Report - lajme-info.live/

Report Overview

Submitted URL
lajme-info.live/
IP
63.250.43.133
ASN
#22612 NAMECHEAP-NET
Submitted
2022-12-05 03:26:56
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
22

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
pl18034758.highperformancecpmgate.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	335 B	14 kB	173.233.137.44
simplewebanalysis.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	778 B	814 B	18.185.190.54
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	2.2 kB	95.101.11.115
pl18034679.highperformancecpmgate.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	335 B	710 B	192.243.61.225
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	297 B	1.2 kB	142.250.74.74
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	34.218.164.174
addresseepaper.com	18169	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	278 B	471 B	34.160.73.230
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	700 B	1.9 kB	54.230.245.118
tolerableinflectionkazan.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	374 B	467 B	192.243.59.13
triflingzenithenergetic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.9 kB	7.7 kB	192.243.59.20
cdn.creative-bars1.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.6 kB	57 kB	172.64.109.13
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	7.1 kB	23.33.119.27
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.6 kB	93.184.220.29
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
friendshipmale.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	278 B	28 kB	172.64.141.24
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	62 kB	34.120.237.76
lajme-info.live	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	11 kB	472 kB	63.250.43.132
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
banquetunarmedgrater.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	292 B	327 B	173.233.137.44
unseenreport.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	846 B	192.243.59.12
cdn.barscreative1.com	25648	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	443 B	386 B	45.133.44.4

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-05	medium	cdn.barscreative1.com/sb/interstitial/software/flashPlayer/mac/multi/1/index.html	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-12-04	medium	highperformancecpmgate.com	Sinkholed
2022-12-04	medium	banquetunarmedgrater.com	Sinkholed
2022-12-04	medium	unseenreport.com	Sinkholed
2022-12-04	medium	unseenreport.com	Sinkholed
2022-12-05	medium	triflingzenithenergetic.com	Sinkholed
2022-12-05	medium	triflingzenithenergetic.com	Sinkholed
2022-12-05	medium	triflingzenithenergetic.com	Sinkholed
2022-12-05	medium	triflingzenithenergetic.com	Sinkholed
2022-12-05	medium	triflingzenithenergetic.com	Sinkholed
2022-12-04	medium	highperformancecpmgate.com	Sinkholed

JavaScript (15)

	URL	Size	First Seen	Last Seen
	lajme-info.live/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-04-26
Pretty URL lajme-info.live/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 63.250.43.132 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-26 21:27:40 Times Seen68680 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	lajme-info.live/wp-content/themes/legal-news/assets/js/custom.min.js?ver=1.0.2	6.1 kB	2023-03-08	2023-03-13
Pretty URL lajme-info.live/wp-content/themes/legal-news/assets/js/custom.min.js?ver=1.0.2 IP 63.250.43.132 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:32:15 Last Seen2023-03-13 19:56:31 Times Seen1 Hash 83a84e3ddcfda297d9f482a8c23d353b 6fe58c1b701ceb32d984b0f3f393277bc264c334 d435f831b0046a4bd0b096e7d333e46a159b6b49fdf96e08a84ca63ad67cf160 Loading...

	pl18034679.highperformancecpmgate.com/09/a0/0d/09a00d0c991e7703a4b0783e14911aa8.js	60 kB	2023-03-08	2023-03-08
Pretty URL pl18034679.highperformancecpmgate.com/09/a0/0d/09a00d0c991e7703a4b0783e14911aa8.js IP 192.243.61.225 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:32:18 Last Seen2023-03-08 16:32:18 Times Seen1 Hash bb579989337fe73f33a48dac22768ed1 225d893e084489af17524f347f1129339329a8db 4c71f030ff1643186a6e6f0a2280ee6e2ec8d12a16588c2f6188dbfa5463f4e8 Loading...

	lajme-info.live/	102 B	2023-03-08	2023-03-08
Pretty URL lajme-info.live/ IP 63.250.43.132 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:32:18 Last Seen2023-03-08 16:32:18 Times Seen1 Hash ea7104257afaf45cfe8fc4a98155856e 9512fd50465650d6ebd40be077ab6d895a69dc46 92ad9e1865e9b1545f17d38c68c3f6ab2e22a5d7796c6ab76b92171bee864c6b Loading...

	cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/js/jquery.min.js	84 kB	2023-03-07	2024-04-26
Pretty URL cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/js/jquery.min.js IP 172.64.109.13 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:11 Last Seen2024-04-26 06:46:38 Times Seen554 Hash 6326c600df01e3bfb9b40e1aa08176f8 6b4fb754d29b297b539bf62ba9b4eaf0f33f314a df34524351c5fabc921a89183b5da5667aebd7b9e9a1c52255c76ff722935ea3 Loading...

	lajme-info.live/	2.1 kB	2023-03-08	2023-03-08
Pretty URL lajme-info.live/ IP 63.250.43.132 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:32:18 Last Seen2023-03-08 16:32:18 Times Seen1 Hash cc2ebf00bfc90adc3340eaab726ce05b 06d1d15bedcbf593a19538bfe4db450e462889a7 1c0ed1e5eedd26f1874577e7872b8975f849c31c2d3c66a582df6e332d5696af Loading...

	lajme-info.live/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4	12 kB	2023-03-08	2024-04-24
Pretty URL lajme-info.live/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 IP 63.250.43.132 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:19 Last Seen2024-04-24 20:13:16 Times Seen3481 Hash 1f9968a7c7a2a02491393fb9d4103dae 0032c8a6a692e6f072b2cef20828449402fdd57d f1d5583d4c00ebe19c7be536e72ab8234c1f926023cb5a1fd5edbe9c912f0f49 Loading...

	pl18034758.highperformancecpmgate.com/d8/a5/1c/d8a51cee7a32b781d2723a6d87492cac.js	37 kB	2023-03-08	2023-03-08
Pretty URL pl18034758.highperformancecpmgate.com/d8/a5/1c/d8a51cee7a32b781d2723a6d87492cac.js IP 173.233.137.44 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:32:18 Last Seen2023-03-08 16:32:18 Times Seen1 Hash 9ed8fee03f579432ea641016c4b96bfd d4ef8587ea67720633157f764e49a474128de506 961859e68685f0c02f2608a4b8c0a5cbbacff645ae28bfaac84555e6d281c209 Loading...

	lajme-info.live/wp-content/themes/legal-news/assets/js/slick.min.js?ver=1.8.0	43 kB	2023-03-07	2024-03-17
Pretty URL lajme-info.live/wp-content/themes/legal-news/assets/js/slick.min.js?ver=1.8.0 IP 63.250.43.132 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:41:11 Last Seen2024-03-17 02:54:01 Times Seen282 Hash e299ffe2a73f37d846ff0705429babe1 4fff3bef8d1b965819b88481deb47e1e7eaddc70 4e55b451621a060d376f1b31af3b370ea3d65ab7532ca82e875e52882deefbae Loading...

	lajme-info.live/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4	9.9 kB	2023-03-08	2024-04-24
Pretty URL lajme-info.live/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 IP 63.250.43.132 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:19 Last Seen2024-04-24 20:13:16 Times Seen3136 Hash dc74c9954b1944928eca0172c3b8c6b3 e9e00e587e0e28491b69563b4e768945ff2e0ed5 d7eff2d3185c4035edbe18b653f9da26c2d872e03c92419542ed524d569fe81b Loading...

	http:blank	10 kB	2023-03-08	2023-03-08
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:32:18 Last Seen2023-03-08 16:32:18 Times Seen1 Hash ed9c03d7a6bfee87cccb01bc71e4c9f3 e1817a6a22dc917143da3dc336e901fbf4697967 f6c4bbce1937d3115065da806c4d2616affabc6adee925cc4c294f7fe5be7bfb Loading...

	unknown	0 B	2023-03-07	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 22:39:39 Times Seen37103524 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	lajme-info.live/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1	19 kB	2023-03-07	2024-04-26
Pretty URL lajme-info.live/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 IP 63.250.43.132 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-26 21:27:40 Times Seen38069 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	lajme-info.live/wp-content/themes/legal-news/assets/js/navigation.js?ver=1.0.2	3.4 kB	2023-03-07	2024-03-17
Pretty URL lajme-info.live/wp-content/themes/legal-news/assets/js/navigation.js?ver=1.0.2 IP 63.250.43.132 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:41:11 Last Seen2024-03-17 02:54:01 Times Seen68 Hash dfdd742418a668c1bda6fdb9b55e783d 357b7b6f6f2b158433c71f0d7befd00d295efd3d 1cb69cf426c3e41a5a2dfcc84af5c891b87ba4aa8d37f081530e1d58e64c364f Loading...

	lajme-info.live/wp-content/themes/legal-news/assets/js/jquery.marquee.min.js?ver=1.6.0	9.0 kB	2023-03-07	2024-04-24
Pretty URL lajme-info.live/wp-content/themes/legal-news/assets/js/jquery.marquee.min.js?ver=1.6.0 IP 63.250.43.132 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:21:25 Last Seen2024-04-24 19:50:28 Times Seen634 Hash 38cf1efd3af828942692f619be330bcd c7836fb3eb61f96e6c8bc0344d77cf5618798315 feade23a47f6041e6d1008885642dd7ab7cc4f12d94b0c7191c9cf8ca55df97d Loading...

HTTP Transactions (78)

URL IP Response Size

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5946
Expires: Mon, 05 Dec 2022 05:05:51 GMT
Date: Mon, 05 Dec 2022 03:26:45 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fb2c0697c6d9a96a5411dd2952947458
79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4
3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6284
Cache-Control: max-age=118156
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:26:45 GMT
Etag: "638c76f5-1d7"
Expires: Tue, 06 Dec 2022 12:16:01 GMT
Last-Modified: Sun, 04 Dec 2022 10:31:17 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

lajme-info.live/

63.250.43.132

200 OK

8.3 kB

URL HTTP/1.1
lajme-info.live/
IP
63.250.43.132:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381), with CRLF, LF line terminators
Size
8.3 kB (8277 bytes)
Hash
69715a33e0d56e5de4ff8b5e96b6f6c5
c033d95b049542faffe3dece79fc65d2b91e35a8
e33c3324d50172299e6c6804d03740e1f0b16294d70142621be9edeed014cc2d

HTTP Headers

GET / HTTP/1.1
Host: lajme-info.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:54:12 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <http://lajme-info.live/wp-json/>; rel="https://api.w.org/"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: public
referrer-policy: strict-origin-when-cross-origin
content-encoding: gzip
x-cacheable: YES
age: 27153
accept-ranges: bytes
x-cache: HIT
content-length: 8277
strict-transport-security: max-age=15768000

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5713
Expires: Mon, 05 Dec 2022 05:01:58 GMT
Date: Mon, 05 Dec 2022 03:26:45 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 03:20:12 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 393
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: FHrp7z4EaTFmFypwMj+Y4CHygAYolzkUBS+6/ozHC8gcuuyqDZfdanSd2EkL2uqRLf1q2R7PrPk=
x-amz-request-id: VRYCPNW43WJ9W0EZ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 05 Dec 2022 02:47:13 GMT
age: 2372
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 03:26:45 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

lajme-info.live/wp-includes/css/classic-themes.min.css?ver=1

63.250.43.132

200 OK

217 B

URL HTTP/1.1
lajme-info.live/wp-includes/css/classic-themes.min.css?ver=1
IP
63.250.43.132:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
217 B (217 bytes)
Hash
95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

HTTP Headers

GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: lajme-info.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive

HTTP/1.1 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:54:44 GMT
content-type: text/css
content-length: 217
last-modified: Sun, 04 Dec 2022 15:50:13 GMT
etag: "638cc1b5-d9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 27121
accept-ranges: bytes
x-cache: HIT
strict-transport-security: max-age=15768000

lajme-info.live/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1

63.250.43.132

200 OK

12 kB

URL HTTP/1.1
lajme-info.live/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP
63.250.43.132:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (47826)
Size
12 kB (12518 bytes)
Hash
981383d43a7adb38d6c2bf5286dcd065
e41871905868763178f7d8127e3dfb87909f108f
fceb208fc5a1581abc1926596d5f59fa41e7a7d72027b563303b445cdf7ed126

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: lajme-info.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive

HTTP/1.1 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:54:44 GMT
content-type: text/css
last-modified: Sun, 04 Dec 2022 15:50:13 GMT
vary: Accept-Encoding
etag: W/"638cc1b5-172a9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 27122
accept-ranges: bytes
x-cache: HIT
content-length: 12518
strict-transport-security: max-age=15768000

lajme-info.live/wp-content/themes/apex-news/style.css?ver=1.0.1

63.250.43.132

200 OK

2.4 kB

URL HTTP/1.1
lajme-info.live/wp-content/themes/apex-news/style.css?ver=1.0.1
IP
63.250.43.132:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (1245), with CRLF line terminators
Size
2.4 kB (2444 bytes)
Hash
382e875d88fe8b4726772424b8e62247
6adbe54cb182db9e70d4d8fc1faaea819e3fbcaa
cfc2b556f125b1b42065cb91120b0c9cac438c43f40f56a4d36ede3c30b26d19

HTTP Headers

GET /wp-content/themes/apex-news/style.css?ver=1.0.1 HTTP/1.1
Host: lajme-info.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive

HTTP/1.1 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:54:44 GMT
content-type: text/css
last-modified: Sat, 03 Dec 2022 23:10:25 GMT
vary: Accept-Encoding
etag: W/"638bd761-42ac"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 27121
accept-ranges: bytes
x-cache: HIT
content-length: 2444
strict-transport-security: max-age=15768000

lajme-info.live/wp-content/themes/legal-news/assets/css/slick.min.css?ver=1.8.0

63.250.43.132

200 OK

485 B

URL HTTP/1.1
lajme-info.live/wp-content/themes/legal-news/assets/css/slick.min.css?ver=1.8.0
IP
63.250.43.132:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (1257), with no line terminators
Size
485 B (485 bytes)
Hash
10e66dea6d65a800e049527b13397a7d
b93aeea4d12b65a0784be085ef7e50085ae245f8
152c616e2c3175164a49ca85c8065b3c5184059fa8f73522fb26aeb1be2219d9

HTTP Headers

GET /wp-content/themes/legal-news/assets/css/slick.min.css?ver=1.8.0 HTTP/1.1
Host: lajme-info.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive

HTTP/1.1 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:54:44 GMT
content-type: text/css
last-modified: Sat, 03 Dec 2022 23:10:27 GMT
vary: Accept-Encoding
etag: W/"638bd763-4e9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 27122
accept-ranges: bytes
x-cache: HIT
content-length: 485
strict-transport-security: max-age=15768000

lajme-info.live/wp-content/plugins/translatepress-multilingual/assets/css/trp-language-switcher.css?ver=2.4.2

63.250.43.132

200 OK

817 B

URL HTTP/1.1
lajme-info.live/wp-content/plugins/translatepress-multilingual/assets/css/trp-language-switcher.css?ver=2.4.2
IP
63.250.43.132:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
817 B (817 bytes)
Hash
acb1ca96c3af9a9dadfff5495182ab8d
5ea2bd06354f3b03ca74f28a4ea98b13ad600985
89dedebaac821c638da0e023753c5a2ce5852a9f472c876e40313e7ebeeae5cb

HTTP Headers

GET /wp-content/plugins/translatepress-multilingual/assets/css/trp-language-switcher.css?ver=2.4.2 HTTP/1.1
Host: lajme-info.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive

HTTP/1.1 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:54:44 GMT
content-type: text/css
last-modified: Sat, 03 Dec 2022 22:55:14 GMT
vary: Accept-Encoding
etag: W/"638bd3d2-a6b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 27122
accept-ranges: bytes
x-cache: HIT
content-length: 817
strict-transport-security: max-age=15768000

lajme-info.live/wp-content/themes/legal-news/assets/css/fontawesome.min.css?ver=5.15.4

63.250.43.132

200 OK

13 kB

URL HTTP/1.1
lajme-info.live/wp-content/themes/legal-news/assets/css/fontawesome.min.css?ver=5.15.4
IP
63.250.43.132:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (59119), with CRLF line terminators
Size
13 kB (12862 bytes)
Hash
ea18162c83c16ae46e17331bcba6b774
644421088b911b429abce803c2d478f0c0abe142
00ae02bcbb3097a68b9372117653a16dcee04452bc5d59d6516c31ce641c3c6d

HTTP Headers

GET /wp-content/themes/legal-news/assets/css/fontawesome.min.css?ver=5.15.4 HTTP/1.1
Host: lajme-info.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive

HTTP/1.1 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:54:44 GMT
content-type: text/css
last-modified: Sat, 03 Dec 2022 23:10:26 GMT
vary: Accept-Encoding
etag: W/"638bd762-e7ad"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 27122
accept-ranges: bytes
x-cache: HIT
content-length: 12862
strict-transport-security: max-age=15768000

lajme-info.live/wp-content/fonts/7ef2cbd9c8aeb8c2f3cc5f3872845117.css

63.250.43.132

200 OK

581 B

URL HTTP/1.1
lajme-info.live/wp-content/fonts/7ef2cbd9c8aeb8c2f3cc5f3872845117.css
IP
63.250.43.132:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
581 B (581 bytes)
Hash
ac8dee36f7e9f5e07616b24e2f562afe
795076384a185acd39da611389516905210d81c1
792ccaaa72ed35e33e1ab5e629761b9cffedfb1881d5392a83de2c0e271f2b76

HTTP Headers

GET /wp-content/fonts/7ef2cbd9c8aeb8c2f3cc5f3872845117.css HTTP/1.1
Host: lajme-info.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive

HTTP/1.1 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:54:44 GMT
content-type: text/css
last-modified: Sun, 04 Dec 2022 17:47:44 GMT
vary: Accept-Encoding
etag: W/"638cdd40-202d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 27121
accept-ranges: bytes
x-cache: HIT
content-length: 581
strict-transport-security: max-age=15768000

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 03:08:58 GMT
cache-control: public,max-age=3600
age: 1068
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

lajme-info.live/wp-content/themes/legal-news/style.css?ver=1.0.2

63.250.43.132

200 OK

20 kB

URL HTTP/1.1
lajme-info.live/wp-content/themes/legal-news/style.css?ver=1.0.2
IP
63.250.43.132:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (785), with CRLF line terminators
Size
20 kB (20367 bytes)
Hash
766093535f59f0953203b8c2d9fdb215
4267b29e602e0ae8d78de4573084632c423def5a
b5f1f393a09d7da37d8e018cd89e038f820a7e4d7dae792373215e475693b3f9

HTTP Headers

GET /wp-content/themes/legal-news/style.css?ver=1.0.2 HTTP/1.1
Host: lajme-info.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive

HTTP/1.1 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:54:44 GMT
content-type: text/css
last-modified: Sat, 03 Dec 2022 23:10:27 GMT
vary: Accept-Encoding
etag: W/"638bd763-22e33"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 27121
accept-ranges: bytes
x-cache: HIT
content-length: 20367
strict-transport-security: max-age=15768000

lajme-info.live/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

63.250.43.132

200 OK

4.2 kB

URL HTTP/1.1
lajme-info.live/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
63.250.43.132:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (11126)
Size
4.2 kB (4169 bytes)
Hash
5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: lajme-info.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive

HTTP/1.1 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:54:44 GMT
content-type: application/javascript
last-modified: Wed, 15 Jun 2022 13:01:51 GMT
vary: Accept-Encoding
etag: W/"62a9d83f-2bd8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 27122
accept-ranges: bytes
x-cache: HIT
content-length: 4169
strict-transport-security: max-age=15768000

lajme-info.live/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4

63.250.43.132

200 OK

2.9 kB

URL HTTP/1.1
lajme-info.live/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
IP
63.250.43.132:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (9937), with no line terminators
Size
2.9 kB (2937 bytes)
Hash
8189a6a3f3f0efc64f857fe869d3729b
bc84b1c1e96a26fd6595da0cb024aad989c1f331
e2683386c2d5a8b3280fa9920d22fedb31a33a8bdca8ec494d3fe4df9fc6b337

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 HTTP/1.1
Host: lajme-info.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive

HTTP/1.1 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:54:44 GMT
content-type: application/javascript
last-modified: Sat, 03 Dec 2022 23:23:37 GMT
vary: Accept-Encoding
etag: W/"638bda79-26d1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 27121
accept-ranges: bytes
x-cache: HIT
content-length: 2937
strict-transport-security: max-age=15768000

lajme-info.live/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4

63.250.43.132

200 OK

4.0 kB

URL HTTP/1.1
lajme-info.live/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
IP
63.250.43.132:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document, ASCII text, with very long lines (12310), with no line terminators
Size
4.0 kB (3957 bytes)
Hash
832eeb1fd498e5839b89bfb5f05a2f0d
cf2d8668aecc5033346ac2906bb8bf7e143cfa4a
35b2b27ba0ba63c065e4c67d15b7cb1878b5868d7f475cc7f6f1724d3988793a

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 HTTP/1.1
Host: lajme-info.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive

HTTP/1.1 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:54:44 GMT
content-type: application/javascript
last-modified: Sat, 03 Dec 2022 23:23:37 GMT
vary: Accept-Encoding
etag: W/"638bda79-3016"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 27121
accept-ranges: bytes
x-cache: HIT
content-length: 3957
strict-transport-security: max-age=15768000

lajme-info.live/wp-content/themes/legal-news/assets/js/navigation.js?ver=1.0.2

63.250.43.132

200 OK

1.1 kB

URL HTTP/1.1
lajme-info.live/wp-content/themes/legal-news/assets/js/navigation.js?ver=1.0.2
IP
63.250.43.132:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with CRLF line terminators
Size
1.1 kB (1141 bytes)
Hash
e26ad94adb34a8db881fe4630f596fe3
e01a9697155c3ae58725b417f97e34831faf39cd
567d61776edd753e993f38a50448f949da06bd97f2fb09d9fe1cf9c0da1a549a

HTTP Headers

GET /wp-content/themes/legal-news/assets/js/navigation.js?ver=1.0.2 HTTP/1.1
Host: lajme-info.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive

HTTP/1.1 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:54:44 GMT
content-type: application/javascript
last-modified: Sat, 03 Dec 2022 23:10:27 GMT
vary: Accept-Encoding
etag: W/"638bd763-d35"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 27121
accept-ranges: bytes
x-cache: HIT
content-length: 1141
strict-transport-security: max-age=15768000

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
31b129c94a90b1e695b21395cb54e378
a3cae46b48d469cc61ab0581303bcd5f5b654db9
fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6293
Cache-Control: max-age=113098
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:26:46 GMT
Etag: "638c632b-1d7"
Expires: Tue, 06 Dec 2022 10:51:44 GMT
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

pl18034758.highperformancecpmgate.com/d8/a5/1c/d8a51cee7a32b781d2723a6d87492cac.js

173.233.137.44

200 OK

13 kB

URL HTTP/1.1
pl18034758.highperformancecpmgate.com/d8/a5/1c/d8a51cee7a32b781d2723a6d87492cac.js
IP
173.233.137.44:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with very long lines (37152), with no line terminators
Size
13 kB (13414 bytes)
Hash
c98e39cce857a63f45ef80c3b97f0411
bb459315096aca761cf9669a659fdb375e94e97e
e9158abd308c90bbc4111c4d35eec47440792538750d97a428c6fade4ee895da

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /d8/a5/1c/d8a51cee7a32b781d2723a6d87492cac.js HTTP/1.1
Host: pl18034758.highperformancecpmgate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 05 Dec 2022 03:26:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9a8102e6773c7a6c0654fe5bb80ea30f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

lajme-info.live/wp-content/themes/legal-news/assets/js/slick.min.js?ver=1.8.0

63.250.43.132

200 OK

10 kB

URL HTTP/1.1
lajme-info.live/wp-content/themes/legal-news/assets/js/slick.min.js?ver=1.8.0
IP
63.250.43.132:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (43146), with no line terminators
Size
10 kB (10479 bytes)
Hash
eb9217486f4e6760a06b0c2e6f59d651
578fb7523233c16ffe1a0fbad33b2106d7eb51cd
6bba058683fb17c611d1cb6637d6d6c2590bef0763ca0befdb44c2d1f444686c

HTTP Headers

GET /wp-content/themes/legal-news/assets/js/slick.min.js?ver=1.8.0 HTTP/1.1
Host: lajme-info.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive

HTTP/1.1 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:54:44 GMT
content-type: application/javascript
last-modified: Sat, 03 Dec 2022 23:10:27 GMT
vary: Accept-Encoding
etag: W/"638bd763-a88a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 27121
accept-ranges: bytes
x-cache: HIT
content-length: 10479
strict-transport-security: max-age=15768000

lajme-info.live/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

63.250.43.132

200 OK

31 kB

URL HTTP/1.1
lajme-info.live/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP
63.250.43.132:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (65447)
Size
31 kB (31038 bytes)
Hash
2eccf707201b564e5e0cc3637fe4fd79
13b3ab2c399a84808e8fd6a2c795a6a49f5090a4
fb2e62f5864ef969b2d586b0e589fc81d7689038cd54a90fbca4b463e0ca6261

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: lajme-info.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive

HTTP/1.1 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:54:44 GMT
content-type: application/javascript
last-modified: Sun, 04 Dec 2022 15:50:15 GMT
vary: Accept-Encoding
etag: W/"638cc1b7-15e54"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 27122
accept-ranges: bytes
x-cache: HIT
content-length: 31038
strict-transport-security: max-age=15768000

lajme-info.live/wp-content/themes/legal-news/assets/js/jquery.marquee.min.js?ver=1.6.0

63.250.43.132

200 OK

2.3 kB

URL HTTP/1.1
lajme-info.live/wp-content/themes/legal-news/assets/js/jquery.marquee.min.js?ver=1.6.0
IP
63.250.43.132:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (9029), with no line terminators
Size
2.3 kB (2336 bytes)
Hash
42f93a7b309dbceeeb0fc5df558e77e9
2dcdb3182b2c65aa0a49ed9bd4a00302392b05df
06d05467a1d218cd263703bd1231d590a4b29e248e4186fff15985433020a77e

HTTP Headers

GET /wp-content/themes/legal-news/assets/js/jquery.marquee.min.js?ver=1.6.0 HTTP/1.1
Host: lajme-info.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive

HTTP/1.1 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:54:44 GMT
content-type: application/javascript
last-modified: Sat, 03 Dec 2022 23:10:27 GMT
vary: Accept-Encoding
etag: W/"638bd763-2345"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 27121
accept-ranges: bytes
x-cache: HIT
content-length: 2336
strict-transport-security: max-age=15768000

lajme-info.live/wp-content/themes/legal-news/assets/js/custom.min.js?ver=1.0.2

63.250.43.132

200 OK

1.1 kB

URL HTTP/1.1
lajme-info.live/wp-content/themes/legal-news/assets/js/custom.min.js?ver=1.0.2
IP
63.250.43.132:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (6105), with no line terminators
Size
1.1 kB (1067 bytes)
Hash
e31ef9dd55f524ba9f4a6d662dd5d33f
972fb0354e4c3a9c600c59bd5bf9b4aec6b9cd79
df81d72057d1f7c977785547d06102246e364c1a6a6b49eb1eeb59ef34c39e3f

HTTP Headers

GET /wp-content/themes/legal-news/assets/js/custom.min.js?ver=1.0.2 HTTP/1.1
Host: lajme-info.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive

HTTP/1.1 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:54:45 GMT
content-type: application/javascript
last-modified: Sat, 03 Dec 2022 23:10:27 GMT
vary: Accept-Encoding
etag: W/"638bd763-17d9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 27121
accept-ranges: bytes
x-cache: HIT
content-length: 1067
strict-transport-security: max-age=15768000

lajme-info.live/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1

63.250.43.132

200 OK

5.0 kB

URL HTTP/1.1
lajme-info.live/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP
63.250.43.132:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (15660)
Size
5.0 kB (5004 bytes)
Hash
1b982d290af16dac5885f21a198aaa66
f847ca85d23c2f240938bbde0135f3de97925759
0b6e238cc0728a0bace390dfff472ff8bb5a5fd4714bcfcdac7c28621d67b8dc

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: lajme-info.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive

HTTP/1.1 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:54:45 GMT
content-type: application/javascript
last-modified: Wed, 15 Jun 2022 13:01:51 GMT
vary: Accept-Encoding
etag: W/"62a9d83f-48b9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 27121
accept-ranges: bytes
x-cache: HIT
content-length: 5004
strict-transport-security: max-age=15768000

lajme-info.live/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4

63.250.43.132

200 OK

972 B

URL HTTP/1.1
lajme-info.live/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
IP
63.250.43.132:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
972 B (972 bytes)
Hash
8bf268dfcca7cb20719b7ea14373ef4a
58bd839bbf0e8cc082f0a488b538b4ec71bebd2e
eece4a14939273c7af07bce8bab3a6cfc2c9de44c0eea82cc886abac13cb3870

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4 HTTP/1.1
Host: lajme-info.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive

HTTP/1.1 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:54:44 GMT
content-type: text/css
last-modified: Sat, 03 Dec 2022 23:23:37 GMT
vary: Accept-Encoding
etag: W/"638bda79-aab"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 27122
accept-ranges: bytes
x-cache: HIT
content-length: 972
strict-transport-security: max-age=15768000

lajme-info.live/wp-content/plugins/translatepress-multilingual/assets/css/trp-floater-language-switcher.css?ver=2.4.2

63.250.43.132

200 OK

1.0 kB

URL HTTP/1.1
lajme-info.live/wp-content/plugins/translatepress-multilingual/assets/css/trp-floater-language-switcher.css?ver=2.4.2
IP
63.250.43.132:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
1.0 kB (1044 bytes)
Hash
9e47e033a3c7ed5e1738f0d5d8a9ec7b
a9e1b438117025af30d88bd0d23edecad789d09c
97eaedd9574fc83282880c14ba3ddc1b4bd2adee845bab6b61a9d490dc0aa4f8

HTTP Headers

GET /wp-content/plugins/translatepress-multilingual/assets/css/trp-floater-language-switcher.css?ver=2.4.2 HTTP/1.1
Host: lajme-info.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive

HTTP/1.1 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:54:44 GMT
content-type: text/css
last-modified: Sat, 03 Dec 2022 22:55:14 GMT
vary: Accept-Encoding
etag: W/"638bd3d2-131e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 27122
accept-ranges: bytes
x-cache: HIT
content-length: 1044
strict-transport-security: max-age=15768000

push.services.mozilla.com/

34.218.164.174

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.218.164.174:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: j9Ef/1CQubAfC7EfNWZxbg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: MXjihsyjTRJboIyoBUkB8WEE8LM=

lajme-info.live/wp-content/plugins/translatepress-multilingual/assets/images/flags/en_US.png

63.250.43.132

200 OK

502 B

URL HTTP/1.1
lajme-info.live/wp-content/plugins/translatepress-multilingual/assets/images/flags/en_US.png
IP
63.250.43.132:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 18 x 12, 8-bit/color RGB, non-interlaced\012- data
Size
502 B (502 bytes)
Hash
ab347ae5be9857bf2cd91fc8203ff20c
136ee4ffb05ee0c980c4beae0bc45abe8c103a2f
84554ad84b590aa4d161301d4abb95d5d3b7013f38bbb0c02ba0d506ce3c548e

HTTP Headers

GET /wp-content/plugins/translatepress-multilingual/assets/images/flags/en_US.png HTTP/1.1
Host: lajme-info.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive

HTTP/1.1 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:54:19 GMT
content-type: image/png
content-length: 502
last-modified: Sat, 03 Dec 2022 22:55:14 GMT
etag: "638bd3d2-1f6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 27147
accept-ranges: bytes
x-cache: HIT
strict-transport-security: max-age=15768000

addresseepaper.com/sfp.js

34.160.73.230

429 Too Many Requests

298 B

URL HTTP/1.1
addresseepaper.com/sfp.js
IP
34.160.73.230:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
298 B (298 bytes)
Hash
2d276fc22806d34e2355196fe7bea1f3
0f2c85ecd7a43e866345fd0eafe5e0fdd4aa7acf
9e522902dee04e1345219cee056a1a291ba4eca674870853ab05f3579875ff38

HTTP Headers

GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive

HTTP/1.1 429 Too Many Requests
Server: openresty
Date: Mon, 05 Dec 2022 03:26:47 GMT
Content-Type: text/html
Content-Length: 298
ETag: "63734773-12a"
Via: 1.1 google

lajme-info.live/wp-content/fonts/titillium-web/NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2

63.250.43.132

200 OK

12 kB

URL HTTP/1.1
lajme-info.live/wp-content/fonts/titillium-web/NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2
IP
63.250.43.132:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format (Version 2), TrueType, length 11796, version 1.0\012- data
Size
12 kB (11796 bytes)
Hash
8d4079c3aa4f01e6d9bbd4f1bbcdf114
52ab47c062d0bfdbd34dbd31784008bd0e4c4227
d5c1172f24f4f49f780c65cf5be897527fd08f3662a2ba8db0cfe0057d92e367

HTTP Headers

GET /wp-content/fonts/titillium-web/NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2 HTTP/1.1
Host: lajme-info.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://lajme-info.live/wp-content/fonts/7ef2cbd9c8aeb8c2f3cc5f3872845117.css

HTTP/1.1 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:33:18 GMT
content-type: font/woff2
content-length: 11796
last-modified: Sat, 03 Dec 2022 23:10:44 GMT
etag: "638bd774-2e14"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 28408
accept-ranges: bytes
x-cache: HIT
strict-transport-security: max-age=15768000

lajme-info.live/wp-content/fonts/titillium-web/NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2

63.250.43.132

200 OK

12 kB

URL HTTP/1.1
lajme-info.live/wp-content/fonts/titillium-web/NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2
IP
63.250.43.132:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format (Version 2), TrueType, length 12372, version 1.0\012- data
Size
12 kB (12372 bytes)
Hash
0ef99cf07a2a261ab43d5dc1937ffb27
bd39f9cd13ef2a6f912dcba8fa916fc67b4a19d9
557f6d0883db85be712c3a77baa38875ddf99ecbdfd6fec98e5c0b1f7a0e1532

HTTP Headers

GET /wp-content/fonts/titillium-web/NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2 HTTP/1.1
Host: lajme-info.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://lajme-info.live/wp-content/fonts/7ef2cbd9c8aeb8c2f3cc5f3872845117.css

HTTP/1.1 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:32:35 GMT
content-type: font/woff2
content-length: 12372
last-modified: Sat, 03 Dec 2022 23:10:44 GMT
etag: "638bd774-3054"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 28451
accept-ranges: bytes
x-cache: HIT
strict-transport-security: max-age=15768000

lajme-info.live/wp-content/fonts/titillium-web/NaPDcZTIAOhVxoMyOr9n_E7ffBzCGItzYw.woff2

63.250.43.132

200 OK

12 kB

URL HTTP/1.1
lajme-info.live/wp-content/fonts/titillium-web/NaPDcZTIAOhVxoMyOr9n_E7ffBzCGItzYw.woff2
IP
63.250.43.132:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format (Version 2), TrueType, length 12136, version 1.0\012- data
Size
12 kB (12136 bytes)
Hash
5d7c6bb8fd4fc992c54e596ab7433d5d
35fd6e4c125235cb7f9aa6e297da4b64ae45b06a
dd870101ad4e95d687a2eb734707b0dd7c20808f76d7be77a71a5d13cf99401c

HTTP Headers

GET /wp-content/fonts/titillium-web/NaPDcZTIAOhVxoMyOr9n_E7ffBzCGItzYw.woff2 HTTP/1.1
Host: lajme-info.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://lajme-info.live/wp-content/fonts/7ef2cbd9c8aeb8c2f3cc5f3872845117.css

HTTP/1.1 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:33:06 GMT
content-type: font/woff2
content-length: 12136
last-modified: Sat, 03 Dec 2022 23:10:44 GMT
etag: "638bd774-2f68"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 28420
accept-ranges: bytes
x-cache: HIT
strict-transport-security: max-age=15768000

friendshipmale.com/sfp.js

172.64.141.24

200 OK

28 kB

URL HTTP/1.1
friendshipmale.com/sfp.js
IP
172.64.141.24:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
28 kB (27574 bytes)
Hash
b1fa950e77a7db5425f9a5257af02e9c
2d5580451f34ad96218f8b97edf9708f9ee1be87
d999c4320df27dc4a1d3de5aec22bb3ef201560b47a7eff3f28f4133c1997a14

HTTP Headers

GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive

HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 03:26:47 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: max-age=14400
X-Request-ID: 8ea5c0299ff639bed89e3d412fcd9d73
Strict-Transport-Security: max-age=0; includeSubdomains
CF-Cache-Status: EXPIRED
Last-Modified: Mon, 05 Dec 2022 03:26:46 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YQD0j6EHEswILNKXtJsQt6zsYi4Sw3K%2BqZpVm6afSlk6yq5MfRMwVemsMR4rrCqYEJfqkTMWqaLHgzbUX168XnkksrfXBAZN1aKcjiDLa%2FQCaaWl1vlTsD3etTFAVJ%2BgkCfrtnM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7749aea7ddf1754d-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

ocsp.sca1b.amazontrust.com/

54.230.245.118

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.118:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
f0f8b0d8806166791f6d6d9a9aa908ca
e30099fed67b541c022984b41b6de1e9ca8e01bb
c8d3589546edd372653dbcc6fe1bc48340d7bf5dc3b0f37324a9ff8014aa912b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 05 Dec 2022 03:26:47 GMT
Last-Modified: Mon, 05 Dec 2022 02:02:16 GMT
Server: ECS (nyb/1D16)
X-Cache: Miss from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: sebGGLf1iLD99A10Pmh61NM3aVrl-DzltM2WVPXQuX3YQ6NMA_gu4A==
Age: 5071

tolerableinflectionkazan.com/pixel/purst?dl=0&th=0&sc=0&rs=1258&rd=1258&fd=855&bv=22.10.v.9&tmpl=70

192.243.59.13

200 OK

0 B

URL HTTP/1.1
tolerableinflectionkazan.com/pixel/purst?dl=0&th=0&sc=0&rs=1258&rd=1258&fd=855&bv=22.10.v.9&tmpl=70
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=1258&rd=1258&fd=855&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: tolerableinflectionkazan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 05 Dec 2022 03:26:47 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

ocsp.sca1b.amazontrust.com/

54.230.245.118

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.118:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
f0f8b0d8806166791f6d6d9a9aa908ca
e30099fed67b541c022984b41b6de1e9ca8e01bb
c8d3589546edd372653dbcc6fe1bc48340d7bf5dc3b0f37324a9ff8014aa912b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=128266
Date: Mon, 05 Dec 2022 03:26:47 GMT
Etag: "638ca11c-1d7"
Expires: Tue, 06 Dec 2022 15:04:33 GMT
Last-Modified: Sun, 04 Dec 2022 13:31:08 GMT
Server: ECS (nyb/1D2E)
X-Cache: Miss from cloudfront
Via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: AM1dkCE49voUKqFJzRu1AKTFiK7ZAlMjncWnqB1DmQcsOlWW_7D5mg==
Age: 5605

simplewebanalysis.com/stats

18.185.190.54

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
18.185.190.54:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
4848465cd12bac6b81d772e0b5615bb6
52f1a7e9c38f0a321aed5b85a25c85c5526d0697
350bd4f756ac138e6077a4673708af6cde249d730819e32096cc063169883b93

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://lajme-info.live/
Origin: http://lajme-info.live
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 05 Dec 2022 03:26:47 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://lajme-info.live
access-control-allow-credentials: true
set-cookie: uid_id2=b6e967c8-e9db-4f96-823f-fce7bbec4204:1:1; expires=Thu, 02 Dec 2032 03:26:47 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

simplewebanalysis.com/stats

18.185.190.54

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
18.185.190.54:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
ecd507f5274d782fcd5e15c8f96036a5
aa4ade4e3729e0f1a2a780f6ca130b7a78061dcb
e86ca6cba893c9eb696fd17834fd2448811e80422d389bb7ffad1e7f0b3030ed

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://lajme-info.live/
Origin: http://lajme-info.live
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 05 Dec 2022 03:26:47 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://lajme-info.live
access-control-allow-credentials: true
set-cookie: uid_id2=a50ae0aa-f430-4bfa-b709-642a4a8762d2:1:1; expires=Thu, 02 Dec 2032 03:26:47 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

lajme-info.live/wp-content/uploads/2022/12/a-72.jpg

63.250.43.132

200 OK

77 kB

URL HTTP/1.1
lajme-info.live/wp-content/uploads/2022/12/a-72.jpg
IP
63.250.43.132:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 910x542, components 3\012- data
Size
77 kB (77264 bytes)
Hash
66a01342c682fdf31426ecb69ab587b1
08946b85d4c401b2899c57d9f55298fa8d72ea9d
cc66e259613e8747599c7796bd34cdf7f72f598861f9a73a6e6c32d0834d77be

HTTP Headers

GET /wp-content/uploads/2022/12/a-72.jpg HTTP/1.1
Host: lajme-info.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive

HTTP/1.1 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:52:14 GMT
content-type: image/jpeg
content-length: 77264
last-modified: Sun, 04 Dec 2022 19:31:24 GMT
etag: "638cf58c-12dd0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 27272
accept-ranges: bytes
x-cache: HIT
strict-transport-security: max-age=15768000

lajme-info.live/wp-content/themes/legal-news/assets/webfonts/fa-regular-400.woff2

63.250.43.132

200 OK

13 kB

URL HTTP/1.1
lajme-info.live/wp-content/themes/legal-news/assets/webfonts/fa-regular-400.woff2
IP
63.250.43.132:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format (Version 2), TrueType, length 13224, version 331.-31196\012- data
Size
13 kB (13224 bytes)
Hash
b91d376b8d7646d671cd820950d5f7f1
13517529affa39e2585c591acae6dc336b6aa917
e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca

HTTP Headers

GET /wp-content/themes/legal-news/assets/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: lajme-info.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://lajme-info.live/wp-content/themes/legal-news/assets/css/fontawesome.min.css?ver=5.15.4

HTTP/1.1 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:54:45 GMT
content-type: font/woff2
content-length: 13224
last-modified: Sat, 03 Dec 2022 23:10:27 GMT
etag: "638bd763-33a8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: http://lajme-info.live
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 27121
accept-ranges: bytes
x-cache: HIT
strict-transport-security: max-age=15768000

banquetunarmedgrater.com/advertisers.js

173.233.137.44

200 OK

0 B

URL HTTP/1.1
banquetunarmedgrater.com/advertisers.js
IP
173.233.137.44:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 05 Dec 2022 03:26:47 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 23cbe640ec22a9693c5ada038455daba
Strict-Transport-Security: max-age=0; includeSubdomains

lajme-info.live/wp-content/themes/legal-news/assets/webfonts/fa-solid-900.woff2

63.250.43.132

200 OK

78 kB

URL HTTP/1.1
lajme-info.live/wp-content/themes/legal-news/assets/webfonts/fa-solid-900.woff2
IP
63.250.43.132:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format (Version 2), TrueType, length 78268, version 331.-31196\012- data
Size
78 kB (78268 bytes)
Hash
d824df7eb2e268626a2dd9a6a741ac4e
0ccb2c814a7e4ca12c4778821633809cb0361eaa
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

HTTP Headers

GET /wp-content/themes/legal-news/assets/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: lajme-info.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://lajme-info.live/wp-content/themes/legal-news/assets/css/fontawesome.min.css?ver=5.15.4

HTTP/1.1 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:54:45 GMT
content-type: font/woff2
content-length: 78268
last-modified: Sat, 03 Dec 2022 23:10:27 GMT
etag: "638bd763-131bc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: http://lajme-info.live
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 27121
accept-ranges: bytes
x-cache: HIT
strict-transport-security: max-age=15768000

lajme-info.live/wp-content/uploads/2022/12/ilir-meta-2-2.jpg

63.250.43.132

200 OK

125 kB

URL HTTP/1.1
lajme-info.live/wp-content/uploads/2022/12/ilir-meta-2-2.jpg
IP
63.250.43.132:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4], baseline, precision 8, 1046x554, components 3\012- data
Size
125 kB (125212 bytes)
Hash
3ec8f23262a5daf1ef4e91ee52b78812
a64948a8fc8d90785b48c1b5edeb54c4a4e8b052
8c659669f8ceea10460d154faafb746bef62910f61d70d3e9c2ba9172edec5a2

HTTP Headers

GET /wp-content/uploads/2022/12/ilir-meta-2-2.jpg HTTP/1.1
Host: lajme-info.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive

HTTP/1.1 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:54:18 GMT
content-type: image/jpeg
content-length: 125212
last-modified: Sun, 04 Dec 2022 17:54:05 GMT
etag: "638cdebd-1e91c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 27149
accept-ranges: bytes
x-cache: HIT
strict-transport-security: max-age=15768000

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
74ad419af503bc1793670c1de7fb305a
f8e9758008028f7b332d8d56d6728990a4a86d49
d9a05bfd5cc726889f8d8210ae75320f2596c5d5aebf1e7001646dea286bc439

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D9A05BFD5CC726889F8D8210AE75320F2596C5D5AEBF1E7001646DEA286BC439"
Last-Modified: Mon, 05 Dec 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13601
Expires: Mon, 05 Dec 2022 07:13:28 GMT
Date: Mon, 05 Dec 2022 03:26:47 GMT
Connection: keep-alive

unseenreport.com/pxf.gif?uuid=a50ae0aa-f430-4bfa-b709-642a4a8762d2&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=d8a51cee7a32b781d2723a6d87492cac&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=3

192.243.59.12

200 OK

1 B

URL HTTP/1.1
unseenreport.com/pxf.gif?uuid=a50ae0aa-f430-4bfa-b709-642a4a8762d2&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=d8a51cee7a32b781d2723a6d87492cac&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=3
IP
192.243.59.12:0
ASN
#39572 DataWeb Global Group B.V.

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=a50ae0aa-f430-4bfa-b709-642a4a8762d2&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=d8a51cee7a32b781d2723a6d87492cac&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=3 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 05 Dec 2022 03:26:47 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a902e5f25ed3b4ec95b27beabcbc1ffa
Strict-Transport-Security: max-age=0; includeSubdomains

unseenreport.com/pxf.gif?uuid=a50ae0aa-f430-4bfa-b709-642a4a8762d2&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=09a00d0c991e7703a4b0783e14911aa8&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=3

192.243.59.12

200 OK

1 B

URL HTTP/1.1
unseenreport.com/pxf.gif?uuid=a50ae0aa-f430-4bfa-b709-642a4a8762d2&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=09a00d0c991e7703a4b0783e14911aa8&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=3
IP
192.243.59.12:0
ASN
#39572 DataWeb Global Group B.V.

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=a50ae0aa-f430-4bfa-b709-642a4a8762d2&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=09a00d0c991e7703a4b0783e14911aa8&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=3 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 05 Dec 2022 03:26:47 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d942d68e163455c8700af3680f4bb3be
Strict-Transport-Security: max-age=0; includeSubdomains

lajme-info.live/favicon.ico

63.250.43.132

204 No Content

0 B

URL HTTP/1.1
lajme-info.live/favicon.ico
IP
63.250.43.132:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: lajme-info.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=a50ae0aa-f430-4bfa-b709-642a4a8762d2%3A1%3A1; ppu_main_09a00d0c991e7703a4b0783e14911aa8=1; sb_main_d8a51cee7a32b781d2723a6d87492cac=1; sb_count_d8a51cee7a32b781d2723a6d87492cac=1

HTTP/1.1 204 No Content
server: nginx
date: Sun, 04 Dec 2022 19:54:57 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-type: image/png
age: 27110
x-cache: HIT
strict-transport-security: max-age=15768000

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4281
Expires: Mon, 05 Dec 2022 04:38:09 GMT
Date: Mon, 05 Dec 2022 03:26:48 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4281
Expires: Mon, 05 Dec 2022 04:38:09 GMT
Date: Mon, 05 Dec 2022 03:26:48 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4281
Expires: Mon, 05 Dec 2022 04:38:09 GMT
Date: Mon, 05 Dec 2022 03:26:48 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4281
Expires: Mon, 05 Dec 2022 04:38:09 GMT
Date: Mon, 05 Dec 2022 03:26:48 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10396 bytes)
Hash
24c69d7ef356b352956d6dcbc9f5df1d
2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9
94d068620c34652cb2d24ca8b3cf962febe9606e6d3a33d937fc9d99f176edef

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10396
x-amzn-requestid: b879fd2e-b6cf-4373-b780-2d97481c45f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cioNbH5KoAMFUsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a8722-6add7f8e225878473b20c015;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 23:15:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ir97GJKaFoW6BNXCcmMqp0JSUd5JhCACyUvLh5G-0BWCDVJsqs7XhQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 22:03:01 GMT
age: 19427
etag: "2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e81e29f-79a8-4af6-b0c7-7f49bfafb17e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.9 kB (6886 bytes)
Hash
f71032604eecccf0a81f323a5f96a400
f8866d4f3185bcf7871581d75339998b34d6cf6d
d053eedc717d7fd86e621ba948680be16538396d1ba9854b6816626d149b1c57

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e81e29f-79a8-4af6-b0c7-7f49bfafb17e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6886
x-amzn-requestid: d721caf6-2252-4ede-9533-3d3fcd6cce0d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cpsw-FfRoAMFtOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d5b39-7644a195142f6c420ec7eac6;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 02:45:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RwhNdxS-EBTraqzS_TnCNXj3JXgz5NkO8oLyQaHOhHdtnvBbg4vsRQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 02:45:13 GMT
etag: "f8866d4f3185bcf7871581d75339998b34d6cf6d"
content-type: image/jpeg
age: 2495
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47f316c5-1381-4b6e-9e8d-f1956258ef3e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6826 bytes)
Hash
a349d02cce160f72cc93f6fb6e45fa46
a6f82481ea0a820da0f199e8f9051a4aa4013c82
ab320118577a2dcb6ab7ad904d6350e187501a94b39b71fdd70b31cbc8853b24

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47f316c5-1381-4b6e-9e8d-f1956258ef3e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6826
x-amzn-requestid: f0abdba6-14c8-4aae-ba3b-37ba0af2ff08
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_t2FsLIAMFekA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1325-3452be066acddb554f528cc3;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GS4yLzXiIZt-eL9T7gjbf2-vMu8i30WKPDmc2EQDxv0CELjdW1gMVA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:46:51 GMT
age: 20397
etag: "a6f82481ea0a820da0f199e8f9051a4aa4013c82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc619d7d-5f58-4402-a30a-fe05dd9e2922.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (13647 bytes)
Hash
6079166a1ed5bac7373183f03f33b84e
b0c9391b87a4560598e43d5084dda41e267974a9
3e2faccbc3e14a10da4a433d789068cdc3fb2d3e2a04a7e2b7ea5f6f6313dcd4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc619d7d-5f58-4402-a30a-fe05dd9e2922.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13647
x-amzn-requestid: 36276b12-9e02-4d00-a100-9aa5c794fc79
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_ueEWUoAMFj7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1329-7abb45a85c6bc2235c25d61e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oXeR8DTpEoK8E-BiI7gT4JEIdVBfiimfydNYIC62_rNLlTdem9Buig==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:45:46 GMT
age: 20462
etag: "b0c9391b87a4560598e43d5084dda41e267974a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa1caf4c1-b9c0-4db1-a780-00b9a6198731.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.2 kB (5209 bytes)
Hash
8d76ec668361348eb17d54001fd2e6c6
534299a20a76ea6e3250f0fb35fe772cac04ef51
22676fae3909acf18e6cd4f505ec718fdac156990edb20926afdae2a359a2859

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa1caf4c1-b9c0-4db1-a780-00b9a6198731.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5209
x-amzn-requestid: 682056d5-7815-4fd1-b05b-723619128d8a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKUXF5eoAMFRvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abdb5-6df5d866267739212832ee66;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:08:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pFKMx6_a5Ml_dBK1dafOt4KFMeC5SwUqNlNpc8sO4DVj0Ocb2Yksrw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 03:45:46 GMT
age: 85262
etag: "534299a20a76ea6e3250f0fb35fe772cac04ef51"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe9e8d044-2cda-4dba-9da8-c0a296845bca.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12348 bytes)
Hash
b8e6f84dff61fedd8ff9baa9bb648883
f8d5cc7b315879b66a11b403463da1330617d2fa
025c66a4a0e7927353e1733d7f8cfb6ec3c9c0228d34267cbff11f09cf112127

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe9e8d044-2cda-4dba-9da8-c0a296845bca.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12348
x-amzn-requestid: 72f681ef-9ae7-4fc5-8539-230e1d4277a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKa_HpTIAMFrcg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abddf-43ef45165fd982997e5018c8;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:09:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Ee7Rihwq-F-zcJWcnxZtfzfmhrn0w3mub_5F4j8u0r2Uc91oXrKPzA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 04:17:01 GMT
age: 83387
etag: "f8d5cc7b315879b66a11b403463da1330617d2fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

triflingzenithenergetic.com/sbar.json?key=d8a51cee7a32b781d2723a6d87492cac&uuid=b6e967c8-e9db-4f96-823f-fce7bbec4204%3A1%3A1

192.243.59.20

200 OK

4.2 kB

URL HTTP/1.1
triflingzenithenergetic.com/sbar.json?key=d8a51cee7a32b781d2723a6d87492cac&uuid=b6e967c8-e9db-4f96-823f-fce7bbec4204%3A1%3A1
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
JSON data\012- , ASCII text, with very long lines (5870), with no line terminators
Size
4.2 kB (4229 bytes)
Hash
62d5faa2405d26af904daedccef0c3e6
595be21dcc52af7d10e7e1aa207b96621df306d0
cb4c9c34558cb8311b3104f28c68f28f2a9cb6dcd5b565053c6e0e9e3d310b91

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /sbar.json?key=d8a51cee7a32b781d2723a6d87492cac&uuid=b6e967c8-e9db-4f96-823f-fce7bbec4204%3A1%3A1 HTTP/1.1
Host: triflingzenithenergetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://lajme-info.live/
Origin: http://lajme-info.live
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 05 Dec 2022 03:26:48 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://lajme-info.live
Access-Control-Allow-Origin: http://lajme-info.live
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17934259; expires=Tue, 06 Dec 2022 03:26:47 GMT; secure; SameSite=None
uid_id2=b6e967c8-e9db-4f96-823f-fce7bbec4204:1:1; expires=Mon, 12 Dec 2022 03:26:47 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 06 Dec 2022 03:26:48 GMT; secure; SameSite=None
uncs=1; expires=Tue, 06 Dec 2022 03:26:48 GMT; secure; SameSite=None
pdhtkv29=true; expires=Tue, 06 Dec 2022 03:26:48 GMT; secure; SameSite=None
uncs29=1; expires=Tue, 06 Dec 2022 03:26:48 GMT; secure; SameSite=None
slecd8a51cee7a32b781d2723a6d87492cac=[3760946]; expires=Mon, 05 Dec 2022 03:26:53 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 898a4b55143ae1eca142195b1219a5c6
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d616b0b14e0c5cda5c98d0b99cccbaf3
657299c8f642a892045dbfe2a6958133e6b57f99
3590d6a37989c47a5d082655909defed76f2f4a467d3f6700134bba4ffb130f7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3590D6A37989C47A5D082655909DEFED76F2F4A467D3F6700134BBA4FFB130F7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6523
Expires: Mon, 05 Dec 2022 05:15:31 GMT
Date: Mon, 05 Dec 2022 03:26:48 GMT
Connection: keep-alive

triflingzenithenergetic.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzYscxRuuTvZ3%2BOkp4kXwYw4eFNzZ7p7PNodgTKLBJBuSSMBbffVsZau7mqru6cmeFoOSg8EJOcRj7zO7WdSgBsGbKLO5yIKwoyB7cPVPEALBiyAzO7D4QtX7vvW8h%2Fd5nvp4ozggPgq6f%2FmiWVNa06VW3a%2B9dl2lwpSudulaLfDr%2FsnadZW2mydrg%2Bll%2B28Gfqvuv157R%2FJVsxT6ge8HflA7p6yMzWBphkJlD6OgHvn1ZlgPWk0M7H97V3hw1IPoH5DnoMTkfys%2FPYLiY6TJN2ekW81N9sbZpNA0NxZ9sf1%2BupqaMkVyVMbWQ5xuz6dh3ISQz47BpNtzBjD9zSkDMDUh3m8BWLo9XxOsv3W4KdOQKZh4FmV%2FDKnHUHQMbm5BiT0CcIFLy0iTB5eMLenNQ5RO0QlZePoEqpyQhd%2BfR5p8dVqrQe2q0UWuTOowiCuowRiqN0ZW7CBf86DKHfD8QyjxM1l6egFpsrnstIES%2B6%2BytozaHd5dlJFgi804ai92w0a8GHPZYUzyZug3ZxIpNYaKx9ByCOo8FNOjPBSxhyLzkIj9Gm1Fse93YhY3Gt0m57zR4LzVbYuWaDS7sY%2BCTzkMkWdDcD0Et%2BvI7DpW1d2945%2FCFj%2FCrVRwwoPLCfqiQikJSkdQUoJSEZQ5QdmvtoR2oaseCO0KFsxzOM%2BNamTy3gbdMnlPpmQjOyAnptp5J7a%2Fxarcr4kubQVcyg5thKzTDUTYCRu0LbqdZhRyyuFUBeWOzZiuqQl55aP7yNSE%2FP%2Fde2B0B07vgKsXQYuXQMtRJ%2FRBV0bNro%2B19GtNbyRyUaWxqWvVlxCmQpYvIL%2FpbegD8sLMxoiHkHz31J%2B%2F%2FvPku7MAtxUyW%2BGGekzQ07dHV0xJNq%2BY0pFHy1muErVGpxZfzWkuF754T94sjRXnz7jh52%2FxKTAtH16TLr9AU6HSniNfnlZCSHvOWC7J9%2BfddckuF27ldGHTIrtw%2Be1z55PMSueUScegaq9zD1xNyDMX12ef9%2BVPHkPZMWxRISl2yTygzA54tg6X7Z66f2f5j5PiAzhDYPXRDMs8lEU1siE7etSKQMujnrIKTh5JwOTuD38dYhvuNnrWA81vIU0q9G2Fvq5A9RCuOD7KM7t76pfGLMC0N2LaeptMW333UFqn9muyFfux9EPJ4ojFHeqLKG5GjEaB7LAWDZC7Cb8j%2Fv4XAAD%2F%2FwEAAP%2F%2FuwcR%2FJQEAAA%3D

192.243.59.20

200 OK

7 B

URL HTTP/1.1
triflingzenithenergetic.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzYscxRuuTvZ3%2BOkp4kXwYw4eFNzZ7p7PNodgTKLBJBuSSMBbffVsZau7mqru6cmeFoOSg8EJOcRj7zO7WdSgBsGbKLO5yIKwoyB7cPVPEALBiyAzO7D4QtX7vvW8h%2Fd5nvp4ozggPgq6f%2FmiWVNa06VW3a%2B9dl2lwpSudulaLfDr%2FsnadZW2mydrg%2Bll%2B28Gfqvuv157R%2FJVsxT6ge8HflA7p6yMzWBphkJlD6OgHvn1ZlgPWk0M7H97V3hw1IPoH5DnoMTkfys%2FPYLiY6TJN2ekW81N9sbZpNA0NxZ9sf1%2BupqaMkVyVMbWQ5xuz6dh3ISQz47BpNtzBjD9zSkDMDUh3m8BWLo9XxOsv3W4KdOQKZh4FmV%2FDKnHUHQMbm5BiT0CcIFLy0iTB5eMLenNQ5RO0QlZePoEqpyQhd%2BfR5p8dVqrQe2q0UWuTOowiCuowRiqN0ZW7CBf86DKHfD8QyjxM1l6egFpsrnstIES%2B6%2BytozaHd5dlJFgi804ai92w0a8GHPZYUzyZug3ZxIpNYaKx9ByCOo8FNOjPBSxhyLzkIj9Gm1Fse93YhY3Gt0m57zR4LzVbYuWaDS7sY%2BCTzkMkWdDcD0Et%2BvI7DpW1d2945%2FCFj%2FCrVRwwoPLCfqiQikJSkdQUoJSEZQ5QdmvtoR2oaseCO0KFsxzOM%2BNamTy3gbdMnlPpmQjOyAnptp5J7a%2Fxarcr4kubQVcyg5thKzTDUTYCRu0LbqdZhRyyuFUBeWOzZiuqQl55aP7yNSE%2FP%2Fde2B0B07vgKsXQYuXQMtRJ%2FRBV0bNro%2B19GtNbyRyUaWxqWvVlxCmQpYvIL%2FpbegD8sLMxoiHkHz31J%2B%2F%2FvPku7MAtxUyW%2BGGekzQ07dHV0xJNq%2BY0pFHy1muErVGpxZfzWkuF754T94sjRXnz7jh52%2FxKTAtH16TLr9AU6HSniNfnlZCSHvOWC7J9%2BfddckuF27ldGHTIrtw%2Be1z55PMSueUScegaq9zD1xNyDMX12ef9%2BVPHkPZMWxRISl2yTygzA54tg6X7Z66f2f5j5PiAzhDYPXRDMs8lEU1siE7etSKQMujnrIKTh5JwOTuD38dYhvuNnrWA81vIU0q9G2Fvq5A9RCuOD7KM7t76pfGLMC0N2LaeptMW333UFqn9muyFfux9EPJ4ojFHeqLKG5GjEaB7LAWDZC7Cb8j%2Fv4XAAD%2F%2FwEAAP%2F%2FuwcR%2FJQEAAA%3D
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSzYscxRuuTvZ3%2BOkp4kXwYw4eFNzZ7p7PNodgTKLBJBuSSMBbffVsZau7mqru6cmeFoOSg8EJOcRj7zO7WdSgBsGbKLO5yIKwoyB7cPVPEALBiyAzO7D4QtX7vvW8h%2Fd5nvp4ozggPgq6f%2FmiWVNa06VW3a%2B9dl2lwpSudulaLfDr%2FsnadZW2mydrg%2Bll%2B28Gfqvuv157R%2FJVsxT6ge8HflA7p6yMzWBphkJlD6OgHvn1ZlgPWk0M7H97V3hw1IPoH5DnoMTkfys%2FPYLiY6TJN2ekW81N9sbZpNA0NxZ9sf1%2BupqaMkVyVMbWQ5xuz6dh3ISQz47BpNtzBjD9zSkDMDUh3m8BWLo9XxOsv3W4KdOQKZh4FmV%2FDKnHUHQMbm5BiT0CcIFLy0iTB5eMLenNQ5RO0QlZePoEqpyQhd%2BfR5p8dVqrQe2q0UWuTOowiCuowRiqN0ZW7CBf86DKHfD8QyjxM1l6egFpsrnstIES%2B6%2BytozaHd5dlJFgi804ai92w0a8GHPZYUzyZug3ZxIpNYaKx9ByCOo8FNOjPBSxhyLzkIj9Gm1Fse93YhY3Gt0m57zR4LzVbYuWaDS7sY%2BCTzkMkWdDcD0Et%2BvI7DpW1d2945%2FCFj%2FCrVRwwoPLCfqiQikJSkdQUoJSEZQ5QdmvtoR2oaseCO0KFsxzOM%2BNamTy3gbdMnlPpmQjOyAnptp5J7a%2Fxarcr4kubQVcyg5thKzTDUTYCRu0LbqdZhRyyuFUBeWOzZiuqQl55aP7yNSE%2FP%2Fde2B0B07vgKsXQYuXQMtRJ%2FRBV0bNro%2B19GtNbyRyUaWxqWvVlxCmQpYvIL%2FpbegD8sLMxoiHkHz31J%2B%2F%2FvPku7MAtxUyW%2BGGekzQ07dHV0xJNq%2BY0pFHy1muErVGpxZfzWkuF754T94sjRXnz7jh52%2FxKTAtH16TLr9AU6HSniNfnlZCSHvOWC7J9%2BfddckuF27ldGHTIrtw%2Be1z55PMSueUScegaq9zD1xNyDMX12ef9%2BVPHkPZMWxRISl2yTygzA54tg6X7Z66f2f5j5PiAzhDYPXRDMs8lEU1siE7etSKQMujnrIKTh5JwOTuD38dYhvuNnrWA81vIU0q9G2Fvq5A9RCuOD7KM7t76pfGLMC0N2LaeptMW333UFqn9muyFfux9EPJ4ojFHeqLKG5GjEaB7LAWDZC7Cb8j%2Fv4XAAD%2F%2FwEAAP%2F%2FuwcR%2FJQEAAA%3D HTTP/1.1
Host: triflingzenithenergetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://lajme-info.live/
Connection: keep-alive
Cookie: u_pl=17934259; uid_id2=b6e967c8-e9db-4f96-823f-fce7bbec4204:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecd8a51cee7a32b781d2723a6d87492cac=[3760946]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 05 Dec 2022 03:26:48 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7e8be1bfdcfd04978b0ffb6da97c55ca
Strict-Transport-Security: max-age=0; includeSubdomains

e1.o.lencr.org/

95.101.11.115

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
a9ff5fa0b5c4765b050f2381f57f5520
0ce842b0fbaef98e256cc66eff4615df094b9d51
95e33b8d7c38a952cbc353b5e2587cd1154da32d9ba29f010bd4b70a4ff2c487

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "95E33B8D7C38A952CBC353B5E2587CD1154DA32D9BA29F010BD4B70A4FF2C487"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6427
Expires: Mon, 05 Dec 2022 05:13:55 GMT
Date: Mon, 05 Dec 2022 03:26:48 GMT
Connection: keep-alive

e1.o.lencr.org/

95.101.11.115

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
a9ff5fa0b5c4765b050f2381f57f5520
0ce842b0fbaef98e256cc66eff4615df094b9d51
95e33b8d7c38a952cbc353b5e2587cd1154da32d9ba29f010bd4b70a4ff2c487

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "95E33B8D7C38A952CBC353B5E2587CD1154DA32D9BA29F010BD4B70A4FF2C487"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6427
Expires: Mon, 05 Dec 2022 05:13:55 GMT
Date: Mon, 05 Dec 2022 03:26:48 GMT
Connection: keep-alive

cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/img/flash-logo.png

172.64.109.13

200 OK

9.4 kB

URL HTTP/2
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/img/flash-logo.png
IP
172.64.109.13:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 240 x 240, 8-bit colormap, non-interlaced\012- data
Size
9.4 kB (9360 bytes)
Hash
910542c04f8bf2f90ee33d17d538a006
18d5943e5d51539038f7988c34bccef2937c5545
5969cb3c5c4f573f5c05035ddf9748ee17d5c71df6fca4e484f65d30e2694e57

HTTP Headers

GET /sb/interstitial/software/flashPlayer/mac/multi/1/img/flash-logo.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 03:26:48 GMT
content-type: image/png
content-length: 9360
last-modified: Wed, 01 Sep 2021 12:22:39 GMT
etag: "612f708f-2490"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1690478
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CaRDYJGWf6QWEX3omVzs4%2BAuJj0VigeC77NQss1OxbhiQGB1ybCJf3QbiJvyc7fCxseYK9OKBfyQMkR0srlmf2fDCj0oWzvI8joncgzIkgdgHd1U5RHPKTsiwFlKFo1rebf%2Fquf6dqL4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749aeb12d6b75c5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap

142.250.74.74

200 OK

660 B

URL HTTP/1.1
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
ASCII text
Size
660 B (660 bytes)
Hash
55130bf120bd75a4bba7d678be617cdf
77b172c0cc1d15e60ab95edccf3ac1e640d16812
262b9e8c2eeba18bdc3dd53ac7bbacdbbec713a9443ff5dc34e359de56ea040d

HTTP Headers

GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Mon, 05 Dec 2022 03:26:48 GMT
Date: Mon, 05 Dec 2022 03:26:48 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff

e1.o.lencr.org/

95.101.11.115

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
a9ff5fa0b5c4765b050f2381f57f5520
0ce842b0fbaef98e256cc66eff4615df094b9d51
95e33b8d7c38a952cbc353b5e2587cd1154da32d9ba29f010bd4b70a4ff2c487

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "95E33B8D7C38A952CBC353B5E2587CD1154DA32D9BA29F010BD4B70A4FF2C487"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6427
Expires: Mon, 05 Dec 2022 05:13:55 GMT
Date: Mon, 05 Dec 2022 03:26:48 GMT
Connection: keep-alive

triflingzenithenergetic.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Findex.html&l=3323&fd=112

192.243.59.20

200 OK

0 B

URL HTTP/1.1
triflingzenithenergetic.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Findex.html&l=3323&fd=112
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Findex.html&l=3323&fd=112 HTTP/1.1
Host: triflingzenithenergetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 05 Dec 2022 03:26:48 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

triflingzenithenergetic.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Fcss%2Fanimate.css&l=79249&fd=335

192.243.59.20

200 OK

0 B

URL HTTP/1.1
triflingzenithenergetic.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Fcss%2Fanimate.css&l=79249&fd=335
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Fcss%2Fanimate.css&l=79249&fd=335 HTTP/1.1
Host: triflingzenithenergetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 05 Dec 2022 03:26:48 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/js/jquery.min.js

172.64.109.13

200 OK

31 kB

URL HTTP/2
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/js/jquery.min.js
IP
172.64.109.13:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (32025), with CRLF line terminators
Size
31 kB (30661 bytes)
Hash
495f2637f06227cfe1ca251b271469a4
9938a06dbbbe9202b2e63f3a78def4cdae776de4
8ebdfa0cf6b633da88c4b315ae426f7fc03c0bf7e502a6f33e2f6347f3994aac

HTTP Headers

GET /sb/interstitial/software/flashPlayer/mac/multi/1/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 03:26:48 GMT
content-type: application/javascript
last-modified: Wed, 01 Sep 2021 12:22:37 GMT
etag: W/"612f708d-149a0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1690478
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tiSfQC8lNGz0MwXsqMvsJ2hw4FCWG0hKPm%2BCnwLqtZAkmOF9FaCCqJFiNO285kbqLlLpMSZil%2B2JfBnIBwTNvj2f5A6fhSpbJGC1H0CMw4gIGM%2FcTWclORURtcCp3Fxh9cv1JzBmxAET"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749aeb12d6d75c5-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/css/style.css

172.64.109.13

200 OK

1.3 kB

URL HTTP/2
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/css/style.css
IP
172.64.109.13:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
1.3 kB (1341 bytes)
Hash
b0b362d133eb4904706bb0622229b74f
22d89f78efb4c1cf967ac7e28821f4f39df8baf7
79b0f34463059aaa97b3b2f0f3319f64e893a595ce9e300d86fb031cc7fa28c0

HTTP Headers

GET /sb/interstitial/software/flashPlayer/mac/multi/1/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://lajme-info.live/
Origin: http://lajme-info.live
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 05 Dec 2022 03:26:48 GMT
content-type: text/css
last-modified: Wed, 01 Sep 2021 12:22:34 GMT
etag: W/"612f708a-11aa"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X0K76j8EPY2YpjYGja6ED6s2zEMRE6m%2BaH0JPjKYNyvSmQDhGtvrG5bLlekCrRMUUqa9FPdBwZ841dg3QBkrkyvwnxmMlb0Graqaa9jJV17h2i5TkBchmoY85OgjUeMBmnE094ab5nQK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749aeb10d6275c5-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/js/script.js

172.64.109.13

200 OK

11 kB

URL HTTP/2
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/js/script.js
IP
172.64.109.13:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text
Size
11 kB (10887 bytes)
Hash
ab45e7ba56486198f59bfaab78f54f51
e84ec582a35ae6c5448103be671519787f17a7d8
c20d1df84228735ce775522e25ddc9cd2017ed49c8e1e517bbcb3bc398d39c1f

HTTP Headers

GET /sb/interstitial/software/flashPlayer/mac/multi/1/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://lajme-info.live/
Origin: http://lajme-info.live
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 03:26:48 GMT
content-type: application/javascript
last-modified: Wed, 01 Sep 2021 12:22:36 GMT
etag: W/"612f708c-7082"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9XJlfK3ka1jndruZM4PDs1u289OQ23JoNmSsaFeIlFhIftyFAjpnTxekRAjoPOpAgfWik%2FbzTAhWLbjQI71zRJ3nQ%2Buu%2FWrXpdWffpOwtHQZj4nvu49wvlkOh2ofHxkh2YWqbDzEEJJi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749aeb18d9275c5-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

triflingzenithenergetic.com/pixel/sbs?c=1

192.243.59.20

200 OK

0 B

URL HTTP/1.1
triflingzenithenergetic.com/pixel/sbs?c=1
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/sbs?c=1 HTTP/1.1
Host: triflingzenithenergetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://lajme-info.live/
Connection: keep-alive
Cookie: u_pl=17934259; uid_id2=b6e967c8-e9db-4f96-823f-fce7bbec4204:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecd8a51cee7a32b781d2723a6d87492cac=[3760946]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 05 Dec 2022 03:26:49 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

cdn.barscreative1.com/sb/interstitial/software/flashPlayer/mac/multi/1/index.html

45.133.44.4

200 OK

0 B

URL HTTP/2
cdn.barscreative1.com/sb/interstitial/software/flashPlayer/mac/multi/1/index.html
IP
45.133.44.4:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sb/interstitial/software/flashPlayer/mac/multi/1/index.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://lajme-info.live/
Origin: http://lajme-info.live
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 05 Dec 2022 03:26:48 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Wed, 01 Sep 2021 12:22:33 GMT
etag: W/"612f7089-cfb"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Mon, 05 Dec 2022 04:26:48 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/img/close.svg

172.64.109.13

200 OK

0 B

URL HTTP/2
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/img/close.svg
IP
172.64.109.13:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sb/interstitial/software/flashPlayer/mac/multi/1/img/close.svg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 03:26:48 GMT
content-type: image/svg+xml
last-modified: Wed, 01 Sep 2021 12:22:39 GMT
etag: W/"612f708f-4ff"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1690478
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5hRr%2BxOFTmc5Mws5o5KaW0HVVIi2Yp%2F0HZYKG1UShm33nqjpuMGumDS%2FSwQklVNxLJNB9S71EQYcpsaga3v4j7ay9XZwZPrR9TFPfFM1LXO3BHywF4UfQ2hY%2BbOk0SPUgmPO%2F61O4cI2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749aeb12d6a75c5-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

pl18034679.highperformancecpmgate.com/09/a0/0d/09a00d0c991e7703a4b0783e14911aa8.js

192.243.61.225

200 OK

0 B

URL HTTP/1.1
pl18034679.highperformancecpmgate.com/09/a0/0d/09a00d0c991e7703a4b0783e14911aa8.js
IP
192.243.61.225:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /09/a0/0d/09a00d0c991e7703a4b0783e14911aa8.js HTTP/1.1
Host: pl18034679.highperformancecpmgate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 05 Dec 2022 03:26:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d590848436321cfd30d4aa5d455e59f1
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/css/animate.css

172.64.109.13

200 OK

0 B

URL HTTP/2
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/css/animate.css
IP
172.64.109.13:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sb/interstitial/software/flashPlayer/mac/multi/1/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://lajme-info.live/
Origin: http://lajme-info.live
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 05 Dec 2022 03:26:48 GMT
content-type: text/css
last-modified: Wed, 01 Sep 2021 12:22:34 GMT
etag: W/"612f708a-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OOojtpuj%2B0%2FSWrWbGV3usrKCPOYZyYadoUazg2viWRNV%2BDcZhDcKeJqZuMxhw0LikUBkmOmyvlhc5lYHJMK5CpDVfE4cOKc%2FX3mtiH1XJsB3vJZm1qwXGVG1l4XnK1vuXO9O3WTccWjA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749aeb10d5e75c5-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations