Report - cursauab.cat/bdwexurq/peter-theil-project-2025

Report Overview

Visited public
2024-12-15 13:46:19
Tags
URL
cursauab.cat/bdwexurq/peter-theil-project-2025
Finishing URL
fglovelife.com.tw/bdwexurq/peter-theil-project-2025
IP / ASN
104.21.33.55
#13335 CLOUDFLARENET
Title
peter theil project 2025

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
preferouter.com	unknown	2024-08-13	2024-12-08	2024-12-15	2.9 kB	40 kB	192.243.59.12
recordedthereby.com	unknown	2024-05-08	2024-05-08	2024-12-08	402 B	86 kB	185.196.197.72
capaciousdrewreligion.com	unknown	2023-11-07	2023-11-27	2024-12-08	416 B	375 B	185.196.197.71
tributeparticle.com	unknown	2024-08-13	2024-12-08	2024-12-15	489 B	494 B	192.243.59.20
cdn.storageimagedisplay.com	unknown	2024-09-13	2024-09-13	2024-12-10	896 B	189 kB	45.133.44.1
fglovelife.com.tw	unknown	unknown	2015-10-10	2024-03-31	4.0 kB	367 kB	172.67.166.150
degeneratesevere.com	unknown	2024-06-04	2024-10-15	2024-12-08	878 B	24 kB	172.240.108.76
lazy.agczn.my.id	unknown	2023-10-22	2024-05-12	2024-12-08	906 B	9.0 kB	104.21.80.1
achieveweakness.com	unknown	2024-08-13	2024-08-30	2024-12-15	2.9 kB	40 kB	172.240.108.76
unseenreport.com	unknown	2022-03-30	2022-03-30	2024-12-12	737 B	495 B	192.243.59.20
cursauab.cat	unknown	2024-12-04	2013-10-09	2021-01-27	500 B	1.1 kB	104.21.33.55
proftrafficcounter.com	unknown	2023-11-16	2023-11-21	2024-12-08	942 B	724 B	18.195.110.188

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-12-15	medium	degeneratesevere.com	Sinkholed
2024-12-15	medium	degeneratesevere.com	Sinkholed
2024-12-15	medium	preferouter.com	Sinkholed
2024-12-15	medium	preferouter.com	Sinkholed
2024-12-15	medium	preferouter.com	Sinkholed
2024-12-15	medium	unseenreport.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (17)

	URL	From	Size	First Seen	Last Seen
	fglovelife.com.tw/bdwexurq/peter-theil-project-2025	ScriptElement	140 B	2024-08-12	2025-04-12
Pretty URL fglovelife.com.tw/bdwexurq/peter-theil-project-2025 IP 172.67.166.150 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-12 23:40 Last Seen2025-04-12 04:44 Times Seen81 Hash 007007e8011e776d0bda59afe96b760b 484e3ebf64458a0190029b3c89c19464e1be6c30 36dd7b85aa904d058bec5f229e5e70f1c8daad32e0c2092491b602a110cf9cac Loading...

	lazy.agczn.my.id/js15_as.js?hash=XeaxeALZybG6&host=fglovelife.com.tw&path=%2Fbdwexurq%2Fpeter-theil-project-2025&ref=	ScriptElement	0 B	0001-01-01	2025-06-22
Pretty URL lazy.agczn.my.id/js15_as.js?hash=XeaxeALZybG6&host=fglovelife.com.tw&path=%2Fbdwexurq%2Fpeter-theil-project-2025&ref= IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen0001-01-01 00:00 Last Seen2025-06-22 05:48 Times Seen5063583 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	preferouter.com/e6/3e/cf/e63ecf111180228a9e27d84976d262cc.js	ScriptElement	95 kB	2024-12-10	2024-12-17
Pretty URL preferouter.com/e6/3e/cf/e63ecf111180228a9e27d84976d262cc.js IP 192.243.59.12 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-10 16:56 Last Seen2024-12-17 09:16 Times Seen3 Hash cdc68bf8fcf5866446c9c78ee5861b1b 2116bc5746dddded9aff45027cf0acf15dd45f20 8c76ee795efbf0184ffbd12e2e66bf322502afbd6e09286d728ca643640e5fe3 Loading...

	unknown	ScriptElement	3.3 kB	2024-12-15	2024-12-15
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-15 13:46 Last Seen2024-12-15 13:46 Times Seen1 Hash d3c0aa0ffd3f91bf5bafc65f8a32b2b0 56c38cea6381671692924d2a31408d70ba576c77 1c107a86422e759c46c59cd9c85f612034623837531e8d7763cb1933207f4c69 Loading...

	unknown	ScriptElement	3.4 kB	2024-12-15	2024-12-15
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-15 13:46 Last Seen2024-12-15 13:46 Times Seen1 Hash 42aeb10a798375f5bb71981a0e4bdab8 335c489630c9bee75579d5ebb36eb492a0524803 9f73fe36bc5a079ca682c4c660035ab70b9b054feebb28fefcbc412640e4348d Loading...

	degeneratesevere.com/4ebc5c5268f114d8d4e2aad31b3a7099/invoke.js	ScriptElement	25 kB	2024-12-09	2024-12-17
Pretty URL degeneratesevere.com/4ebc5c5268f114d8d4e2aad31b3a7099/invoke.js IP 172.240.108.76 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-09 00:49 Last Seen2024-12-17 09:16 Times Seen7 Hash cdebcd13b1df8df8e2a7727fd51b7d40 7c7b9b0a7422fdbe21b8d204d252ba16c6c6bdb2 cd1d6f5936e01e7739f741fbfc7468a8ff3458a4a44341b3cfbae03798cd89a7 Loading...

	degeneratesevere.com/4ebc5c5268f114d8d4e2aad31b3a7099/invoke.js	ScriptElement	25 kB	2024-12-08	2024-12-15
Pretty URL degeneratesevere.com/4ebc5c5268f114d8d4e2aad31b3a7099/invoke.js IP 172.240.108.76 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-08 13:30 Last Seen2024-12-15 13:46 Times Seen7 Hash cd3509ad2767560ad9f3706f6cd9382e 31dc117b5954b9891e5a8d39b1d4eabebbd890c5 c2dc98ded5cdc5888f2bdcd86e587fbd80bb912f9490ae1f99e04d9fb7e61acf Loading...

	fglovelife.com.tw/js/highlight.min.js	ScriptElement	123 kB	2024-08-28	2025-05-18
Pretty URL fglovelife.com.tw/js/highlight.min.js IP 172.67.166.150 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-28 15:34 Last Seen2025-05-18 14:52 Times Seen292 Hash ce552ffc8630869b9d3a215fca292098 6324f32bee04e9925adde9522dfe78eeae4858d5 30ecef6c6f78426a75fa5f60f92780501a3619ec11367e3b67331576f3370812 Loading...

	fglovelife.com.tw/bdwexurq/peter-theil-project-2025	ScriptElement	98 B	2024-04-10	2025-05-18
Pretty URL fglovelife.com.tw/bdwexurq/peter-theil-project-2025 IP 172.67.166.150 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-10 17:35 Last Seen2025-05-18 14:52 Times Seen659 Hash 943d0828305b7fffcee63720ab297353 0af67ef5eeb188730502b4885f171e4c343fb22e ac5930440fe8be9005bae09ce1c2e9458c90f7428bcd7c7eb0191df1e90c71d6 Loading...

	achieveweakness.com/e6/3e/cf/e63ecf111180228a9e27d84976d262cc.js	ScriptElement	95 kB	2024-12-09	2024-12-15
Pretty URL achieveweakness.com/e6/3e/cf/e63ecf111180228a9e27d84976d262cc.js IP 172.240.108.76 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-09 00:49 Last Seen2024-12-15 13:46 Times Seen2 Hash 382749d4f48e8674215b2967ab85b9fa d7ebb7be066b206b8b8baadc99879b8450a054b6 ce271918d79621f85de85923669f4344514607cdf16e30e37531293cc86e8173 Loading...

	unknown	ScriptElement	145 B	2024-08-12	2025-01-09
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-12 23:40 Last Seen2025-01-09 18:35 Times Seen74 Hash 62649fd59fce608732d45d40fc143106 6be59b524fc70dfeef3f682bbd2f8808431357f5 c8c47460f9bc91bf63e50b0e5875f8d80d6a9f0965689670f7e962df69b2b289 Loading...

	fglovelife.com.tw/bdwexurq/peter-theil-project-2025	ScriptElement	424 B	2024-12-07	2025-01-07
Pretty URL fglovelife.com.tw/bdwexurq/peter-theil-project-2025 IP 172.67.166.150 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-07 18:39 Last Seen2025-01-07 16:24 Times Seen5 Hash cef566332eab57122ad8781bb4ea74b2 0fb60c05c9f3d3c6ae92bb286f018aa01dd850dd 3e9c80f91d0a9500d93044f57fa9f1b9c39fb54535b041e227127c804c79fb79 Loading...

	lazy.agczn.my.id/tag.js	ScriptElement	904 B	2024-10-11	2025-05-18
Pretty URL lazy.agczn.my.id/tag.js IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-11 05:13 Last Seen2025-05-18 14:52 Times Seen275 Hash f613be6d1cb212afb7ae84007056445d 2fb9979f24cd6cfd3b959630aeb5c3e7b784d9cb a240184536984e9c3a0c758f14a57cbda4fefd001cb3a0379c52b5f1b2e498a9 Loading...

	fglovelife.com.tw/bdwexurq/peter-theil-project-2025	ScriptElement	358 B	2024-08-28	2025-05-18
Pretty URL fglovelife.com.tw/bdwexurq/peter-theil-project-2025 IP 172.67.166.150 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-28 15:34 Last Seen2025-05-18 14:52 Times Seen290 Hash 307edac2bd62b6f19385c5536829d90b 6f9190c70649d6e3ba068981d500e0b002e44a95 9fa7264cd962450aea00f182bf47d25821832bf69b4b7df75a049abfb510efc0 Loading...

	recordedthereby.com/sfp.js	ScriptElement	85 kB	2024-05-17	2025-01-21
Pretty URL recordedthereby.com/sfp.js IP 185.196.197.72 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-17 16:43 Last Seen2025-01-21 11:22 Times Seen13574 Hash 7e3e44049654b6e244c1777e68ffb8e7 8f2a8298666d607afd92a0baa362ef4dc9ccd039 4acac8b8ff23671d365150818f3c39bbbfa08b1a1842d73de5933e0fea26454b Loading...

		Size	First Seen	Last Seen
	#1 Eval - 3ba1ee9ac7ec1f3c1144caa4e89a4d33	2.1 kB	2024-12-15 13:46	2024-12-15 13:46
Pretty Observations First Seen2024-12-15 13:46 Last Seen2024-12-15 13:46 Times Seen1 Hash 3ba1ee9ac7ec1f3c1144caa4e89a4d33 72811fd4907d6df003592e96e3acea20a81567bb 40f887f699952069acd58245dc4524f8f87a28b4ee83963787e121e82b76da93 Loading...

	#2 Eval - 7d445bdd5f170615d8560da982f8ab62	2.1 kB	2024-12-15 13:46	2024-12-15 13:46
Pretty Observations First Seen2024-12-15 13:46 Last Seen2024-12-15 13:46 Times Seen1 Hash 7d445bdd5f170615d8560da982f8ab62 240fc0759444708cf418d71ba5485bdfbaf50476 cbdecd07194de69d3c61fd7d3b44161fd93ae4060759e65ac8d6ea1abfd71e2c Loading...

HTTP Transactions (25)

URL IP Response Size

GET cursauab.cat/bdwexurq/peter-theil-project-2025

104.21.33.55

301 Moved Permanently

167 B

URL User Request GET HTTP/2
cursauab.cat/bdwexurq/peter-theil-project-2025
IP
104.21.33.55:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectcursauab.cat
FingerprintCF:35:DE:3E:C7:F3:21:B1:0D:D3:87:0E:ED:52:58:90:8B:ED:27:72
ValidityWed, 04 Dec 2024 06:32:31 GMT - Tue, 04 Mar 2025 06:32:30 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
0104c301c5e02bd6148b8703d19b3a73
7436e0b4b1f8c222c38069890b75fa2baf9ca620
446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f

HTTP Headers

GET /bdwexurq/peter-theil-project-2025 HTTP/1.1
Host: cursauab.cat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Sun, 15 Dec 2024 13:45:53 GMT
content-type: text/html
content-length: 167
location: https://fglovelife.com.tw/bdwexurq/peter-theil-project-2025
cache-control: max-age=3600
expires: Sun, 15 Dec 2024 14:45:53 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8DidwUsGA389xPrpCXXTS%2FZ0yhQcI1MvrxygfLUNNw%2F5Ni6QSM5UrExaWA6BxBNFGcvNldfioKQ%2BPFvA4%2Fjqbbu7svA4Bsf%2FoH9Up6KfOT%2BabADCPj2axOKI6If%2BCVc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f26e06b5aa456a9-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=572&min_rtt=447&rtt_var=285&sent=6&recv=10&lost=0&retrans=0&sent_bytes=3202&recv_bytes=1139&delivery_rate=7276381&cwnd=253&unsent_bytes=0&cid=e57aa08e4921a2d7&ts=39&x=0"
X-Firefox-Spdy: h2

GET degeneratesevere.com/4ebc5c5268f114d8d4e2aad31b3a7099/invoke.js

172.240.108.76

200 OK

11 kB

URL GET HTTP/1.1
degeneratesevere.com/4ebc5c5268f114d8d4e2aad31b3a7099/invoke.js
IP
172.240.108.76:443
ASN
#7979 SERVERS-COM

Requested by
https://fglovelife.com.tw/bdwexurq/peter-theil-project-2025
Certificate
IssuerLet's Encrypt
Subjectdegeneratesevere.com
Fingerprint78:E0:86:5B:9F:8A:52:19:5A:26:41:95:F7:70:0F:3C:10:C1:15:82
ValidityTue, 03 Dec 2024 21:35:24 GMT - Mon, 03 Mar 2025 21:35:23 GMT

File type
JavaScript source, ASCII text, with very long lines (24905), with no line terminators
Size
11 kB (11302 bytes)
Hash
cdebcd13b1df8df8e2a7727fd51b7d40
7c7b9b0a7422fdbe21b8d204d252ba16c6c6bdb2
cd1d6f5936e01e7739f741fbfc7468a8ff3458a4a44341b3cfbae03798cd89a7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /4ebc5c5268f114d8d4e2aad31b3a7099/invoke.js HTTP/1.1
Host: degeneratesevere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fglovelife.com.tw/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 15 Dec 2024 13:45:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: degeneratesevere.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: bd0b1f4a5484bb9381231b912b3cc431
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

GET degeneratesevere.com/4ebc5c5268f114d8d4e2aad31b3a7099/invoke.js

172.240.108.76

200 OK

11 kB

URL GET HTTP/1.1
degeneratesevere.com/4ebc5c5268f114d8d4e2aad31b3a7099/invoke.js
IP
172.240.108.76:443
ASN
#7979 SERVERS-COM

Requested by
https://fglovelife.com.tw/bdwexurq/peter-theil-project-2025
Certificate
IssuerLet's Encrypt
Subjectdegeneratesevere.com
Fingerprint78:E0:86:5B:9F:8A:52:19:5A:26:41:95:F7:70:0F:3C:10:C1:15:82
ValidityTue, 03 Dec 2024 21:35:24 GMT - Mon, 03 Mar 2025 21:35:23 GMT

File type
JavaScript source, ASCII text, with very long lines (24921), with no line terminators
Size
11 kB (11311 bytes)
Hash
cd3509ad2767560ad9f3706f6cd9382e
31dc117b5954b9891e5a8d39b1d4eabebbd890c5
c2dc98ded5cdc5888f2bdcd86e587fbd80bb912f9490ae1f99e04d9fb7e61acf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /4ebc5c5268f114d8d4e2aad31b3a7099/invoke.js HTTP/1.1
Host: degeneratesevere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fglovelife.com.tw/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 15 Dec 2024 13:45:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: degeneratesevere.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 9eabd8c058241bbe60ae213149eea1bd
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

GET proftrafficcounter.com/stats

18.195.110.188

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.195.110.188:443
ASN
#16509 AMAZON-02

Requested by
https://fglovelife.com.tw/bdwexurq/peter-theil-project-2025
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
Fingerprint40:FD:DA:57:15:28:B1:29:02:3E:E6:2F:38:E5:11:E5:7F:DB:6B:40
ValidityMon, 21 Oct 2024 00:00:00 GMT - Thu, 20 Nov 2025 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
3f75e044830f822fae34436d8464b784
ee8c2c92d8a6fad379095fe88ccd065d8cfb86e8
5c032ccdcc2c4d4180ef778aa100b264a162ff5bbdc0f8484efedd7eb63bd625

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fglovelife.com.tw
DNT: 1
Connection: keep-alive
Referer: https://fglovelife.com.tw/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 15 Dec 2024 13:45:54 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://fglovelife.com.tw
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=8d56dbde-f5c7-4fdb-9aaf-26b7e9822416:3:1; expires=Wed, 13 Dec 2034 13:45:54 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

GET proftrafficcounter.com/stats

18.195.110.188

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.195.110.188:443
ASN
#16509 AMAZON-02

Requested by
https://fglovelife.com.tw/bdwexurq/peter-theil-project-2025
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
Fingerprint40:FD:DA:57:15:28:B1:29:02:3E:E6:2F:38:E5:11:E5:7F:DB:6B:40
ValidityMon, 21 Oct 2024 00:00:00 GMT - Thu, 20 Nov 2025 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
3f75e044830f822fae34436d8464b784
ee8c2c92d8a6fad379095fe88ccd065d8cfb86e8
5c032ccdcc2c4d4180ef778aa100b264a162ff5bbdc0f8484efedd7eb63bd625

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fglovelife.com.tw
DNT: 1
Connection: keep-alive
Referer: https://fglovelife.com.tw/
Cookie: uid_id2=8d56dbde-f5c7-4fdb-9aaf-26b7e9822416:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 15 Dec 2024 13:45:54 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://fglovelife.com.tw
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2

GET lazy.agczn.my.id/js15_as.js?hash=XeaxeALZybG6&host=fglovelife.com.tw&path=%2Fbdwexurq%2Fpeter-theil-project-2025&ref=

104.21.80.1

200 OK

0 B

URL GET HTTP/3
lazy.agczn.my.id/js15_as.js?hash=XeaxeALZybG6&host=fglovelife.com.tw&path=%2Fbdwexurq%2Fpeter-theil-project-2025&ref=
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://fglovelife.com.tw/bdwexurq/peter-theil-project-2025
Certificate
IssuerGoogle Trust Services
Subjectagczn.my.id
Fingerprint15:37:71:50:43:B8:56:49:C3:9C:10:6B:95:FA:98:27:AA:92:1A:79
ValiditySun, 08 Dec 2024 15:30:45 GMT - Sat, 08 Mar 2025 15:30:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js15_as.js?hash=XeaxeALZybG6&host=fglovelife.com.tw&path=%2Fbdwexurq%2Fpeter-theil-project-2025&ref= HTTP/1.1
Host: lazy.agczn.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fglovelife.com.tw/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 15 Dec 2024 13:45:55 GMT
content-length: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v7p96CwFB4SRJavNl7ccd3C%2Bpj2Evm2iGYKPjO7K5i6hiqIl1nzNeYMNRk0%2FJeOB8zsmFUcLD3y5yAy2vAtEcRl%2BbHUPeJQIalfMPRkzCDlAqVQZfAL5aTpdtuOVTHrVG8u5"}],"group":"cf-nel","max_age":604800}
x-powered-by: Express
cf-cache-status: DYNAMIC
cf-ray: 8f26e07568c10afa-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

GET preferouter.com/e6/3e/cf/e63ecf111180228a9e27d84976d262cc.js

192.243.59.12

200 OK

34 kB

URL GET HTTP/1.1
preferouter.com/e6/3e/cf/e63ecf111180228a9e27d84976d262cc.js
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://fglovelife.com.tw/bdwexurq/peter-theil-project-2025
Certificate
IssuerLet's Encrypt
Subjectpreferouter.com
FingerprintB0:B6:1E:07:19:9C:AD:09:E6:4E:8E:86:F2:E7:9A:5C:FD:E5:75:8C
ValidityThu, 12 Dec 2024 22:14:50 GMT - Wed, 12 Mar 2025 22:14:49 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
34 kB (33681 bytes)
Hash
cdc68bf8fcf5866446c9c78ee5861b1b
2116bc5746dddded9aff45027cf0acf15dd45f20
8c76ee795efbf0184ffbd12e2e66bf322502afbd6e09286d728ca643640e5fe3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /e6/3e/cf/e63ecf111180228a9e27d84976d262cc.js HTTP/1.1
Host: preferouter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fglovelife.com.tw/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 15 Dec 2024 13:45:55 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: preferouter.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: a63d987a8094db657fcd8348024c0df0
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

GET achieveweakness.com/e6/3e/cf/e63ecf111180228a9e27d84976d262cc.js

172.240.108.76

200 OK

34 kB

URL GET HTTP/1.1
achieveweakness.com/e6/3e/cf/e63ecf111180228a9e27d84976d262cc.js
IP
172.240.108.76:443
ASN
#7979 SERVERS-COM

Requested by
https://fglovelife.com.tw/bdwexurq/peter-theil-project-2025
Certificate
IssuerLet's Encrypt
Subjectachieveweakness.com
Fingerprint60:4C:62:77:E4:00:6C:E1:94:80:44:F9:02:46:8D:2A:D1:FC:30:56
ValidityThu, 12 Dec 2024 20:38:19 GMT - Wed, 12 Mar 2025 20:38:18 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
34 kB (33687 bytes)
Hash
382749d4f48e8674215b2967ab85b9fa
d7ebb7be066b206b8b8baadc99879b8450a054b6
ce271918d79621f85de85923669f4344514607cdf16e30e37531293cc86e8173

HTTP Headers

GET /e6/3e/cf/e63ecf111180228a9e27d84976d262cc.js HTTP/1.1
Host: achieveweakness.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fglovelife.com.tw/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 15 Dec 2024 13:45:55 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: achieveweakness.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: cf8a752acaa9fa0a59242803d081d7b9
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

GET preferouter.com/watch.1070851920154.js?key=4ebc5c5268f114d8d4e2aad31b3a7099&kw=%5B%5D&refer=https%3A%2F%2Ffglovelife.com.tw%2Fbdwexurq%2Fpeter-theil-project-2025&tz=0&dev=e&res=14.2071&rb=&uuid=8d56dbde-f5c7-4fdb-9aaf-26b7e9822416%3A3%3A1

192.243.59.13

307 Temporary Redirect

0 B

URL GET HTTP/1.1
preferouter.com/watch.1070851920154.js?key=4ebc5c5268f114d8d4e2aad31b3a7099&kw=%5B%5D&refer=https%3A%2F%2Ffglovelife.com.tw%2Fbdwexurq%2Fpeter-theil-project-2025&tz=0&dev=e&res=14.2071&rb=&uuid=8d56dbde-f5c7-4fdb-9aaf-26b7e9822416%3A3%3A1
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://fglovelife.com.tw/bdwexurq/peter-theil-project-2025
Certificate
IssuerLet's Encrypt
Subjectpreferouter.com
FingerprintB0:B6:1E:07:19:9C:AD:09:E6:4E:8E:86:F2:E7:9A:5C:FD:E5:75:8C
ValidityThu, 12 Dec 2024 22:14:50 GMT - Wed, 12 Mar 2025 22:14:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.1070851920154.js?key=4ebc5c5268f114d8d4e2aad31b3a7099&kw=%5B%5D&refer=https%3A%2F%2Ffglovelife.com.tw%2Fbdwexurq%2Fpeter-theil-project-2025&tz=0&dev=e&res=14.2071&rb=&uuid=8d56dbde-f5c7-4fdb-9aaf-26b7e9822416%3A3%3A1 HTTP/1.1
Host: preferouter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fglovelife.com.tw
DNT: 1
Connection: keep-alive
Referer: https://fglovelife.com.tw/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sun, 15 Dec 2024 13:45:55 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://fglovelife.com.tw
Access-Control-Allow-Origin: https://fglovelife.com.tw
Access-Control-Allow-Credentials: true
Location: https://preferouter.com/watch.1070851920154.js?dev=e&key=4ebc5c5268f114d8d4e2aad31b3a7099&kw=%5B%5D&pst=1734270415&rb=&refer=https%3A%2F%2Ffglovelife.com.tw%2Fbdwexurq%2Fpeter-theil-project-2025&res=14.2071&rmtc=t&shu=9265d2d73479ba4f4a58e55338831841ddc7ac8e33361cb40360b04aecf3fb0d75816f1e82c152d943a72dd81413036efec81ab5db857df60ae8492717c00cd9ac706aefa37c0aa5c4685d1ad431d075f50e2dcd60995003f09d7b&tz=0&uuid=8d56dbde-f5c7-4fdb-9aaf-26b7e9822416%3A3%3A1
Set-Cookie: u_pl23748403=1; expires=Mon, 16 Dec 2024 13:45:55 GMT; path=/; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMzc0ODQwMywiayI6IjRlYmM1YzUyNjhmMTE0ZDhkNGUyYWFkMzFiM2E3MDk5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjgxODg4LCJwaWQiOjE1NDYxMiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6ImtxNmQxM2syNDciLCJjcGtzIjp7IjI4IjoiZTYzZWNmMTExMTgwMjI4YTllMjdkODQ5NzZkMjYyY2MifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vZmdsb3ZlbGlmZS5jb20udHcvYmR3ZXh1cnEvcGV0ZXItdGhlaWwtcHJvamVjdC0yMDI1IiwiYXIiOltdfX0.3oV0iRJM8mcAmSsmvVsu7q44rdVWPu9bXuG4J1soYrA; expires=Sun, 15 Dec 2024 13:46:55 GMT; path=/; secure; SameSite=None
Host: preferouter.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 4bf1adc581fb3eb2b408231f0ed39a2d
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET recordedthereby.com/sfp.js

185.196.197.72

200 OK

85 kB

URL GET HTTP/1.1
recordedthereby.com/sfp.js
IP
185.196.197.72:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://fglovelife.com.tw/bdwexurq/peter-theil-project-2025
Certificate
IssuerLet's Encrypt
Subjectrecordedthereby.com
FingerprintE0:09:99:E3:0E:A5:83:8D:96:1B:26:8A:2E:AC:12:98:C6:D3:E1:76
ValidityWed, 06 Nov 2024 14:09:18 GMT - Tue, 04 Feb 2025 14:09:17 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
85 kB (85378 bytes)
Hash
7e3e44049654b6e244c1777e68ffb8e7
8f2a8298666d607afd92a0baa362ef4dc9ccd039
4acac8b8ff23671d365150818f3c39bbbfa08b1a1842d73de5933e0fea26454b

HTTP Headers

GET /sfp.js HTTP/1.1
Host: recordedthereby.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fglovelife.com.tw/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 15 Dec 2024 13:45:55 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 85378
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Host: recordedthereby.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 75b53e8b58e9477f8345a993a9727d4e
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET achieveweakness.com/watch.526569367653.js?key=4ebc5c5268f114d8d4e2aad31b3a7099&kw=%5B%5D&refer=https%3A%2F%2Ffglovelife.com.tw%2Fbdwexurq%2Fpeter-theil-project-2025&tz=0&dev=e&res=14.2071&rb=&uuid=8d56dbde-f5c7-4fdb-9aaf-26b7e9822416%3A3%3A1

192.243.61.227

307 Temporary Redirect

0 B

URL GET HTTP/1.1
achieveweakness.com/watch.526569367653.js?key=4ebc5c5268f114d8d4e2aad31b3a7099&kw=%5B%5D&refer=https%3A%2F%2Ffglovelife.com.tw%2Fbdwexurq%2Fpeter-theil-project-2025&tz=0&dev=e&res=14.2071&rb=&uuid=8d56dbde-f5c7-4fdb-9aaf-26b7e9822416%3A3%3A1
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://fglovelife.com.tw/bdwexurq/peter-theil-project-2025
Certificate
IssuerLet's Encrypt
Subjectachieveweakness.com
Fingerprint60:4C:62:77:E4:00:6C:E1:94:80:44:F9:02:46:8D:2A:D1:FC:30:56
ValidityThu, 12 Dec 2024 20:38:19 GMT - Wed, 12 Mar 2025 20:38:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /watch.526569367653.js?key=4ebc5c5268f114d8d4e2aad31b3a7099&kw=%5B%5D&refer=https%3A%2F%2Ffglovelife.com.tw%2Fbdwexurq%2Fpeter-theil-project-2025&tz=0&dev=e&res=14.2071&rb=&uuid=8d56dbde-f5c7-4fdb-9aaf-26b7e9822416%3A3%3A1 HTTP/1.1
Host: achieveweakness.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fglovelife.com.tw
DNT: 1
Connection: keep-alive
Referer: https://fglovelife.com.tw/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Sun, 15 Dec 2024 13:45:55 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://fglovelife.com.tw
Access-Control-Allow-Origin: https://fglovelife.com.tw
Access-Control-Allow-Credentials: true
Location: https://achieveweakness.com/watch.526569367653.js?dev=e&key=4ebc5c5268f114d8d4e2aad31b3a7099&kw=%5B%5D&pst=1734270415&rb=&refer=https%3A%2F%2Ffglovelife.com.tw%2Fbdwexurq%2Fpeter-theil-project-2025&res=14.2071&rmtc=t&shu=537cd6b6a31d5afa9837deee7181c7631ce6db741889a876085f7b91a129cd60b34dda572153906e7d21c341a15b190e0b21cb660ea43b2778ef279a18141c5e1fc72e2607d81f4a5522545e6f5a66ee9dfec488d1aae1acc381e6&tz=0&uuid=8d56dbde-f5c7-4fdb-9aaf-26b7e9822416%3A3%3A1
Set-Cookie: u_pl23748403=1; expires=Mon, 16 Dec 2024 13:45:55 GMT; path=/; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMzc0ODQwMywiayI6IjRlYmM1YzUyNjhmMTE0ZDhkNGUyYWFkMzFiM2E3MDk5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjgxODg4LCJwaWQiOjE1NDYxMiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6ImtxNmQxM2syNDciLCJjcGtzIjp7IjI4IjoiZTYzZWNmMTExMTgwMjI4YTllMjdkODQ5NzZkMjYyY2MifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vZmdsb3ZlbGlmZS5jb20udHcvYmR3ZXh1cnEvcGV0ZXItdGhlaWwtcHJvamVjdC0yMDI1IiwiYXIiOltdfX0.3oV0iRJM8mcAmSsmvVsu7q44rdVWPu9bXuG4J1soYrA; expires=Sun, 15 Dec 2024 13:46:55 GMT; path=/; secure; SameSite=None
Host: achieveweakness.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: af0a44c650f3b109e35048238bbe608d
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET preferouter.com/watch.1070851920154.js?dev=e&key=4ebc5c5268f114d8d4e2aad31b3a7099&kw=%5B%5D&pst=1734270415&rb=&refer=https%3A%2F%2Ffglovelife.com.tw%2Fbdwexurq%2Fpeter-theil-project-2025&res=14.2071&rmtc=t&shu=9265d2d73479ba4f4a58e55338831841ddc7ac8e33361cb40360b04aecf3fb0d75816f1e82c152d943a72dd81413036efec81ab5db857df60ae8492717c00cd9ac706aefa37c0aa5c4685d1ad431d075f50e2dcd60995003f09d7b&tz=0&uuid=8d56dbde-f5c7-4fdb-9aaf-26b7e9822416%3A3%3A1

192.243.59.12

200 OK

2.0 kB

URL GET HTTP/1.1
preferouter.com/watch.1070851920154.js?dev=e&key=4ebc5c5268f114d8d4e2aad31b3a7099&kw=%5B%5D&pst=1734270415&rb=&refer=https%3A%2F%2Ffglovelife.com.tw%2Fbdwexurq%2Fpeter-theil-project-2025&res=14.2071&rmtc=t&shu=9265d2d73479ba4f4a58e55338831841ddc7ac8e33361cb40360b04aecf3fb0d75816f1e82c152d943a72dd81413036efec81ab5db857df60ae8492717c00cd9ac706aefa37c0aa5c4685d1ad431d075f50e2dcd60995003f09d7b&tz=0&uuid=8d56dbde-f5c7-4fdb-9aaf-26b7e9822416%3A3%3A1
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://fglovelife.com.tw/bdwexurq/peter-theil-project-2025
Certificate
IssuerLet's Encrypt
Subjectpreferouter.com
FingerprintB0:B6:1E:07:19:9C:AD:09:E6:4E:8E:86:F2:E7:9A:5C:FD:E5:75:8C
ValidityThu, 12 Dec 2024 22:14:50 GMT - Wed, 12 Mar 2025 22:14:49 GMT

File type
JavaScript source, ASCII text, with very long lines (2453)
Size
2.0 kB (1999 bytes)
Hash
70d01316de6d94109b2facd89e7e927b
c562afc5b6d11b8f8933048e40268015e07bdadf
7ccacae5f268a616af3482d5ad4c01292f337115ad1dd2d3939dbd2f764cbdc0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.1070851920154.js?dev=e&key=4ebc5c5268f114d8d4e2aad31b3a7099&kw=%5B%5D&pst=1734270415&rb=&refer=https%3A%2F%2Ffglovelife.com.tw%2Fbdwexurq%2Fpeter-theil-project-2025&res=14.2071&rmtc=t&shu=9265d2d73479ba4f4a58e55338831841ddc7ac8e33361cb40360b04aecf3fb0d75816f1e82c152d943a72dd81413036efec81ab5db857df60ae8492717c00cd9ac706aefa37c0aa5c4685d1ad431d075f50e2dcd60995003f09d7b&tz=0&uuid=8d56dbde-f5c7-4fdb-9aaf-26b7e9822416%3A3%3A1 HTTP/1.1
Host: preferouter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fglovelife.com.tw
Referer: https://fglovelife.com.tw/
DNT: 1
Connection: keep-alive
Cookie: u_pl23748403=1; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMzc0ODQwMywiayI6IjRlYmM1YzUyNjhmMTE0ZDhkNGUyYWFkMzFiM2E3MDk5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjgxODg4LCJwaWQiOjE1NDYxMiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6ImtxNmQxM2syNDciLCJjcGtzIjp7IjI4IjoiZTYzZWNmMTExMTgwMjI4YTllMjdkODQ5NzZkMjYyY2MifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vZmdsb3ZlbGlmZS5jb20udHcvYmR3ZXh1cnEvcGV0ZXItdGhlaWwtcHJvamVjdC0yMDI1IiwiYXIiOltdfX0.3oV0iRJM8mcAmSsmvVsu7q44rdVWPu9bXuG4J1soYrA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 15 Dec 2024 13:45:55 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://fglovelife.com.tw
Access-Control-Allow-Origin: https://fglovelife.com.tw
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=8d56dbde-f5c7-4fdb-9aaf-26b7e9822416:3:1; expires=Sun, 22 Dec 2024 13:45:55 GMT; path=/; secure; SameSite=None
pdhtkv=true; expires=Mon, 16 Dec 2024 13:45:55 GMT; path=/; secure; SameSite=None
uncs=1; expires=Mon, 16 Dec 2024 13:45:55 GMT; path=/; secure; SameSite=None
pdhtkv5=true; expires=Mon, 16 Dec 2024 13:45:55 GMT; path=/; secure; SameSite=None
uncs5=1; expires=Mon, 16 Dec 2024 13:45:55 GMT; path=/; secure; SameSite=None
Host: preferouter.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 9717a9c066dd49c825d19d93274df324
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

GET achieveweakness.com/watch.526569367653.js?dev=e&key=4ebc5c5268f114d8d4e2aad31b3a7099&kw=%5B%5D&pst=1734270415&rb=&refer=https%3A%2F%2Ffglovelife.com.tw%2Fbdwexurq%2Fpeter-theil-project-2025&res=14.2071&rmtc=t&shu=537cd6b6a31d5afa9837deee7181c7631ce6db741889a876085f7b91a129cd60b34dda572153906e7d21c341a15b190e0b21cb660ea43b2778ef279a18141c5e1fc72e2607d81f4a5522545e6f5a66ee9dfec488d1aae1acc381e6&tz=0&uuid=8d56dbde-f5c7-4fdb-9aaf-26b7e9822416%3A3%3A1

172.240.108.76

200 OK

2.1 kB

URL GET HTTP/1.1
achieveweakness.com/watch.526569367653.js?dev=e&key=4ebc5c5268f114d8d4e2aad31b3a7099&kw=%5B%5D&pst=1734270415&rb=&refer=https%3A%2F%2Ffglovelife.com.tw%2Fbdwexurq%2Fpeter-theil-project-2025&res=14.2071&rmtc=t&shu=537cd6b6a31d5afa9837deee7181c7631ce6db741889a876085f7b91a129cd60b34dda572153906e7d21c341a15b190e0b21cb660ea43b2778ef279a18141c5e1fc72e2607d81f4a5522545e6f5a66ee9dfec488d1aae1acc381e6&tz=0&uuid=8d56dbde-f5c7-4fdb-9aaf-26b7e9822416%3A3%3A1
IP
172.240.108.76:443
ASN
#7979 SERVERS-COM

Requested by
https://fglovelife.com.tw/bdwexurq/peter-theil-project-2025
Certificate
IssuerLet's Encrypt
Subjectachieveweakness.com
Fingerprint60:4C:62:77:E4:00:6C:E1:94:80:44:F9:02:46:8D:2A:D1:FC:30:56
ValidityThu, 12 Dec 2024 20:38:19 GMT - Wed, 12 Mar 2025 20:38:18 GMT

File type
JavaScript source, ASCII text, with very long lines (2530)
Size
2.1 kB (2052 bytes)
Hash
1066ded89b455d205740d7801c68edb4
8b8eaf6cf30447971240b59fd8595c0ab504bce6
7d3b86fe34b862343c08f6fb0988e3c1832b391b86f771577289d4f7011b1afd

HTTP Headers

GET /watch.526569367653.js?dev=e&key=4ebc5c5268f114d8d4e2aad31b3a7099&kw=%5B%5D&pst=1734270415&rb=&refer=https%3A%2F%2Ffglovelife.com.tw%2Fbdwexurq%2Fpeter-theil-project-2025&res=14.2071&rmtc=t&shu=537cd6b6a31d5afa9837deee7181c7631ce6db741889a876085f7b91a129cd60b34dda572153906e7d21c341a15b190e0b21cb660ea43b2778ef279a18141c5e1fc72e2607d81f4a5522545e6f5a66ee9dfec488d1aae1acc381e6&tz=0&uuid=8d56dbde-f5c7-4fdb-9aaf-26b7e9822416%3A3%3A1 HTTP/1.1
Host: achieveweakness.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fglovelife.com.tw
Referer: https://fglovelife.com.tw/
DNT: 1
Connection: keep-alive
Cookie: u_pl23748403=1; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMzc0ODQwMywiayI6IjRlYmM1YzUyNjhmMTE0ZDhkNGUyYWFkMzFiM2E3MDk5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjgxODg4LCJwaWQiOjE1NDYxMiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6ImtxNmQxM2syNDciLCJjcGtzIjp7IjI4IjoiZTYzZWNmMTExMTgwMjI4YTllMjdkODQ5NzZkMjYyY2MifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vZmdsb3ZlbGlmZS5jb20udHcvYmR3ZXh1cnEvcGV0ZXItdGhlaWwtcHJvamVjdC0yMDI1IiwiYXIiOltdfX0.3oV0iRJM8mcAmSsmvVsu7q44rdVWPu9bXuG4J1soYrA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 15 Dec 2024 13:45:55 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://fglovelife.com.tw
Access-Control-Allow-Origin: https://fglovelife.com.tw
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=8d56dbde-f5c7-4fdb-9aaf-26b7e9822416:3:1; expires=Sun, 22 Dec 2024 13:45:55 GMT; path=/; secure; SameSite=None
pdhtkv=true; expires=Mon, 16 Dec 2024 13:45:55 GMT; path=/; secure; SameSite=None
uncs=1; expires=Mon, 16 Dec 2024 13:45:55 GMT; path=/; secure; SameSite=None
pdhtkv5=true; expires=Mon, 16 Dec 2024 13:45:55 GMT; path=/; secure; SameSite=None
uncs5=1; expires=Mon, 16 Dec 2024 13:45:55 GMT; path=/; secure; SameSite=None
Host: achieveweakness.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: ee19f3d9b49ee1134c786c707ec2f78a
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

GET capaciousdrewreligion.com/advertisers.js

185.196.197.71

200 OK

0 B

URL GET HTTP/1.1
capaciousdrewreligion.com/advertisers.js
IP
185.196.197.71:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://fglovelife.com.tw/bdwexurq/peter-theil-project-2025
Certificate
IssuerLet's Encrypt
Subjectcapaciousdrewreligion.com
FingerprintD9:49:50:C3:1F:23:A3:E8:75:32:16:6A:76:DE:28:2B:93:73:31:80
ValiditySun, 03 Nov 2024 04:28:34 GMT - Sat, 01 Feb 2025 04:28:33 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: capaciousdrewreligion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fglovelife.com.tw/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 15 Dec 2024 13:45:55 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 648b8e1683ea5ccc55d3fa616b124a52
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET tributeparticle.com/pixel/purst?dl=0&th=0&sc=0&rs=2147&rd=2147&fd=561&bv=24.12.6652&tmpl=136

192.243.59.20

200 OK

0 B

URL GET HTTP/1.1
tributeparticle.com/pixel/purst?dl=0&th=0&sc=0&rs=2147&rd=2147&fd=561&bv=24.12.6652&tmpl=136
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://fglovelife.com.tw/bdwexurq/peter-theil-project-2025
Certificate
IssuerLet's Encrypt
Subjecttributeparticle.com
FingerprintDD:2F:42:42:31:FF:41:A9:C3:F4:FC:33:3E:E9:5A:DD:7A:59:5B:0E
ValidityThu, 12 Dec 2024 22:37:05 GMT - Wed, 12 Mar 2025 22:37:04 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=2147&rd=2147&fd=561&bv=24.12.6652&tmpl=136 HTTP/1.1
Host: tributeparticle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fglovelife.com.tw/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 15 Dec 2024 13:45:55 GMT
Content-Length: 0
Connection: keep-alive
Host: tributeparticle.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

GET cdn.storageimagedisplay.com/cti/41/00/e1/4100e1ec48d8ae82b50d31d374fc4537/1707813732.png

45.133.44.1

200 OK

104 kB

URL GET HTTP/2
cdn.storageimagedisplay.com/cti/41/00/e1/4100e1ec48d8ae82b50d31d374fc4537/1707813732.png
IP
45.133.44.1:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://fglovelife.com.tw/bdwexurq/peter-theil-project-2025
Certificate
IssuerLet's Encrypt
Subjectcdn.storageimagedisplay.com
FingerprintF9:20:E7:90:5F:37:8A:CE:B4:58:90:7D:E5:7E:FD:5E:B8:11:6E:FE
ValidityTue, 12 Nov 2024 03:04:34 GMT - Mon, 10 Feb 2025 03:04:33 GMT

File type
PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced
Size
104 kB (103467 bytes)
Hash
e661e37b3ce102135ded3de19e25ca47
cf4180faec136ff3e1a04b059676bde9c9654bee
b6f3a2708c6c43dfca6ee30be64a520089afce3736ec5cdad8a26336a9c4eff3

HTTP Headers

GET /cti/41/00/e1/4100e1ec48d8ae82b50d31d374fc4537/1707813732.png HTTP/1.1
Host: cdn.storageimagedisplay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 15 Dec 2024 13:45:55 GMT
content-type: image/png
content-length: 103467
server: nginx/1.21.6
last-modified: Tue, 13 Feb 2024 08:42:21 GMT
etag: "65cb2b6d-1942b"
expires: Tue, 17 Dec 2024 13:45:55 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
x-cdn-host-id: ah0543
accept-ranges: bytes
X-Firefox-Spdy: h2

GET cdn.storageimagedisplay.com/cti/20/3e/15/203e15a4a37c18e718735a3cc9317a62/1708270295.jpg

45.133.44.1

200 OK

85 kB

URL GET HTTP/2
cdn.storageimagedisplay.com/cti/20/3e/15/203e15a4a37c18e718735a3cc9317a62/1708270295.jpg
IP
45.133.44.1:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://fglovelife.com.tw/bdwexurq/peter-theil-project-2025
Certificate
IssuerLet's Encrypt
Subjectcdn.storageimagedisplay.com
FingerprintF9:20:E7:90:5F:37:8A:CE:B4:58:90:7D:E5:7E:FD:5E:B8:11:6E:FE
ValidityTue, 12 Nov 2024 03:04:34 GMT - Mon, 10 Feb 2025 03:04:33 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 24.5 (Windows), datetime=2024:02:16 15:13:33], progressive, precision 8, 300x250, components 3
Size
85 kB (85236 bytes)
Hash
a243301a72999b8de16df631ade6b6ed
4a73bf3593d21fc3d576bee7abf06395ea58bc31
21a3a022e5e5ca83d90331629f291c8cb589a453f8c45a5707a5fbf3bbba2811

HTTP Headers

GET /cti/20/3e/15/203e15a4a37c18e718735a3cc9317a62/1708270295.jpg HTTP/1.1
Host: cdn.storageimagedisplay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 15 Dec 2024 13:45:55 GMT
content-type: image/jpeg
content-length: 85236
server: nginx/1.21.6
last-modified: Sun, 18 Feb 2024 15:31:43 GMT
etag: "65d222df-14cf4"
expires: Tue, 17 Dec 2024 13:45:55 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
x-cdn-host-id: ah0543
accept-ranges: bytes
X-Firefox-Spdy: h2

GET fglovelife.com.tw/profil.png

172.67.166.150

200 OK

194 kB

URL GET HTTP/3
fglovelife.com.tw/profil.png
IP
172.67.166.150:443
ASN
#13335 CLOUDFLARENET

Requested by
https://fglovelife.com.tw/bdwexurq/peter-theil-project-2025
Certificate
IssuerGoogle Trust Services
Subjectfglovelife.com.tw
FingerprintE8:71:04:72:BA:E9:23:A0:9A:ED:EB:36:2B:C6:C1:69:01:CA:52:B9
ValiditySat, 14 Dec 2024 10:59:21 GMT - Fri, 14 Mar 2025 11:56:20 GMT

File type
PNG image data, 923 x 740, 8-bit/color RGBA, non-interlaced
Size
194 kB (194148 bytes)
Hash
0ecb16fcde3387b3713c23171a893d09
cfe3c161fb283b1edaad6d93d60b538dfb4fd26e
4a82536fd7a10df27764bc1d956a7423736b4e2c09332d7fabfe25c15f7119c6

HTTP Headers

GET /profil.png HTTP/1.1
Host: fglovelife.com.tw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fglovelife.com.tw/bdwexurq/peter-theil-project-2025
Cookie: isFTime_4ebc5c5268f114d8d4e2aad31b3a7099=true; isFTime_4ebc5c5268f114d8d4e2aad31b3a7099_expiry=Sun, 15 Dec 2024 13:45:54 GMT
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 15 Dec 2024 13:45:55 GMT
content-type: image/png
content-length: 194148
x-powered-by: Express
cache-control: public, max-age=0
last-modified: Sat, 17 Aug 2024 14:47:12 GMT
etag: W/"2f664-19160ce8180"
cf-cache-status: EXPIRED
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v8835TRio8S6D2DRwrWpHWqAJPBXM5X04cfuRDNNF8wOAkHDHBThTYCqwiIIlC%2FVi6%2BR1RCTPNzHJgTBLbOSAN7twV2LUq85vzH2n6rY0BevxceL9e6vcFHb3moC%2ByQrsB9%2Flw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f26e0760f6eb4eb-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4900&min_rtt=1766&rtt_var=2684&sent=25&recv=12&lost=0&retrans=0&sent_bytes=16406&recv_bytes=2173&delivery_rate=10403&cwnd=24000&unsent_bytes=0&cid=48a0e5ae2817cd26&ts=1687&x=1", cfExtPri, cfHdrFlush;dur=0

GET fglovelife.com.tw/js/highlight.min.js

172.67.166.150

200 OK

43 kB

URL GET HTTP/3
fglovelife.com.tw/js/highlight.min.js
IP
172.67.166.150:443
ASN
#13335 CLOUDFLARENET

Requested by
https://fglovelife.com.tw/bdwexurq/peter-theil-project-2025
Certificate
IssuerGoogle Trust Services
Subjectfglovelife.com.tw
FingerprintE8:71:04:72:BA:E9:23:A0:9A:ED:EB:36:2B:C6:C1:69:01:CA:52:B9
ValiditySat, 14 Dec 2024 10:59:21 GMT - Fri, 14 Mar 2025 11:56:20 GMT

File type
JavaScript source, ASCII text, with very long lines (7910), with CRLF line terminators
Size
43 kB (42710 bytes)
Hash
ce552ffc8630869b9d3a215fca292098
6324f32bee04e9925adde9522dfe78eeae4858d5
30ecef6c6f78426a75fa5f60f92780501a3619ec11367e3b67331576f3370812

HTTP Headers

GET /js/highlight.min.js HTTP/1.1
Host: fglovelife.com.tw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fglovelife.com.tw/bdwexurq/peter-theil-project-2025
Cookie: isFTime_4ebc5c5268f114d8d4e2aad31b3a7099=true; isFTime_4ebc5c5268f114d8d4e2aad31b3a7099_expiry=Sun, 15 Dec 2024 13:45:54 GMT
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 15 Dec 2024 13:45:55 GMT
content-type: application/javascript; charset=UTF-8
x-powered-by: Express
cache-control: public, max-age=0
last-modified: Sat, 17 Aug 2024 14:47:12 GMT
etag: W/"1e03b-19160ce8180"
cf-cache-status: EXPIRED
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tuuMtmacYlGpCK0xp1JGsg4bRTC13dJIy4YKGCJOyFDk5eMvfFOnYHjrVo3Z1vrCmU%2BTqbxYqjw1Zj6nKo11uMSaBnryMk08JhLTDV5JVqqMJKE1EiOxRVhrmxaquAmLPJ5ppQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f26e075ff56b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3785&min_rtt=1477&rtt_var=2342&sent=192&recv=17&lost=0&retrans=0&sent_bytes=216116&recv_bytes=2396&delivery_rate=1276335&cwnd=192000&unsent_bytes=0&cid=48a0e5ae2817cd26&ts=1953&x=1", cfExtPri, cfHdrFlush;dur=0

GET unseenreport.com/pxf.gif?uuid=8d56dbde-f5c7-4fdb-9aaf-26b7e9822416&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=e63ecf111180228a9e27d84976d262cc&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=13

192.243.59.20

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=8d56dbde-f5c7-4fdb-9aaf-26b7e9822416&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=e63ecf111180228a9e27d84976d262cc&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=13
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://fglovelife.com.tw/bdwexurq/peter-theil-project-2025
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
FingerprintB3:C3:D3:00:AB:EE:F9:2F:2C:9A:5D:74:A9:E1:4E:36:06:3F:B6:74
ValidityMon, 18 Nov 2024 22:38:22 GMT - Sun, 16 Feb 2025 22:38:21 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=8d56dbde-f5c7-4fdb-9aaf-26b7e9822416&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=e63ecf111180228a9e27d84976d262cc&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=13 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fglovelife.com.tw/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 15 Dec 2024 13:45:56 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Host: unseenreport.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 318b775c5c2aee8bd763e5cbc4269a1e
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET fglovelife.com.tw/favicon.ico

172.67.166.150

200 OK

5.2 kB

URL GET HTTP/3
fglovelife.com.tw/favicon.ico
IP
172.67.166.150:443
ASN
#13335 CLOUDFLARENET

Requested by
https://fglovelife.com.tw/bdwexurq/peter-theil-project-2025
Certificate
IssuerGoogle Trust Services
Subjectfglovelife.com.tw
FingerprintE8:71:04:72:BA:E9:23:A0:9A:ED:EB:36:2B:C6:C1:69:01:CA:52:B9
ValiditySat, 14 Dec 2024 10:59:21 GMT - Fri, 14 Mar 2025 11:56:20 GMT

File type
gzip compressed data, from Unix
Size
5.2 kB (5178 bytes)
Hash
6796385830d6b02da1d510bad7da23c4
8f110ba34c4c514eeabfe5f3075457b385c676a1
29c653a42795a387da86ee9b9420de0eb8824432109f2247f74ac304f4652f23

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: fglovelife.com.tw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fglovelife.com.tw/bdwexurq/peter-theil-project-2025
Cookie: isFTime_4ebc5c5268f114d8d4e2aad31b3a7099=true; isFTime_4ebc5c5268f114d8d4e2aad31b3a7099_expiry=Sun, 15 Dec 2024 13:45:54 GMT; dom3ic8zudi28v8lr6fgphwffqoz0j6c=8d56dbde-f5c7-4fdb-9aaf-26b7e9822416%3A3%3A1; pp_show_on_e63ecf111180228a9e27d84976d262cc=1; pp_main_e63ecf111180228a9e27d84976d262cc=1; pp_exp_e63ecf111180228a9e27d84976d262cc=1734271255747
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 15 Dec 2024 13:45:55 GMT
content-type: image/jpeg
x-powered-by: Express
content-encoding: gzip
cache-control: max-age=31536000
cf-cache-status: HIT
age: 89906
last-modified: Sat, 14 Dec 2024 12:47:29 GMT
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rkCKDLNihIE60743D48f%2F%2BER81QBnALW6YRtOWZgqI%2FQ5hV%2BE0%2Bo8aBt2psPquoEzfhHZW%2FLvzlIMi4oEWyoLsBL8opkTKuCyywoXvJjlPa8r%2FONsv1OWbnalfPuCfOS6j2bwg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f26e07c1888b4eb-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3504&min_rtt=1477&rtt_var=2319&sent=231&recv=20&lost=0&retrans=0&sent_bytes=260154&recv_bytes=3554&delivery_rate=20984102&cwnd=192000&unsent_bytes=0&cid=48a0e5ae2817cd26&ts=1973&x=1", cfExtPri, cfHdrFlush;dur=0

GET lazy.agczn.my.id/tag.js

104.21.80.1

200 OK

7.5 kB

URL GET HTTP/2
lazy.agczn.my.id/tag.js
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://fglovelife.com.tw/bdwexurq/peter-theil-project-2025
Certificate
IssuerGoogle Trust Services
Subjectagczn.my.id
Fingerprint15:37:71:50:43:B8:56:49:C3:9C:10:6B:95:FA:98:27:AA:92:1A:79
ValiditySun, 08 Dec 2024 15:30:45 GMT - Sat, 08 Mar 2025 15:30:44 GMT

File type
ASCII text, with very long lines (377), with CRLF line terminators
Size
7.5 kB (7549 bytes)
Hash
f613be6d1cb212afb7ae84007056445d
2fb9979f24cd6cfd3b959630aeb5c3e7b784d9cb
a240184536984e9c3a0c758f14a57cbda4fefd001cb3a0379c52b5f1b2e498a9

HTTP Headers

GET /tag.js HTTP/1.1
Host: lazy.agczn.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fglovelife.com.tw/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 15 Dec 2024 13:45:54 GMT
content-type: application/javascript; charset=UTF-8
x-powered-by: Express
cache-control: public, max-age=120
last-modified: Thu, 10 Oct 2024 17:00:10 GMT
etag: W/"388-192775fa590"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zVPnaZwUf1NwnOKAPvEWDVX4Z1SB3iVKSDNcMCQ6zHlywMFMw3ph9CZ0YMrIsj4ugKmjBBjOQ4CSSGjJIcqGO%2Bctf%2BB4zsXdqalKMTxK1V0JKUNsu7AVaBTsOcb8orEI%2BYBz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f26e0721b47712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=5841&min_rtt=480&rtt_var=10730&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3203&recv_bytes=1057&delivery_rate=7325463&cwnd=254&unsent_bytes=0&cid=e9ca63c7a53a9e5b&ts=209&x=0"
X-Firefox-Spdy: h2

GET fglovelife.com.tw/image/peter-theil-project-2025.jpeg

172.67.166.150

200 OK

14 kB

URL GET HTTP/3
fglovelife.com.tw/image/peter-theil-project-2025.jpeg
IP
172.67.166.150:443
ASN
#13335 CLOUDFLARENET

Requested by
https://fglovelife.com.tw/bdwexurq/peter-theil-project-2025
Certificate
IssuerGoogle Trust Services
Subjectfglovelife.com.tw
FingerprintE8:71:04:72:BA:E9:23:A0:9A:ED:EB:36:2B:C6:C1:69:01:CA:52:B9
ValiditySat, 14 Dec 2024 10:59:21 GMT - Fri, 14 Mar 2025 11:56:20 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x300, components 3
Size
14 kB (13761 bytes)
Hash
2c022351250fadcb965bb10a677639d6
8f11a4bcb774dcde60847e94d10e55e716b95401
639f83f6d0f55eb2e580969e6fa15a6777515664accec59755d500ab80af576d

HTTP Headers

GET /image/peter-theil-project-2025.jpeg HTTP/1.1
Host: fglovelife.com.tw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fglovelife.com.tw/bdwexurq/peter-theil-project-2025
Cookie: isFTime_4ebc5c5268f114d8d4e2aad31b3a7099=true; isFTime_4ebc5c5268f114d8d4e2aad31b3a7099_expiry=Sun, 15 Dec 2024 13:45:54 GMT
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 15 Dec 2024 13:45:55 GMT
content-type: image/jpeg
x-powered-by: Express
content-encoding: gzip
cache-control: max-age=31536000
cf-cache-status: MISS
last-modified: Sun, 15 Dec 2024 13:45:55 GMT
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8MEMeQvq63Wv8Aj4xMZ0O%2BZMgcVSGY698noaCANXKM7bWuViEQkMI%2BltdWNbwlBPHYO76vEGt0tr7Z0DXlfDqxqVsr1KtaoKf2Q8NNpN%2FIn9jR%2FqW2tdN6bUE7Ff00pA1do%2FLw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f26e0760f70b4eb-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5647&min_rtt=4375&rtt_var=2549&sent=14&recv=10&lost=0&retrans=0&sent_bytes=4166&recv_bytes=2086&delivery_rate=135768&cwnd=12000&unsent_bytes=0&cid=48a0e5ae2817cd26&ts=1355&x=1", cfExtPri, cfHdrFlush;dur=0

GET fglovelife.com.tw/apple-touch-icon.png

172.67.166.150

404 Not Found

32 kB

URL GET HTTP/3
fglovelife.com.tw/apple-touch-icon.png
IP
172.67.166.150:443
ASN
#13335 CLOUDFLARENET

Requested by
https://fglovelife.com.tw/bdwexurq/peter-theil-project-2025
Certificate
IssuerGoogle Trust Services
Subjectfglovelife.com.tw
FingerprintE8:71:04:72:BA:E9:23:A0:9A:ED:EB:36:2B:C6:C1:69:01:CA:52:B9
ValiditySat, 14 Dec 2024 10:59:21 GMT - Fri, 14 Mar 2025 11:56:20 GMT

File type

Size
32 kB (32233 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /apple-touch-icon.png HTTP/1.1
Host: fglovelife.com.tw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fglovelife.com.tw/bdwexurq/peter-theil-project-2025
Cookie: isFTime_4ebc5c5268f114d8d4e2aad31b3a7099=true; isFTime_4ebc5c5268f114d8d4e2aad31b3a7099_expiry=Sun, 15 Dec 2024 13:45:54 GMT; dom3ic8zudi28v8lr6fgphwffqoz0j6c=8d56dbde-f5c7-4fdb-9aaf-26b7e9822416%3A3%3A1; pp_show_on_e63ecf111180228a9e27d84976d262cc=1; pp_main_e63ecf111180228a9e27d84976d262cc=1; pp_exp_e63ecf111180228a9e27d84976d262cc=1734271255747
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Sun, 15 Dec 2024 13:45:56 GMT
content-type: text/html; charset=UTF-8
x-powered-by: Express
cf-cache-status: MISS
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aukR37sCWbWS6kcLUVNLhTLFSbLfvxDYOuk4zKJSjIZ2pFEKNQCxyP6dcWIbG1mVFSwj9MmltDpkbbZXihOI0si1gTGRrNaUha6HMVI6WfsrhA55LdakkBNLspHXNCIJqceulQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f26e07c1882b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3259&min_rtt=1477&rtt_var=2227&sent=233&recv=21&lost=0&retrans=0&sent_bytes=262063&recv_bytes=3599&delivery_rate=169483&cwnd=192000&unsent_bytes=0&cid=48a0e5ae2817cd26&ts=2331&x=1", cfExtPri, cfHdrFlush;dur=0

GET fglovelife.com.tw/bdwexurq/peter-theil-project-2025

172.67.166.150

200 OK

73 kB

URL User Request GET HTTP/2
fglovelife.com.tw/bdwexurq/peter-theil-project-2025
IP
172.67.166.150:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectfglovelife.com.tw
FingerprintE8:71:04:72:BA:E9:23:A0:9A:ED:EB:36:2B:C6:C1:69:01:CA:52:B9
ValiditySat, 14 Dec 2024 10:59:21 GMT - Fri, 14 Mar 2025 11:56:20 GMT

File type

Size
73 kB (73386 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /bdwexurq/peter-theil-project-2025 HTTP/1.1
Host: fglovelife.com.tw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 15 Dec 2024 13:45:53 GMT
content-type: text/html; charset=UTF-8
x-powered-by: Express
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gBKxdy1KCh63kWL4ZCwflbrXF%2BUuATSBcakSUq6dAe1Inoo%2Bue8DYJi2UDs8R5%2FJ2fz4we1d2GtWnDSoueQgdD6x%2Fa3WsoZ2BcyNEwcWusGWlm8%2B1u9yDtW3%2FUWc2Ri%2Fwzz9%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f26e06c0ab50b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6319&min_rtt=446&rtt_var=11762&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3291&recv_bytes=1273&delivery_rate=7463917&cwnd=254&unsent_bytes=0&cid=fdf2a9ef5052aaa3&ts=622&x=0"
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (17)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash