long lines (63194)
Size
96 kB (95924 bytes)
Hash
de8ab4879bd77ebe629c721339d42f65
fdb117223b56b52fc13256fa0288723785631d2a
7a4a51ab0b9301083e145526762d065e622a0ec8cfb5a866cd6b20c87087ff08

HTTP Headers

GET /widget/js/vendors~widget-ui.js?c9b0de53 HTTP/1.1
Host: static.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 17 Oct 2023 20:46:04 GMT
content-type: text/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 786569
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
access-control-max-age: 86400
cache-control: public, max-age=2592000, stale-while-revalidate=864000
etag: W/"de8ab4879bd77ebe629c721339d42f65"
last-modified: Sun, 09 Apr 2023 20:18:37 GMT
x-amz-id-2: VM0WsNAIxns4tvPbrpC28hzrcIi6qrifpOIg83Dsxk+k8SVmalyyd2nxhu5btLVQBWLDMhZ927o=
x-amz-request-id: EXJBJXF7R208ZRX9
x-amz-server-side-encryption: AES256
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 04/11/2023 14:34:42
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 2fcc4880e0b21b89bdc9889493c536bc
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

static.arc.io/widget/js/vendors~widget-sc-client.js?35fccb86

194.242.11.186

200 OK

61 kB

URL GET HTTP/2
static.arc.io/widget/js/vendors~widget-sc-client.js?35fccb86
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://ila.jswords.xyz/
Certificate
IssuerLet's Encrypt
Subjectstatic.arc.io
FingerprintD9:B2:57:1E:FB:96:4A:5C:9A:10:26:01:5E:16:F0:36:97:F6:80:91
ValiditySun, 10 Sep 2023 00:09:00 GMT - Sat, 09 Dec 2023 00:08:59 GMT

File type
ASCII text, with very long lines (34291)
Size
61 kB (61070 bytes)
Hash
1bfa017c8b068bd2857ce731fa38ab1d
583885e7d50ef1e7ee5499c98263e43c70c5b6bb
31501078b411835882c834ed620bebe77a2b8ff3664514358cda957fba8c247d

HTTP Headers

GET /widget/js/vendors~widget-sc-client.js?35fccb86 HTTP/1.1
Host: static.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 17 Oct 2023 20:46:06 GMT
content-type: text/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 786569
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
access-control-max-age: 86400
cache-control: public, max-age=2592000, stale-while-revalidate=864000
etag: W/"1bfa017c8b068bd2857ce731fa38ab1d"
last-modified: Fri, 21 Jul 2023 22:44:31 GMT
x-amz-id-2: iVx03LJxdTFr7jBU37KwuNIOVz0gafl7UyWyaUlDZaN85LWtBb5+YhMrp3WeVWZYytUPA0D18ws=
x-amz-request-id: 5FZNX83MTXW3K7VK
x-amz-server-side-encryption: AES256
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 08/02/2023 07:30:27
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: d66e4471f40d83e15b68017001e14151
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

cids.arc.io/top-cids

194.242.11.186

200 OK

6.9 kB

URL GET HTTP/2
cids.arc.io/top-cids
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://ila.jswords.xyz/
Certificate
IssuerLet's Encrypt
Subjectcids.arc.io
Fingerprint6F:3D:CE:8C:88:EE:1B:0E:6B:BA:F3:2C:C5:EC:8A:48:D4:B6:C5:7B
ValidityMon, 18 Sep 2023 02:09:44 GMT - Sun, 17 Dec 2023 02:09:43 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (7098), with no line terminators
Size
6.9 kB (6898 bytes)
Hash
99b22a76bf424e889382bd1f0e379282
8d412f6860bd8564e1fe89f59ba779bfbaf052ff
a3a1ad642a67a4e098f06704207260a0e4bb3e3966fedf7a8469a988a72599ab

HTTP Headers

GET /top-cids HTTP/1.1
Host: cids.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ila.jswords.xyz/
Origin: https://ila.jswords.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 17 Oct 2023 20:46:06 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: BunnyCDN-NO1-830
cdn-pullzone: 1392871
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=3600
etag: W/"1af2-OQ1CoM6TjOjdeXvDhD8frHCVaJI"
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 10/17/2023 20:13:04
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: e20099b8668964b03b86781ac4fe868f
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

ophoacit.com/9?z=6211840&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fila.jswords.xyz%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&sah=1024&drf=&hil=1&ist=0&oaid=q8qf623731wl065182052c2x6eiuh056

139.45.197.242

200 OK

6.5 kB

URL POST HTTP/2
ophoacit.com/9?z=6211840&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fila.jswords.xyz%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&sah=1024&drf=&hil=1&ist=0&oaid=q8qf623731wl065182052c2x6eiuh056
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://ila.jswords.xyz/
Certificate
IssuerLet's Encrypt
Subjectophoacit.com
FingerprintBA:22:E5:6C:16:E2:40:EC:4F:D5:BC:70:BD:70:0F:C0:76:C0:39:8F
ValidityWed, 16 Aug 2023 07:14:02 GMT - Tue, 14 Nov 2023 07:14:01 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (6997), with no line terminators
Size
6.5 kB (6520 bytes)
Hash
e558d292a3057896331d9817bc9a58e0
1fd775900d6715e46a0856aea1333c4fd6ed1fc7
ae2f42d67fa7f8d3948930746bf5d0fa8aa162988c012232f06766b10e17e47d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /9?z=6211840&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fila.jswords.xyz%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&sah=1024&drf=&hil=1&ist=0&oaid=q8qf623731wl065182052c2x6eiuh056 HTTP/1.1
Host: ophoacit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 57
Origin: https://ila.jswords.xyz
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Cookie: scm=1; OAID=3dc8589174ea464e94084a5f2ee18c82; oaidts=1697575562
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 17 Oct 2023 20:46:04 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://ila.jswords.xyz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: c404132dba7ae829dbac900b120957d9
access-control-expose-headers: X-Sc
set-cookie: OAID=q8qf623731wl065182052c2x6eiuh056; expires=Wed, 16 Oct 2024 20:46:04 GMT; secure; SameSite=None
oaidts=1697575562; expires=Wed, 16 Oct 2024 20:46:04 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

tzegilo.com/stattag.js

104.21.6.68

200 OK

19 kB

URL GET HTTP/2
tzegilo.com/stattag.js
IP
104.21.6.68:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ila.jswords.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjecttzegilo.com
Fingerprint52:B8:ED:73:BB:55:6F:9C:F8:97:7C:04:34:2B:AD:DB:55:0A:C9:6A
ValidityThu, 05 Oct 2023 17:59:18 GMT - Wed, 03 Jan 2024 17:59:17 GMT

File type
ASCII text, with very long lines (18369)
Size
19 kB (19019 bytes)
Hash
89e89aea544ea2785d49cc4cd9cf26f6
7d53437a89eb9861038ee27a8ff0e3bb70fa2a0b
86da38693fcea056d36588a4146e85392f784c457511de416fec32034aafa4f9

HTTP Headers

GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 17 Oct 2023 20:46:03 GMT
content-type: application/javascript
last-modified: Thu, 07 Sep 2023 08:19:52 GMT
etag: W/"64f987a8-4a4b"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 6933
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r4%2Ftnn4tQgQVxtwdsJjti4YlzGegB0HRkaLST%2Fa6FkOs9TryVMco26LK00L%2Bwky5l4%2BRywpl7sXGcNBuzNih58ebDKx%2FkGcZ1KJ%2Fdche3JXZjxczI509HiK74ckxcA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 817b638aace656a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Roboto:wght@400;700&family=Comfortaa:wght@400;700&display=swap

142.250.74.106

200 OK

9.1 kB

URL GET HTTP/3
fonts.googleapis.com/css2?family=Roboto:wght@400;700&family=Comfortaa:wght@400;700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://ila.jswords.xyz/home.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint73:C0:B4:AB:41:0A:6A:68:D4:AE:EE:E2:11:A4:38:23:EF:D2:86:B7
ValidityMon, 18 Sep 2023 08:25:07 GMT - Mon, 11 Dec 2023 08:25:06 GMT

File type
ASCII text, with very long lines (9330), with no line terminators
Size
9.1 kB (9096 bytes)
Hash
6b8db8dbbd210995a3c8529f7006cf98
4ad8604cba7c60ee44e8f187ba6c406acb4b3519
4a22188165005371287f9d12b799f5337fac826f12b05f650b341922d45f21d0

HTTP Headers

GET /css2?family=Roboto:wght@400;700&family=Comfortaa:wght@400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 17 Oct 2023 20:46:05 GMT
date: Tue, 17 Oct 2023 20:46:05 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ophoacit.com/11?rnd=2593403572&z=6211840&b=15936367&var=&varid=0&rqtdbc=1&rcvdbc=1&btp=7&rb=J1qT23D052OEeCjp3EOTs4f5FNmOOtlBp1fdrFRFj0AAzwBvSInI7iqjv0vu9jLGhH24rEVAYcmqdnHYyLQIuUA189vSrvwwVuBNLxWcQbU60wLFEyhu-08_B_VpOVevylHU7fl1SVCxcvTvN2-9GJrK3FJ7CzHAHkljPxkXT1uxTrT6ilDEwDJ9OPiUUJpEXvS2D65rkjghDN2GiQmGV1wcpNlsvrzSU49xqWyKbUakfFeDzRCCq8bigIbzkahiCD6Ycpe9PfZDqO9Tn-n4AIbfv2wfMfxVzGSM2jrK_XA8h6oTj8CquOKZG6As-UPveLY9a1HslUN5Yr44vYP6xbissNKudqLV8hmP-Uvi9Eo-aEauk3A8Yj9MYR_CG7TpMcI8-p-mB-ypK6yvFXtQzqtUD15xQ1VZBur76vo6S5OWz3f7H0HdLX9A80xm5qzKTXdKiTwQtqsk46HEBirD0_7oXBVxNGc9EbP2ZrdVPFIBtRLLgiBolp6fxC0erin0qAKDP4Vgpy2BHYQsncCICoyvhjnuafX-KCe3Js71lKqtyCyt96D0yLOSCUwl6OAwRXK7EjW5cu5-wtd3C5S2IVG1Hcb0pxoAeXHqgmh1FrUew0itLCVWKMp6yHbRquPWyMQycI5AU24edybOe_Oj2Oo-kMFZbSyFP9QlKA==&ruid=800af5d8-67bf-47df-abe6-2a398d5abaf2&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fila.jswords.xyz%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&sah=1024&drf=&hil=1&ist=0&ot=156

139.45.197.242

200 OK

0 B

URL GET HTTP/2
ophoacit.com/11?rnd=2593403572&z=6211840&b=15936367&var=&varid=0&rqtdbc=1&rcvdbc=1&btp=7&rb=J1qT23D052OEeCjp3EOTs4f5FNmOOtlBp1fdrFRFj0AAzwBvSInI7iqjv0vu9jLGhH24rEVAYcmqdnHYyLQIuUA189vSrvwwVuBNLxWcQbU60wLFEyhu-08_B_VpOVevylHU7fl1SVCxcvTvN2-9GJrK3FJ7CzHAHkljPxkXT1uxTrT6ilDEwDJ9OPiUUJpEXvS2D65rkjghDN2GiQmGV1wcpNlsvrzSU49xqWyKbUakfFeDzRCCq8bigIbzkahiCD6Ycpe9PfZDqO9Tn-n4AIbfv2wfMfxVzGSM2jrK_XA8h6oTj8CquOKZG6As-UPveLY9a1HslUN5Yr44vYP6xbissNKudqLV8hmP-Uvi9Eo-aEauk3A8Yj9MYR_CG7TpMcI8-p-mB-ypK6yvFXtQzqtUD15xQ1VZBur76vo6S5OWz3f7H0HdLX9A80xm5qzKTXdKiTwQtqsk46HEBirD0_7oXBVxNGc9EbP2ZrdVPFIBtRLLgiBolp6fxC0erin0qAKDP4Vgpy2BHYQsncCICoyvhjnuafX-KCe3Js71lKqtyCyt96D0yLOSCUwl6OAwRXK7EjW5cu5-wtd3C5S2IVG1Hcb0pxoAeXHqgmh1FrUew0itLCVWKMp6yHbRquPWyMQycI5AU24edybOe_Oj2Oo-kMFZbSyFP9QlKA==&ruid=800af5d8-67bf-47df-abe6-2a398d5abaf2&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fila.jswords.xyz%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&sah=1024&drf=&hil=1&ist=0&ot=156
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://ila.jswords.xyz/
Certificate
IssuerLet's Encrypt
Subjectophoacit.com
FingerprintBA:22:E5:6C:16:E2:40:EC:4F:D5:BC:70:BD:70:0F:C0:76:C0:39:8F
ValidityWed, 16 Aug 2023 07:14:02 GMT - Tue, 14 Nov 2023 07:14:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /11?rnd=2593403572&z=6211840&b=15936367&var=&varid=0&rqtdbc=1&rcvdbc=1&btp=7&rb=J1qT23D052OEeCjp3EOTs4f5FNmOOtlBp1fdrFRFj0AAzwBvSInI7iqjv0vu9jLGhH24rEVAYcmqdnHYyLQIuUA189vSrvwwVuBNLxWcQbU60wLFEyhu-08_B_VpOVevylHU7fl1SVCxcvTvN2-9GJrK3FJ7CzHAHkljPxkXT1uxTrT6ilDEwDJ9OPiUUJpEXvS2D65rkjghDN2GiQmGV1wcpNlsvrzSU49xqWyKbUakfFeDzRCCq8bigIbzkahiCD6Ycpe9PfZDqO9Tn-n4AIbfv2wfMfxVzGSM2jrK_XA8h6oTj8CquOKZG6As-UPveLY9a1HslUN5Yr44vYP6xbissNKudqLV8hmP-Uvi9Eo-aEauk3A8Yj9MYR_CG7TpMcI8-p-mB-ypK6yvFXtQzqtUD15xQ1VZBur76vo6S5OWz3f7H0HdLX9A80xm5qzKTXdKiTwQtqsk46HEBirD0_7oXBVxNGc9EbP2ZrdVPFIBtRLLgiBolp6fxC0erin0qAKDP4Vgpy2BHYQsncCICoyvhjnuafX-KCe3Js71lKqtyCyt96D0yLOSCUwl6OAwRXK7EjW5cu5-wtd3C5S2IVG1Hcb0pxoAeXHqgmh1FrUew0itLCVWKMp6yHbRquPWyMQycI5AU24edybOe_Oj2Oo-kMFZbSyFP9QlKA==&ruid=800af5d8-67bf-47df-abe6-2a398d5abaf2&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fila.jswords.xyz%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&sah=1024&drf=&hil=1&ist=0&ot=156 HTTP/1.1
Host: ophoacit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ila.jswords.xyz
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Cookie: scm=1; OAID=q8qf623731wl065182052c2x6eiuh056; oaidts=1697575562
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 17 Oct 2023 20:46:05 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://ila.jswords.xyz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: 639a706f90e539b6a6be2ec8d716921b
access-control-expose-headers: X-Sc
set-cookie: OAID=q8qf623731wl065182052c2x6eiuh056; expires=Wed, 16 Oct 2024 20:46:05 GMT; secure; SameSite=None
oaidts=1697575562; expires=Wed, 16 Oct 2024 20:46:05 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

static.arc.io/widget/js/chunk-0565ec8a.js?801809a0

194.242.11.186

200 OK

74 kB

URL GET HTTP/2
static.arc.io/widget/js/chunk-0565ec8a.js?801809a0
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://ila.jswords.xyz/
Certificate
IssuerLet's Encrypt
Subjectstatic.arc.io
FingerprintD9:B2:57:1E:FB:96:4A:5C:9A:10:26:01:5E:16:F0:36:97:F6:80:91
ValiditySun, 10 Sep 2023 00:09:00 GMT - Sat, 09 Dec 2023 00:08:59 GMT

File type
ASCII text, with very long lines (61647)
Size
74 kB (73599 bytes)
Hash
34fad9f53a697213e84b9ad8577fbf51
dda6d66542458e399c33252f3bc5759827635691
013e3acf5844be9dce9eccdf081a292253b00641b84b6606e03aaf94f6953b63

HTTP Headers

GET /widget/js/chunk-0565ec8a.js?801809a0 HTTP/1.1
Host: static.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 17 Oct 2023 20:46:06 GMT
content-type: text/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 786569
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
access-control-max-age: 86400
cache-control: public, max-age=2592000, stale-while-revalidate=864000
etag: W/"34fad9f53a697213e84b9ad8577fbf51"
last-modified: Fri, 13 Oct 2023 17:06:45 GMT
x-amz-id-2: FpxokHIxjn0Th46f16N5cbArkGlmDx6n0qhJU0M+ugmoQxuf8+NHKd+gIulEAdQBfr65wwb/ohE=
x-amz-request-id: D5F8XD494AF3BWJH
x-amz-server-side-encryption: AES256
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 10/13/2023 18:07:54
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 40650d7d558f207d28548f3c51e87d02
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

cids.arc.io/top-cids

194.242.11.186

200 OK

6.9 kB

URL GET HTTP/2
cids.arc.io/top-cids
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://ila.jswords.xyz/
Certificate
IssuerLet's Encrypt
Subjectcids.arc.io
Fingerprint6F:3D:CE:8C:88:EE:1B:0E:6B:BA:F3:2C:C5:EC:8A:48:D4:B6:C5:7B
ValidityMon, 18 Sep 2023 02:09:44 GMT - Sun, 17 Dec 2023 02:09:43 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (7098), with no line terminators
Size
6.9 kB (6898 bytes)
Hash
99b22a76bf424e889382bd1f0e379282
8d412f6860bd8564e1fe89f59ba779bfbaf052ff
a3a1ad642a67a4e098f06704207260a0e4bb3e3966fedf7a8469a988a72599ab

HTTP Headers

GET /top-cids HTTP/1.1
Host: cids.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ila.jswords.xyz/
Origin: https://ila.jswords.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 17 Oct 2023 20:46:11 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: BunnyCDN-NO1-830
cdn-pullzone: 1392871
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=3600
etag: W/"1af2-OQ1CoM6TjOjdeXvDhD8frHCVaJI"
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 10/17/2023 20:13:04
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: b2534827d953bbda7715c8eba0cc3594
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

static.arc.io/broker/js/chunk-vendors.5e1d8045.js

194.242.11.186

200 OK

50 kB

URL GET HTTP/2
static.arc.io/broker/js/chunk-vendors.5e1d8045.js
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://core.arc.io/broker.html?944baab
Certificate
IssuerLet's Encrypt
Subjectstatic.arc.io
FingerprintD9:B2:57:1E:FB:96:4A:5C:9A:10:26:01:5E:16:F0:36:97:F6:80:91
ValiditySun, 10 Sep 2023 00:09:00 GMT - Sat, 09 Dec 2023 00:08:59 GMT

File type

Size
50 kB (50177 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /broker/js/chunk-vendors.5e1d8045.js HTTP/1.1
Host: static.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://core.arc.io
DNT: 1
Connection: keep-alive
Referer: https://core.arc.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 17 Oct 2023 20:46:04 GMT
content-type: text/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 786569
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
access-control-max-age: 86400
cache-control: public, max-age=2592000
etag: W/"c78a505ea0c6b4622562567efbbeb847"
last-modified: Sun, 09 Apr 2023 20:16:26 GMT
x-amz-id-2: VyHkeICsF1a+K5ovjscShAgABXqGVm0lwJKduieK1nR2tJpHXEEJ3E8leBB5r+9zVl6PDGeleeM=
x-amz-request-id: DDCEYFG5SY80RD2V
x-amz-server-side-encryption: AES256
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 04/28/2023 10:25:18
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 79d0d176c4e3779e67930cfef1b250fc
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

socket.arc.io/socketcluster/?nodeId=R441erkG1J2kAbihxWTxBe

0.0.0.0

0 B

URL GET
socket.arc.io/socketcluster/?nodeId=R441erkG1J2kAbihxWTxBe
IP
0.0.0.0:0
ASN
#0

Requested by
https://ila.jswords.xyz/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /socketcluster/?nodeId=R441erkG1J2kAbihxWTxBe HTTP/1.1
Host: socket.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://ila.jswords.xyz
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: I2zG0mbrsVSbFl19xMArbQ==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-98DP5VKS42&cid=80435394.1697575564&gtm=45je3ab0&aip=1&z=1691404881

142.250.74.163

200 OK

42 B

URL GET HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-98DP5VKS42&cid=80435394.1697575564&gtm=45je3ab0&aip=1&z=1691404881
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://ila.jswords.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.no
Fingerprint48:45:BE:2F:7E:1C:5E:22:C9:20:2A:BC:C6:A6:CD:D1:C4:35:68:65
ValidityMon, 18 Sep 2023 08:27:03 GMT - Mon, 11 Dec 2023 08:27:02 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-98DP5VKS42&cid=80435394.1697575564&gtm=45je3ab0&aip=1&z=1691404881 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 17 Oct 2023 20:46:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

interstitial-07.com/?l=ioqJg0I7Fg1lQjz&cd_meta_crid=50538&trkintimp&target_url=https%3A%2F%2Fophoacit.com%2F12%3Frnd%3D1517656814%26z%3D6211840%26b%3D15936367%26c%3D6377955%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Fbeesy.pro%253Fzoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%2526country%253D%257Bcountry%257D%2526browser%253D%257Bbrowser%257D%2526campaignid%253D%257Bcampaignid%257D%2526cost%253D%257Bcost%257D%2526clickid%253D%2524%257BSUBID%257D%26cln%3D1%26btp%3D7%26rb%3DJ1qT23D052OEeCjp3EOTs4f5FNmOOtlBp1fdrFRFj0AAzwBvSInI7iqjv0vu9jLGhH24rEVAYcmqdnHYyLQIuUA189vSrvwwVuBNLxWcQbU60wLFEyhu-08_B_VpOVevylHU7fl1SVCxcvTvN2-9GJrK3FJ7CzHAHkljPxkXT1uxTrT6ilDEwDJ9OPiUUJpEXvS2D65rkjghDN2GiQmGV1wcpNlsvrzSU49xqWyKbUakfFeDzRCCq8bigIbzkahiCD6Ycpe9PfZDqO9Tn-n4AIbfv2wfMfxVzGSM2jrK_XA8h6oTj8CquOKZG6As-UPveLY9a1HslUN5Yr44vYP6xbissNKudqLV8hmP-Uvi9Eo-aEauk3A8Yj9MYR_CG7TpMcI8-p-mB-ypK6yvFXtQzqtUD15xQ1VZBur76vo6S5OWz3f7H0HdLX9A80xm5qzKTXdKiTwQtqsk46HEBirD0_7oXBVxNGc9EbP2ZrdVPFIBtRLLgiBolp6fxC0erin0qAKDP4Vgpy2BHYQsncCICoyvhjnuafX-KCe3Js71lKqtyCyt96D0yLOSCUwl6OAwRXK7EjW5cu5-wtd3C5S2IVG1Hcb0pxoAeXHqgmh1FrUew0itLCVWKMp6yHbRquPWyMQycI5AU24edybOe_Oj2Oo-kMFZbSyFP9QlKA%3D%3D%26bag%3DKh3ZNesuHwchFbOw831bEA%3D%3D%26ruid%3D800af5d8-67bf-47df-abe6-2a398d5abaf2%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D5%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fila.jswords.xyz%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D1024%26wfc%3D2%26sah%3D1024%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0

139.45.197.154

200 OK

9.8 kB

URL GET HTTP/2
interstitial-07.com/?l=ioqJg0I7Fg1lQjz&cd_meta_crid=50538&trkintimp&target_url=https%3A%2F%2Fophoacit.com%2F12%3Frnd%3D1517656814%26z%3D6211840%26b%3D15936367%26c%3D6377955%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Fbeesy.pro%253Fzoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%2526country%253D%257Bcountry%257D%2526browser%253D%257Bbrowser%257D%2526campaignid%253D%257Bcampaignid%257D%2526cost%253D%257Bcost%257D%2526clickid%253D%2524%257BSUBID%257D%26cln%3D1%26btp%3D7%26rb%3DJ1qT23D052OEeCjp3EOTs4f5FNmOOtlBp1fdrFRFj0AAzwBvSInI7iqjv0vu9jLGhH24rEVAYcmqdnHYyLQIuUA189vSrvwwVuBNLxWcQbU60wLFEyhu-08_B_VpOVevylHU7fl1SVCxcvTvN2-9GJrK3FJ7CzHAHkljPxkXT1uxTrT6ilDEwDJ9OPiUUJpEXvS2D65rkjghDN2GiQmGV1wcpNlsvrzSU49xqWyKbUakfFeDzRCCq8bigIbzkahiCD6Ycpe9PfZDqO9Tn-n4AIbfv2wfMfxVzGSM2jrK_XA8h6oTj8CquOKZG6As-UPveLY9a1HslUN5Yr44vYP6xbissNKudqLV8hmP-Uvi9Eo-aEauk3A8Yj9MYR_CG7TpMcI8-p-mB-ypK6yvFXtQzqtUD15xQ1VZBur76vo6S5OWz3f7H0HdLX9A80xm5qzKTXdKiTwQtqsk46HEBirD0_7oXBVxNGc9EbP2ZrdVPFIBtRLLgiBolp6fxC0erin0qAKDP4Vgpy2BHYQsncCICoyvhjnuafX-KCe3Js71lKqtyCyt96D0yLOSCUwl6OAwRXK7EjW5cu5-wtd3C5S2IVG1Hcb0pxoAeXHqgmh1FrUew0itLCVWKMp6yHbRquPWyMQycI5AU24edybOe_Oj2Oo-kMFZbSyFP9QlKA%3D%3D%26bag%3DKh3ZNesuHwchFbOw831bEA%3D%3D%26ruid%3D800af5d8-67bf-47df-abe6-2a398d5abaf2%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D5%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fila.jswords.xyz%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D1024%26wfc%3D2%26sah%3D1024%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
IP
139.45.197.154:443
ASN
#9002 RETN Limited

Requested by
https://ila.jswords.xyz/
Certificate
IssuerLet's Encrypt
Subjectinterstitial-07.com
Fingerprint00:E7:2A:13:61:9D:57:92:3C:7C:19:C4:A0:BC:74:4D:3C:10:4B:15
ValidityTue, 03 Oct 2023 05:11:58 GMT - Mon, 01 Jan 2024 05:11:57 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (10072), with no line terminators
Size
9.8 kB (9760 bytes)
Hash
51a61fa0f5a166161ba316a649e32eb7
ada1243bc7cf2e55234cb5bf3acbc643a0b4f35e
7e899030e5b9745cf715ea01acccc238b73c0bdc183c7a6bd516c3e425145fbd

HTTP Headers

GET /?l=ioqJg0I7Fg1lQjz&cd_meta_crid=50538&trkintimp&target_url=https%3A%2F%2Fophoacit.com%2F12%3Frnd%3D1517656814%26z%3D6211840%26b%3D15936367%26c%3D6377955%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Fbeesy.pro%253Fzoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%2526country%253D%257Bcountry%257D%2526browser%253D%257Bbrowser%257D%2526campaignid%253D%257Bcampaignid%257D%2526cost%253D%257Bcost%257D%2526clickid%253D%2524%257BSUBID%257D%26cln%3D1%26btp%3D7%26rb%3DJ1qT23D052OEeCjp3EOTs4f5FNmOOtlBp1fdrFRFj0AAzwBvSInI7iqjv0vu9jLGhH24rEVAYcmqdnHYyLQIuUA189vSrvwwVuBNLxWcQbU60wLFEyhu-08_B_VpOVevylHU7fl1SVCxcvTvN2-9GJrK3FJ7CzHAHkljPxkXT1uxTrT6ilDEwDJ9OPiUUJpEXvS2D65rkjghDN2GiQmGV1wcpNlsvrzSU49xqWyKbUakfFeDzRCCq8bigIbzkahiCD6Ycpe9PfZDqO9Tn-n4AIbfv2wfMfxVzGSM2jrK_XA8h6oTj8CquOKZG6As-UPveLY9a1HslUN5Yr44vYP6xbissNKudqLV8hmP-Uvi9Eo-aEauk3A8Yj9MYR_CG7TpMcI8-p-mB-ypK6yvFXtQzqtUD15xQ1VZBur76vo6S5OWz3f7H0HdLX9A80xm5qzKTXdKiTwQtqsk46HEBirD0_7oXBVxNGc9EbP2ZrdVPFIBtRLLgiBolp6fxC0erin0qAKDP4Vgpy2BHYQsncCICoyvhjnuafX-KCe3Js71lKqtyCyt96D0yLOSCUwl6OAwRXK7EjW5cu5-wtd3C5S2IVG1Hcb0pxoAeXHqgmh1FrUew0itLCVWKMp6yHbRquPWyMQycI5AU24edybOe_Oj2Oo-kMFZbSyFP9QlKA%3D%3D%26bag%3DKh3ZNesuHwchFbOw831bEA%3D%3D%26ruid%3D800af5d8-67bf-47df-abe6-2a398d5abaf2%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D5%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fila.jswords.xyz%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D1024%26wfc%3D2%26sah%3D1024%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0 HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 17 Oct 2023 20:46:05 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.27
set-cookie: reverse=PtDj8J5lye2SiDYu4BByFp_S0q23Vsc-6d9tjPVD9fE; expires=Tue, 17-Oct-2023 21:46:05 GMT; Max-Age=3600; path=/
OAID=5b1e987664e481577f1ad038ba53f0a6; expires=Wed, 03-Aug-2078 17:32:10 GMT; Max-Age=1729197965; path=/
oaidts=1697575565; expires=Wed, 03-Aug-2078 17:32:10 GMT; Max-Age=1729197965; path=/
syncedCookie=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: br
X-Firefox-Spdy: h2

fundingchoicesmessages.google.com/i/pub-5756835229788588?ers=1

216.58.211.14

200 OK

20 kB

URL GET HTTP/2
fundingchoicesmessages.google.com/i/pub-5756835229788588?ers=1
IP
216.58.211.14:443
ASN
#15169 GOOGLE

Requested by
https://ila.jswords.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint09:1E:68:9F:BD:40:4B:47:8D:AC:BE:FE:EF:35:D6:52:C1:A0:EC:9F
ValidityMon, 18 Sep 2023 08:19:26 GMT - Mon, 11 Dec 2023 08:19:25 GMT

File type
ASCII text, with very long lines (1790)
Size
20 kB (20290 bytes)
Hash
2c132d355c78cf200867abd35181e3a2
be66d7b60af7e6f90568b39f4f511d9e92f8ad0b
4dc499b26f68e4b89e16f0d8b28f43fc7b7e7fd9b92e067558af0491e41543c4

HTTP Headers

GET /i/pub-5756835229788588?ers=1 HTTP/1.1
Host: fundingchoicesmessages.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 17 Oct 2023 20:46:04 GMT
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'nonce-3I1pvWpADGPrcVeq50mNsw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

static.arc.io/widget/js/lazy-modules.js?fe421cd5

194.242.11.186

200 OK

435 B

URL GET HTTP/2
static.arc.io/widget/js/lazy-modules.js?fe421cd5
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://ila.jswords.xyz/
Certificate
IssuerLet's Encrypt
Subjectstatic.arc.io
FingerprintD9:B2:57:1E:FB:96:4A:5C:9A:10:26:01:5E:16:F0:36:97:F6:80:91
ValiditySun, 10 Sep 2023 00:09:00 GMT - Sat, 09 Dec 2023 00:08:59 GMT

File type
ASCII text, with very long lines (464), with no line terminators
Size
435 B (435 bytes)
Hash
43bd3c4c0ccb5712a30713ec4c159d21
0db4d1c3354c909fb76985739c2aacae3ca9bb07
8f0be6e8c7ee8b92e8474bbb0d8bc872ae0575e25f3d4a0b39ce2ca1b07d41eb

HTTP Headers

GET /widget/js/lazy-modules.js?fe421cd5 HTTP/1.1
Host: static.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 17 Oct 2023 20:46:05 GMT
content-type: text/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 786569
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
access-control-max-age: 86400
cache-control: public, max-age=2592000, stale-while-revalidate=864000
etag: W/"bf3693cfb405887329f70b7d8af75778"
last-modified: Tue, 25 Apr 2023 01:22:11 GMT
x-amz-id-2: NyNNtGyBYr0fhFTGXecNlByO+9kgJveProrvltkRDsiIF8y2TDNpM/L70Kx4pucukHqV5rVR7H0=
x-amz-request-id: 8BC1C5A03YB3T72R
x-amz-server-side-encryption: AES256
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 05/06/2023 03:05:26
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: b1c38f2b2abdad33e1ef9a187827cc1c
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

unpkg.com/@filecoin-saturn/js-client@0.3.0/dist/strn.min.js

104.16.122.175

200 OK

230 kB

URL GET HTTP/2
unpkg.com/@filecoin-saturn/js-client@0.3.0/dist/strn.min.js
IP
104.16.122.175:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ila.jswords.xyz/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT

File type

Size
230 kB (230037 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /@filecoin-saturn/js-client@0.3.0/dist/strn.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 17 Oct 2023 20:46:06 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"38295-J/atQt7SrWPKhUa6daMFoFzSrsk"
via: 1.1 fly.io
fly-request-id: 01HCN11V5E6MYCYW1HS1N6K57Y-arn
cf-cache-status: HIT
age: 357728
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 817b6399ed0756ab-OSL
content-encoding: br
X-Firefox-Spdy: h2

static.arc.io/widget/js/chunk-2d2088b3.js?85cee77e

194.242.11.186

200 OK

6.7 kB

URL GET HTTP/2
static.arc.io/widget/js/chunk-2d2088b3.js?85cee77e
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://ila.jswords.xyz/
Certificate
IssuerLet's Encrypt
Subjectstatic.arc.io
FingerprintD9:B2:57:1E:FB:96:4A:5C:9A:10:26:01:5E:16:F0:36:97:F6:80:91
ValiditySun, 10 Sep 2023 00:09:00 GMT - Sat, 09 Dec 2023 00:08:59 GMT

File type
ASCII text, with very long lines (6908), with no line terminators
Size
6.7 kB (6749 bytes)
Hash
101745d6618f390c299556cbc2ae3cff
83b4f980fbebeaea700f1eea8d29649eb1dbb797
991c956b3979c6540274ac235209c3813e1c25e8f0517e75722d7a9dffee8d78

HTTP Headers

GET /widget/js/chunk-2d2088b3.js?85cee77e HTTP/1.1
Host: static.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 17 Oct 2023 20:46:06 GMT
content-type: text/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 786569
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
access-control-max-age: 86400
cache-control: public, max-age=2592000, stale-while-revalidate=864000
etag: W/"52e5e8e21557810a0f270dfe332c0386"
last-modified: Fri, 13 Oct 2023 17:06:45 GMT
x-amz-id-2: AZofQCVdsncmeROq8WuQiaCd3vIOlm46tv1ELiDpDVboIfioMkCl887YW8sSYGd4+NVjveusnWQ=
x-amz-request-id: D5F3E6Z9EBPW1GN9
x-amz-server-side-encryption: AES256
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 10/13/2023 18:07:54
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: d967257b12761c89bf297f0f9449e9a7
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

static.arc.io/widget/css/widget.css?944baab

194.242.11.186

200 OK

87 kB

URL GET HTTP/2
static.arc.io/widget/css/widget.css?944baab
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://ila.jswords.xyz/
Certificate
IssuerLet's Encrypt
Subjectstatic.arc.io
FingerprintD9:B2:57:1E:FB:96:4A:5C:9A:10:26:01:5E:16:F0:36:97:F6:80:91
ValiditySun, 10 Sep 2023 00:09:00 GMT - Sat, 09 Dec 2023 00:08:59 GMT

File type
ASCII text, with very long lines (13320)
Size
87 kB (86599 bytes)
Hash
ee456231e74aa00d0fab8a5f15697904
178661694c4c8002bfd7b7b54b84350ea3e661fe
fa793d6c9ee094829d884c39ff48c47194444f18626638071232e3ab02102742

HTTP Headers

GET /widget/css/widget.css?944baab HTTP/1.1
Host: static.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 17 Oct 2023 20:46:04 GMT
content-type: text/css
server: BunnyCDN-NO1-830
cdn-pullzone: 786569
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-allow-methods: GET, HEAD
access-control-max-age: 86400
cache-control: public, max-age=2592000, stale-while-revalidate=864000
etag: W/"ee456231e74aa00d0fab8a5f15697904"
last-modified: Fri, 13 Oct 2023 17:06:45 GMT
x-amz-id-2: KJyuU+XDBT/eDSfOnKYWvCMPv1J8+hAnIhJWfsXq0wXUE4SvnFq64ATH0H0R5QzEwX+PkVklXYU=
x-amz-request-id: R3ANXBHBDBFXP4EA
x-amz-server-side-encryption: AES256
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 10/13/2023 18:07:21
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 49354773c99796d4bae4ca4a398e8f24
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

139.45.197.242

204 No Content

0 B

URL OPTIONS HTTP/2
ophoacit.com/9?z=6211840&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fila.jswords.xyz%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&sah=1024&drf=&hil=1&ist=0&oaid=q8qf623731wl065182052c2x6eiuh056
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://ila.jswords.xyz/
Certificate
IssuerLet's Encrypt
Subjectophoacit.com
FingerprintBA:22:E5:6C:16:E2:40:EC:4F:D5:BC:70:BD:70:0F:C0:76:C0:39:8F
ValidityWed, 16 Aug 2023 07:14:02 GMT - Tue, 14 Nov 2023 07:14:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /9?z=6211840&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fila.jswords.xyz%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&sah=1024&drf=&hil=1&ist=0&oaid=q8qf623731wl065182052c2x6eiuh056 HTTP/1.1
Host: ophoacit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://ila.jswords.xyz/
Origin: https://ila.jswords.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
server: nginx
date: Tue, 17 Oct 2023 20:46:04 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://ila.jswords.xyz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

static.arc.io/widget/js/chunk-2d0cf2b3.js?d98d2542

194.242.11.186

200 OK

3.1 MB

URL GET HTTP/2
static.arc.io/widget/js/chunk-2d0cf2b3.js?d98d2542
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://ila.jswords.xyz/
Certificate
IssuerLet's Encrypt
Subjectstatic.arc.io
FingerprintD9:B2:57:1E:FB:96:4A:5C:9A:10:26:01:5E:16:F0:36:97:F6:80:91
ValiditySun, 10 Sep 2023 00:09:00 GMT - Sat, 09 Dec 2023 00:08:59 GMT

File type

Size
3.1 MB (3059686 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /widget/js/chunk-2d0cf2b3.js?d98d2542 HTTP/1.1
Host: static.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 17 Oct 2023 20:46:06 GMT
content-type: text/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 786569
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
access-control-max-age: 86400
cache-control: public, max-age=2592000, stale-while-revalidate=864000
etag: W/"3e9a577ca6bcba5cdf18d0dafd192870"
last-modified: Tue, 25 Apr 2023 01:22:11 GMT
x-amz-id-2: +jGvV7tfXJak48pq1vBnPk4W1Il+v/BMqP/t3rUZMXHD+DDegwD9sVJF6rnTZ5If+l6wAtAhm2M=
x-amz-request-id: BAY78TX8B9XX6RQQ
x-amz-server-side-encryption: AES256
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 04/30/2023 19:24:13
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: d35d4a61f38472c024bf87514564e3bc
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

tkr.arc.io/announce

0.0.0.0

0 B

URL GET
tkr.arc.io/announce
IP
0.0.0.0:0
ASN
#0

Requested by
https://ila.jswords.xyz/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /announce HTTP/1.1
Host: tkr.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://ila.jswords.xyz
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: bs4FKyOwq8t/amYSgsSjyQ==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

static.arc.io/widget/js/brokers.js?cfaaa772

194.242.11.186

200 OK

23 kB

URL GET HTTP/2
static.arc.io/widget/js/brokers.js?cfaaa772
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://ila.jswords.xyz/
Certificate
IssuerLet's Encrypt
Subjectstatic.arc.io
FingerprintD9:B2:57:1E:FB:96:4A:5C:9A:10:26:01:5E:16:F0:36:97:F6:80:91
ValiditySun, 10 Sep 2023 00:09:00 GMT - Sat, 09 Dec 2023 00:08:59 GMT

File type
ASCII text, with very long lines (21470)
Size
23 kB (23443 bytes)
Hash
e1f31a1f2266b21d5986026408c6b7ae
16583ba6436fb94cf4d05cb8ec6cb5d601d83926
58936974bff4521fdc89cd5eb181ec9187a06458235ddab4a1c36486bf3150a8

HTTP Headers

GET /widget/js/brokers.js?cfaaa772 HTTP/1.1
Host: static.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 17 Oct 2023 20:46:05 GMT
content-type: text/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 786569
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
access-control-max-age: 86400
cache-control: public, max-age=2592000, stale-while-revalidate=864000
etag: W/"e1f31a1f2266b21d5986026408c6b7ae"
last-modified: Tue, 25 Apr 2023 01:22:11 GMT
x-amz-id-2: yu7xrYjJK6NwAsckD7vOLRJfkoAb8NX/TcsViQ//ny2Il3SN3UL7w8TNtBPTqOAADHgic+Tq8xA=
x-amz-request-id: P155NY5A75HWNWHG
x-amz-server-side-encryption: AES256
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 04/27/2023 20:18:09
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 88bcb5b41e5f899286f179df50061fe0
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

static.arc.io/widget/js/lazy-iwc.js?8aedfc26

194.242.11.186

200 OK

14 kB

URL GET HTTP/2
static.arc.io/widget/js/lazy-iwc.js?8aedfc26
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://ila.jswords.xyz/
Certificate
IssuerLet's Encrypt
Subjectstatic.arc.io
FingerprintD9:B2:57:1E:FB:96:4A:5C:9A:10:26:01:5E:16:F0:36:97:F6:80:91
ValiditySun, 10 Sep 2023 00:09:00 GMT - Sat, 09 Dec 2023 00:08:59 GMT

File type
ASCII text, with very long lines (14151)
Size
14 kB (14197 bytes)
Hash
79f87bf000461a78e70050f0b33e54bd
c9d31fe64b37cfee9161518de01368a25101d159
a10e7cded87daa4318d9448308e6e87e15e1da89d2d7f585da84ef0420f20690

HTTP Headers

GET /widget/js/lazy-iwc.js?8aedfc26 HTTP/1.1
Host: static.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ila.jswords.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 17 Oct 2023 20:46:06 GMT
content-type: text/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 786569
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
access-control-max-age: 86400
cache-control: public, max-age=2592000, stale-while-revalidate=864000
etag: W/"79f87bf000461a78e70050f0b33e54bd"
last-modified: Fri, 21 Jul 2023 22:44:31 GMT
x-amz-id-2: j9mNCE3kHa6dwZjCQVtuZq/IIwe9W6Wu3ZMSLggNCF8UrW0whsvPfpfvpK6sVePqEK/ERAEowFE=
x-amz-request-id: 0XDY8WA0MWF8R8TP
x-amz-server-side-encryption: AES256
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 08/02/2023 07:47:23
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: b416988fc3871e542f7cffa53f044bb0
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

static.arc.io/broker/js/broker.9e6bf337.js

194.242.11.186

200 OK

24 kB

URL GET HTTP/2
static.arc.io/broker/js/broker.9e6bf337.js
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://core.arc.io/broker.html?944baab
Certificate
IssuerLet's Encrypt
Subjectstatic.arc.io
FingerprintD9:B2:57:1E:FB:96:4A:5C:9A:10:26:01:5E:16:F0:36:97:F6:80:91
ValiditySun, 10 Sep 2023 00:09:00 GMT - Sat, 09 Dec 2023 00:08:59 GMT

File type
ASCII text, with very long lines (24359)
Size
24 kB (24403 bytes)
Hash
0f4be176d7381439a060ff326b994fd2
a2157b6419a02054e10fd69cad0df08ee46c85a8
15dd17bc017fd6b5c5874bf0c0f127131b09f9f8a4a5f596aa846269f4bad7c9

HTTP Headers

GET /broker/js/broker.9e6bf337.js HTTP/1.1
Host: static.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://core.arc.io
DNT: 1
Connection: keep-alive
Referer: https://core.arc.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 17 Oct 2023 20:46:04 GMT
content-type: text/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 786569
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
access-control-max-age: 86400
cache-control: public, max-age=2592000
etag: W/"0f4be176d7381439a060ff326b994fd2"
last-modified: Sun, 09 Apr 2023 20:16:26 GMT
x-amz-id-2: oudqOKbsQCz4yqY6LwYIB8h10e59wLT8cTznCVVGzMAu8JWzCHBJKGPXYiDJbO2cJUR4GB0JvVk=
x-amz-request-id: 7HAC4QG70M72C6ZE
x-amz-server-side-encryption: AES256
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 04/09/2023 21:07:40
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 476652f7adb29b3203a2944582861a64
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (45)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash