| cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css | 104.17.25.14 | 200 OK | 5.8 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css IP104.17.25.14:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hashe9365fe85b7e4db79a87015e52c3db6c 2e2b5eb6e08f0f3d11fe0ada97c962a23ba6a0d9 dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56
GET /ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 04:13:33 GMT
content-type: text/css; charset=utf-8
content-length: 5845
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed9-1149f"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1285966
expires: Wed, 16 Apr 2025 04:13:33 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0eRM3O5x8SN1rl8IFdAP31ocrbk7HNFYZVlXZoKYJASDPU%2BkRS5aEI7HRQzkqO3pP7ojZi%2Ff1QAbUbOwhrk%2BYEw87kZqoq8JCE%2B3qrAjg6QKXmKE1zdW0q6PmX5nsB0zOELW6tWH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87a3bdad68a10b02-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/all.min.css | 104.17.25.14 | 200 OK | 19 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/all.min.css IP104.17.25.14:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (52276) Hash5222e06b77a1692fa2520a219840e6be 8b4236206a8b86af3761a244277663046d7ff7ee 0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5
GET /ajax/libs/font-awesome/6.4.2/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 04:13:33 GMT
content-type: text/css; charset=utf-8
content-length: 18778
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "64cac444-495a"
last-modified: Wed, 02 Aug 2023 21:01:56 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 6108
expires: Wed, 16 Apr 2025 04:13:33 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BlWaajd1dF6TdDReyHSHX214p%2Bh51BycLKiRwAGH7tpZLXmSu4dl92mjQeCDHLAHSD1n4%2FsAmh1TppoAKQvehdQjikAkNJKrkK01KWzwd9hpMNkudJAAYdq3%2B%2FV3x1uyuRZJ3i5A"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87a3bdad68a80b02-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| i.ibb.co/pZDr8sd/Twitter-Hide-Password.png | 162.19.58.161 | 200 OK | 28 kB |
URL GET HTTP/2i.ibb.co/pZDr8sd/Twitter-Hide-Password.png IP162.19.58.161:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerLet's Encrypt Subjectibb.co Fingerprint0C:8B:6F:2F:B8:9F:91:1E:3A:DD:B1:1B:45:47:B4:65:FD:56:73:3D ValidityMon, 22 Apr 2024 06:29:44 GMT - Sun, 21 Jul 2024 06:29:43 GMT
File typePNG image data, 656 x 656, 8-bit/color RGBA, non-interlaced Hash8d1f08b46884df302bf7300fc234832c 5735d57b6fa211c400d439095d5ff2f5bb57e691 e4cff1f68b85c3343554090b3479273a54e5eed2dbb3e56ceb9f86c4ebe8b0e7
GET /pZDr8sd/Twitter-Hide-Password.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 04:13:33 GMT
content-type: image/png
content-length: 28029
last-modified: Tue, 17 Jan 2023 04:04:57 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| i.ibb.co/PYpHF6b/Twitter-Show-Password.png | 162.19.58.161 | 200 OK | 28 kB |
URL GET HTTP/2i.ibb.co/PYpHF6b/Twitter-Show-Password.png IP162.19.58.161:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerLet's Encrypt Subjectibb.co Fingerprint0C:8B:6F:2F:B8:9F:91:1E:3A:DD:B1:1B:45:47:B4:65:FD:56:73:3D ValidityMon, 22 Apr 2024 06:29:44 GMT - Sun, 21 Jul 2024 06:29:43 GMT
File typePNG image data, 656 x 656, 8-bit/color RGBA, non-interlaced Hash2fd203703821d5ce5d18bee2a51b779a a78d7b1369ce8bc34de57909af142043cae446f0 6b82611fa96f118128b0db9692dd982ca0fe79b1b4d8048946880600cc4f97c8
GET /PYpHF6b/Twitter-Show-Password.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 04:13:33 GMT
content-type: image/png
content-length: 28355
last-modified: Tue, 17 Jan 2023 04:04:57 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| ajajwjw.privrendom.com/img/style-img/link1.png | 104.21.48.135 | 200 OK | 720 B |
URL GET HTTP/3ajajwjw.privrendom.com/img/style-img/link1.png IP104.21.48.135:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerGoogle Trust Services LLC Subjectprivrendom.com FingerprintC7:DE:E3:50:6F:1B:3D:14:FD:80:90:EA:E9:7D:C7:97:B9:5B:F4:D2 ValidityThu, 21 Mar 2024 11:21:35 GMT - Wed, 19 Jun 2024 11:21:34 GMT
File typePNG image data, 50 x 50, 8-bit colormap, non-interlaced Hash780affb1d4acd83f282615df4b03544f b8d26f447adf3b813382256f8a9ed7f7eed5d575 19944dcd7a89540ee46a6a54133c8ab31591f09dc4e2168c514bbc7615ee3993
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent | Quad9 DNS | malicious | Sinkholed |
GET /img/style-img/link1.png HTTP/1.1
Host: ajajwjw.privrendom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:13:33 GMT
content-type: image/png
content-length: 720
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 04:13:33 GMT
last-modified: Tue, 03 Oct 2023 17:04:16 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5r1fzu8sPZQMJTVkmZiJBFo0RLdIbQFSeWmNaCxJMiqxjlZi8CCpDeuC9GqLbzjXQTeJJZ9r9UKPJUFiEVcwUrv59bgZ8k52r8xnVQGavUpVOQInFQEAFyBBoixqwolS4zTTA4Oacu6s"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3bdad6bdb1c0e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ajajwjw.privrendom.com/img/lazspin.png | 104.21.48.135 | 200 OK | 8.1 kB |
URL GET HTTP/3ajajwjw.privrendom.com/img/lazspin.png IP104.21.48.135:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerGoogle Trust Services LLC Subjectprivrendom.com FingerprintC7:DE:E3:50:6F:1B:3D:14:FD:80:90:EA:E9:7D:C7:97:B9:5B:F4:D2 ValidityThu, 21 Mar 2024 11:21:35 GMT - Wed, 19 Jun 2024 11:21:34 GMT
File typePNG image data, 207 x 92, 8-bit colormap, non-interlaced Hashf737b7e7485be9e4aa05ded993f6ff66 82822218c478d661f486ff6e564211badb9c3dc1 4e49296befac69598d9b62832efec62e997daa5f0d5fa37a8381bca5e7714608
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent | Quad9 DNS | malicious | Sinkholed |
GET /img/lazspin.png HTTP/1.1
Host: ajajwjw.privrendom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:13:33 GMT
content-type: image/png
content-length: 8137
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 04:13:33 GMT
last-modified: Tue, 28 Nov 2023 23:58:02 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RyW46p7MSFvcPKg9LAgcrs818a90O4WnNYK4XEXKK8lqmg%2FV8cX8Kynpxc%2FQvxN9JHEdHU6kvwuwhrl718g2OjEA758FzUdpwD1Hj0bgP2yFMU%2BqsM5R46c7ZR6ifRimge%2BmyqI5Ps8P"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3bdad5bcb1c0e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ajajwjw.privrendom.com/img/style-img/link6.png | 104.21.48.135 | 200 OK | 3.4 kB |
URL GET HTTP/3ajajwjw.privrendom.com/img/style-img/link6.png IP104.21.48.135:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerGoogle Trust Services LLC Subjectprivrendom.com FingerprintC7:DE:E3:50:6F:1B:3D:14:FD:80:90:EA:E9:7D:C7:97:B9:5B:F4:D2 ValidityThu, 21 Mar 2024 11:21:35 GMT - Wed, 19 Jun 2024 11:21:34 GMT
File typePNG image data, 184 x 140, 8-bit colormap, non-interlaced Hash4b2b3c0c2ddfaff90202702bc43f337e 605f9702c1e380df38002efae9610af08e85c3ea bcb9a13864902b1d235a6222c1fbb661d11835f38075f9882efae3364d1eb1f4
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent | Quad9 DNS | malicious | Sinkholed |
GET /img/style-img/link6.png HTTP/1.1
Host: ajajwjw.privrendom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:13:33 GMT
content-type: image/png
content-length: 3407
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 04:13:33 GMT
last-modified: Tue, 03 Oct 2023 17:06:52 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uv2vQ7j%2BLValUcz6kEzIllZexHVAqEvXLcKtdphPNHAD3xZKSfnrZH4XBbim0VJF9tptwOQ5V%2B2XXfZ1G2uCB%2B1n7YJboEc02Jd1uxfUjjQ9zu6dRcIcUgg5vo7%2FWb2Sy6rQsOiI88iZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3bdad8be51c0e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.pubgmobile.com/en/images/nav_menu.svg | 23.36.76.227 | 200 OK | 426 B |
URL GET HTTP/2www.pubgmobile.com/en/images/nav_menu.svg IP23.36.76.227:443 ASN#20940 Akamai International B.V.
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerDigiCert Inc Subjectwetv.acc.qq.com Fingerprint5C:D9:77:1B:16:32:99:FE:C5:2E:BD:E3:86:D8:71:22:B0:1B:6A:3F ValidityMon, 30 Oct 2023 00:00:00 GMT - Wed, 30 Oct 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hasha1f09c4f5c87271dbccf8cb05885ad42 18bbacc9c372dcb6bc77c2475595e058c1ad1594 b0d849e0e910d13bcdab1e94f5c799dda1a9429c908e18069f9dc7f7d551d58a
GET /en/images/nav_menu.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
etag: "62387c82-374"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 426
date: Fri, 26 Apr 2024 04:13:33 GMT
akamai-grn: 0.df4c2417.1714104813.f86c160
X-Firefox-Spdy: h2
|
|
| ajajwjw.privrendom.com/img/style-img/icon_fb.png | 104.21.48.135 | 200 OK | 4.5 kB |
URL GET HTTP/3ajajwjw.privrendom.com/img/style-img/icon_fb.png IP104.21.48.135:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerGoogle Trust Services LLC Subjectprivrendom.com FingerprintC7:DE:E3:50:6F:1B:3D:14:FD:80:90:EA:E9:7D:C7:97:B9:5B:F4:D2 ValidityThu, 21 Mar 2024 11:21:35 GMT - Wed, 19 Jun 2024 11:21:34 GMT
File typePNG image data, 512 x 512, 8-bit colormap, non-interlaced Hash55eef055b7e3c9a7b01e75bf1d946602 298bedf186fdcc606901513a2edbb5bc3ca233e6 9af17159dff494810a71a37678db1df805f264b935730d1c2e5a4d970305917f
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent | Quad9 DNS | malicious | Sinkholed |
GET /img/style-img/icon_fb.png HTTP/1.1
Host: ajajwjw.privrendom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:13:33 GMT
content-type: image/png
content-length: 4549
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 04:13:33 GMT
last-modified: Sat, 08 Apr 2023 15:29:52 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QGXZSLKkNTEqR2V%2F2zPlA2cxeNCX5SqGK1JoahAupr%2F8mxm587KGU3adqW79o6%2BlqNepWV50ZvPPcUOlcJt9MrwOud5I1dOHh48MuZZmRisUoCXaYmUj148WApfMTnahRD%2FXndfSxTIo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3bdad5bd21c0e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ajajwjw.privrendom.com/img/style-img/link2.png | 104.21.48.135 | 200 OK | 1.2 kB |
URL GET HTTP/3ajajwjw.privrendom.com/img/style-img/link2.png IP104.21.48.135:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerGoogle Trust Services LLC Subjectprivrendom.com FingerprintC7:DE:E3:50:6F:1B:3D:14:FD:80:90:EA:E9:7D:C7:97:B9:5B:F4:D2 ValidityThu, 21 Mar 2024 11:21:35 GMT - Wed, 19 Jun 2024 11:21:34 GMT
File typePNG image data, 51 x 42, 8-bit colormap, non-interlaced Hashf0f3a4a5b0d429eab3ab6bf46c376cf2 ad5ba701019b77fa951f4f4d2c6602ece68f52d7 d2d7a4f06e72a53898a4386144e7dfedd614efe05eeef11b3882eb0f12cd9bd3
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent | Quad9 DNS | malicious | Sinkholed |
GET /img/style-img/link2.png HTTP/1.1
Host: ajajwjw.privrendom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:13:33 GMT
content-type: image/png
content-length: 1232
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 04:13:33 GMT
last-modified: Tue, 03 Oct 2023 17:06:58 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P%2BUb0xC1162iCTssQ6TZwBDVFKQ5xnvtyNic7V0sHIzxH81euEqBYQLfkN9M8YI%2BcO3llvfUgZ%2FBL5J1nNNtBY%2F%2FwySbtgjUoGNqnPFyFH%2F6VHoIY271J5ObfXgf%2BhLHaX7paC41jjr5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3bdad6bdc1c0e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ajajwjw.privrendom.com/img/style-img/link4.png | 104.21.48.135 | 200 OK | 1.2 kB |
URL GET HTTP/3ajajwjw.privrendom.com/img/style-img/link4.png IP104.21.48.135:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerGoogle Trust Services LLC Subjectprivrendom.com FingerprintC7:DE:E3:50:6F:1B:3D:14:FD:80:90:EA:E9:7D:C7:97:B9:5B:F4:D2 ValidityThu, 21 Mar 2024 11:21:35 GMT - Wed, 19 Jun 2024 11:21:34 GMT
File typePNG image data, 50 x 50, 8-bit colormap, non-interlaced Hashc2f30a5e479291012c2aeefaad9817a6 0541254ede6af575c34d6eeb496e3d686afe8811 162020cdf823fc5e00fa27cd1f9bd27da958b6703cf705cc0ca5ec57b35941e9
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent | Quad9 DNS | malicious | Sinkholed |
GET /img/style-img/link4.png HTTP/1.1
Host: ajajwjw.privrendom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:13:33 GMT
content-type: image/png
content-length: 1234
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 04:13:33 GMT
last-modified: Tue, 03 Oct 2023 17:06:32 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6r4oGIgZaP6hTHHyShdPZ0GEgrBfzsXRfnMTxi%2F%2Fng2hgjmCeLk06wE7DNcNFPtf9vz%2FUKlpqbQGqVquafBiStMGoD0mQFs9QGnTuQuoOtZt%2FYhx9xhDncywXM2pv7ZUo0W5P9s33FM8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3bdad7bdf1c0e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ajajwjw.privrendom.com/img/style-img/link3.png | 104.21.48.135 | 200 OK | 1.0 kB |
URL GET HTTP/3ajajwjw.privrendom.com/img/style-img/link3.png IP104.21.48.135:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerGoogle Trust Services LLC Subjectprivrendom.com FingerprintC7:DE:E3:50:6F:1B:3D:14:FD:80:90:EA:E9:7D:C7:97:B9:5B:F4:D2 ValidityThu, 21 Mar 2024 11:21:35 GMT - Wed, 19 Jun 2024 11:21:34 GMT
File typePNG image data, 52 x 37, 8-bit colormap, non-interlaced Hash9d88d15508e606c90c03ab6f2d5f74c3 e8fb68be0491e6e19830722bc7445b470422d2a1 2b411fc9871edf3f29f458de306a94b437b579723ff30897a85781328e97099f
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent | Quad9 DNS | malicious | Sinkholed |
GET /img/style-img/link3.png HTTP/1.1
Host: ajajwjw.privrendom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:13:33 GMT
content-type: image/png
content-length: 1041
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 04:13:33 GMT
last-modified: Tue, 03 Oct 2023 17:06:12 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JtyYxANTbuBJAQlEtgXUSru6u6KaG5a53WCIA3CRWVnY9dNoegcZ7B2nDi9r3yBztFizKy2MuQhHzNhGv%2FvVMznLqD6sYUZNy%2B2XklLVJWLKAkUUVOZNw7X8Tfgv0T9KMWAahXSxZejg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3bdad7bde1c0e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ajajwjw.privrendom.com/img/style-img/link5.png | 104.21.48.135 | 200 OK | 1.1 kB |
URL GET HTTP/3ajajwjw.privrendom.com/img/style-img/link5.png IP104.21.48.135:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerGoogle Trust Services LLC Subjectprivrendom.com FingerprintC7:DE:E3:50:6F:1B:3D:14:FD:80:90:EA:E9:7D:C7:97:B9:5B:F4:D2 ValidityThu, 21 Mar 2024 11:21:35 GMT - Wed, 19 Jun 2024 11:21:34 GMT
File typePNG image data, 51 x 51, 8-bit colormap, non-interlaced Hash8b7c997bf7ba21fd3cc40b41eb7cd04c c38ef804cda50cf076b7fb59d55d3c0d95a6369f 8a4a4cb62f65e3ef80c3cf960c55f77e05e2867e3cf1e134f6af52238a6c03e3
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent | Quad9 DNS | malicious | Sinkholed |
GET /img/style-img/link5.png HTTP/1.1
Host: ajajwjw.privrendom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:13:33 GMT
content-type: image/png
content-length: 1066
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 04:13:33 GMT
last-modified: Tue, 03 Oct 2023 17:06:34 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J%2Fa9ZKDniN3kOSEVIemBsqqkzjks6acY26IXp%2F0ghjHk3DgN5G5Uswt%2Fq0qCvniuf9%2FjPwkwBeFeHBVDAzgKOwsZqg9BWf9Vz%2Fioo%2BzR25BF32hvIEW4H9X7RypgAK%2FhoxUuS8I566Gn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3bdad7be01c0e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.pubgmobile.com/en/images/nav_download.svg | 23.36.76.227 | 200 OK | 485 B |
URL GET HTTP/2www.pubgmobile.com/en/images/nav_download.svg IP23.36.76.227:443 ASN#20940 Akamai International B.V.
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerDigiCert Inc Subjectwetv.acc.qq.com Fingerprint5C:D9:77:1B:16:32:99:FE:C5:2E:BD:E3:86:D8:71:22:B0:1B:6A:3F ValidityMon, 30 Oct 2023 00:00:00 GMT - Wed, 30 Oct 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash41c1c00e6070b60d70177ae11625bb86 7f01626c76ce129247860802fd2355f2878fe8dd 0b22f25d8b7421c4c4aec15a9a4781f873545a5732ac128871da40f38c98f4cf
GET /en/images/nav_download.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:17 GMT
etag: "62387c81-3ef"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
date: Fri, 26 Apr 2024 04:13:33 GMT
content-length: 485
akamai-grn: 0.df4c2417.1714104813.f86c162
X-Firefox-Spdy: h2
|
|
| ajajwjw.privrendom.com/img/style-img/icon_2.jpg | 104.21.48.135 | 200 OK | 42 kB |
URL GET HTTP/3ajajwjw.privrendom.com/img/style-img/icon_2.jpg IP104.21.48.135:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerGoogle Trust Services LLC Subjectprivrendom.com FingerprintC7:DE:E3:50:6F:1B:3D:14:FD:80:90:EA:E9:7D:C7:97:B9:5B:F4:D2 ValidityThu, 21 Mar 2024 11:21:35 GMT - Wed, 19 Jun 2024 11:21:34 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 554x554, components 3 Hasha3f64c4dbc59578bde87272fab800586 3d458492b06598b93382b3675e5b59aad8aac436 0fa244d4efd45a45b32d1319ec495e307381445f62dceb071892f47e431daa81
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent | Quad9 DNS | malicious | Sinkholed |
GET /img/style-img/icon_2.jpg HTTP/1.1
Host: ajajwjw.privrendom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:13:33 GMT
content-type: image/jpeg
content-length: 41672
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 04:13:33 GMT
last-modified: Mon, 26 Dec 2022 15:55:56 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=82lTq1I2cCcnAZvPhE4L%2F355k%2BxrnDXiwS5WuML8tv5srB9elGSLvL7jA8hzWvDKYw2Dwn9n4LM4ag8HeLTS9ZyRw%2FD5EbbBSFELZgPhkGnMNrIM7KJMSacicFU7nvg4302C2OyXvb8s"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3bdad5bd11c0e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ajajwjw.privrendom.com/img/reward/3.png | 104.21.48.135 | 200 OK | 33 kB |
URL GET HTTP/3ajajwjw.privrendom.com/img/reward/3.png IP104.21.48.135:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerGoogle Trust Services LLC Subjectprivrendom.com FingerprintC7:DE:E3:50:6F:1B:3D:14:FD:80:90:EA:E9:7D:C7:97:B9:5B:F4:D2 ValidityThu, 21 Mar 2024 11:21:35 GMT - Wed, 19 Jun 2024 11:21:34 GMT
File typePNG image data, 480 x 480, 8-bit colormap, non-interlaced Hash8fe2ef0fbd9a7acb17ff480011632db9 0a62fba96f02bc3b4f2e74fdd85f13df102c2b97 8dd021b9ce0e62630e8db7bcd5638100545bac657e28f9a34a3a4efae7d1f1f3
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent | Quad9 DNS | malicious | Sinkholed |
GET /img/reward/3.png HTTP/1.1
Host: ajajwjw.privrendom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:13:33 GMT
content-type: image/png
content-length: 32691
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 04:13:33 GMT
last-modified: Fri, 01 Dec 2023 14:34:40 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I0bRhBTUQTJRfDJ1%2Bu5ZK536EwqsvaWIUFaGaEcfGw7bfU24tMCEUSoZaHqARFgvGdfCrFLU8Je5oKNRCTsRLW6OrzXgLGImSc%2B1IptInzfmSgSRL%2FAstsEnFG6f7yLb4vQUHWrhdHQ2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3bdad4bc81c0e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ajajwjw.privrendom.com/img/style-img/twitter-text.png | 104.21.48.135 | 200 OK | 22 kB |
URL GET HTTP/3ajajwjw.privrendom.com/img/style-img/twitter-text.png IP104.21.48.135:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerGoogle Trust Services LLC Subjectprivrendom.com FingerprintC7:DE:E3:50:6F:1B:3D:14:FD:80:90:EA:E9:7D:C7:97:B9:5B:F4:D2 ValidityThu, 21 Mar 2024 11:21:35 GMT - Wed, 19 Jun 2024 11:21:34 GMT
File typePNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced Hashb45a51758aa50a3bfd76c5c0f4966c50 eed9113fc9d1a8e885c0315254787e9970ebe18c 4287a73211b504bc07eea69a5b33632ecb46ec6237a4b2355711766a5921d176
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent | Quad9 DNS | malicious | Sinkholed |
GET /img/style-img/twitter-text.png HTTP/1.1
Host: ajajwjw.privrendom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:13:33 GMT
content-type: image/png
content-length: 21698
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 04:13:33 GMT
last-modified: Sat, 16 Sep 2023 12:43:18 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AH%2FCwjTIe9X3g04Tx64r0g%2BrwJLhJeyb3zTWaSnHtXV%2B2Et5P0mwxgVRb66JXgYPx9eA6E02WQMm6if5FhjYagqRk5HtZCyLamAp4iGnjTwBe7Z6gWZ1CfRRj1NyCx4chziN02waHr3c"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3bdad5bcf1c0e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ajajwjw.privrendom.com/img/reward/4.png | 104.21.48.135 | 200 OK | 39 kB |
URL GET HTTP/3ajajwjw.privrendom.com/img/reward/4.png IP104.21.48.135:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerGoogle Trust Services LLC Subjectprivrendom.com FingerprintC7:DE:E3:50:6F:1B:3D:14:FD:80:90:EA:E9:7D:C7:97:B9:5B:F4:D2 ValidityThu, 21 Mar 2024 11:21:35 GMT - Wed, 19 Jun 2024 11:21:34 GMT
File typePNG image data, 480 x 480, 8-bit colormap, non-interlaced Hashdde56efa3dc1ebd0a9ab9258507d141f 09ca3da6b3a38807209c4066fd097bbc03ccbfdb 59676bf6d6462b65d3c3d0a3580ed6de82fd7f958a21c6d25321c86c1440d830
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent | Quad9 DNS | malicious | Sinkholed |
GET /img/reward/4.png HTTP/1.1
Host: ajajwjw.privrendom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:13:33 GMT
content-type: image/png
content-length: 38585
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 04:13:33 GMT
last-modified: Fri, 01 Dec 2023 14:34:40 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FplsxvGoAnqFCM5KgqxgqW3mu2zi5S9tN3a7Z1f943WtVZ1706AlPygY8qzVh9UaCW1fATG%2FWY1lpocn4kbqKgKatQmh6EYK4A%2FlckvZ%2BvI8rz9AowbGOSt2eqdif5K25kgIjnsbl%2F1L"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3bdad5bcc1c0e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ajajwjw.privrendom.com/img/style-img/facebook-text.png | 104.21.48.135 | 200 OK | 29 kB |
URL GET HTTP/3ajajwjw.privrendom.com/img/style-img/facebook-text.png IP104.21.48.135:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerGoogle Trust Services LLC Subjectprivrendom.com FingerprintC7:DE:E3:50:6F:1B:3D:14:FD:80:90:EA:E9:7D:C7:97:B9:5B:F4:D2 ValidityThu, 21 Mar 2024 11:21:35 GMT - Wed, 19 Jun 2024 11:21:34 GMT
File typePNG image data, 604 x 158, 8-bit/color RGBA, non-interlaced Hash74190b93fc4f5d88f0c8e6411ba20bd8 89ce2ecb660a90b8e6ed1b335443d7767c59f28a 092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent | Quad9 DNS | malicious | Sinkholed |
GET /img/style-img/facebook-text.png HTTP/1.1
Host: ajajwjw.privrendom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:13:33 GMT
content-type: image/png
content-length: 28789
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 04:13:33 GMT
last-modified: Tue, 29 Nov 2022 08:26:26 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8soG5Q19Z6r9hQfrjp%2B2eN0n4%2BmiXfNEiaYtgFvG%2BER12V0aGGHW7OprxjmpqrI1gtbSQgEP6LUlE46vexbKBgO4wY%2FHkmZfHpAYTIQe2bGpDSZhKvQwfYuj9bU8WQI%2FX1NWINixqom%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3bdad5bd01c0e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ajajwjw.privrendom.com/img/priv_laz.png | 104.21.48.135 | 200 OK | 16 kB |
URL GET HTTP/3ajajwjw.privrendom.com/img/priv_laz.png IP104.21.48.135:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerGoogle Trust Services LLC Subjectprivrendom.com FingerprintC7:DE:E3:50:6F:1B:3D:14:FD:80:90:EA:E9:7D:C7:97:B9:5B:F4:D2 ValidityThu, 21 Mar 2024 11:21:35 GMT - Wed, 19 Jun 2024 11:21:34 GMT
File typePNG image data, 1280 x 54, 8-bit colormap, non-interlaced Hash557dfbdc68ce9e69b419fb6b0ba9c8ef e39536f96647ef45e7f09cbbb230307ec2a46cc6 af3402159a3d2f80ac6b81cd8e6705e832c25ae031eb99410067a853b505a95f
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent | Quad9 DNS | malicious | Sinkholed |
GET /img/priv_laz.png HTTP/1.1
Host: ajajwjw.privrendom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:13:34 GMT
content-type: image/png
content-length: 15910
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 04:13:33 GMT
last-modified: Sat, 16 Sep 2023 06:26:30 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U9PF7z9%2FLCQZNgP0lihqW2YSn8X4OLIGBRpVZc9vnXxU5ucz6E2MdHEhfy%2Fu0RamLAe%2BdPfuPvw2BpiOKVkkACLcuqdbFPqakj62rjqTd90DwOI0pphCksYlLQUtFfaYTzfB8CBCeT%2BJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3bdad9be91c0e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ajajwjw.privrendom.com/img/reward/5.png | 104.21.48.135 | 200 OK | 33 kB |
URL GET HTTP/3ajajwjw.privrendom.com/img/reward/5.png IP104.21.48.135:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerGoogle Trust Services LLC Subjectprivrendom.com FingerprintC7:DE:E3:50:6F:1B:3D:14:FD:80:90:EA:E9:7D:C7:97:B9:5B:F4:D2 ValidityThu, 21 Mar 2024 11:21:35 GMT - Wed, 19 Jun 2024 11:21:34 GMT
File typePNG image data, 480 x 480, 8-bit colormap, non-interlaced Hash60bc9c8d4083f3de8a588686c3835584 2301c34b0dc3a8a26dfb76d4434db80baa326423 c390598216eb13232cf8db2b85aa3d3b9f66733be7bbceaa3f17ec81e4f65456
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent | Quad9 DNS | malicious | Sinkholed |
GET /img/reward/5.png HTTP/1.1
Host: ajajwjw.privrendom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:13:34 GMT
content-type: image/png
content-length: 32697
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 04:13:33 GMT
last-modified: Fri, 01 Dec 2023 14:34:42 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RpEG4yaD%2FtxuMr3%2FE96SANFIxU9pRdo42c4X3XdgkA4MNTHiWjp1mOnrLn2XWb7tVDGvGaGC%2FvVx1LyTmaVn7xSl9%2FhdMpkjktWzTkklwZdIThEmPfx6rQxUE4rjTHctUxvFMWL6LjV2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3bdad5bcd1c0e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.pubgmobile.com/act/a20180515iggamepc/logo.png | 23.36.76.227 | 200 OK | 6.1 kB |
URL GET HTTP/2www.pubgmobile.com/act/a20180515iggamepc/logo.png IP23.36.76.227:443 ASN#20940 Akamai International B.V.
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerDigiCert Inc Subjectwetv.acc.qq.com Fingerprint5C:D9:77:1B:16:32:99:FE:C5:2E:BD:E3:86:D8:71:22:B0:1B:6A:3F ValidityMon, 30 Oct 2023 00:00:00 GMT - Wed, 30 Oct 2024 23:59:59 GMT
Hasha74329a2054a9e096a43ba8742dd9523 4ccac3041bf854721b91dcb45286b8488dd9f072 cde9945e91f0e51058869d687cd24c8f58804f25623999f1291c71b3697093b6
GET /act/a20180515iggamepc/logo.png HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
etag: "5ff6baa2-3bf2"
last-modified: Mon, 08 May 2023 08:25:46 GMT
server: Akamai Image Manager
content-length: 6055
content-type: image/avif
cache-control: private, no-transform, max-age=43200
expires: Fri, 26 Apr 2024 16:13:34 GMT
date: Fri, 26 Apr 2024 04:13:34 GMT
akamai-grn: 0.df4c2417.1714104813.f86c161
X-Firefox-Spdy: h2
|
|
| ajajwjw.privrendom.com/img/style-img/footer.png | 104.21.48.135 | 200 OK | 23 kB |
URL GET HTTP/3ajajwjw.privrendom.com/img/style-img/footer.png IP104.21.48.135:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerGoogle Trust Services LLC Subjectprivrendom.com FingerprintC7:DE:E3:50:6F:1B:3D:14:FD:80:90:EA:E9:7D:C7:97:B9:5B:F4:D2 ValidityThu, 21 Mar 2024 11:21:35 GMT - Wed, 19 Jun 2024 11:21:34 GMT
File typePNG image data, 1280 x 189, 8-bit colormap, non-interlaced Hashc6b56cf1fbbb63620e8558afde759e96 4d50888d8a17c2dcdbd05e6068ca4b4b587c7f29 34f7601064bb7cc3cce9ba942dd92d7f53889c703daea37bf34e1e71a1de03f8
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent | Quad9 DNS | malicious | Sinkholed |
GET /img/style-img/footer.png HTTP/1.1
Host: ajajwjw.privrendom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:13:34 GMT
content-type: image/png
content-length: 22718
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 04:13:33 GMT
last-modified: Sun, 02 Oct 2022 09:58:54 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZSLEAd4rZsH2WMhSblBgWUwki44ShAexkIj20KoIbSVfUiZj%2FYh4REc369XI3ltLtiu%2F1XraMWE5%2FhrgObXwl2BkCZPq8fpDvHdAZPDIFBHfzSTcNxMfZZlJb%2FSyPDRieT2lYpOMgUBG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3bdad8be61c0e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ajajwjw.privrendom.com/index_files/css | 104.21.48.135 | 200 OK | 62 kB |
URL GET HTTP/3ajajwjw.privrendom.com/index_files/css IP104.21.48.135:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerGoogle Trust Services LLC Subjectprivrendom.com FingerprintC7:DE:E3:50:6F:1B:3D:14:FD:80:90:EA:E9:7D:C7:97:B9:5B:F4:D2 ValidityThu, 21 Mar 2024 11:21:35 GMT - Wed, 19 Jun 2024 11:21:34 GMT
File typeASCII text, with very long lines (1116) Hash755df17a408beddb747e36f27ae4dedc 53daa61ef477c0badec68fa8942cb5ffce0c38b0 a2db023c6c27693f044211498c952a94f002c75b80926bde95c24d5dbab187f4
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent | Quad9 DNS | malicious | Sinkholed |
GET /index_files/css HTTP/1.1
Host: ajajwjw.privrendom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:13:33 GMT
content-length: 62268
last-modified: Fri, 22 Apr 2022 07:48:20 GMT
accept-ranges: bytes
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZOApJkBvhszd%2BZBWsITbDUksoKOfSnVVE4AjU137Ph1jFh1XHfgbvQMaQV9QkZN94V1fBDJHGv8MWPye2KnMvIJZgH%2B9dNkapiCMtbMVx%2BDnO9%2BYNirBRPREg45Y%2FlgcMyqaJauPdaQZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a3bdad1ba81c0e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ajajwjw.privrendom.com/img/cover.png | 104.21.48.135 | 200 OK | 97 kB |
URL GET HTTP/3ajajwjw.privrendom.com/img/cover.png IP104.21.48.135:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerGoogle Trust Services LLC Subjectprivrendom.com FingerprintC7:DE:E3:50:6F:1B:3D:14:FD:80:90:EA:E9:7D:C7:97:B9:5B:F4:D2 ValidityThu, 21 Mar 2024 11:21:35 GMT - Wed, 19 Jun 2024 11:21:34 GMT
File typePNG image data, 1896 x 152, 8-bit/color RGBA, non-interlaced Hash4d2b581f384ea91dc93679b44a5c2fa5 d507b17add4fb91ca7c7b0ff87a09618c2656505 34fa216fc4e63735fe993b705a167fbaa3c5541ef2c15d642efb97df11133e01
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent | Quad9 DNS | malicious | Sinkholed |
GET /img/cover.png HTTP/1.1
Host: ajajwjw.privrendom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:13:34 GMT
content-type: image/png
content-length: 96679
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 04:13:33 GMT
last-modified: Tue, 28 Nov 2023 23:38:18 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1adMww6f8pemctuNa6MBpY0Gx2Gl6i5EBGhGg2SCv8P31NZ67prJX9PHK8iN7tYP1U%2FTPRI4Penf%2FEP9FhE3cfxqWzrnj6LwLzEGnjqVHy4O%2BfHOAC8xbaFCJi6hurst%2ByMsva%2Bo5DyP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3bdad3bc51c0e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ajajwjw.privrendom.com/img/style-img/logo.png | 104.21.48.135 | 200 OK | 86 kB |
URL GET HTTP/3ajajwjw.privrendom.com/img/style-img/logo.png IP104.21.48.135:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerGoogle Trust Services LLC Subjectprivrendom.com FingerprintC7:DE:E3:50:6F:1B:3D:14:FD:80:90:EA:E9:7D:C7:97:B9:5B:F4:D2 ValidityThu, 21 Mar 2024 11:21:35 GMT - Wed, 19 Jun 2024 11:21:34 GMT
File typePNG image data, 1074 x 800, 8-bit colormap, non-interlaced Hash622383c1c5ebc62f21750dba042a1142 88b851b84018faf7052bcdb5c3096dae7dc98df2 90af35797f120a1251b7496c57096cea46b4a57a20f3a7c8601021fdb8674461
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent | Quad9 DNS | malicious | Sinkholed |
GET /img/style-img/logo.png HTTP/1.1
Host: ajajwjw.privrendom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:13:34 GMT
content-type: image/png
content-length: 86273
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 04:13:33 GMT
last-modified: Wed, 12 Oct 2022 23:44:08 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4UH0J19XjCfbOvquh10LROwEEEIIlQYYLKdFk4J39Sxo12SFSfaQcorW%2FQsnhd4h8dIMNHwlvljk2IEYZ63hZqVSdduH0WlRMRtJD57poh3ghqIDjGvandlhUCoviY%2FhLDAaHAISESvs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3bdad3bc31c0e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ajajwjw.privrendom.com/img/reward/1.png | 104.21.48.135 | 200 OK | 67 kB |
URL GET HTTP/3ajajwjw.privrendom.com/img/reward/1.png IP104.21.48.135:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerGoogle Trust Services LLC Subjectprivrendom.com FingerprintC7:DE:E3:50:6F:1B:3D:14:FD:80:90:EA:E9:7D:C7:97:B9:5B:F4:D2 ValidityThu, 21 Mar 2024 11:21:35 GMT - Wed, 19 Jun 2024 11:21:34 GMT
File typePNG image data, 480 x 480, 8-bit colormap, non-interlaced Hash0fa6bd6fcd6f5a6efd7c15930e00ea09 6d0a2f8068644cb05de00342f0eeecf06b260370 1846bba0622f8bd814d86f39c905eedf3e07e1f66e519d8726a425494636a53f
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent | Quad9 DNS | malicious | Sinkholed |
GET /img/reward/1.png HTTP/1.1
Host: ajajwjw.privrendom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:13:34 GMT
content-type: image/png
content-length: 67409
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 04:13:33 GMT
last-modified: Fri, 01 Dec 2023 14:34:34 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G3N1R43i5jfbzi07vGRNAPwXo35k31b%2Fj7veAGZQnmeX141Y7AjM1LbNQ3gMjzsuHtvz%2B5BfvBIGC8HNllLdF7rTi1UIAmmnOu8trVzR0y7%2B3nVdrhCb9WNMZmIoe4rW6WTNXZMkaF4O"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3bdad3bc61c0e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ajajwjw.privrendom.com/index_files/jquery.min.js.download | 104.21.48.135 | 200 OK | 87 kB |
URL GET HTTP/3ajajwjw.privrendom.com/index_files/jquery.min.js.download IP104.21.48.135:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerGoogle Trust Services LLC Subjectprivrendom.com FingerprintC7:DE:E3:50:6F:1B:3D:14:FD:80:90:EA:E9:7D:C7:97:B9:5B:F4:D2 ValidityThu, 21 Mar 2024 11:21:35 GMT - Wed, 19 Jun 2024 11:21:34 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Hasha09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent | Quad9 DNS | malicious | Sinkholed |
GET /index_files/jquery.min.js.download HTTP/1.1
Host: ajajwjw.privrendom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:13:33 GMT
content-type: application/octet-stream
content-length: 86927
last-modified: Fri, 22 Apr 2022 07:48:20 GMT
accept-ranges: bytes
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q%2FyPgIe692bjPPqRJABpAjNns%2F0bcembuN0Ei39E463k2STiDQNSwPPBWVdGorEjMric%2B7EGekcxScnuFuqttUpgEtY3PIS%2BQ%2Fe5isO5L6oz8z70ey8aMKcmuwBurb9MldlmSHiNuN1b"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a3bdad9beb1c0e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ajajwjw.privrendom.com/img/header/5.jpg | 104.21.48.135 | 200 OK | 108 kB |
URL GET HTTP/3ajajwjw.privrendom.com/img/header/5.jpg IP104.21.48.135:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerGoogle Trust Services LLC Subjectprivrendom.com FingerprintC7:DE:E3:50:6F:1B:3D:14:FD:80:90:EA:E9:7D:C7:97:B9:5B:F4:D2 ValidityThu, 21 Mar 2024 11:21:35 GMT - Wed, 19 Jun 2024 11:21:34 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1536x777, components 3 Size108 kB (108323 bytes) Hash3a2459d979551ad7d07179bf780dd1e8 9805d5626bf8c89bac3765de1d398e608c966f82 2b98d18b98ecbcc80d8d075ad4154157f7c5ba8dafe5d45f585224439287e0c5
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent | Quad9 DNS | malicious | Sinkholed |
GET /img/header/5.jpg HTTP/1.1
Host: ajajwjw.privrendom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:13:34 GMT
content-type: image/jpeg
content-length: 108323
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 04:13:33 GMT
last-modified: Wed, 29 Nov 2023 01:43:22 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IH4S57Zp%2FShHwFy%2F6skwVQfroDjZCSflXyZk9KmdPR%2FtofCmqlAb14eB%2FwRvgw1%2FFULWcSRUatsEvYn5hZSXan22VMZae0TpNZ4xlKUo395tS%2BbXZzvvDMx3UpuL17SuafvZytN7ugpD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3bdad6bd81c0e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ajajwjw.privrendom.com/img/header/3.jpg | 104.21.48.135 | 200 OK | 117 kB |
URL GET HTTP/3ajajwjw.privrendom.com/img/header/3.jpg IP104.21.48.135:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerGoogle Trust Services LLC Subjectprivrendom.com FingerprintC7:DE:E3:50:6F:1B:3D:14:FD:80:90:EA:E9:7D:C7:97:B9:5B:F4:D2 ValidityThu, 21 Mar 2024 11:21:35 GMT - Wed, 19 Jun 2024 11:21:34 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1536x777, components 3 Size117 kB (117363 bytes) Hash22cb21caa7ef4aea6d1c0af051129394 e356cfa7ff03986bfa6817416e4b8c67cd12a47f f6c2b17320782d85c872334ebb66f830aaefe2db25b437b3736ce6b42049f5cd
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent | Quad9 DNS | malicious | Sinkholed |
GET /img/header/3.jpg HTTP/1.1
Host: ajajwjw.privrendom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:13:34 GMT
content-type: image/jpeg
content-length: 117363
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 04:13:33 GMT
last-modified: Wed, 29 Nov 2023 01:43:26 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7Q6D5n1vivlIP2hw8bfLY4P%2Fm%2B0%2BYLM06Dl1iH%2FzVUHXIABUdYhxgRGO%2FqqAyLgop9xx9i0uEGgtj0AT%2Bm%2BTuZutD0S3bGTyQ4pumemkmp2Wmxf8HatKDZe%2Bn4WHhmTsCBFmnXyIhdII"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3bdad5bd61c0e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ajajwjw.privrendom.com/img/slogan.png | 104.21.48.135 | 200 OK | 133 kB |
URL GET HTTP/3ajajwjw.privrendom.com/img/slogan.png IP104.21.48.135:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerGoogle Trust Services LLC Subjectprivrendom.com FingerprintC7:DE:E3:50:6F:1B:3D:14:FD:80:90:EA:E9:7D:C7:97:B9:5B:F4:D2 ValidityThu, 21 Mar 2024 11:21:35 GMT - Wed, 19 Jun 2024 11:21:34 GMT
File typePNG image data, 1326 x 454, 8-bit colormap, non-interlaced Size133 kB (132914 bytes) Hasheecafbc26e21d210aa94bd0dfa3002c2 988c783d3079b63c37d524d64434d06e615209b0 6a0850eab61ae5953d61fbc4b876a0a42be5d701c62d8b7553cf0cd8752f858e
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent | Quad9 DNS | malicious | Sinkholed |
GET /img/slogan.png HTTP/1.1
Host: ajajwjw.privrendom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:13:34 GMT
content-type: image/png
content-length: 132914
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 04:13:33 GMT
last-modified: Tue, 28 Nov 2023 23:58:04 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RHKBF7xsiO6nCgV%2F%2Blid8dZdxD3jWmdCGdN6uyg9yh3ZEZAZBNzfFHfnfxjEc1Mlq0Nlggo%2F%2BgS1o3mF58K%2FSduLnpXNtSPGXfp9B26EhnxEqPI5%2BPkN2SN1D2VZsX%2BKTfq9FsYFT2B4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3bdad3bc41c0e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ajajwjw.privrendom.com/img/reward/6.png | 104.21.48.135 | 200 OK | 134 kB |
URL GET HTTP/3ajajwjw.privrendom.com/img/reward/6.png IP104.21.48.135:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerGoogle Trust Services LLC Subjectprivrendom.com FingerprintC7:DE:E3:50:6F:1B:3D:14:FD:80:90:EA:E9:7D:C7:97:B9:5B:F4:D2 ValidityThu, 21 Mar 2024 11:21:35 GMT - Wed, 19 Jun 2024 11:21:34 GMT
File typePNG image data, 480 x 480, 8-bit/color RGBA, non-interlaced Size134 kB (133565 bytes) Hash846587050d94089a5cbae04e413b261e 83003018caa8789dccf61aee6c45d1fe4b833a2e c8068c61af68c2550b74f5d96d19720502fd785e9cc31d4ba6d424602eaa1c6f
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent | Quad9 DNS | malicious | Sinkholed |
GET /img/reward/6.png HTTP/1.1
Host: ajajwjw.privrendom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:13:34 GMT
content-type: image/png
content-length: 133565
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 04:13:33 GMT
last-modified: Fri, 01 Dec 2023 14:41:04 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=io5azsjcJvYB6xgLQefHmtQMLXiUrVawaFjzMftUn8NSGVb5kpmg2xS77v4yI9wgkYO55nOZ%2BvSY60utHYIude1DgBUjTi9OfWYYWH1NTryuhukiI6o5vSB5BD2JQ789mkp7oksVM2Te"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3bdad5bce1c0e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ajajwjw.privrendom.com/img/header/4.jpg | 104.21.48.135 | 200 OK | 104 kB |
URL GET HTTP/3ajajwjw.privrendom.com/img/header/4.jpg IP104.21.48.135:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerGoogle Trust Services LLC Subjectprivrendom.com FingerprintC7:DE:E3:50:6F:1B:3D:14:FD:80:90:EA:E9:7D:C7:97:B9:5B:F4:D2 ValidityThu, 21 Mar 2024 11:21:35 GMT - Wed, 19 Jun 2024 11:21:34 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1536x777, components 3 Size104 kB (103672 bytes) Hashbeb044d7ffbcebf5e13d5b475d11b361 24eda9371ede159393f521ae4a1ab0e7e695af5f 88e1b0adc5289f743dd99a141d8f147484ec90056d7e640ca39f84ab0c80938d
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent | Quad9 DNS | malicious | Sinkholed |
GET /img/header/4.jpg HTTP/1.1
Host: ajajwjw.privrendom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:13:34 GMT
content-type: image/jpeg
content-length: 103672
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 04:13:33 GMT
last-modified: Wed, 29 Nov 2023 01:43:28 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uN%2FOsi6Eu2u4lz9NtGLuc43vLMRwRMbsHuXkM1iuPP15D99cASYzzv%2BO41tknKoN4hmJnAPgu3Y94ZMdYOcnQQtQqgu5wrIYQEeDiUC0ZkR%2Fvon%2BgXexPz%2F9zQo%2FA0d6wlTkjQsUEOf0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3bdad5bd71c0e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ajajwjw.privrendom.com/img/reward/2.png | 104.21.48.135 | 200 OK | 153 kB |
URL GET HTTP/3ajajwjw.privrendom.com/img/reward/2.png IP104.21.48.135:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerGoogle Trust Services LLC Subjectprivrendom.com FingerprintC7:DE:E3:50:6F:1B:3D:14:FD:80:90:EA:E9:7D:C7:97:B9:5B:F4:D2 ValidityThu, 21 Mar 2024 11:21:35 GMT - Wed, 19 Jun 2024 11:21:34 GMT
File typePNG image data, 480 x 480, 8-bit/color RGBA, non-interlaced Size153 kB (152992 bytes) Hash28ff86e7285aaafa072dcc3cb18201dd d057be0599b227ca50d651907394510b2c5f7fd4 e7f54e1bc8e54a4b6b61b31989b2286e1774a169038425cb31147f95afc33638
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent | Quad9 DNS | malicious | Sinkholed |
GET /img/reward/2.png HTTP/1.1
Host: ajajwjw.privrendom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:13:34 GMT
content-type: image/png
content-length: 152992
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 04:13:33 GMT
last-modified: Fri, 01 Dec 2023 14:41:50 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nfKQHmO01RuoB8zdabxHU2wo9J8rmTZ7saQjghAZJEA8hn43VXUG3iM6xVdg8Lu9o4uh%2B34zn%2BshX1HANLoKCaqactwUQjdKc3y1GirVeu6JEPrnZXGwwK%2FxAOk6eHgpbCI0UsxRjIU2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3bdad4bc71c0e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ajajwjw.privrendom.com/img/header/2.jpg | 104.21.48.135 | 200 OK | 118 kB |
URL GET HTTP/3ajajwjw.privrendom.com/img/header/2.jpg IP104.21.48.135:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerGoogle Trust Services LLC Subjectprivrendom.com FingerprintC7:DE:E3:50:6F:1B:3D:14:FD:80:90:EA:E9:7D:C7:97:B9:5B:F4:D2 ValidityThu, 21 Mar 2024 11:21:35 GMT - Wed, 19 Jun 2024 11:21:34 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1536x777, components 3 Size118 kB (117673 bytes) Hash09c2c495823074775d0fd3c3ed1a25e8 75670777030c1d185b7bfdda39f2be9e94b252c6 9036a92e84c11086ec3c4eb53ccbf1df2be8a6c707cbdb99b108cefee727cb59
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent | Quad9 DNS | malicious | Sinkholed |
GET /img/header/2.jpg HTTP/1.1
Host: ajajwjw.privrendom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:13:34 GMT
content-type: image/jpeg
content-length: 117673
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 04:13:33 GMT
last-modified: Wed, 29 Nov 2023 01:43:24 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2sUH2K%2BgSfQbKuc2fvmDXYXzgjXZu58SoJCd07Yp2KAxe05bhXTlL%2BAxbIGfNhosOD%2FKxtA5hkbd5zarn4zupzCUNAV6BWNuHVRXqfBZERpyer6Wrb8E%2Brf4%2Fcs5CJP9MbB6kGUlDALy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3bdad5bd41c0e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.pubgmobile.com/en/images/nav_shop.svg | 23.36.76.227 | 200 OK | 526 B |
URL GET HTTP/2www.pubgmobile.com/en/images/nav_shop.svg IP23.36.76.227:443 ASN#20940 Akamai International B.V.
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerDigiCert Inc Subjectwetv.acc.qq.com Fingerprint5C:D9:77:1B:16:32:99:FE:C5:2E:BD:E3:86:D8:71:22:B0:1B:6A:3F ValidityMon, 30 Oct 2023 00:00:00 GMT - Wed, 30 Oct 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash061f8e3121c0e545cb6277cbdba661e0 680a6ef2b0b5b9ae376ad927055e93e1efca2389 bad9e2db663bbdb4f80bdcb6ea144d69502f9d58bf6fcf19f17e365ffea0220f
GET /en/images/nav_shop.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
etag: "62387c82-3e1"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
date: Fri, 26 Apr 2024 04:13:35 GMT
content-length: 526
akamai-grn: 0.df4c2417.1714104813.f86c15d
X-Firefox-Spdy: h2
|
|
| www.pubgmobile.com/en/images/nav_language.svg | 23.36.76.227 | 200 OK | 675 B |
URL GET HTTP/2www.pubgmobile.com/en/images/nav_language.svg IP23.36.76.227:443 ASN#20940 Akamai International B.V.
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerDigiCert Inc Subjectwetv.acc.qq.com Fingerprint5C:D9:77:1B:16:32:99:FE:C5:2E:BD:E3:86:D8:71:22:B0:1B:6A:3F ValidityMon, 30 Oct 2023 00:00:00 GMT - Wed, 30 Oct 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hashd8ba211bb1be1a15bf5b0143ca1b009a 215203609a551dcaccf6e434508623f302635f86 a441182568ad88fa9c54384de94a77f64148d3d54df66ea1beff4a11100967c6
GET /en/images/nav_language.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
etag: "62387c82-45b"
accept-ranges: bytes
unused62: 8096267
vary: Accept-Encoding
content-encoding: gzip
content-length: 675
date: Fri, 26 Apr 2024 04:13:35 GMT
akamai-grn: 0.df4c2417.1714104813.f86c15b
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/webfonts/fa-solid-900.woff2 | 104.17.25.14 | 200 OK | 150 kB |
URL GET HTTP/3cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/webfonts/fa-solid-900.woff2 IP104.17.25.14:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 150020, version 772.1280 Size150 kB (150020 bytes) Hashd5e647388e2415268b700d3df2e30a0d 97f0942c6627ddd89fb62170e5cac9a2cbd6c98c 886c86112a804ef1ddd1cb206af4c8c40e34b73c26652ca231404aa35a6b30d9
GET /ajax/libs/font-awesome/6.4.2/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ajajwjw.privrendom.com
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:13:35 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 150020
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "64cac444-24a04"
last-modified: Wed, 02 Aug 2023 21:01:56 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 813470
expires: Wed, 16 Apr 2025 04:13:35 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eNKbssbokD%2BTila9JZY8IbiVLJF7HnQyQxQqcssNclPc5Y2socBG8MVpdOkOcUMsK5BTRoqvJAVmIEaz1mW8b5u5QwzT0E0WnEwIxkrqsVoktOAhIREdUcuDmlS1009GxJ9C0RkG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87a3bdb6992ab503-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ajajwjw.privrendom.com/css-zone/zero-zone.css | 104.21.48.135 | 200 OK | 16 kB |
URL GET HTTP/3ajajwjw.privrendom.com/css-zone/zero-zone.css IP104.21.48.135:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerGoogle Trust Services LLC Subjectprivrendom.com FingerprintC7:DE:E3:50:6F:1B:3D:14:FD:80:90:EA:E9:7D:C7:97:B9:5B:F4:D2 ValidityThu, 21 Mar 2024 11:21:35 GMT - Wed, 19 Jun 2024 11:21:34 GMT
File typeASCII text, with CRLF line terminators Hash79336bb26243863818449597c4d91299 a7f130375395d6de7398ab043acee12288f92a3d f624045bff1432e0da48174aad9fe350fa374647d65b40a2d24096dbca5fb767
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent | Quad9 DNS | malicious | Sinkholed |
GET /css-zone/zero-zone.css HTTP/1.1
Host: ajajwjw.privrendom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:13:35 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 04:13:35 GMT
last-modified: Wed, 29 Nov 2023 01:34:02 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vgOoyDTECNjBwfR6LLO4z1EMSnrZe0gQd5McHWA8Sr6L8i%2B9xYzRyl3mqk%2FRchaxHJQVOAsSlgPAvYQ3kp%2FRzLA63CF2oGywkOCrAZ1O8JnZdDo3frSadxJ6loTfLouPBPWbQsrKuLGg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a3bdb48d6f1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/teko/v20/LYjNdG7kmE0gfaN9pQ.woff2 | 216.58.207.227 | 200 OK | 15 kB |
URL GET HTTP/2fonts.gstatic.com/s/teko/v20/LYjNdG7kmE0gfaN9pQ.woff2 IP216.58.207.227:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15044, version 1.0 Hash4806226b885b3b3d0ae52142f6bfb3af 2ea5cc6d5e4adb874989a2b74bda062296fb1ad3 714088bef569d6981bfae79530ef315f4d6505f302a944ce9063601919977e6f
GET /s/teko/v20/LYjNdG7kmE0gfaN9pQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ajajwjw.privrendom.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15044
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 22 Apr 2024 20:39:45 GMT
expires: Tue, 22 Apr 2025 20:39:45 GMT
cache-control: public, max-age=31536000
age: 286430
last-modified: Thu, 24 Aug 2023 21:55:11 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| i.postimg.cc/02KwtTc7/footer-bg.jpg | 162.19.61.80 | 200 OK | 13 kB |
URL GET HTTP/2i.postimg.cc/02KwtTc7/footer-bg.jpg IP162.19.61.80:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerLet's Encrypt Subjectpostimg.cc Fingerprint53:90:A2:AC:6E:D0:9C:56:06:D5:4F:6E:EE:C9:67:58:10:CF:9A:D6 ValidityMon, 22 Apr 2024 06:32:22 GMT - Sun, 21 Jul 2024 06:32:21 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], progressive, precision 8, 579x800, components 3 Hashd1371c19862911f28e8a82df40b99bdd be41c9f953d7b8cd6bcedd75321d11a711e01548 2e941582ccd035c15c6d6003745300a0f1a2ad587774e255a8482939f58a6d16
GET /02KwtTc7/footer-bg.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 04:13:35 GMT
content-type: image/jpeg
content-length: 12634
last-modified: Wed, 23 Mar 2022 19:15:53 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| ajajwjw.privrendom.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js | 104.21.48.135 | 200 OK | 1.1 kB |
URL GET HTTP/3ajajwjw.privrendom.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP104.21.48.135:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerGoogle Trust Services LLC Subjectprivrendom.com FingerprintC7:DE:E3:50:6F:1B:3D:14:FD:80:90:EA:E9:7D:C7:97:B9:5B:F4:D2 ValidityThu, 21 Mar 2024 11:21:35 GMT - Wed, 19 Jun 2024 11:21:34 GMT
File typegzip compressed data, from Unix Hash95d977d6adf7b98dc52de1b7f565d96d b7a321f7e0d5fe471479a6ac3c0bf4310ce74b5f 09b13344ccd2131e5382783d78dd5cdf1df1f672b4286ded19f85f22d2867ebe
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: ajajwjw.privrendom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:13:33 GMT
content-type: application/javascript
last-modified: Fri, 19 Apr 2024 20:54:07 GMT
etag: W/"6622d9ef-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9gfKyLn0SLsbx4CcnSXHvYc3Yb9icwNXHcAB7lEFVRBLF06SWH4joQCTt%2F7rFsWjzAbZPE7UVnSJyjSyXZSo%2BSgTj%2B7KOU7iQ1RUkaYsAcbVqYcuPGc81NQWebrlteZ6odXpfn0stS1U"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3bdad9bea1c0e-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sun, 28 Apr 2024 04:13:33 GMT
cache-control: max-age=172800, public
content-encoding: gzip
|
|
| ajajwjw.privrendom.com/media/close.mp3 | 104.21.48.135 | 206 Partial Content | 13 kB |
URL GET HTTP/3ajajwjw.privrendom.com/media/close.mp3 IP104.21.48.135:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerGoogle Trust Services LLC Subjectprivrendom.com FingerprintC7:DE:E3:50:6F:1B:3D:14:FD:80:90:EA:E9:7D:C7:97:B9:5B:F4:D2 ValidityThu, 21 Mar 2024 11:21:35 GMT - Wed, 19 Jun 2024 11:21:34 GMT
File typeAudio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo Hash2056bdcfbd551273ee207f8c6ff9d257 6fe68c9917d3409710aee4147ada311093d33ba6 d7633fdf0d543880acc3fdaf578728d7becc1ff429ba054921d3313f73a5a4a7
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent | Quad9 DNS | malicious | Sinkholed |
GET /media/close.mp3 HTTP/1.1
Host: ajajwjw.privrendom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 206 Partial Content
date: Fri, 26 Apr 2024 04:13:35 GMT
content-type: audio/mpeg
content-length: 12675
last-modified: Sun, 02 Oct 2022 09:58:58 GMT
x-turbo-charged-by: LiteSpeed
cache-control: max-age=14400
cf-cache-status: EXPIRED
content-range: bytes 0-12674/12675
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZFJ7TDtOG1gsUjrX3HWEpXTCbLBTrVHGEwP93%2By0lE%2Bv5DoFqIQhgvH7eixSoHyLS%2BBehIILL5ROC1mD28yL4y7eViKraEZj8kUHCupF%2F1TUS9FOeICZXAOm5gLuuXe%2FXMz8Tm2G9BFy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3bdb71e1a1c0e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ajajwjw.privrendom.com/media/open.mp3 | 104.21.48.135 | 206 Partial Content | 13 kB |
URL GET HTTP/3ajajwjw.privrendom.com/media/open.mp3 IP104.21.48.135:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerGoogle Trust Services LLC Subjectprivrendom.com FingerprintC7:DE:E3:50:6F:1B:3D:14:FD:80:90:EA:E9:7D:C7:97:B9:5B:F4:D2 ValidityThu, 21 Mar 2024 11:21:35 GMT - Wed, 19 Jun 2024 11:21:34 GMT
File typeAudio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo Hash58418a30e1310bf4fafa9fa0e57c18d6 b477e72668b181c3080d6b921e2edf15ef134f17 d5ad34e8bb64fba432c1a12b24cd1e532104d0183045e73abaaec72aa824df1d
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent | Quad9 DNS | malicious | Sinkholed |
GET /media/open.mp3 HTTP/1.1
Host: ajajwjw.privrendom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 206 Partial Content
date: Fri, 26 Apr 2024 04:13:35 GMT
content-type: audio/mpeg
content-length: 12675
last-modified: Sun, 02 Oct 2022 09:58:58 GMT
x-turbo-charged-by: LiteSpeed
cache-control: max-age=14400
cf-cache-status: EXPIRED
content-range: bytes 0-12674/12675
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5%2FePJ1xteQPaolgfibNj1NeGNKjjYUO7SDbkswCF7BQl8QCJdb8PT8yBERgeLcpAmzQAcsxnBUo4CXKZxYh5LqBsaYwJjUWMBIrn8lwg72UgFKVEmfk%2FKLmyNSLBKDsalAPfraDQJCaL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3bdb71e191c0e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ajajwjw.privrendom.com/js-zone/zero-zone.js | 104.21.48.135 | 200 OK | 23 kB |
URL GET HTTP/3ajajwjw.privrendom.com/js-zone/zero-zone.js IP104.21.48.135:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerGoogle Trust Services LLC Subjectprivrendom.com FingerprintC7:DE:E3:50:6F:1B:3D:14:FD:80:90:EA:E9:7D:C7:97:B9:5B:F4:D2 ValidityThu, 21 Mar 2024 11:21:35 GMT - Wed, 19 Jun 2024 11:21:34 GMT
File typeexported SGML document, ASCII text, with very long lines (612) Hashe2fa33d030064bc3c6e44da71cf39659 4907034831c9244c5bce315c3aabbbbdf06cd687 b6b1475306c19ac27e78c3483123346379ea4a356ad9bf0d01319cee2b8f30c6
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent | Quad9 DNS | malicious | Sinkholed |
GET /js-zone/zero-zone.js HTTP/1.1
Host: ajajwjw.privrendom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:13:34 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 04:13:34 GMT
last-modified: Fri, 22 Apr 2022 07:48:20 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HU7ZbA9hSdaDLuhxJygzpvfG6Lw8WPRQr1bP4TXtMHqX7or2iczdUGotPOFah93tX31CSYqYtsQGCwUMxS78Ar2twa%2BtoPjlMEDxfvegN2crMBrN5lFM4UijKmVSrv9HyAQ2Ozn5SADE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a3bdb1fcf51c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ajajwjw.privrendom.com/cdn-cgi/challenge-platform/scripts/jsd/main.js | 104.21.48.135 | 302 Found | 0 B |
URL GET HTTP/3ajajwjw.privrendom.com/cdn-cgi/challenge-platform/scripts/jsd/main.js IP104.21.48.135:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerGoogle Trust Services LLC Subjectprivrendom.com FingerprintC7:DE:E3:50:6F:1B:3D:14:FD:80:90:EA:E9:7D:C7:97:B9:5B:F4:D2 ValidityThu, 21 Mar 2024 11:21:35 GMT - Wed, 19 Jun 2024 11:21:34 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: ajajwjw.privrendom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Fri, 26 Apr 2024 04:13:35 GMT
content-length: 0
cache-control: max-age=300, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wdVJG73kacZQr2yHIgiONknRdPZU0GmbXYnucRjRhJ9ghsSP%2FXVtGdR0%2FgiwwGbquFcamuR6i%2B3xk9YB2nRiiGFzxJFAZFn%2BpDewntd91ZROzE9rthneL7p6rCZ6%2FDMJZSEo7dyiKF%2FG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3bdb91e981c0e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ajajwjw.privrendom.com/img/item-off.png | 104.21.48.135 | 200 OK | 43 kB |
URL GET HTTP/3ajajwjw.privrendom.com/img/item-off.png IP104.21.48.135:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerGoogle Trust Services LLC Subjectprivrendom.com FingerprintC7:DE:E3:50:6F:1B:3D:14:FD:80:90:EA:E9:7D:C7:97:B9:5B:F4:D2 ValidityThu, 21 Mar 2024 11:21:35 GMT - Wed, 19 Jun 2024 11:21:34 GMT
File typePNG image data, 480 x 452, 8-bit colormap, non-interlaced Hash98b289fb35cc53f7604194950a3b7f2c cc4aabfc4342ab63fa09b793bac994a13de8669e 67e8c9f72d38b4a076180217f04902ce736d9e28a11b7f2f5d51c93fcdee80ca
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent | Quad9 DNS | malicious | Sinkholed |
GET /img/item-off.png HTTP/1.1
Host: ajajwjw.privrendom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/css-zone/zero-zone.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:13:35 GMT
content-type: image/png
content-length: 43072
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 04:13:35 GMT
last-modified: Tue, 28 Nov 2023 23:58:00 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U3kio9BXl0llHtjbyxTBMavO5W%2BYfw51C2Qz7J1Tjoj%2FWVm5hQnvKMOfX6RC0whB2GrMB5Dkoe7iTV0XEiMuaNNo%2BcKcdeOQ%2Boq9%2B6I2bxeIqbaS5echAtX5glJvdBwWgw%2FhgFtkyc%2F5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3bdb67ddd1c0e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ajajwjw.privrendom.com/index_files/gift-zone.js | 104.21.48.135 | 200 OK | 94 kB |
URL GET HTTP/3ajajwjw.privrendom.com/index_files/gift-zone.js IP104.21.48.135:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerGoogle Trust Services LLC Subjectprivrendom.com FingerprintC7:DE:E3:50:6F:1B:3D:14:FD:80:90:EA:E9:7D:C7:97:B9:5B:F4:D2 ValidityThu, 21 Mar 2024 11:21:35 GMT - Wed, 19 Jun 2024 11:21:34 GMT
Hashc0ebec3ccd2ea7da4b5db109044ee744 497169ea4cc00c104275fa5d1f09e0535f6aa4c6 e7c88d945dd9291d937494cc39e9f66a84ec0de0fc8687755aa51731a5346aef
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent | Quad9 DNS | malicious | Sinkholed |
GET /index_files/gift-zone.js HTTP/1.1
Host: ajajwjw.privrendom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:13:33 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 04:13:33 GMT
last-modified: Tue, 28 Nov 2023 18:39:48 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NlNzYUH3wUJnXDQJffa5ADQaWVSD1WV81r%2BmRlOxMrBi7ATKPAOmK0wKuX8%2BQSR%2BbWH8zOYzmc94eon7blhOKGN7Yufk3fGIBJF4jMIcTmouXSIq0747vpKi%2BTttOfeUhOKVDzf65RoC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a3bdad9bec1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ajajwjw.privrendom.com/cdn-cgi/challenge-platform/h/b/jsd/r/87a3bdaa0973b4fa | 104.21.48.135 | 200 OK | 0 B |
URL POST HTTP/3ajajwjw.privrendom.com/cdn-cgi/challenge-platform/h/b/jsd/r/87a3bdaa0973b4fa IP104.21.48.135:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerGoogle Trust Services LLC Subjectprivrendom.com FingerprintC7:DE:E3:50:6F:1B:3D:14:FD:80:90:EA:E9:7D:C7:97:B9:5B:F4:D2 ValidityThu, 21 Mar 2024 11:21:35 GMT - Wed, 19 Jun 2024 11:21:34 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/b/jsd/r/87a3bdaa0973b4fa HTTP/1.1
Host: ajajwjw.privrendom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12168
Origin: https://ajajwjw.privrendom.com
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:13:35 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
set-cookie: cf_clearance=YucEQMuKxgv7.r4UdnFI663ebVjxNEAab7R0eYWh6FU-1714104815-1.0.1.1-ajuyjf1J46f5K8haDPOA407pNGqBNPpkUZhc1B03gZf4AP_FqKbuXMwwRl7kLNngWGscKU5pVHCHhvyhHKZ5Fg; path=/; expires=Sat, 26-Apr-25 04:13:35 GMT; domain=.privrendom.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5Okz5CkUuq4RYVyXXv0NTsb4i9vLslFAoDO46SQf49P5T%2FmtTFkXU1nL9ZNPDb4SO08zoZPyeclyC65Q%2F1k2Kq50z5H8NiiAEtLFHONx1JkPY53KPWGdDWB9guoVZBntRMsWnO25GSep"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a3bdb9fed81c0e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ajajwjw.privrendom.com/media/lazaheader.mp4 | 104.21.48.135 | 206 Partial Content | 566 kB |
URL GET HTTP/3ajajwjw.privrendom.com/media/lazaheader.mp4 IP104.21.48.135:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerGoogle Trust Services LLC Subjectprivrendom.com FingerprintC7:DE:E3:50:6F:1B:3D:14:FD:80:90:EA:E9:7D:C7:97:B9:5B:F4:D2 ValidityThu, 21 Mar 2024 11:21:35 GMT - Wed, 19 Jun 2024 11:21:34 GMT
File typeISO Media, MP4 Base Media v1 [ISO 14496-12:2003] Size566 kB (566374 bytes) Hash01d509520e5a53ab57b19fba82e4881e b322c484d35ba03f1d86edb2f308d3d21aa5b327 debd08f6c87ae277545377ca386722d96407ae82ff7ea4cafdf72a184f5a80f5
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent | Quad9 DNS | malicious | Sinkholed |
GET /media/lazaheader.mp4 HTTP/1.1
Host: ajajwjw.privrendom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 206 Partial Content
date: Fri, 26 Apr 2024 04:13:35 GMT
content-type: video/mp4
content-length: 566374
last-modified: Tue, 28 Nov 2023 23:54:42 GMT
x-turbo-charged-by: LiteSpeed
cache-control: max-age=14400
cf-cache-status: EXPIRED
content-range: bytes 0-566373/566374
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4gY7GDr8cQ7cVeUryFvoFbQn1og0yn0Eil6BNdZ0j9WtY2dkkJCZaDl3cBr597T4i7PpCZpfG1XV2yd%2FhtN7tyJcd2YuPB47zo32f4Yz5P%2Fl%2BNItgPzkSDlleONZlQ%2BQX1gPAWlNkDVs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3bdb50d8b1c0e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ajajwjw.privrendom.com/img/bg.jpg | 104.21.48.135 | 200 OK | 409 kB |
URL GET HTTP/3ajajwjw.privrendom.com/img/bg.jpg IP104.21.48.135:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerGoogle Trust Services LLC Subjectprivrendom.com FingerprintC7:DE:E3:50:6F:1B:3D:14:FD:80:90:EA:E9:7D:C7:97:B9:5B:F4:D2 ValidityThu, 21 Mar 2024 11:21:35 GMT - Wed, 19 Jun 2024 11:21:34 GMT
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=858, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=640], progressive, precision 8, 640x1218, components 3 Size409 kB (408679 bytes) Hashc80f5860425c610d86d4e29a9d9ac130 52e75f420f720c78a72a73065af9f295c5dcd2d0 e16287c7487b04e24c1d98106c7849559ddd6ce14e7eda46fba6204d8d6f3ad4
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent | Quad9 DNS | malicious | Sinkholed |
GET /img/bg.jpg HTTP/1.1
Host: ajajwjw.privrendom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:13:35 GMT
content-type: image/jpeg
content-length: 408679
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 04:13:35 GMT
last-modified: Tue, 28 Nov 2023 23:21:14 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ErrNnXIAHTlAf32tkVBTVfjkBrK%2FOpTK9JNsEPbOB03pIcOOgrMGJ%2B4b0L8vBcjaymaLBlsbTeDF5rjBsYlFK7p5h5Vbf1D9Rzwk7sQ5SQ8MCeg735GsUmsc0E54RumqTTbTxKb6K3OP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3bdb66ddc1c0e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.pubgmobile.com/en/images/footer_link_bg.png | 23.36.76.227 | 200 OK | 1.6 kB |
URL GET HTTP/2www.pubgmobile.com/en/images/footer_link_bg.png IP23.36.76.227:443 ASN#20940 Akamai International B.V.
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerDigiCert Inc Subjectwetv.acc.qq.com Fingerprint5C:D9:77:1B:16:32:99:FE:C5:2E:BD:E3:86:D8:71:22:B0:1B:6A:3F ValidityMon, 30 Oct 2023 00:00:00 GMT - Wed, 30 Oct 2024 23:59:59 GMT
File typePNG image data, 560 x 127, 8-bit/color RGBA, non-interlaced Hash92ae645b6114492e8c1c5464d949466a 1d27f2644c0f5e899e9478c78136a9bc94131150 f1bd509f6032d31635a91d57de9428b83929221b854768c38c8f1643877a9417
GET /en/images/footer_link_bg.png HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/png
content-length: 1630
last-modified: Mon, 21 Mar 2022 13:24:17 GMT
etag: "62387c81-65e"
accept-ranges: bytes
cache-control: max-age=300
expires: Fri, 26 Apr 2024 04:18:36 GMT
date: Fri, 26 Apr 2024 04:13:36 GMT
akamai-grn: 0.df4c2417.1714104815.f86c227
X-Firefox-Spdy: h2
|
|
| www.pubgmobile.com/common/images/icon_logo.jpg | 23.36.76.227 | 200 OK | 982 kB |
URL GET HTTP/2www.pubgmobile.com/common/images/icon_logo.jpg IP23.36.76.227:443 ASN#20940 Akamai International B.V.
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerDigiCert Inc Subjectwetv.acc.qq.com Fingerprint5C:D9:77:1B:16:32:99:FE:C5:2E:BD:E3:86:D8:71:22:B0:1B:6A:3F ValidityMon, 30 Oct 2023 00:00:00 GMT - Wed, 30 Oct 2024 23:59:59 GMT
File typeJPEG image data, baseline, precision 8, 1024x1024, components 3 Size982 kB (982437 bytes) Hashb83d8d3e9beecfac081f4e742d27661c 448330670bef8c2ee17baf6d2410ca974341cb88 5899c82b2f0563679a9c1ee79b5b28f2545864d95c7627c1a70e36a2f034497d
GET /common/images/icon_logo.jpg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
content-length: 982437
last-modified: Mon, 30 Nov 2020 12:10:45 GMT
etag: "5fc4e145-efda5"
accept-ranges: bytes
cache-control: max-age=287
expires: Fri, 26 Apr 2024 04:18:24 GMT
date: Fri, 26 Apr 2024 04:13:37 GMT
akamai-grn: 0.df4c2417.1714104815.f86c284
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500 | 142.250.74.106 | 200 OK | 12 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500 IP142.250.74.106:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
Hash807349734f3707b50b73c3fd626526e8 2f3ab67f0ffa01bc1f0c180cae9085ecc8d96d63 ce7d7e11e41b1b3619cbdf436bbf2557fda2d97d434e65fab281207ffae5c0d0
GET /css?family=Roboto:300,400,500,700|Teko:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 04:13:33 GMT
date: Fri, 26 Apr 2024 04:13:33 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ajajwjw.privrendom.com/css-zone/facebook.css | 104.21.48.135 | 200 OK | 4.1 kB |
URL GET HTTP/3ajajwjw.privrendom.com/css-zone/facebook.css IP104.21.48.135:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerGoogle Trust Services LLC Subjectprivrendom.com FingerprintC7:DE:E3:50:6F:1B:3D:14:FD:80:90:EA:E9:7D:C7:97:B9:5B:F4:D2 ValidityThu, 21 Mar 2024 11:21:35 GMT - Wed, 19 Jun 2024 11:21:34 GMT
File typeASCII text, with very long lines (4392), with no line terminators Hash3adc29a32c52542550c5c29cf3745026 535971433c82b138b250f7c921b36f3f1152d908 1c6b34f563e3dd9d9e6c582637924e10dbee2b77003a16716952d8d71981a320
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent | Quad9 DNS | malicious | Sinkholed |
GET /css-zone/facebook.css HTTP/1.1
Host: ajajwjw.privrendom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:13:33 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 04:13:33 GMT
last-modified: Sun, 30 Apr 2023 13:33:24 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rX91SvX%2FAB2IoU9pL3%2F%2F2FxktbqnOlXNDaPygseQT%2FbY9CdeTggAuVLym7r%2F0d3GWzqcd9qSag0sDV%2FxZjWtBjDrHKZ40HYFmgZkc4SqD6fU%2BUakvpo%2FZdF2s4Z4EGrowIFZNCtfdKZp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a3bdad1baa1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ajajwjw.privrendom.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js | 104.21.48.135 | 200 OK | 7.9 kB |
URL GET HTTP/3ajajwjw.privrendom.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js IP104.21.48.135:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerGoogle Trust Services LLC Subjectprivrendom.com FingerprintC7:DE:E3:50:6F:1B:3D:14:FD:80:90:EA:E9:7D:C7:97:B9:5B:F4:D2 ValidityThu, 21 Mar 2024 11:21:35 GMT - Wed, 19 Jun 2024 11:21:34 GMT
File typeJavaScript source, ASCII text, with very long lines (7853), with no line terminators Hash2573d91cdac7775193aa36c2f7a31fc6 f992b9132a4de5dd7fd808f29f2c787d18e3bc41 356f614f83ea95b8cb6ed6923e2b47fb87fdc0b59c0e9a399f79aec7e23ebd99
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js HTTP/1.1
Host: ajajwjw.privrendom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:13:35 GMT
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-content-type-options: nosniff
vary: accept-encoding
cache-control: max-age=14400, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rUXJl8vUsgqHaAmspjTtaEjCiF6RUzVddh2VPoPns%2FFSG7Bwmy5LxzIEp33izCTxqkas9jwcD0zWjtjUJXpTi57r76muwD6ZB19rAyIi95eTxm0aANli%2BhOObPsiY38VBmBjeN6BiHa7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a3bdb92ea11c0e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css | 104.18.10.207 | 200 OK | 31 kB |
URL GET HTTP/2stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css IP104.18.10.207:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63 ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT
File typeASCII text, with very long lines (30837) Hash269550530cc127b6aa5a35925a7de6ce 512c7d79033e3028a9be61b540cf1a6870c896f8 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ajajwjw.privrendom.com
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 04:13:33 GMT
content-type: text/css; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 03/18/2024 12:28:12
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1078
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: b4b2b7896711cf2cb7bb62cd902b92b5
cdn-cache: HIT
cf-cache-status: HIT
age: 107332
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87a3bdad8e935685-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ajajwjw.privrendom.com/css-zone/twitter.css | 104.21.48.135 | 200 OK | 4.7 kB |
URL GET HTTP/3ajajwjw.privrendom.com/css-zone/twitter.css IP104.21.48.135:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerGoogle Trust Services LLC Subjectprivrendom.com FingerprintC7:DE:E3:50:6F:1B:3D:14:FD:80:90:EA:E9:7D:C7:97:B9:5B:F4:D2 ValidityThu, 21 Mar 2024 11:21:35 GMT - Wed, 19 Jun 2024 11:21:34 GMT
File typeASCII text, with very long lines (5056), with no line terminators Hashbc7981649c39d99bbf6fda0687d870c5 66803cf5e0540ac7fe39be9c8b7539b8df7ae6c9 c54a97bc2d5cffbb6c077bdb88276f05285b12e1da59b2c5b5ba619c4a2c3b89
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent | Quad9 DNS | malicious | Sinkholed |
GET /css-zone/twitter.css HTTP/1.1
Host: ajajwjw.privrendom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:13:33 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 04:13:33 GMT
last-modified: Sun, 17 Sep 2023 17:52:04 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vrX%2BW7f3DyMvKSWPHcdL9CnSwZtyLoFbWWaGfe4Vw5zMOGbXT4akvf4IM5We5tIKpdKfA%2FRWS5SzZ9GxQwVB%2Fwe2opXyg8p%2FaZpZGy9KREWYSr66tdeEl7Ia8ymR%2FGhYglrlmlkWpeib"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a3bdad1bab1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ajajwjw.privrendom.com/media/spin.mp3 | 104.21.48.135 | 206 Partial Content | 93 kB |
URL GET HTTP/3ajajwjw.privrendom.com/media/spin.mp3 IP104.21.48.135:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerGoogle Trust Services LLC Subjectprivrendom.com FingerprintC7:DE:E3:50:6F:1B:3D:14:FD:80:90:EA:E9:7D:C7:97:B9:5B:F4:D2 ValidityThu, 21 Mar 2024 11:21:35 GMT - Wed, 19 Jun 2024 11:21:34 GMT
File typeAudio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo Hashd79ba85640e089dabcc31377d3586363 9e114f0f2ae0cad5b464a6d14f3f3e91193b204a c116089f76fcfac640d9077510d653c8efe84c308e3b163913b9193417bbc6a5
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent | Quad9 DNS | malicious | Sinkholed |
GET /media/spin.mp3 HTTP/1.1
Host: ajajwjw.privrendom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 206 Partial Content
date: Fri, 26 Apr 2024 04:13:35 GMT
content-type: audio/mpeg
content-length: 93347
last-modified: Mon, 17 Oct 2022 13:39:24 GMT
x-turbo-charged-by: LiteSpeed
cache-control: max-age=14400
cf-cache-status: EXPIRED
content-range: bytes 0-93346/93347
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ntbCh%2BqyYmPysgwWg9%2FDlpsa715WGsLB2mT1OivlBZe%2Fh92nKI0TxqjL4MLEBFSlMh3R6MFyO63eXKKhVhoIfH08sY%2BPpXuAzKkI1zYsehhWmUaIIfPtwf%2BjSHJspXxn965sKS75HFWg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3bdb70e181c0e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ajajwjw.privrendom.com/js-zone/slidernotif.js | 104.21.48.135 | 404 Not Found | 1.2 kB |
URL GET HTTP/3ajajwjw.privrendom.com/js-zone/slidernotif.js IP104.21.48.135:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerGoogle Trust Services LLC Subjectprivrendom.com FingerprintC7:DE:E3:50:6F:1B:3D:14:FD:80:90:EA:E9:7D:C7:97:B9:5B:F4:D2 ValidityThu, 21 Mar 2024 11:21:35 GMT - Wed, 19 Jun 2024 11:21:34 GMT
File typeHTML document, ASCII text, with very long lines (1276), with no line terminators Hash24b426fea67958554911ff4c943fdfe4 b92889146d4c1bbddccabe58ca15c814ea066f72 335fd88e127ff1b19e6c5af3c801186182f064e4c6747b9a76a0b3988553716c
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent | Quad9 DNS | malicious | Sinkholed |
GET /js-zone/slidernotif.js HTTP/1.1
Host: ajajwjw.privrendom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Fri, 26 Apr 2024 04:13:33 GMT
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZVKisyknZJvlr33ZNLGls%2B6EizCeZzg394%2Bs%2Ft%2B0%2FqJxVoW7qqujEOWfyn3lLY%2B7TOPGxQl6nkgOxfo4Qe%2BDHtzHgviwT%2F%2F%2FQOIqTfGGpm88W6ayARRFfvNns6ZrWfzsUFxQzddknTq7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3bdad9bee1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ajajwjw.privrendom.com/css-zone/style-zone.css | 104.21.48.135 | 200 OK | 39 kB |
URL GET HTTP/3ajajwjw.privrendom.com/css-zone/style-zone.css IP104.21.48.135:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerGoogle Trust Services LLC Subjectprivrendom.com FingerprintC7:DE:E3:50:6F:1B:3D:14:FD:80:90:EA:E9:7D:C7:97:B9:5B:F4:D2 ValidityThu, 21 Mar 2024 11:21:35 GMT - Wed, 19 Jun 2024 11:21:34 GMT
File typeASCII text, with CRLF line terminators Hash3f8218a761b187c4a61766ccc3708cb5 e6241e63c3bf703a5a88c2ef2c9d5365a3f6ef0f 480be05a81825a9277be3ae398cb6a7c54fe391eea6d465f6cf8a2567174b446
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent | Quad9 DNS | malicious | Sinkholed |
GET /css-zone/style-zone.css HTTP/1.1
Host: ajajwjw.privrendom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:13:33 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 04:13:33 GMT
last-modified: Wed, 29 Nov 2023 01:52:26 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jr373tDIUktelAt40aD8LiuNDAVadV4M2qTyBIttELAujTYhu1kITnLXUTNyPbEbTqItE35xIWIrPC4yMmYjMAg03Z515cumQoeUmg33viYKKoUcVZnj3pEKH0zRXtsAqQicRfd6C9a5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a3bdad1baf1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css2?family=Teko&display=swap | 142.250.74.106 | 200 OK | 1.2 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Teko&display=swap IP142.250.74.106:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typeASCII text, with very long lines (1182), with no line terminators Hash517c67874f6f9ada9c4283fe962de9cf 3ef9577a3d48a4d102dbad75e10bc5563e08d81f 6a843b3e563cf2b17bbb15e15041f252e7524deb41991c4a2ce088b0e1c7f29a
GET /css2?family=Teko&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 04:13:33 GMT
date: Fri, 26 Apr 2024 04:13:33 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ajajwjw.privrendom.com/js-zone/alert-zone.js | 104.21.48.135 | 200 OK | 121 kB |
URL GET HTTP/3ajajwjw.privrendom.com/js-zone/alert-zone.js IP104.21.48.135:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerGoogle Trust Services LLC Subjectprivrendom.com FingerprintC7:DE:E3:50:6F:1B:3D:14:FD:80:90:EA:E9:7D:C7:97:B9:5B:F4:D2 ValidityThu, 21 Mar 2024 11:21:35 GMT - Wed, 19 Jun 2024 11:21:34 GMT
File typeASCII text, with very long lines (64301) Size121 kB (120664 bytes) Hash2d8819d4b15ffe076a804a074e0229da 0e76d42421e78a58d71c99e233335f39b8b47645 b49a2dab55008d7ba1277b3adbb0b5f590f9b3ee25e3e89a9d78696efd262dde
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent | Quad9 DNS | malicious | Sinkholed |
GET /js-zone/alert-zone.js HTTP/1.1
Host: ajajwjw.privrendom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:13:34 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 04:13:34 GMT
last-modified: Fri, 22 Apr 2022 07:48:20 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wp6H%2BM49kdcxdJEosLvqmmz9hfgGEvkYzJxDox5bxyYSQt2V6kHOIqKZUeuzuvDlIbTrTEXQRaKDoXukce0HYWF7sF2GBjwS2pEKJHT1FIjzJeV9Ql4qy15vSP6x6saIBBPdMHTqEvY5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a3bdb1fcf41c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| | 104.21.48.135 | 200 OK | 29 kB |
URL User Request GET HTTP/2IP104.21.48.135:443
CertificateIssuerGoogle Trust Services LLC Subjectprivrendom.com FingerprintC7:DE:E3:50:6F:1B:3D:14:FD:80:90:EA:E9:7D:C7:97:B9:5B:F4:D2 ValidityThu, 21 Mar 2024 11:21:35 GMT - Wed, 19 Jun 2024 11:21:34 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: ajajwjw.privrendom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 04:13:33 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g2dVIeEfXpOmdQY0jEv9v9i6MEIaL8rrvC5Z5BNqAlibqh3owkeeLvUuNASW0CmlDxvcs4Hn88DDbj40T3EoEkevlS151p8QXtpp6DWzYZOQ2bH62M9D6ci9urgB4otzo6Z5Kz%2BjtH%2Fq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a3bdaa0973b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ajajwjw.privrendom.com/js-zone/sender.js | 104.21.48.135 | 404 Not Found | 1.2 kB |
URL GET HTTP/3ajajwjw.privrendom.com/js-zone/sender.js IP104.21.48.135:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerGoogle Trust Services LLC Subjectprivrendom.com FingerprintC7:DE:E3:50:6F:1B:3D:14:FD:80:90:EA:E9:7D:C7:97:B9:5B:F4:D2 ValidityThu, 21 Mar 2024 11:21:35 GMT - Wed, 19 Jun 2024 11:21:34 GMT
File typeHTML document, ASCII text, with very long lines (1276), with no line terminators Hash24b426fea67958554911ff4c943fdfe4 b92889146d4c1bbddccabe58ca15c814ea066f72 335fd88e127ff1b19e6c5af3c801186182f064e4c6747b9a76a0b3988553716c
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent | Quad9 DNS | malicious | Sinkholed |
GET /js-zone/sender.js HTTP/1.1
Host: ajajwjw.privrendom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Fri, 26 Apr 2024 04:13:35 GMT
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PCCLrA5Tbqb52WwHDFsJVnK%2FxnWI7YNKF9SVasAvgr4nVt1%2BRZBvsfh7Ssds4rPVBoj7bLd84ihuY8jJ5OMnbuLVe%2BAlrDBzVP997%2Bo4zQn45qDte%2Fv9qdqYn72GOQLQzFZtEZaEmM56"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3bdb83e651c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ajajwjw.privrendom.com/css-zone/animate.css | 104.21.48.135 | 200 OK | 78 kB |
URL GET HTTP/3ajajwjw.privrendom.com/css-zone/animate.css IP104.21.48.135:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerGoogle Trust Services LLC Subjectprivrendom.com FingerprintC7:DE:E3:50:6F:1B:3D:14:FD:80:90:EA:E9:7D:C7:97:B9:5B:F4:D2 ValidityThu, 21 Mar 2024 11:21:35 GMT - Wed, 19 Jun 2024 11:21:34 GMT
Hash8eae1a9cfafdc593321d4d59ec4905ea 232f5f3f4c3a0a56823e0e933f9c7fec3aa9cbcc e89c81987c5cbc157097eaa6657d6a594abf030cc89bb63f0d2154d8383e9fab
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent | Quad9 DNS | malicious | Sinkholed |
GET /css-zone/animate.css HTTP/1.1
Host: ajajwjw.privrendom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:13:33 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 04:13:33 GMT
last-modified: Sat, 28 May 2022 09:12:30 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=65j7DMKc6KKn64JNYpM881I0M4%2BmHhkoUL6bQurqXVnuFzEfeimwY4%2Fh5MoG7TIGovtVPwEGDJBo2%2B3cLmIlYb5SF%2FPo048IJoPqx%2FQU1fR33CLX%2BVHcZ34S6VYQiK2VGIgmjUJKBjeL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a3bdad1bac1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ajajwjw.privrendom.com/js-zone/main-zone.js | 104.21.48.135 | 200 OK | 610 B |
URL GET HTTP/3ajajwjw.privrendom.com/js-zone/main-zone.js IP104.21.48.135:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerGoogle Trust Services LLC Subjectprivrendom.com FingerprintC7:DE:E3:50:6F:1B:3D:14:FD:80:90:EA:E9:7D:C7:97:B9:5B:F4:D2 ValidityThu, 21 Mar 2024 11:21:35 GMT - Wed, 19 Jun 2024 11:21:34 GMT
File typeASCII text, with very long lines (699), with no line terminators Hash3b8526f0d562e1b225bd856d127fd3f5 177eeee3d9aa9813fec553b9565da2868d80fdac 56348c240f2ed473f9af6a57d03f6071fbcfa463bf87fdb6375fa1be590d1a7e
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent | Quad9 DNS | malicious | Sinkholed |
GET /js-zone/main-zone.js HTTP/1.1
Host: ajajwjw.privrendom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:13:33 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 04:13:33 GMT
last-modified: Fri, 22 Apr 2022 07:48:20 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F1V%2FAfhS%2BBTfVTk2bwAMFp%2B9oJ8Y%2FidZPZMG0bKO21Kc6yNH%2BjbSnfNnqtLVFCKCNOlkJJgHNv10Zv2fy0RE2IJlAff83LO1q0QNkr1IZYK7wDc%2FGJZoXMCsEw1DgGnkrgo1LFm5SGob"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a3bdad2bbd1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ajajwjw.privrendom.com/js-zone/jquery.js | 104.21.48.135 | 200 OK | 2.3 kB |
URL GET HTTP/3ajajwjw.privrendom.com/js-zone/jquery.js IP104.21.48.135:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerGoogle Trust Services LLC Subjectprivrendom.com FingerprintC7:DE:E3:50:6F:1B:3D:14:FD:80:90:EA:E9:7D:C7:97:B9:5B:F4:D2 ValidityThu, 21 Mar 2024 11:21:35 GMT - Wed, 19 Jun 2024 11:21:34 GMT
File typeexported SGML document, ASCII text, with very long lines (2718), with no line terminators Hashcc5315c4e4cc1c7a2c7c932d621fae3d a6020816245f44639ef356de06cf02b04417acf0 76780e5603b10cddbd26af14218995345fb0a8f4e8051488eab7020140690219
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent | Quad9 DNS | malicious | Sinkholed |
GET /js-zone/jquery.js HTTP/1.1
Host: ajajwjw.privrendom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:13:33 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 04:13:33 GMT
last-modified: Fri, 22 Apr 2022 07:48:20 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cyzETOHaRZSrYmjY9gjyp2MiD%2FzBxRwky3f4RFgcbNwCl4EvRV1XXNuYlIao%2BVtkDtz8Xb4yvgl6tjIr%2BFon2bYB3Lyk%2Fcy8QWJ1bUxG6vXlpOciptTRg%2F10JI4T4JF%2BuZ%2B0Y95wbM9W"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a3bdad2bbc1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ajajwjw.privrendom.com/js-zone/lazcode.js | 104.21.48.135 | 200 OK | 8.9 kB |
URL GET HTTP/3ajajwjw.privrendom.com/js-zone/lazcode.js IP104.21.48.135:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerGoogle Trust Services LLC Subjectprivrendom.com FingerprintC7:DE:E3:50:6F:1B:3D:14:FD:80:90:EA:E9:7D:C7:97:B9:5B:F4:D2 ValidityThu, 21 Mar 2024 11:21:35 GMT - Wed, 19 Jun 2024 11:21:34 GMT
File typeJavaScript source, ASCII text, with very long lines (9319), with no line terminators Hash5f4f9b8f6e38c7874dd35ee0f5ba085f 5e168f1413c4e58af870d1fc007fdd2c73029c46 7cd9c29c2aa886dea6a5bbc7f25dc8a6633fbe60dcbff4e070154ef1594b11e1
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent | Quad9 DNS | malicious | Sinkholed |
GET /js-zone/lazcode.js HTTP/1.1
Host: ajajwjw.privrendom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:13:33 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 04:13:33 GMT
last-modified: Mon, 20 Nov 2023 04:57:12 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XXEzvRXjt%2Fc8%2FdiFQ0KLMe4eUoHwxxT2%2FbwWKYP53%2BbeOQM3pJvVkIIA9LDlsgkztjHHqJkTV666hYqo%2FJhD856w%2F6yoCsogLN1ZNgtVmAsNRVhVObyBWNtKXP2UhjUU%2BgZ7opYLnuOM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a3bdad9bed1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ajajwjw.privrendom.com/js-zone/sender.js | 104.21.48.135 | 404 Not Found | 1.2 kB |
URL GET HTTP/3ajajwjw.privrendom.com/js-zone/sender.js IP104.21.48.135:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerGoogle Trust Services LLC Subjectprivrendom.com FingerprintC7:DE:E3:50:6F:1B:3D:14:FD:80:90:EA:E9:7D:C7:97:B9:5B:F4:D2 ValidityThu, 21 Mar 2024 11:21:35 GMT - Wed, 19 Jun 2024 11:21:34 GMT
File typeHTML document, ASCII text, with very long lines (1276), with no line terminators Hash24b426fea67958554911ff4c943fdfe4 b92889146d4c1bbddccabe58ca15c814ea066f72 335fd88e127ff1b19e6c5af3c801186182f064e4c6747b9a76a0b3988553716c
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent | Quad9 DNS | malicious | Sinkholed |
GET /js-zone/sender.js HTTP/1.1
Host: ajajwjw.privrendom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Fri, 26 Apr 2024 04:13:33 GMT
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=srXxI8%2FZqBfvOU3szD8Nvf7w2DGiuSXPDZj%2BcSa4Sr2yOT29Wwvp9adGM85%2FpjA2p%2B7rvr2zkLp8ELjOfeUJf88%2FfLIgO8vecxNzpMfb9%2FcJkEdc1bb7QDo0df1K%2BF1xl%2B2%2FyTmMrKIY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3bdad9bf01c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ajajwjw.privrendom.com/js-zone/slidernotif.js | 104.21.48.135 | 404 Not Found | 1.2 kB |
URL GET HTTP/3ajajwjw.privrendom.com/js-zone/slidernotif.js IP104.21.48.135:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerGoogle Trust Services LLC Subjectprivrendom.com FingerprintC7:DE:E3:50:6F:1B:3D:14:FD:80:90:EA:E9:7D:C7:97:B9:5B:F4:D2 ValidityThu, 21 Mar 2024 11:21:35 GMT - Wed, 19 Jun 2024 11:21:34 GMT
File typeHTML document, ASCII text, with very long lines (1276), with no line terminators Hash24b426fea67958554911ff4c943fdfe4 b92889146d4c1bbddccabe58ca15c814ea066f72 335fd88e127ff1b19e6c5af3c801186182f064e4c6747b9a76a0b3988553716c
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent | Quad9 DNS | malicious | Sinkholed |
GET /js-zone/slidernotif.js HTTP/1.1
Host: ajajwjw.privrendom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Fri, 26 Apr 2024 04:13:35 GMT
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZadzMuh0DDNoz2DXo4PolYPUA0gGykg18bIMN%2Fjz353b6dG%2BXN54ZA4zCeKyCI%2Be5ib6CU2AHcCUj27%2Bi0kmHFdbnGQgELMaOR6FQCf8ZMuVFdep4%2FrwO5ugNcSm%2FRlKZgB9tT6kKU8%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3bdb70e171c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ajajwjw.privrendom.com/img/header/1.jpg | 104.21.48.135 | 200 OK | 115 kB |
URL GET HTTP/3ajajwjw.privrendom.com/img/header/1.jpg IP104.21.48.135:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerGoogle Trust Services LLC Subjectprivrendom.com FingerprintC7:DE:E3:50:6F:1B:3D:14:FD:80:90:EA:E9:7D:C7:97:B9:5B:F4:D2 ValidityThu, 21 Mar 2024 11:21:35 GMT - Wed, 19 Jun 2024 11:21:34 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1536x777, components 3 Size115 kB (115258 bytes) Hash11d4d8f1aaf67723ac74a366635bfc41 6d9766850dee14d6e9fe24d349243792ba0ff77b a5f0bd09fcf59712fae4a03c9e701c6aaee2b6a2e83019b543a17dc74a442d5c
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent | Quad9 DNS | malicious | Sinkholed |
GET /img/header/1.jpg HTTP/1.1
Host: ajajwjw.privrendom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:13:34 GMT
content-type: image/jpeg
content-length: 115258
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 04:13:33 GMT
last-modified: Wed, 29 Nov 2023 01:43:24 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nWcyzgHtJ%2Fqw%2B7zp%2BW2wpnXMX7RyeYCU%2BxXhxX%2BzB2ZAW94w5o1g3lIclMryPx%2FNbrwOOmAlfZErbbRm5UO9qv40C18C2p%2BmlfVKFVWUEr9tso1llp8Vb8VAeWTfK%2Buevqgx%2BJIAhSMi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3bdad5bd31c0e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ajajwjw.privrendom.com/js-zone/slide-zone.js | 104.21.48.135 | 200 OK | 1.5 kB |
URL GET HTTP/3ajajwjw.privrendom.com/js-zone/slide-zone.js IP104.21.48.135:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerGoogle Trust Services LLC Subjectprivrendom.com FingerprintC7:DE:E3:50:6F:1B:3D:14:FD:80:90:EA:E9:7D:C7:97:B9:5B:F4:D2 ValidityThu, 21 Mar 2024 11:21:35 GMT - Wed, 19 Jun 2024 11:21:34 GMT
File typeASCII text, with very long lines (1646), with no line terminators Hash125c46bd03f7eb06aa9cfe65b78c14a1 4d9a62100a76e84c567af355583df1bb3069c83b e525e3a237cd337a83c75e775124e0d7ff893158156818f854a2b48fb086afdf
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent | Quad9 DNS | malicious | Sinkholed |
GET /js-zone/slide-zone.js HTTP/1.1
Host: ajajwjw.privrendom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:13:33 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 04:13:33 GMT
last-modified: Sun, 19 Nov 2023 21:29:24 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tEwImI80CiOR3GO%2FQBX3OCmDKcc%2F973x983m2to6ZYLuAnTpOm7S0go6CQ23mM86QSt9WdBvgrnEy2YVMLHL1PnqJ0hnUvhDvZqDV4%2BOQlPmsbYsjQXAgBs9WlureaHVeKnb77HUlc37"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a3bdad9bf11c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ajajwjw.privrendom.com/fonts/laza.woff2 | 104.21.48.135 | 200 OK | 22 kB |
URL GET HTTP/3ajajwjw.privrendom.com/fonts/laza.woff2 IP104.21.48.135:443
Requested byhttps://ajajwjw.privrendom.com/ CertificateIssuerGoogle Trust Services LLC Subjectprivrendom.com FingerprintC7:DE:E3:50:6F:1B:3D:14:FD:80:90:EA:E9:7D:C7:97:B9:5B:F4:D2 ValidityThu, 21 Mar 2024 11:21:35 GMT - Wed, 19 Jun 2024 11:21:34 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 22220, version 1.0 Hash345579e8566a3dd6dc9feb5362fbe7e1 df075dd0c26e72fd7df19948f07904c1eaa72ded 1d0dfcc32b3be2bf3b3dbc371e9b7c5ce205f4bc6f7c8ce0226256cc7064c3e4
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent | Quad9 DNS | malicious | Sinkholed |
GET /fonts/laza.woff2 HTTP/1.1
Host: ajajwjw.privrendom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://ajajwjw.privrendom.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:13:35 GMT
content-type: font/woff2
content-length: 22220
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 04:13:35 GMT
last-modified: Thu, 29 Apr 2021 14:48:04 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=he6Rcgv%2FFwujhz%2FfiFs1O2PyIO3tckmnwHtP1XjXAClIrUORg6Lj5NDh5Ort03rRryn7o7CUlCzr0sdFLyQ0pZsdurIljXrrLxNRhSFlP28%2FaxxriHUY3K2eeFafAVBsdqdXYkJlRqyf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3bdb69df41c0e-OSL
alt-svc: h3=":443"; ma=86400
|
|