403 Forbidden 0 B IP / ASN
172.67.213.158
#13335 CLOUDFLARENET
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5606313
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Google Trust Services LLC
Subject lightdl.xyz
Fingerprint 5D:FC:B6:9A:2C:A8:E4:6C:7B:F5:B2:ED:9A:C2:5F:F4:15:78:BF:01
Validity Tue, 19 Dec 2023 16:34:42 GMT - Mon, 18 Mar 2024 16:34:41 GMT
GET / HTTP/1.1
Host: lightdl.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Sun, 11 Feb 2024 22:31:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 11 Feb 2024 23:31:56 GMT
Location: https://lightdl.xyz/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TMYiVMBbsWEKhR378mzJ49Ua1iA8K8AsN369TMIPxQD71%2Bz39BlliyUrhw8RP88CFNp4l8fMhKYnCsIQdfb7Mkw4XGIroNTr0TkiJtn5%2FwY3uloDlAhm5EU%2Bt83dHg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 85400b824b1c0b51-OSL
alt-svc: h2=":443"; ma=60
23 kB URL
challenges.cloudflare.com/turnstile/v0/b/a990e557/api.js?onload=uWvsrp7&render=explicit
IP / ASN
104.17.3.184
#13335 CLOUDFLARENET
Resource Info
File type JavaScript source, ASCII text, with very long lines (38991)
First Seen 2024-02-07
Last Seen 2024-08-20
Times Seen 4561
Size 23 kB (22730 bytes)
MD5 1e5a2d024954a14a3025f684aaf44595
SHA1 94ddcc9dd65c22897e52bd4fd808dce4703fb275
SHA256 fb567040abfba5705ef438233da6ca0df44fc81ceacffe1b5d8e1f3ffabc33fb
GET /turnstile/v0/b/a990e557/api.js?onload=uWvsrp7&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lightdl.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 11 Feb 2024 22:31:57 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 85400b866b28b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET lightdl.xyz/wp-content/uploads/2022/05/cropped-favicon-image.g-32x32.png
200 OK 17 kB URL
lightdl.xyz/wp-content/uploads/2022/05/cropped-favicon-image.g-32x32.png
IP / ASN
172.67.213.158
#13335 CLOUDFLARENET
Requested by https://lightdl.xyz/
Resource Info
File type HTML document, ASCII text, with very long lines (15099), with no line terminators
First Seen 2024-08-20
Last Seen 2024-08-20
Times Seen 1
Size 17 kB (17440 bytes)
MD5 5a6d7d408b5f39b7090e5843c8e32640
SHA1 3c665cb9cd54cf7de250539577aa9e2e8fa62f82
SHA256 71297d6ecdeae29f1a366ca3500dd68ad1efe3b5a7d1db2c899592fb772d76fc
Certificate Info
Issuer Google Trust Services LLC
Subject lightdl.xyz
Fingerprint 5D:FC:B6:9A:2C:A8:E4:6C:7B:F5:B2:ED:9A:C2:5F:F4:15:78:BF:01
Validity Tue, 19 Dec 2023 16:34:42 GMT - Mon, 18 Mar 2024 16:34:41 GMT
GET /wp-content/uploads/2022/05/cropped-favicon-image.g-32x32.png HTTP/1.1
Host: lightdl.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lightdl.xyz/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 403 Forbidden
date: Sun, 11 Feb 2024 22:31:57 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dj553VXrN6BPBLa0vLuiVmDMCmSUNK5Qfgd2MDborrnAAdzhax4KkZ6YbLQwz%2BmbCgwTKLs1vx6jxCKR%2Feju5ixsDwi%2FhxeTZyfRVBF44NNTtTRvkM1CIoeefTFSKA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 85400b8aca09b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
85 kB URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/nqmaf/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
IP / ASN
104.17.3.184
#13335 CLOUDFLARENET
Resource Info
File type HTML document, ASCII text, with very long lines (40811)
First Seen 2024-08-20
Last Seen 2024-08-20
Times Seen 1
Size 85 kB (85066 bytes)
MD5 74fdbef37e33b9342b27a1bdb2d3b032
SHA1 39262c80e3a6432f27b27018b799db7afa563d28
SHA256 11d5a42b4d6da1ac641c1b963d08540ff4e712949a5736ee0c3dc1ead4b235b4
GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/nqmaf/0x4AAAAAAADnPIDROrmt1Wwj/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 11 Feb 2024 22:31:57 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare
cf-ray: 85400b883e97568e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET lightdl.xyz/wp-content/uploads/2023/02/IMG-2020040.jpg
200 OK 58 kB URL
lightdl.xyz/wp-content/uploads/2023/02/IMG-2020040.jpg
IP / ASN
172.67.213.158
#13335 CLOUDFLARENET
Requested by https://lightdl.xyz/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7], baseline, precision 8, 551x240, components 3
First Seen 2023-06-30
Last Seen 2025-04-26
Times Seen 11
Size 58 kB (58442 bytes)
MD5 721bb50eb92fedb7e6b73f01f218f6a2
SHA1 02049ddb44ca39076ddbbf3ebb7ed78ae93d83d6
SHA256 375807f0ce6c981bed6fe0abddffaac137deba79ead703aa9dcc2f209832fb65
Certificate Info
Issuer Google Trust Services LLC
Subject lightdl.xyz
Fingerprint 5D:FC:B6:9A:2C:A8:E4:6C:7B:F5:B2:ED:9A:C2:5F:F4:15:78:BF:01
Validity Tue, 19 Dec 2023 16:34:42 GMT - Mon, 18 Mar 2024 16:34:41 GMT
GET /wp-content/uploads/2023/02/IMG-2020040.jpg HTTP/1.1
Host: lightdl.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Cookie: cf_clearance=EGd7UjLMaiBbEd9SQ3HVs4oYlaH4rhWC26McBt6gE2k-1707690716-1-AW5aGNBVBDF5aJ6u0zQaLWKx3YSQL5DMeE+JO2J++exoZnKtppDbBoHN5d8g41O5Q7jlwoAF3vVoyM11yCCWWN4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 11 Feb 2024 22:32:05 GMT
content-type: image/jpeg
content-length: 58442
last-modified: Fri, 17 Feb 2023 15:28:13 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 5761
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WfNijjQ2N4lp2xxcb9MmHDH5EGoCMvczt5DYfq%2BTu31qgFgkdKFiSXRbHO4zLfcAkyDnLk7tK9q2BkeSXV%2FBuVyqkzIbcZR6h9NyhFVZqA40YuwDT9MVyg0Cbf70BA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 85400bb7382bb515-OSL
alt-svc: h3=":443"; ma=86400
GET ruinjan.com/fa/0c/46/fa0c46a46b8bf033ac65bc5cabeebf34.js
200 OK 16 kB URL
ruinjan.com/fa/0c/46/fa0c46a46b8bf033ac65bc5cabeebf34.js
IP / ASN
192.243.61.227
#39572 DataWeb Global Group B.V.
Requested by https://lightdl.xyz/
Resource Info
File type JavaScript source, ASCII text, with very long lines (44054), with no line terminators
First Seen 2024-08-20
Last Seen 2024-08-20
Times Seen 1
Size 16 kB (15804 bytes)
MD5 04b45e029acecda16be25154f29ea15f
SHA1 7fcb7b19c482b7f43796df00f9a0595ae6a74f53
SHA256 ad411dcc206fc88828ca0146092c76a469ed648f4bf97d94bedc523690dc0c93
Certificate Info
Issuer Let's Encrypt
Subject ruinjan.com
Fingerprint 19:4C:55:2A:3C:1D:47:45:C8:E6:BD:68:73:88:F9:5F:BD:18:E3:BA
Validity Wed, 24 Jan 2024 16:44:55 GMT - Tue, 23 Apr 2024 16:44:54 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /fa/0c/46/fa0c46a46b8bf033ac65bc5cabeebf34.js HTTP/1.1
Host: ruinjan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 11 Feb 2024 22:32:05 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d2869b36cb6659c8a630a7cdb8af90c8
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
GET ruinjan.com/28/5d/f7/285df780ad9f1ead33467ba105295e80.js
200 OK 26 kB URL
ruinjan.com/28/5d/f7/285df780ad9f1ead33467ba105295e80.js
IP / ASN
192.243.61.227
#39572 DataWeb Global Group B.V.
Requested by https://lightdl.xyz/
Resource Info
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
First Seen 2024-08-20
Last Seen 2024-08-20
Times Seen 1
Size 26 kB (26400 bytes)
MD5 9ef2b604c1acb45db296b9a0184598e5
SHA1 029ca96be644814b53a03956be46d278badcbc4d
SHA256 80dcba010cb6c6a61c537896a33620b42f45df05a1d176bd49ec297a0a36cdfb
Certificate Info
Issuer Let's Encrypt
Subject ruinjan.com
Fingerprint 19:4C:55:2A:3C:1D:47:45:C8:E6:BD:68:73:88:F9:5F:BD:18:E3:BA
Validity Wed, 24 Jan 2024 16:44:55 GMT - Tue, 23 Apr 2024 16:44:54 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /28/5d/f7/285df780ad9f1ead33467ba105295e80.js HTTP/1.1
Host: ruinjan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 11 Feb 2024 22:32:05 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b808ecc056751a135ea91d3094441c4b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
11 kB URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1466701381:1707689434:0SlHzxKKmP7BRW552kEuo_QflxBZn7oQb3a42NUoifM/85400b883e97568e/5d8aaea53fdea8e
IP / ASN
104.17.3.184
#13335 CLOUDFLARENET
Resource Info
File type ASCII text, with very long lines (3520), with no line terminators
First Seen 2024-08-20
Last Seen 2024-08-20
Times Seen 1
Size 11 kB (11311 bytes)
MD5 88b0a52d734efd19e40e1489f702b9db
SHA1 2e1fb4ea5fa82f0162c18749f7556ccdaa48fec9
SHA256 0fa644d1a1823861881ed7882ac86ff81115e66ed9072bd79bff192a91e275bd
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1466701381:1707689434:0SlHzxKKmP7BRW552kEuo_QflxBZn7oQb3a42NUoifM/85400b883e97568e/5d8aaea53fdea8e HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/nqmaf/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 5d8aaea53fdea8e
Content-Length: 26296
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 11 Feb 2024 22:32:03 GMT
content-type: text/html; charset=UTF-8
cf-chl-out: d0OgBESoyu5T3eAPq1SNRxm/F2BzX/h+r7rAcUy8OVlqwGNlNGIIeuXfxgzLiSKfOUllFH59FZXSHfH0ig0ifG0u9ooyQe54t8Gl03+GIIH6drdtDr2QNFzOxEGMXFdL$3mNK9VALcRqYIwDgYz54HQ==
cf-chl-out-s: AkFqro2VhYj5COBE1akHjcqgkrp/cRE/6stGwuVh0bZuAlyeA6FXvyV2aDvGpnGngeG/GAQcTjIsgxulVQUD4/RmOOemRI+4K1LhvBe2qrnYa0lg9MdKEj4oomrz5v0Sf7pElCkIzk7LHDTPjsIvdr4SUZixS878G8cYukvd7qdPV3pgqcQYw01gL2FkjMjZX1tYr2hF7+WNQDHBtqE1RUhzTu01IwNSVYCdy0we4J1VF5KI3iYfMqLTyvo03NQ4gVIdf6TNaI3tJalcMxmwC6ydDPhkF9IBN+xoi7iZiNCVMtzIUUXR2gUFWDB9QoBrUzdZqdgPk5EfhZGYX+tk/RblTDtU5Hhs+kqTpN7JBdOhADvqXUeV/9oUdLBKbtko1YKCXV8qCNjHBddJztQZ374ry9mm6PMzeUPG1Is8BMZFZVWlHIKTqtH1EB5AWLnBe6EQo2g5jMs2+lqefgtiE2n85sRdNdHQ7va39PvLKRDZJXmM7b+f+Vkf80FKPggAYVFBUMcIsEd9ibxi43NXpi2/WLdZOCjZ/Pki0MS3n2AKJdpNf/nl2aDDz9DVdNM/zbc3jNnQncnBGmqKBy8HDEnsEtPLG3LOs3upGsayhpc4QjrvsnW0Aq3iaC2De3+ALVbBxQ4gQIAWnDk48aUFWASsXXYnd/fUwbUn94U9459kbG70/G0k+YL2UO5Ev9quIEbOUZUou85jj1CCi83bQclIQFvTkUxsEke4CLOMwx0QQNnO3A8Hk5bB7UO19eI957pGK4Qxeyh2J4lXysoEjGtZYEGMOR8tMbllnM8oriU=$YeTpzZ8HceHl6cAaZRlt7g==
server: cloudflare
cf-ray: 85400baac9ce568e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET lightdl.xyz/wp-content/themes/Newspaper/images/icons/newspaper.woff?23
200 OK 34 kB URL
lightdl.xyz/wp-content/themes/Newspaper/images/icons/newspaper.woff?23
IP / ASN
172.67.213.158
#13335 CLOUDFLARENET
Requested by https://lightdl.xyz/
Resource Info
File type Web Open Font Format, TrueType, length 33904, version 0.0
First Seen 2023-11-11
Last Seen 2025-08-02
Times Seen 1742
Size 34 kB (33904 bytes)
MD5 f69149ebacb6945516dc3461078b40fd
SHA1 746e7e09079d98ae39d3e72284c89c03a3a4797b
SHA256 d3bdf8bf7932544a7776521d75c5e5d03223a4997fdefdb0bfd4b80021f58d23
Certificate Info
Issuer Google Trust Services LLC
Subject lightdl.xyz
Fingerprint 5D:FC:B6:9A:2C:A8:E4:6C:7B:F5:B2:ED:9A:C2:5F:F4:15:78:BF:01
Validity Tue, 19 Dec 2023 16:34:42 GMT - Mon, 18 Mar 2024 16:34:41 GMT
GET /wp-content/themes/Newspaper/images/icons/newspaper.woff?23 HTTP/1.1
Host: lightdl.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/wp-content/themes/Newspaper/style.css?ver=12.6.4
Cookie: cf_clearance=EGd7UjLMaiBbEd9SQ3HVs4oYlaH4rhWC26McBt6gE2k-1707690716-1-AW5aGNBVBDF5aJ6u0zQaLWKx3YSQL5DMeE+JO2J++exoZnKtppDbBoHN5d8g41O5Q7jlwoAF3vVoyM11yCCWWN4=
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 11 Feb 2024 22:32:06 GMT
content-type: font/woff
content-length: 33904
last-modified: Sat, 10 Feb 2024 14:16:19 GMT
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: HIT
age: 5027
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JX8UGpgRxYB%2FDCWh%2B3COuAZ9SO7cAQMwVj2FB%2FPJo8Culqkrf4qbbORKKSelsH%2Fzp8DotxVq9QGIJ5HqcDylaSvsRfk4N3FhYx9eBjpJGh4NGZkcnZmU5CZEJYYQRA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 85400bbeaf8ab515-OSL
alt-svc: h3=":443"; ma=86400
GET proftrafficcounter.com/stats
200 OK 40 B URL
proftrafficcounter.com/stats
IP / ASN
3.79.157.91
#16509 AMAZON-02
Requested by https://lightdl.xyz/
Resource Info
File type ASCII text, with no line terminators
First Seen 2024-08-20
Last Seen 2024-08-20
Times Seen 1
Size 40 B (40 bytes)
MD5 0e09e7e44fce39a8bdb665bc20b11822
SHA1 83642ee9ea78d60f1efd72d581176d042f32a91f
SHA256 99e01d0481be0d5847d1c88ee1223cca1dd23f0e0ab997caea18c7320bad4046
Certificate Info
Issuer Amazon
Subject proftrafficcounter.com
Fingerprint E3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
Validity Tue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lightdl.xyz
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 11 Feb 2024 22:32:06 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://lightdl.xyz
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=5c2deef1-e489-471e-b555-e780cb423d81:1:1; expires=Wed, 08 Feb 2034 22:32:06 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
GET fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP / ASN
142.250.74.99
#15169 GOOGLE
Requested by https://lightdl.xyz/
Resource Info
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
First Seen 2023-04-05
Last Seen 2025-08-02
Times Seen 151637
Size 16 kB (15744 bytes)
MD5 15d9f621c3bd1599f0169dcf0bd5e63e
SHA1 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
SHA256 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Certificate Info
Issuer Google Trust Services LLC
Subject *.gstatic.com
Fingerprint 9D:25:7E:5C:DF:C3:E5:5B:00:4F:04:97:A3:48:A3:30:60:9A:DB:48
Validity Tue, 09 Jan 2024 06:30:50 GMT - Tue, 02 Apr 2024 06:30:49 GMT
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lightdl.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Feb 2024 03:02:52 GMT
expires: Fri, 07 Feb 2025 03:02:52 GMT
cache-control: public, max-age=31536000
age: 329354
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET proftrafficcounter.com/stats
200 OK 40 B URL
proftrafficcounter.com/stats
IP / ASN
3.79.157.91
#16509 AMAZON-02
Requested by https://lightdl.xyz/
Resource Info
File type ASCII text, with no line terminators
First Seen 2024-08-20
Last Seen 2024-08-20
Times Seen 1
Size 40 B (40 bytes)
MD5 6d16ec04005677fbb4ae4b7118a7cd3d
SHA1 ec5075833d3d559a86cefdcfb8466c49725b3705
SHA256 2c305038eb5303ed1bc61c5f2e6306fc24998cfcc8abd07a2f653d2cfb946c8f
Certificate Info
Issuer Amazon
Subject proftrafficcounter.com
Fingerprint E3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
Validity Tue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lightdl.xyz
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 11 Feb 2024 22:32:06 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://lightdl.xyz
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=230feca4-4d8d-43e3-8819-424282ec869d:2:1; expires=Wed, 08 Feb 2034 22:32:06 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
GET fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 48 kB URL
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP / ASN
142.250.74.99
#15169 GOOGLE
Requested by https://lightdl.xyz/
Resource Info
File type Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
First Seen 2023-12-14
Last Seen 2025-08-02
Times Seen 89268
Size 48 kB (48236 bytes)
MD5 015c126a3520c9a8f6a27979d0266e96
SHA1 2acf956561d44434a6d84204670cf849d3215d5f
SHA256 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Certificate Info
Issuer Google Trust Services LLC
Subject *.gstatic.com
Fingerprint 9D:25:7E:5C:DF:C3:E5:5B:00:4F:04:97:A3:48:A3:30:60:9A:DB:48
Validity Tue, 09 Jan 2024 06:30:50 GMT - Tue, 02 Apr 2024 06:30:49 GMT
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lightdl.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 10 Feb 2024 14:35:13 GMT
expires: Sun, 09 Feb 2025 14:35:13 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
age: 115013
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 48 kB URL
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP / ASN
142.250.74.99
#15169 GOOGLE
Requested by https://lightdl.xyz/
Resource Info
File type Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
First Seen 2023-12-14
Last Seen 2025-08-02
Times Seen 89268
Size 48 kB (48236 bytes)
MD5 015c126a3520c9a8f6a27979d0266e96
SHA1 2acf956561d44434a6d84204670cf849d3215d5f
SHA256 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Certificate Info
Issuer Google Trust Services LLC
Subject *.gstatic.com
Fingerprint 9D:25:7E:5C:DF:C3:E5:5B:00:4F:04:97:A3:48:A3:30:60:9A:DB:48
Validity Tue, 09 Jan 2024 06:30:50 GMT - Tue, 02 Apr 2024 06:30:49 GMT
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lightdl.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 10 Feb 2024 14:35:13 GMT
expires: Sun, 09 Feb 2025 14:35:13 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
age: 115013
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP / ASN
142.250.74.99
#15169 GOOGLE
Requested by https://lightdl.xyz/
Resource Info
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0
First Seen 2023-04-05
Last Seen 2025-08-01
Times Seen 60853
Size 16 kB (15920 bytes)
MD5 3a44e06eb954b96aa043227f3534189d
SHA1 23cef6993ddb2b2979e8e7647fc3763694e2ba7d
SHA256 b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Certificate Info
Issuer Google Trust Services LLC
Subject *.gstatic.com
Fingerprint 9D:25:7E:5C:DF:C3:E5:5B:00:4F:04:97:A3:48:A3:30:60:9A:DB:48
Validity Tue, 09 Jan 2024 06:30:50 GMT - Tue, 02 Apr 2024 06:30:49 GMT
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lightdl.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Feb 2024 02:57:23 GMT
expires: Fri, 07 Feb 2025 02:57:23 GMT
cache-control: public, max-age=31536000
age: 329683
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
200 OK 16 kB URL
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP / ASN
142.250.74.99
#15169 GOOGLE
Requested by https://lightdl.xyz/
Resource Info
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0
First Seen 2023-04-05
Last Seen 2025-08-02
Times Seen 85155
Size 16 kB (15860 bytes)
MD5 e9f5aaf547f165386cd313b995dddd8e
SHA1 acdef5603c2387b0e5bffd744b679a24a8bc1968
SHA256 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Certificate Info
Issuer Google Trust Services LLC
Subject *.gstatic.com
Fingerprint 9D:25:7E:5C:DF:C3:E5:5B:00:4F:04:97:A3:48:A3:30:60:9A:DB:48
Validity Tue, 09 Jan 2024 06:30:50 GMT - Tue, 02 Apr 2024 06:30:49 GMT
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lightdl.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Feb 2024 18:32:35 GMT
expires: Sat, 08 Feb 2025 18:32:35 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 187171
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET lightdl.xyz/wp-content/uploads/2023/02/footer_bg.jpg
200 OK 108 kB URL
lightdl.xyz/wp-content/uploads/2023/02/footer_bg.jpg
IP / ASN
172.67.213.158
#13335 CLOUDFLARENET
Requested by https://lightdl.xyz/
Resource Info
File type JPEG image data, progressive, precision 8, 1200x531, components 3
First Seen 2023-04-09
Last Seen 2025-07-15
Times Seen 92
Size 108 kB (107649 bytes)
MD5 bee581b44ea2faa7487a483de388b3ce
SHA1 745fb06dedd6079d855e8ed9f116ddd7c49cd597
SHA256 eeced1d8cb05e0490197eca352ff09680161f09b254df3fca1acb8e98593a275
Certificate Info
Issuer Google Trust Services LLC
Subject lightdl.xyz
Fingerprint 5D:FC:B6:9A:2C:A8:E4:6C:7B:F5:B2:ED:9A:C2:5F:F4:15:78:BF:01
Validity Tue, 19 Dec 2023 16:34:42 GMT - Mon, 18 Mar 2024 16:34:41 GMT
GET /wp-content/uploads/2023/02/footer_bg.jpg HTTP/1.1
Host: lightdl.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Cookie: cf_clearance=EGd7UjLMaiBbEd9SQ3HVs4oYlaH4rhWC26McBt6gE2k-1707690716-1-AW5aGNBVBDF5aJ6u0zQaLWKx3YSQL5DMeE+JO2J++exoZnKtppDbBoHN5d8g41O5Q7jlwoAF3vVoyM11yCCWWN4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 11 Feb 2024 22:32:06 GMT
content-type: image/jpeg
content-length: 107649
last-modified: Fri, 17 Feb 2023 12:55:30 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 5762
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K6ZdmB4mOxDUW1OBo%2Bu66gKLOcP2LtTQZV9Fi3LQx5TfyEr1X3zqNnU%2BMuzdHbnGdU%2FNn8b0mR599YPKdUk8%2F5QuA7g9gl2fKw4ArOHdv%2BiWBQer7dUEvIeIjEKwLA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 85400bc16a5bb515-OSL
alt-svc: h3=":443"; ma=86400
GET fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 48 kB URL
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP / ASN
142.250.74.99
#15169 GOOGLE
Requested by https://lightdl.xyz/
Resource Info
File type Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
First Seen 2023-12-14
Last Seen 2025-08-02
Times Seen 89268
Size 48 kB (48236 bytes)
MD5 015c126a3520c9a8f6a27979d0266e96
SHA1 2acf956561d44434a6d84204670cf849d3215d5f
SHA256 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Certificate Info
Issuer Google Trust Services LLC
Subject *.gstatic.com
Fingerprint 9D:25:7E:5C:DF:C3:E5:5B:00:4F:04:97:A3:48:A3:30:60:9A:DB:48
Validity Tue, 09 Jan 2024 06:30:50 GMT - Tue, 02 Apr 2024 06:30:49 GMT
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lightdl.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 10 Feb 2024 14:35:13 GMT
expires: Sun, 09 Feb 2025 14:35:13 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
age: 115013
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET lightdl.xyz/wp-content/plugins/td-composer/td-multi-purpose/images/icons/multipurpose.woff?2
200 OK 1.8 kB URL
lightdl.xyz/wp-content/plugins/td-composer/td-multi-purpose/images/icons/multipurpose.woff?2
IP / ASN
172.67.213.158
#13335 CLOUDFLARENET
Requested by https://lightdl.xyz/
Resource Info
File type Web Open Font Format, TrueType, length 1840, version 1.0
First Seen 2023-05-17
Last Seen 2025-06-24
Times Seen 131
Size 1.8 kB (1840 bytes)
MD5 0563ba43efbc4ed34087e1246859253f
SHA1 082eb9aa97de4c3aac864b70aafc6f7e3221b410
SHA256 87294a383cc19662de55e0537e93366873a7d98caf414b50636cfd6bfcf1a46a
Certificate Info
Issuer Google Trust Services LLC
Subject lightdl.xyz
Fingerprint 5D:FC:B6:9A:2C:A8:E4:6C:7B:F5:B2:ED:9A:C2:5F:F4:15:78:BF:01
Validity Tue, 19 Dec 2023 16:34:42 GMT - Mon, 18 Mar 2024 16:34:41 GMT
GET /wp-content/plugins/td-composer/td-multi-purpose/images/icons/multipurpose.woff?2 HTTP/1.1
Host: lightdl.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=963059d7cceb10dc9b9adeec7fadb27d
Cookie: cf_clearance=EGd7UjLMaiBbEd9SQ3HVs4oYlaH4rhWC26McBt6gE2k-1707690716-1-AW5aGNBVBDF5aJ6u0zQaLWKx3YSQL5DMeE+JO2J++exoZnKtppDbBoHN5d8g41O5Q7jlwoAF3vVoyM11yCCWWN4=
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 11 Feb 2024 22:32:06 GMT
content-type: font/woff
content-length: 1840
last-modified: Sat, 10 Feb 2024 14:16:28 GMT
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: HIT
age: 5027
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OLzsWpWQL2iEDU1UFbeAwPSPmfFyIcPhDJQoVOW%2FOpHV2ILXgRNvppHiJZRljKR99zDyeu9A6X6XVRzAoQ6U6pG7VtAeSFIGxdyksPUsXwbvbaHXZDo7%2FRyOot9XlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 85400bc18a7eb515-OSL
alt-svc: h3=":443"; ma=86400
GET fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
200 OK 16 kB URL
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP / ASN
142.250.74.99
#15169 GOOGLE
Requested by https://lightdl.xyz/
Resource Info
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0
First Seen 2023-04-05
Last Seen 2025-08-02
Times Seen 27954
Size 16 kB (15740 bytes)
MD5 b9c29351c46f3e8c8631c4002457f48a
SHA1 e57e59c5780995ff2937ab2b511a769212974a87
SHA256 f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Certificate Info
Issuer Google Trust Services LLC
Subject *.gstatic.com
Fingerprint 9D:25:7E:5C:DF:C3:E5:5B:00:4F:04:97:A3:48:A3:30:60:9A:DB:48
Validity Tue, 09 Jan 2024 06:30:50 GMT - Tue, 02 Apr 2024 06:30:49 GMT
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lightdl.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Feb 2024 18:44:03 GMT
expires: Sat, 08 Feb 2025 18:44:03 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
age: 186483
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET pixel.wp.com/g.gif?v=ext&blog=215547667&post=9785&tz=0&srv=lightdl.xyz&j=1%3A12.1&host=lightdl.xyz&ref=https%3A%2F%2Flightdl.xyz%2F%3F__cf_chl_tk%3DY4eWb9LMhxOoobGVb7pPpNfUoZmMXI8umM2t3UuFTCE-1707690716-0-3280&fcp=2778&rand=0.6164589229826889
200 OK 50 B URL
pixel.wp.com/g.gif?v=ext&blog=215547667&post=9785&tz=0&srv=lightdl.xyz&j=1%3A12.1&host=lightdl.xyz&ref=https%3A%2F%2Flightdl.xyz%2F%3F__cf_chl_tk%3DY4eWb9LMhxOoobGVb7pPpNfUoZmMXI8umM2t3UuFTCE-1707690716-0-3280&fcp=2778&rand=0.6164589229826889
IP / ASN
192.0.76.3
#2635 AUTOMATTIC
Requested by https://lightdl.xyz/
Resource Info
File type GIF image data, version 89a, 6 x 5
First Seen 2023-04-05
Last Seen 2025-08-02
Times Seen 26958
Size 50 B (50 bytes)
MD5 e4d673a55c5656f19ef81563fb10884c
SHA1 1f2d8ed221d39329251ad3a6ff1edb20b7219443
SHA256 f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
Certificate Info
Issuer Sectigo Limited
Subject *.wp.com
Fingerprint 5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
Validity Tue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT
GET /g.gif?v=ext&blog=215547667&post=9785&tz=0&srv=lightdl.xyz&j=1%3A12.1&host=lightdl.xyz&ref=https%3A%2F%2Flightdl.xyz%2F%3F__cf_chl_tk%3DY4eWb9LMhxOoobGVb7pPpNfUoZmMXI8umM2t3UuFTCE-1707690716-0-3280&fcp=2778&rand=0.6164589229826889 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Feb 2024 22:32:06 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET horrifiedbluish.com/pixel/purst?dl=0&th=0&sc=0&rs=2601&rd=2601&fd=1009&bv=24.1.v.12&tmpl=70
200 OK 0 B URL
horrifiedbluish.com/pixel/purst?dl=0&th=0&sc=0&rs=2601&rd=2601&fd=1009&bv=24.1.v.12&tmpl=70
IP / ASN
192.243.59.12
#39572 DataWeb Global Group B.V.
Requested by https://lightdl.xyz/
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5606313
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject horrifiedbluish.com
Fingerprint 95:5F:C6:03:A0:F0:93:27:B3:E1:3B:73:73:CE:76:52:07:E0:D2:D3
Validity Sun, 04 Feb 2024 08:12:47 GMT - Sat, 04 May 2024 08:12:46 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=2601&rd=2601&fd=1009&bv=24.1.v.12&tmpl=70 HTTP/1.1
Host: horrifiedbluish.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 11 Feb 2024 22:32:06 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
GET lightdl.xyz/wp-content/uploads/2022/05/cropped-favicon-image.g-192x192.png
200 OK 14 kB URL
lightdl.xyz/wp-content/uploads/2022/05/cropped-favicon-image.g-192x192.png
IP / ASN
172.67.213.158
#13335 CLOUDFLARENET
Requested by https://lightdl.xyz/
Resource Info
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
First Seen 2023-06-30
Last Seen 2024-08-20
Times Seen 6
Size 14 kB (14209 bytes)
MD5 686454b248423727879ceb19535eb281
SHA1 19d1a7a223769140a9df8fcde8ceef21458aa52a
SHA256 20bd560b1a38082fe8b634bf5070426184c9701f5d40cd6d806b17396a91af62
Certificate Info
Issuer Google Trust Services LLC
Subject lightdl.xyz
Fingerprint 5D:FC:B6:9A:2C:A8:E4:6C:7B:F5:B2:ED:9A:C2:5F:F4:15:78:BF:01
Validity Tue, 19 Dec 2023 16:34:42 GMT - Mon, 18 Mar 2024 16:34:41 GMT
GET /wp-content/uploads/2022/05/cropped-favicon-image.g-192x192.png HTTP/1.1
Host: lightdl.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Cookie: cf_clearance=EGd7UjLMaiBbEd9SQ3HVs4oYlaH4rhWC26McBt6gE2k-1707690716-1-AW5aGNBVBDF5aJ6u0zQaLWKx3YSQL5DMeE+JO2J++exoZnKtppDbBoHN5d8g41O5Q7jlwoAF3vVoyM11yCCWWN4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 11 Feb 2024 22:32:06 GMT
content-type: image/png
content-length: 14209
last-modified: Wed, 11 May 2022 17:26:55 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 5025
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TLvfjFzfwDsgkehD92d7nMd1HbVadsd%2FopEh2kxVWxrVoSoWG7r351qFgw1nzaZnJxtZDiK3PgJDcC4iDCxHeg1k7BZuC2NDTKTmPq7rMY9RvXMBg4x6TD9f%2BInQSw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 85400bc29bd2b515-OSL
alt-svc: h3=":443"; ma=86400
GET lightdl.xyz/wp-content/uploads/2022/05/cropped-favicon-image.g-32x32.png
200 OK 1.4 kB URL
lightdl.xyz/wp-content/uploads/2022/05/cropped-favicon-image.g-32x32.png
IP / ASN
172.67.213.158
#13335 CLOUDFLARENET
Requested by https://lightdl.xyz/
Resource Info
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
First Seen 2023-06-30
Last Seen 2024-08-20
Times Seen 5
Size 1.4 kB (1446 bytes)
MD5 2f98a8b95fe76359af4c7b6c7d6831a1
SHA1 9d40ba52fb59292c18b0987371e0b545acdeb70c
SHA256 0371940458fdf7da96a86b15f5f0c744c20cc299a2a548eff0c8ee9574e04462
Certificate Info
Issuer Google Trust Services LLC
Subject lightdl.xyz
Fingerprint 5D:FC:B6:9A:2C:A8:E4:6C:7B:F5:B2:ED:9A:C2:5F:F4:15:78:BF:01
Validity Tue, 19 Dec 2023 16:34:42 GMT - Mon, 18 Mar 2024 16:34:41 GMT
GET /wp-content/uploads/2022/05/cropped-favicon-image.g-32x32.png HTTP/1.1
Host: lightdl.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Cookie: cf_clearance=EGd7UjLMaiBbEd9SQ3HVs4oYlaH4rhWC26McBt6gE2k-1707690716-1-AW5aGNBVBDF5aJ6u0zQaLWKx3YSQL5DMeE+JO2J++exoZnKtppDbBoHN5d8g41O5Q7jlwoAF3vVoyM11yCCWWN4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 11 Feb 2024 22:32:06 GMT
content-type: image/png
content-length: 1446
last-modified: Wed, 11 May 2022 17:26:55 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 5761
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RsMbhAnWJ63YEcV5HFb6xW7whJLnPMwTozwjPAH95%2FIUb208HnrNsAggymkqqc8Xxja8x0YEdgwzGqfwEnyDhbF1sxigf8Bd3c%2BFEDiXuEqSShzFKWBs4dNjlVUFAg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 85400bc2abd4b515-OSL
alt-svc: h3=":443"; ma=86400
GET lightdl.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js
200 OK 12 kB URL
lightdl.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js
IP / ASN
172.67.213.158
#13335 CLOUDFLARENET
Requested by https://lightdl.xyz/
Resource Info
File type JavaScript source, ASCII text, with very long lines (7409), with no line terminators
First Seen 2024-08-20
Last Seen 2024-08-20
Times Seen 1
Size 12 kB (11990 bytes)
MD5 d8ac7f4c1f37553b0fc3d3b052d95a24
SHA1 b60aa23fb1ff096994ec930e158f616db5fe5dc5
SHA256 4907e432997dc4345e377dac394a0f91ed6ea3188a3aeb5a69ef70d509ca8341
Certificate Info
Issuer Google Trust Services LLC
Subject lightdl.xyz
Fingerprint 5D:FC:B6:9A:2C:A8:E4:6C:7B:F5:B2:ED:9A:C2:5F:F4:15:78:BF:01
Validity Tue, 19 Dec 2023 16:34:42 GMT - Mon, 18 Mar 2024 16:34:41 GMT
GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js HTTP/1.1
Host: lightdl.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=EGd7UjLMaiBbEd9SQ3HVs4oYlaH4rhWC26McBt6gE2k-1707690716-1-AW5aGNBVBDF5aJ6u0zQaLWKx3YSQL5DMeE+JO2J++exoZnKtppDbBoHN5d8g41O5Q7jlwoAF3vVoyM11yCCWWN4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 11 Feb 2024 22:32:06 GMT
content-type: application/javascript; charset=UTF-8
vary: accept-encoding
cache-control: max-age=14400, public
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F3jBmIFvoF80JgtcDex56zecIEUEK7Cbbq2nSt5vWVtMkhYg88QFma%2B119miufT%2BZkly%2BhCrkhVgJyQOtP5EFodUst8AUCDmHBPXxzDs4BGo8sclJ%2ByeSAW54%2BQfiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 85400bc25b7db515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
403 Forbidden 40 kB IP / ASN
172.67.213.158
#13335 CLOUDFLARENET
Resource Info
File type HTML document, ASCII text, with very long lines (9539), with CRLF, LF line terminators
First Seen 2024-08-20
Last Seen 2024-08-20
Times Seen 1
Size 40 kB (39594 bytes)
MD5 c25219408ea44f7833a021d0f252e756
SHA1 e6fafc5fa59ac12de69485bcfaa3cb890c8a5ee8
SHA256 ef272a1b37ed011dc2b598447e8e0ab7c73f9e56de1c509dff80d5d40368169c
Certificate Info
Issuer Google Trust Services LLC
Subject lightdl.xyz
Fingerprint 5D:FC:B6:9A:2C:A8:E4:6C:7B:F5:B2:ED:9A:C2:5F:F4:15:78:BF:01
Validity Tue, 19 Dec 2023 16:34:42 GMT - Mon, 18 Mar 2024 16:34:41 GMT
POST / HTTP/1.1
Host: lightdl.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lightdl.xyz/?__cf_chl_tk=Y4eWb9LMhxOoobGVb7pPpNfUoZmMXI8umM2t3UuFTCE-1707690716-0-3280
Content-Type: application/x-www-form-urlencoded
Content-Length: 3680
Origin: https://lightdl.xyz
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Sec-Fetch-User: ?1
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 11 Feb 2024 22:32:04 GMT
content-type: text/html; charset=UTF-8
set-cookie: cf_clearance=EGd7UjLMaiBbEd9SQ3HVs4oYlaH4rhWC26McBt6gE2k-1707690716-1-AW5aGNBVBDF5aJ6u0zQaLWKx3YSQL5DMeE+JO2J++exoZnKtppDbBoHN5d8g41O5Q7jlwoAF3vVoyM11yCCWWN4=; path=/; expires=Mon, 10-Feb-25 22:32:03 GMT; domain=.lightdl.xyz; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding, Accept-Encoding,User-Agent
link: <https://lightdl.xyz/wp-json/>; rel="https://api.w.org/", <https://lightdl.xyz/wp-json/wp/v2/pages/9785>; rel="alternate"; type="application/json", <https://lightdl.xyz/>; rel=shortlink
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KQTee22wpRLcOzj%2B%2F1f%2BqME2H2En91SU8NeuoHaY5EC7iR09PgYpbZ%2BBuoTwTaLa57ICrEPxWNYpij%2B5sX6m8DtGtWDsigByNdvDPW6RQk%2Fy4sLxoCxRo8LuN3bNvg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 85400bad0d75b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET proftrafficcounter.com/stats
200 OK 40 B URL
proftrafficcounter.com/stats
IP / ASN
3.79.157.91
#16509 AMAZON-02
Requested by https://lightdl.xyz/
Resource Info
File type ASCII text, with no line terminators
First Seen 2024-08-20
Last Seen 2024-08-20
Times Seen 1
Size 40 B (40 bytes)
MD5 6d16ec04005677fbb4ae4b7118a7cd3d
SHA1 ec5075833d3d559a86cefdcfb8466c49725b3705
SHA256 2c305038eb5303ed1bc61c5f2e6306fc24998cfcc8abd07a2f653d2cfb946c8f
Certificate Info
Issuer Amazon
Subject proftrafficcounter.com
Fingerprint E3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
Validity Tue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lightdl.xyz
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Cookie: uid_id2=230feca4-4d8d-43e3-8819-424282ec869d:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 11 Feb 2024 22:32:07 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://lightdl.xyz
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2
POST lightdl.xyz/cdn-cgi/challenge-platform/h/b/jsd/r/85400bad0d75b515
200 OK 1.3 MB URL
lightdl.xyz/cdn-cgi/challenge-platform/h/b/jsd/r/85400bad0d75b515
IP / ASN
172.67.213.158
#13335 CLOUDFLARENET
Requested by https://lightdl.xyz/
Resource Info
File type data
First Seen 2024-08-20
Last Seen 2024-08-20
Times Seen 1
Size 1.3 MB (1346510 bytes)
MD5 32888e69697c888eeb5afa9cb6bd927d
SHA1 e7a9ac632c37acb2ccf92fb8c3596883cea1e378
SHA256 6e01c4445f12d9b6cc0341467dd8acb79e2785097014c11aca6d699cae60061d
Certificate Info
Issuer Google Trust Services LLC
Subject lightdl.xyz
Fingerprint 5D:FC:B6:9A:2C:A8:E4:6C:7B:F5:B2:ED:9A:C2:5F:F4:15:78:BF:01
Validity Tue, 19 Dec 2023 16:34:42 GMT - Mon, 18 Mar 2024 16:34:41 GMT
POST /cdn-cgi/challenge-platform/h/b/jsd/r/85400bad0d75b515 HTTP/1.1
Host: lightdl.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12146
Origin: https://lightdl.xyz
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Cookie: cf_clearance=EGd7UjLMaiBbEd9SQ3HVs4oYlaH4rhWC26McBt6gE2k-1707690716-1-AW5aGNBVBDF5aJ6u0zQaLWKx3YSQL5DMeE+JO2J++exoZnKtppDbBoHN5d8g41O5Q7jlwoAF3vVoyM11yCCWWN4=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 11 Feb 2024 22:32:07 GMT
content-type: text/plain; charset=UTF-8
set-cookie: cf_clearance=GjAejpMsjC72BZLZLVu2H38tFm6mlq8uCBdSwQRTJ9k-1707690727-1-AXNzfGzB1nCE2c7tt9MyUTX8JvcXbWjB6nQQg8M7ygfOinPIkvhAZgRNmwADL4QEkxFbpipIB+VYg9467mQNP/w=; path=/; expires=Mon, 10-Feb-25 22:32:07 GMT; domain=.lightdl.xyz; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pQRDr150eFiob1IZKr9rJ9FTJazj7vS1dmKmuKreqmPJd3BTV1UNUVP9wlEbV%2BZpZLP29QVlKL937a%2FxXniD4vlVkCGMsW9DQj1kJJK%2FZlOqzFeRsD4%2B9PKRth%2BAUg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 85400bc3cd1cb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET lightdl.xyz/wp-content/uploads/2024/01/Captivating-the-King-2024.png
200 OK 922 kB URL
lightdl.xyz/wp-content/uploads/2024/01/Captivating-the-King-2024.png
IP / ASN
172.67.213.158
#13335 CLOUDFLARENET
Requested by https://lightdl.xyz/
Resource Info
File type PNG image data, 619 x 852, 8-bit/color RGBA, non-interlaced
First Seen 2024-08-20
Last Seen 2024-08-20
Times Seen 1
Size 922 kB (921841 bytes)
MD5 4659f029cf8bdc04c09fedf68ca18746
SHA1 5de602556979e061967d6852209351be6c594133
SHA256 acaf3a30c216639eb4a9cfcbd42413a97d3c0564d79d9caa0979df7d16f172be
Certificate Info
Issuer Google Trust Services LLC
Subject lightdl.xyz
Fingerprint 5D:FC:B6:9A:2C:A8:E4:6C:7B:F5:B2:ED:9A:C2:5F:F4:15:78:BF:01
Validity Tue, 19 Dec 2023 16:34:42 GMT - Mon, 18 Mar 2024 16:34:41 GMT
GET /wp-content/uploads/2024/01/Captivating-the-King-2024.png HTTP/1.1
Host: lightdl.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Cookie: cf_clearance=GjAejpMsjC72BZLZLVu2H38tFm6mlq8uCBdSwQRTJ9k-1707690727-1-AXNzfGzB1nCE2c7tt9MyUTX8JvcXbWjB6nQQg8M7ygfOinPIkvhAZgRNmwADL4QEkxFbpipIB+VYg9467mQNP/w=; dom3ic8zudi28v8lr6fgphwffqoz0j6c=230feca4-4d8d-43e3-8819-424282ec869d%3A2%3A1; pp_main_285df780ad9f1ead33467ba105295e80=1; sb_main_fa0c46a46b8bf033ac65bc5cabeebf34=1; sb_count_fa0c46a46b8bf033ac65bc5cabeebf34=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 11 Feb 2024 22:32:07 GMT
content-type: image/png
content-length: 921841
last-modified: Fri, 26 Jan 2024 00:17:55 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 5762
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JlgvL1fHo8Er6EISRvnJrfLK2WqTzZpcVjtxT2lx2k1YFfLpz0rjAGlBIFcIoecqH3rwzscKVamlZuzMy%2BiFe126KpMrJw9NScmVncd2aiKBjz3wtrablOVYErBDvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 85400bc58ef9b515-OSL
alt-svc: h3=":443"; ma=86400
GET lightdl.xyz/wp-content/uploads/2024/01/Belgravia-The-Next-Chapter-2024.png
200 OK 931 kB URL
lightdl.xyz/wp-content/uploads/2024/01/Belgravia-The-Next-Chapter-2024.png
IP / ASN
172.67.213.158
#13335 CLOUDFLARENET
Requested by https://lightdl.xyz/
Resource Info
File type PNG image data, 579 x 858, 8-bit/color RGBA, non-interlaced
First Seen 2024-08-20
Last Seen 2024-08-20
Times Seen 1
Size 931 kB (930587 bytes)
MD5 490d03ffc0025d8050f8dad31e3ea48c
SHA1 02bd908b532d59a3c2678a1b2f016d7686c3b66f
SHA256 4fe8e638fd17ffa48208b4398d5bbd9de059262d654ff455df9e63118ec7a089
Certificate Info
Issuer Google Trust Services LLC
Subject lightdl.xyz
Fingerprint 5D:FC:B6:9A:2C:A8:E4:6C:7B:F5:B2:ED:9A:C2:5F:F4:15:78:BF:01
Validity Tue, 19 Dec 2023 16:34:42 GMT - Mon, 18 Mar 2024 16:34:41 GMT
GET /wp-content/uploads/2024/01/Belgravia-The-Next-Chapter-2024.png HTTP/1.1
Host: lightdl.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Cookie: cf_clearance=GjAejpMsjC72BZLZLVu2H38tFm6mlq8uCBdSwQRTJ9k-1707690727-1-AXNzfGzB1nCE2c7tt9MyUTX8JvcXbWjB6nQQg8M7ygfOinPIkvhAZgRNmwADL4QEkxFbpipIB+VYg9467mQNP/w=; dom3ic8zudi28v8lr6fgphwffqoz0j6c=230feca4-4d8d-43e3-8819-424282ec869d%3A2%3A1; pp_main_285df780ad9f1ead33467ba105295e80=1; sb_main_fa0c46a46b8bf033ac65bc5cabeebf34=1; sb_count_fa0c46a46b8bf033ac65bc5cabeebf34=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 11 Feb 2024 22:32:07 GMT
content-type: image/png
content-length: 930587
last-modified: Mon, 15 Jan 2024 23:00:59 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 5761
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7iVsSxLIr7X1pBZDSKukqvWB2W8FL%2FlJZUIqQy3wbaRDQ8u2njnwF4MwSz1tHm9H1UBYNc3L8DerQxF9albU4LNObhFozg3eF0lihvRDnbluCkOR%2BZpv4NxtgUtmog%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 85400bc58efdb515-OSL
alt-svc: h3=":443"; ma=86400
GET lightdl.xyz/wp-content/uploads/2024/02/Sexy-Beast-2024.png
200 OK 1.1 MB URL
lightdl.xyz/wp-content/uploads/2024/02/Sexy-Beast-2024.png
IP / ASN
172.67.213.158
#13335 CLOUDFLARENET
Requested by https://lightdl.xyz/
Resource Info
File type PNG image data, 577 x 862, 8-bit/color RGBA, non-interlaced
First Seen 2024-02-11
Last Seen 2024-08-20
Times Seen 2
Size 1.1 MB (1077870 bytes)
MD5 5c312065ac568735a0240122009e4e4f
SHA1 437a5cbc9615f3cd4abe45134e9a9f89dbe47529
SHA256 0f9dd1f52eaff9ab5f7bc68a99cd00f88ed9a4d821101944a25e43595fe81a79
Certificate Info
Issuer Google Trust Services LLC
Subject lightdl.xyz
Fingerprint 5D:FC:B6:9A:2C:A8:E4:6C:7B:F5:B2:ED:9A:C2:5F:F4:15:78:BF:01
Validity Tue, 19 Dec 2023 16:34:42 GMT - Mon, 18 Mar 2024 16:34:41 GMT
GET /wp-content/uploads/2024/02/Sexy-Beast-2024.png HTTP/1.1
Host: lightdl.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Cookie: cf_clearance=GjAejpMsjC72BZLZLVu2H38tFm6mlq8uCBdSwQRTJ9k-1707690727-1-AXNzfGzB1nCE2c7tt9MyUTX8JvcXbWjB6nQQg8M7ygfOinPIkvhAZgRNmwADL4QEkxFbpipIB+VYg9467mQNP/w=; dom3ic8zudi28v8lr6fgphwffqoz0j6c=230feca4-4d8d-43e3-8819-424282ec869d%3A2%3A1; pp_main_285df780ad9f1ead33467ba105295e80=1; sb_main_fa0c46a46b8bf033ac65bc5cabeebf34=1; sb_count_fa0c46a46b8bf033ac65bc5cabeebf34=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 11 Feb 2024 22:32:07 GMT
content-type: image/png
content-length: 1077870
last-modified: Sat, 10 Feb 2024 11:14:26 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 5760
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bZr3YN1B9lMFIXwMZ0J%2F%2F0xSHoxAbnCN2vmDU4tLaOE6tVj6wipY%2BK38v6MBzIz4rREU1A8M7TnspZNG%2FovkOl7xcTOpBMrnGdJpuRUvV9ekl%2BWl%2BIvgyo8n6OH89Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 85400bc58f00b515-OSL
alt-svc: h3=":443"; ma=86400
GET lightdl.xyz/wp-content/uploads/2024/01/Shop-for-Killers-2024-485x360.png
200 OK 362 kB URL
lightdl.xyz/wp-content/uploads/2024/01/Shop-for-Killers-2024-485x360.png
IP / ASN
172.67.213.158
#13335 CLOUDFLARENET
Requested by https://lightdl.xyz/
Resource Info
File type PNG image data, 485 x 360, 8-bit/color RGBA, non-interlaced
First Seen 2024-08-20
Last Seen 2024-08-20
Times Seen 1
Size 362 kB (362269 bytes)
MD5 d1dba4b47a537f8b755f1dc332f079c1
SHA1 ae10e2ab1ac1060663a8a26fab886316c1355d6c
SHA256 7bf8f32251b0e1e8f6ce932a27632eb19613548f1b0c73c82f2fb78ecdbf53ff
Certificate Info
Issuer Google Trust Services LLC
Subject lightdl.xyz
Fingerprint 5D:FC:B6:9A:2C:A8:E4:6C:7B:F5:B2:ED:9A:C2:5F:F4:15:78:BF:01
Validity Tue, 19 Dec 2023 16:34:42 GMT - Mon, 18 Mar 2024 16:34:41 GMT
GET /wp-content/uploads/2024/01/Shop-for-Killers-2024-485x360.png HTTP/1.1
Host: lightdl.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Cookie: cf_clearance=GjAejpMsjC72BZLZLVu2H38tFm6mlq8uCBdSwQRTJ9k-1707690727-1-AXNzfGzB1nCE2c7tt9MyUTX8JvcXbWjB6nQQg8M7ygfOinPIkvhAZgRNmwADL4QEkxFbpipIB+VYg9467mQNP/w=; dom3ic8zudi28v8lr6fgphwffqoz0j6c=230feca4-4d8d-43e3-8819-424282ec869d%3A2%3A1; pp_main_285df780ad9f1ead33467ba105295e80=1; sb_main_fa0c46a46b8bf033ac65bc5cabeebf34=1; sb_count_fa0c46a46b8bf033ac65bc5cabeebf34=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 11 Feb 2024 22:32:07 GMT
content-type: image/png
content-length: 362269
last-modified: Sat, 27 Jan 2024 03:57:28 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 5759
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hue%2BNNb4UAEMzSBhlq0UXCURv3iRF%2FqyEZN7MbCyaf%2FLg1IfaJnTBt9Jz2Cfm4xbhagjfAIlBPqjtxcDCYdlSwnyhYWNHE2%2F%2FxGiDewu5AX0ockV7j80HnWPIH2CHg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 85400bc7a998b515-OSL
alt-svc: h3=":443"; ma=86400
GET lightdl.xyz/wp-content/uploads/2024/01/Captivating-the-King-2024-218x150.png
200 OK 57 kB URL
lightdl.xyz/wp-content/uploads/2024/01/Captivating-the-King-2024-218x150.png
IP / ASN
172.67.213.158
#13335 CLOUDFLARENET
Requested by https://lightdl.xyz/
Resource Info
File type PNG image data, 218 x 150, 8-bit/color RGBA, non-interlaced
First Seen 2024-08-20
Last Seen 2024-08-20
Times Seen 1
Size 57 kB (56981 bytes)
MD5 96839236e1ff330b5f3f486ac9ce8fe8
SHA1 b15b727e90d423b7bc07c20e4d95e35bb23c3382
SHA256 016696f77168acba84c702a3ef89a71568ca0bd01d80d395271c32c130a705ef
Certificate Info
Issuer Google Trust Services LLC
Subject lightdl.xyz
Fingerprint 5D:FC:B6:9A:2C:A8:E4:6C:7B:F5:B2:ED:9A:C2:5F:F4:15:78:BF:01
Validity Tue, 19 Dec 2023 16:34:42 GMT - Mon, 18 Mar 2024 16:34:41 GMT
GET /wp-content/uploads/2024/01/Captivating-the-King-2024-218x150.png HTTP/1.1
Host: lightdl.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Cookie: cf_clearance=GjAejpMsjC72BZLZLVu2H38tFm6mlq8uCBdSwQRTJ9k-1707690727-1-AXNzfGzB1nCE2c7tt9MyUTX8JvcXbWjB6nQQg8M7ygfOinPIkvhAZgRNmwADL4QEkxFbpipIB+VYg9467mQNP/w=; dom3ic8zudi28v8lr6fgphwffqoz0j6c=230feca4-4d8d-43e3-8819-424282ec869d%3A2%3A1; pp_main_285df780ad9f1ead33467ba105295e80=1; sb_main_fa0c46a46b8bf033ac65bc5cabeebf34=1; sb_count_fa0c46a46b8bf033ac65bc5cabeebf34=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 11 Feb 2024 22:32:07 GMT
content-type: image/png
content-length: 56981
last-modified: Fri, 26 Jan 2024 00:17:55 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 5758
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ypbdiBIa0EurDefCFQ2Y7RsFMtxyuZgsq%2BL6JSYAIreHo8y13mvz862fgPfPOo1kWGC4fAIp%2F69JQbX23m6hDpr5ZZLkMkQ%2F3h7kCaOktmT252FsjSDjYIZvnpHLUA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 85400bc7a999b515-OSL
alt-svc: h3=":443"; ma=86400
GET lightdl.xyz/wp-content/uploads/2024/01/Shop-for-Killers-2024-218x150.png
200 OK 76 kB URL
lightdl.xyz/wp-content/uploads/2024/01/Shop-for-Killers-2024-218x150.png
IP / ASN
172.67.213.158
#13335 CLOUDFLARENET
Requested by https://lightdl.xyz/
Resource Info
File type PNG image data, 218 x 150, 8-bit/color RGBA, non-interlaced
First Seen 2024-08-20
Last Seen 2024-08-20
Times Seen 1
Size 76 kB (75912 bytes)
MD5 823b66bd9537e77352038b974e189aab
SHA1 c974c8accb39ab8f42365169c0315160a7690f17
SHA256 a9f4d3141f7240e2848b8a732ba4941ee3cf9e145c02179c1c59acc175074596
Certificate Info
Issuer Google Trust Services LLC
Subject lightdl.xyz
Fingerprint 5D:FC:B6:9A:2C:A8:E4:6C:7B:F5:B2:ED:9A:C2:5F:F4:15:78:BF:01
Validity Tue, 19 Dec 2023 16:34:42 GMT - Mon, 18 Mar 2024 16:34:41 GMT
GET /wp-content/uploads/2024/01/Shop-for-Killers-2024-218x150.png HTTP/1.1
Host: lightdl.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Cookie: cf_clearance=GjAejpMsjC72BZLZLVu2H38tFm6mlq8uCBdSwQRTJ9k-1707690727-1-AXNzfGzB1nCE2c7tt9MyUTX8JvcXbWjB6nQQg8M7ygfOinPIkvhAZgRNmwADL4QEkxFbpipIB+VYg9467mQNP/w=; dom3ic8zudi28v8lr6fgphwffqoz0j6c=230feca4-4d8d-43e3-8819-424282ec869d%3A2%3A1; pp_main_285df780ad9f1ead33467ba105295e80=1; sb_main_fa0c46a46b8bf033ac65bc5cabeebf34=1; sb_count_fa0c46a46b8bf033ac65bc5cabeebf34=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 11 Feb 2024 22:32:07 GMT
content-type: image/png
content-length: 75912
last-modified: Sat, 27 Jan 2024 03:57:28 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 5757
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LTWTbQkd9VFF%2BYbySLp%2Fbg7kJNqxbJq3k8Rb%2FjVysDJ0%2Bw03t56FRNuZiSLSA81WlArI59%2FmYqFjWX9WcSEu0yLRtrJn%2FhQgGyX8aG7HO8ER8sPCPCEDpCQvxywMEg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 85400bc8dad0b515-OSL
alt-svc: h3=":443"; ma=86400
GET capaciousdrewreligion.com/advertisers.js
200 OK 0 B URL
capaciousdrewreligion.com/advertisers.js
IP / ASN
192.243.59.20
#39572 DataWeb Global Group B.V.
Requested by https://lightdl.xyz/
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5606313
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject capaciousdrewreligion.com
Fingerprint 61:0D:30:24:10:C8:EC:35:B9:F2:10:DA:14:D3:F3:AB:2E:F5:FA:E8
Validity Sat, 06 Jan 2024 10:55:16 GMT - Fri, 05 Apr 2024 10:55:15 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /advertisers.js HTTP/1.1
Host: capaciousdrewreligion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 11 Feb 2024 22:32:08 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 77f1e27a38b319c05007bdf516beca26
Strict-Transport-Security: max-age=0; includeSubdomains
GET 6.adsco.re/
200 OK 0 B IP / ASN
104.17.166.186
#13335 CLOUDFLARENET
Requested by https://lightdl.xyz/
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5606313
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Sectigo Limited
Subject *.adsco.re
Fingerprint 40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73
Validity Sat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lightdl.xyz
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 11 Feb 2024 22:32:08 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://lightdl.xyz
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 85400bcccea8712e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET 4.adsco.re/
200 OK 62 B IP / ASN
162.252.214.5
#53334 TUT-AS
Requested by https://lightdl.xyz/
Resource Info
File type ASCII text, with no line terminators
First Seen 2023-04-05
Last Seen 2025-08-02
Times Seen 15329
Size 62 B (62 bytes)
MD5 5b41cb22f84f645a103acc7bfbf084ff
SHA1 bac3967b26d5ec4a0d09a580714e8219796816bd
SHA256 709f0a0dfab9f9e074f4a4a348dcb09150838284d21e75cfb9e5ceaeeb2054bc
Certificate Info
Issuer Sectigo Limited
Subject *.adsco.re
Fingerprint 40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73
Validity Sat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lightdl.xyz
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 11 Feb 2024 22:32:08 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://lightdl.xyz
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
POST txyqowlptfmn.l4.adsco.re/
200 OK 0 B URL
txyqowlptfmn.l4.adsco.re/
IP / ASN
185.200.118.51
#9009 M247 Europe SRL
Requested by https://lightdl.xyz/
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5606313
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject *.l4.adsco.re
Fingerprint 8F:22:DA:E8:0A:F6:AC:93:E2:91:DC:65:F8:A9:EB:74:F5:6E:9F:D4
Validity Fri, 19 Jan 2024 09:12:32 GMT - Thu, 18 Apr 2024 09:12:31 GMT
POST / HTTP/1.1
Host: txyqowlptfmn.l4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://lightdl.xyz
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 11 Feb 2024 22:32:08 GMT
content-type: text/html
content-length: 0
last-modified: Fri, 02 Jun 2023 14:03:32 GMT
etag: "6479f6b4-0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2
62 B URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D
IP / ASN
104.17.3.184
#13335 CLOUDFLARENET
Resource Info
File type PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
First Seen 2024-08-20
Last Seen 2024-08-20
Times Seen 1
Size 62 B (62 bytes)
MD5 d080d43999b6f52cc5ba03f5465b8e5d
SHA1 5f46dd66a7c6fba254d78ead89089ea4553f1a96
SHA256 efa765837ed8c46fe6d2279413c45af573f3e1e672f0de3eabcba529572c7f15
GET /cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/nqmaf/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 11 Feb 2024 22:31:57 GMT
content-type: image/png
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 85400b894f96568e-OSL
alt-svc: h3=":443"; ma=86400
GET unseenreport.com/pxf.gif?uuid=230feca4-4d8d-43e3-8819-424282ec869d&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=fa0c46a46b8bf033ac65bc5cabeebf34&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=22
200 OK 1 B URL
unseenreport.com/pxf.gif?uuid=230feca4-4d8d-43e3-8819-424282ec869d&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=fa0c46a46b8bf033ac65bc5cabeebf34&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=22
IP / ASN
192.243.59.20
#39572 DataWeb Global Group B.V.
Requested by https://lightdl.xyz/
Resource Info
File type very short file (no magic)
First Seen 2023-04-05
Last Seen 2025-07-31
Times Seen 25187
Size 1 B (1 bytes)
MD5 93b885adfe0da089cdf634904fd59f71
SHA1 5ba93c9db0cff93f52b521d7420e43f6eda2784f
SHA256 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Certificate Info
Issuer Let's Encrypt
Subject *.unseenreport.com
Fingerprint 18:C3:E7:4B:C5:EA:23:FC:38:62:D0:43:31:B5:79:2E:62:86:60:9E
Validity Sun, 21 Jan 2024 08:27:47 GMT - Sat, 20 Apr 2024 08:27:46 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pxf.gif?uuid=230feca4-4d8d-43e3-8819-424282ec869d&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=fa0c46a46b8bf033ac65bc5cabeebf34&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=22 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 11 Feb 2024 22:32:08 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8b863884fe25e6974d879982f6118ccb
Strict-Transport-Security: max-age=0; includeSubdomains
POST txyqowlptfmn.n4.adsco.re/
200 OK 0 B URL
txyqowlptfmn.n4.adsco.re/
IP / ASN
38.132.109.115
#9009 M247 Europe SRL
Requested by https://lightdl.xyz/
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5606313
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject *.n4.adsco.re
Fingerprint 13:47:CD:B8:B0:D7:81:8D:D3:8E:5F:D7:A6:8B:41:34:B1:3F:55:16
Validity Fri, 19 Jan 2024 09:12:32 GMT - Thu, 18 Apr 2024 09:12:31 GMT
POST / HTTP/1.1
Host: txyqowlptfmn.n4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://lightdl.xyz
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 11 Feb 2024 22:32:08 GMT
content-type: text/html
content-length: 0
last-modified: Fri, 16 Jun 2023 08:37:42 GMT
etag: "648c1f56-0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2
GET lightdl.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
302 Found 8.3 kB URL
lightdl.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP / ASN
172.67.213.158
#13335 CLOUDFLARENET
Requested by https://lightdl.xyz/
Resource Info
File type gzip compressed data, from Unix
First Seen 2024-08-20
Last Seen 2024-08-20
Times Seen 1
Size 8.3 kB (8284 bytes)
MD5 14fff2c4f64f8324bfbcc9094e7e19c2
SHA1 f75a961cc1bd0116a5eabfcc23704084d3398504
SHA256 f0d8d127397c577c2198d5220fe9fff53431a279506ac49560737c1ae7db2705
Certificate Info
Issuer Google Trust Services LLC
Subject lightdl.xyz
Fingerprint 5D:FC:B6:9A:2C:A8:E4:6C:7B:F5:B2:ED:9A:C2:5F:F4:15:78:BF:01
Validity Tue, 19 Dec 2023 16:34:42 GMT - Mon, 18 Mar 2024 16:34:41 GMT
GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: lightdl.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=EGd7UjLMaiBbEd9SQ3HVs4oYlaH4rhWC26McBt6gE2k-1707690716-1-AW5aGNBVBDF5aJ6u0zQaLWKx3YSQL5DMeE+JO2J++exoZnKtppDbBoHN5d8g41O5Q7jlwoAF3vVoyM11yCCWWN4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Sun, 11 Feb 2024 22:32:06 GMT
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js
vary: accept-encoding
cache-control: max-age=300, public
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l6bvizAiwKA8yubUoR%2Fckbhs4KzIkn%2FGX1OJwpP8Z%2FSGSyP7I8irsspOJAqrKVG%2FG5BPDcM3xtVO7ct3dxQd4Ll1if6tXgQ4C0TDF1OmgAonOXoF6yV3lurorEV7Rw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 85400bc1cacfb515-OSL
alt-svc: h3=":443"; ma=86400
GET 6.adsco.re/
200 OK 0 B IP / ASN
104.17.167.186
#13335 CLOUDFLARENET
Requested by https://lightdl.xyz/
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5606313
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Sectigo Limited
Subject *.adsco.re
Fingerprint 40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73
Validity Sat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://c.adsco.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 11 Feb 2024 22:32:08 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: *
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 85400bd00e2f1c12-OSL
alt-svc: h3=":443"; ma=86400
GET lightdl.xyz/wp-content/uploads/2024/01/Belgravia-The-Next-Chapter-2024-218x150.png
200 OK 58 kB URL
lightdl.xyz/wp-content/uploads/2024/01/Belgravia-The-Next-Chapter-2024-218x150.png
IP / ASN
172.67.213.158
#13335 CLOUDFLARENET
Requested by https://lightdl.xyz/
Resource Info
File type PNG image data, 218 x 150, 8-bit/color RGBA, non-interlaced
First Seen 2024-08-20
Last Seen 2024-08-20
Times Seen 1
Size 58 kB (58375 bytes)
MD5 52692d1068c25d5ea381e695662a496c
SHA1 71436a940159693d4a68e0a1f602217743948379
SHA256 2e53d3743052267bc0b77034f0dbfd4433b7fd33ce49f5a85b0aa880d4ed61a4
Certificate Info
Issuer Google Trust Services LLC
Subject lightdl.xyz
Fingerprint 5D:FC:B6:9A:2C:A8:E4:6C:7B:F5:B2:ED:9A:C2:5F:F4:15:78:BF:01
Validity Tue, 19 Dec 2023 16:34:42 GMT - Mon, 18 Mar 2024 16:34:41 GMT
GET /wp-content/uploads/2024/01/Belgravia-The-Next-Chapter-2024-218x150.png HTTP/1.1
Host: lightdl.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Cookie: cf_clearance=GjAejpMsjC72BZLZLVu2H38tFm6mlq8uCBdSwQRTJ9k-1707690727-1-AXNzfGzB1nCE2c7tt9MyUTX8JvcXbWjB6nQQg8M7ygfOinPIkvhAZgRNmwADL4QEkxFbpipIB+VYg9467mQNP/w=; dom3ic8zudi28v8lr6fgphwffqoz0j6c=230feca4-4d8d-43e3-8819-424282ec869d%3A2%3A1; pp_main_285df780ad9f1ead33467ba105295e80=1; sb_main_fa0c46a46b8bf033ac65bc5cabeebf34=1; sb_count_fa0c46a46b8bf033ac65bc5cabeebf34=1; a=BTPtQPLvWSmunr8sJLGoCwcGLvtrVVx5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 11 Feb 2024 22:32:08 GMT
content-type: image/png
content-length: 58375
last-modified: Mon, 15 Jan 2024 23:00:59 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 5756
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mUb3wYxkc%2BRruNc%2BoG%2BQuQEELRNk%2BhfCRJ4xUnBm6qzdlYPYSOI%2FmRnQKqJM2i3moJTt2iiwAggDSvz9rwK21nOOyWE74tLVlT3bIJnKdvvsLhsVy6RQn8a0sBEoVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 85400bd03a88b515-OSL
alt-svc: h3=":443"; ma=86400
GET lightdl.xyz/wp-content/uploads/2024/02/Sexy-Beast-2024-218x150.png
200 OK 69 kB URL
lightdl.xyz/wp-content/uploads/2024/02/Sexy-Beast-2024-218x150.png
IP / ASN
172.67.213.158
#13335 CLOUDFLARENET
Requested by https://lightdl.xyz/
Resource Info
File type PNG image data, 218 x 150, 8-bit/color RGBA, non-interlaced
First Seen 2024-02-11
Last Seen 2024-08-20
Times Seen 2
Size 69 kB (68745 bytes)
MD5 ecc4b1339c1395c974f24a32fa3ba7fb
SHA1 a5f5405788b9461162745c263fa58b81eea4761f
SHA256 18f487cedea64e6c96cdeb5200f6c9e555b0fc46f056f7f068e5841bcbcf0e18
Certificate Info
Issuer Google Trust Services LLC
Subject lightdl.xyz
Fingerprint 5D:FC:B6:9A:2C:A8:E4:6C:7B:F5:B2:ED:9A:C2:5F:F4:15:78:BF:01
Validity Tue, 19 Dec 2023 16:34:42 GMT - Mon, 18 Mar 2024 16:34:41 GMT
GET /wp-content/uploads/2024/02/Sexy-Beast-2024-218x150.png HTTP/1.1
Host: lightdl.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Cookie: cf_clearance=GjAejpMsjC72BZLZLVu2H38tFm6mlq8uCBdSwQRTJ9k-1707690727-1-AXNzfGzB1nCE2c7tt9MyUTX8JvcXbWjB6nQQg8M7ygfOinPIkvhAZgRNmwADL4QEkxFbpipIB+VYg9467mQNP/w=; dom3ic8zudi28v8lr6fgphwffqoz0j6c=230feca4-4d8d-43e3-8819-424282ec869d%3A2%3A1; pp_main_285df780ad9f1ead33467ba105295e80=1; sb_main_fa0c46a46b8bf033ac65bc5cabeebf34=1; sb_count_fa0c46a46b8bf033ac65bc5cabeebf34=1; a=BTPtQPLvWSmunr8sJLGoCwcGLvtrVVx5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 11 Feb 2024 22:32:09 GMT
content-type: image/png
content-length: 68745
last-modified: Sat, 10 Feb 2024 11:14:26 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 5756
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PUuRRS7jphFS03C4yznrlIlul8PnvhvcPvVFN72%2Fi3TXGm8ZgJOy4okSRfiXtFy2Up9p6A%2Bg4hXdC2r9A5BdzxGGUwSAAm4FauQjZn6Hjj%2FFxcrHILvR9v06tqCeLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 85400bd03a8cb515-OSL
alt-svc: h3=":443"; ma=86400
GET monarchoysterbureau.com/ren.gif?sid=H4sIAAAAAAAC%2F1SST2skVRfGb2Xybl5BUGblMNALFyOYTlV3dXW3sxgcYyQaJ2FmRHdy%2F1Xnmtt1i3urujq9ig7ILBs%2FQeXpZII6yGQngoN0BkQCwrSrLMzGjWuFwZ3SbWPrgapzzn3Ohd8593x6kF%2BQADk9X3vXDJTWdLVR9SvXPgiC65VNleT9Sr8VfRiF1yu291o7qvqvVN6SfNes1vzA9wM%2FqKwrK2PTX52KUOnDdlBt%2B9WwVg0aIfr2v7nLPTjqQfQuyItQYrL8xLsMxcdIuo%2FWpNvNTPrqm91c08xY9MTxe8luYooE3UUYWw9xcjyvhnFP1x%2FDJEczXJjeP4VMTYj3%2FWOw5HgOCdY7nHEyDZmAiedQ9MaQegxFx%2BDmHpR4SgAucGsLSffBLWMLuve3SqfqhCw%2F%2Bx2qmJDlny8j6X51U6t%2B5Y7ReaZM4tCPS6j%2BGKozRpqfIht4UMUpePYJlPiRrD7bRNI93HLaQInzlxu8JqSMgxUZttorYTOQK6zRaKzIZsvnLKzVRSuYDUipMVQ8hpZDUOchn37KQx57yFMPXXFe4UEQNH3Bqd9qc14XTcki4Qe0GQc08KMWcj7tYYgsHYLrIbjdR2r3sauGsPl3cDslnPDgMoKeKFFIgsIRFJSgUARFRlD0yiOhXc2VD4R2OQvmvjb39XJkss4BPTJZRyYE1A4P0gvywmx4f358FbvyvBJTn4cRDSPWYrFfr1MeNRhvcMqkZHE9hFMllFuatTpQE%2FLS%2Fw1SNSH%2F%2B%2BNrMHoKp0%2FBlQeaXwUtRs2aD7ozCls%2BBsmJVp2dTJgi0YaKan9vAGFKpNkysj3vQF%2BQKzOYja0TSH5245f6zMBtidSW%2BEg9Iejo%2B6PbpiCHt03hyMlWmqmuGtDpK9%2FJaCYvffGO3CuMFRtrbvj563wqTMOHd6XLNmkiVNJx5MubSghp143lkny74d6XbDt3Ozdzm%2BTp5vYb6xvd1ErnlEnGoNOF%2Fc2Cqwl5%2Fsrd2QJf%2B2Ybyo5h8xLd%2FIzMDcqMwdN9uHTB7wyB1Ysalnoo8nJka2xxqBWBloucshLuXzlbxCNLp7epKg%2FcfXTsEmh2D0m3RM%2BW6OkSVA%2Fh8kujLLVnN36aYzC9NGLaLh0ybfVnszFPf4%2Fg1HmlWa%2F7NGo3gmaTyiYLa604CgSltTCqRRGtI3MT%2BcPbv%2F4FAAD%2F%2FwEAAP%2F%2FsTPIopoEAAA%3D
200 OK 7 B URL
monarchoysterbureau.com/ren.gif?sid=H4sIAAAAAAAC%2F1SST2skVRfGb2Xybl5BUGblMNALFyOYTlV3dXW3sxgcYyQaJ2FmRHdy%2F1Xnmtt1i3urujq9ig7ILBs%2FQeXpZII6yGQngoN0BkQCwrSrLMzGjWuFwZ3SbWPrgapzzn3Ohd8593x6kF%2BQADk9X3vXDJTWdLVR9SvXPgiC65VNleT9Sr8VfRiF1yu291o7qvqvVN6SfNes1vzA9wM%2FqKwrK2PTX52KUOnDdlBt%2B9WwVg0aIfr2v7nLPTjqQfQuyItQYrL8xLsMxcdIuo%2FWpNvNTPrqm91c08xY9MTxe8luYooE3UUYWw9xcjyvhnFP1x%2FDJEczXJjeP4VMTYj3%2FWOw5HgOCdY7nHEyDZmAiedQ9MaQegxFx%2BDmHpR4SgAucGsLSffBLWMLuve3SqfqhCw%2F%2Bx2qmJDlny8j6X51U6t%2B5Y7ReaZM4tCPS6j%2BGKozRpqfIht4UMUpePYJlPiRrD7bRNI93HLaQInzlxu8JqSMgxUZttorYTOQK6zRaKzIZsvnLKzVRSuYDUipMVQ8hpZDUOchn37KQx57yFMPXXFe4UEQNH3Bqd9qc14XTcki4Qe0GQc08KMWcj7tYYgsHYLrIbjdR2r3sauGsPl3cDslnPDgMoKeKFFIgsIRFJSgUARFRlD0yiOhXc2VD4R2OQvmvjb39XJkss4BPTJZRyYE1A4P0gvywmx4f358FbvyvBJTn4cRDSPWYrFfr1MeNRhvcMqkZHE9hFMllFuatTpQE%2FLS%2Fw1SNSH%2F%2B%2BNrMHoKp0%2FBlQeaXwUtRs2aD7ozCls%2BBsmJVp2dTJgi0YaKan9vAGFKpNkysj3vQF%2BQKzOYja0TSH5245f6zMBtidSW%2BEg9Iejo%2B6PbpiCHt03hyMlWmqmuGtDpK9%2FJaCYvffGO3CuMFRtrbvj563wqTMOHd6XLNmkiVNJx5MubSghp143lkny74d6XbDt3Ozdzm%2BTp5vYb6xvd1ErnlEnGoNOF%2Fc2Cqwl5%2Fsrd2QJf%2B2Ybyo5h8xLd%2FIzMDcqMwdN9uHTB7wyB1Ysalnoo8nJka2xxqBWBloucshLuXzlbxCNLp7epKg%2FcfXTsEmh2D0m3RM%2BW6OkSVA%2Fh8kujLLVnN36aYzC9NGLaLh0ybfVnszFPf4%2Fg1HmlWa%2F7NGo3gmaTyiYLa604CgSltTCqRRGtI3MT%2BcPbv%2F4FAAD%2F%2FwEAAP%2F%2FsTPIopoEAAA%3D
IP / ASN
172.240.108.68
#7979 SERVERS-COM
Requested by https://lightdl.xyz/
Resource Info
File type ASCII text, with no line terminators
First Seen 2023-04-05
Last Seen 2025-08-02
Times Seen 19107
Size 7 B (7 bytes)
MD5 132d6af1b46048b45cf86cdee7991d31
SHA1 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
SHA256 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Certificate Info
Issuer Let's Encrypt
Subject monarchoysterbureau.com
Fingerprint 6C:50:BC:D1:6B:D6:3C:E0:62:95:9A:9E:6D:D9:7A:D3:77:E3:EC:90
Validity Mon, 05 Feb 2024 17:38:51 GMT - Sun, 05 May 2024 17:38:50 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1SST2skVRfGb2Xybl5BUGblMNALFyOYTlV3dXW3sxgcYyQaJ2FmRHdy%2F1Xnmtt1i3urujq9ig7ILBs%2FQeXpZII6yGQngoN0BkQCwrSrLMzGjWuFwZ3SbWPrgapzzn3Ohd8593x6kF%2BQADk9X3vXDJTWdLVR9SvXPgiC65VNleT9Sr8VfRiF1yu291o7qvqvVN6SfNes1vzA9wM%2FqKwrK2PTX52KUOnDdlBt%2B9WwVg0aIfr2v7nLPTjqQfQuyItQYrL8xLsMxcdIuo%2FWpNvNTPrqm91c08xY9MTxe8luYooE3UUYWw9xcjyvhnFP1x%2FDJEczXJjeP4VMTYj3%2FWOw5HgOCdY7nHEyDZmAiedQ9MaQegxFx%2BDmHpR4SgAucGsLSffBLWMLuve3SqfqhCw%2F%2Bx2qmJDlny8j6X51U6t%2B5Y7ReaZM4tCPS6j%2BGKozRpqfIht4UMUpePYJlPiRrD7bRNI93HLaQInzlxu8JqSMgxUZttorYTOQK6zRaKzIZsvnLKzVRSuYDUipMVQ8hpZDUOchn37KQx57yFMPXXFe4UEQNH3Bqd9qc14XTcki4Qe0GQc08KMWcj7tYYgsHYLrIbjdR2r3sauGsPl3cDslnPDgMoKeKFFIgsIRFJSgUARFRlD0yiOhXc2VD4R2OQvmvjb39XJkss4BPTJZRyYE1A4P0gvywmx4f358FbvyvBJTn4cRDSPWYrFfr1MeNRhvcMqkZHE9hFMllFuatTpQE%2FLS%2Fw1SNSH%2F%2B%2BNrMHoKp0%2FBlQeaXwUtRs2aD7ozCls%2BBsmJVp2dTJgi0YaKan9vAGFKpNkysj3vQF%2BQKzOYja0TSH5245f6zMBtidSW%2BEg9Iejo%2B6PbpiCHt03hyMlWmqmuGtDpK9%2FJaCYvffGO3CuMFRtrbvj563wqTMOHd6XLNmkiVNJx5MubSghp143lkny74d6XbDt3Ozdzm%2BTp5vYb6xvd1ErnlEnGoNOF%2Fc2Cqwl5%2Fsrd2QJf%2B2Ybyo5h8xLd%2FIzMDcqMwdN9uHTB7wyB1Ysalnoo8nJka2xxqBWBloucshLuXzlbxCNLp7epKg%2FcfXTsEmh2D0m3RM%2BW6OkSVA%2Fh8kujLLVnN36aYzC9NGLaLh0ybfVnszFPf4%2Fg1HmlWa%2F7NGo3gmaTyiYLa604CgSltTCqRRGtI3MT%2BcPbv%2F4FAAD%2F%2FwEAAP%2F%2FsTPIopoEAAA%3D HTTP/1.1
Host: monarchoysterbureau.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Cookie: u_pl=16744733; uid_id2=5c2deef1-e489-471e-b555-e780cb423d81:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 11 Feb 2024 22:32:09 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f23a2cab2fce7d3cb3ed85f02bf62ad7
Strict-Transport-Security: max-age=0; includeSubdomains
GET lightdl.xyz/wp-content/uploads/2023/02/Not-Dead-Yet-2023.png
200 OK 457 kB URL
lightdl.xyz/wp-content/uploads/2023/02/Not-Dead-Yet-2023.png
IP / ASN
172.67.213.158
#13335 CLOUDFLARENET
Requested by https://lightdl.xyz/
Resource Info
File type PNG image data, 471 x 589, 8-bit/color RGBA, non-interlaced
First Seen 2024-02-11
Last Seen 2024-08-20
Times Seen 2
Size 457 kB (456568 bytes)
MD5 d539d8337a0b9ada45be4c33b8673924
SHA1 8e7329fc772d2929b0e92091014b1d1abd031395
SHA256 785b69a2d380fde7f0273713d40702ff1210aa77baac120a16e87b3f3ce2aff5
Certificate Info
Issuer Google Trust Services LLC
Subject lightdl.xyz
Fingerprint 5D:FC:B6:9A:2C:A8:E4:6C:7B:F5:B2:ED:9A:C2:5F:F4:15:78:BF:01
Validity Tue, 19 Dec 2023 16:34:42 GMT - Mon, 18 Mar 2024 16:34:41 GMT
GET /wp-content/uploads/2023/02/Not-Dead-Yet-2023.png HTTP/1.1
Host: lightdl.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Cookie: cf_clearance=GjAejpMsjC72BZLZLVu2H38tFm6mlq8uCBdSwQRTJ9k-1707690727-1-AXNzfGzB1nCE2c7tt9MyUTX8JvcXbWjB6nQQg8M7ygfOinPIkvhAZgRNmwADL4QEkxFbpipIB+VYg9467mQNP/w=; dom3ic8zudi28v8lr6fgphwffqoz0j6c=230feca4-4d8d-43e3-8819-424282ec869d%3A2%3A1; pp_main_285df780ad9f1ead33467ba105295e80=1; sb_main_fa0c46a46b8bf033ac65bc5cabeebf34=1; sb_count_fa0c46a46b8bf033ac65bc5cabeebf34=1; a=BTPtQPLvWSmunr8sJLGoCwcGLvtrVVx5; pbpr0tpuw4isk85t8yg3jb2lj5vqf=monarchoysterbureau.com
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 11 Feb 2024 22:32:09 GMT
content-type: image/png
content-length: 456568
last-modified: Mon, 13 Feb 2023 16:17:35 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 5757
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lNrQvC5lwiRpJkSEJGLIz4xWjeyYb7He%2BeiAuZ7S7uTdLhN7vDcb0VGjQiURncd%2FK08VKOB4vQ44qRumoM67QR%2BJRSCbx9TQxixfuSKWvdT%2FrvcT2jQPTrRb6k49%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 85400bd0db4cb515-OSL
alt-svc: h3=":443"; ma=86400
GET monarchoysterbureau.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F0c%2Fc8%2Fe1%2F0cc8e13ba9d5dbc867b982993e805a9d%2F1632728593.html&l=1325&fd=262
200 OK 0 B URL
monarchoysterbureau.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F0c%2Fc8%2Fe1%2F0cc8e13ba9d5dbc867b982993e805a9d%2F1632728593.html&l=1325&fd=262
IP / ASN
172.240.108.68
#7979 SERVERS-COM
Requested by https://lightdl.xyz/
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5606313
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject monarchoysterbureau.com
Fingerprint 6C:50:BC:D1:6B:D6:3C:E0:62:95:9A:9E:6D:D9:7A:D3:77:E3:EC:90
Validity Mon, 05 Feb 2024 17:38:51 GMT - Sun, 05 May 2024 17:38:50 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F0c%2Fc8%2Fe1%2F0cc8e13ba9d5dbc867b982993e805a9d%2F1632728593.html&l=1325&fd=262 HTTP/1.1
Host: monarchoysterbureau.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Cookie: u_pl=16744733; uid_id2=5c2deef1-e489-471e-b555-e780cb423d81:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 11 Feb 2024 22:32:09 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
POST adsco.re/p
200 OK 812 B IP / ASN
162.252.214.5
#53334 TUT-AS
Requested by https://lightdl.xyz/
Resource Info
File type ASCII text, with very long lines (1020), with no line terminators
First Seen 2024-08-20
Last Seen 2024-08-20
Times Seen 1
Size 812 B (812 bytes)
MD5 70640e08ab8c3a7f3d072d9185fadad7
SHA1 1c64457838c308613cc8073f958f2c1cf31620e9
SHA256 7a409fec03bb76ec7003376608d446e0f418cd2a82eda48518cd750092c54233
Certificate Info
Issuer Sectigo Limited
Subject *.adsco.re
Fingerprint 40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73
Validity Sat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2382
Origin: https://lightdl.xyz
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 11 Feb 2024 22:32:09 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Accept-CH: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
Access-Control-Allow-Origin: https://lightdl.xyz
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
GET cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/img/close.png
200 OK 591 B URL
cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/img/close.png
IP / ASN
172.64.161.4
#13335 CLOUDFLARENET
Requested by https://lightdl.xyz/
Resource Info
File type PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced
First Seen 2023-04-11
Last Seen 2025-08-02
Times Seen 2563
Size 591 B (591 bytes)
MD5 9fd5bcb6103d86e317bd1eb019bcbe71
SHA1 6b5a52ea669dcb74946f2bed4bdd7ec985026113
SHA256 0ddd3be104ac7945fb062096df62034a6a24ecc76ba92493c35c62c3c25982ae
Certificate Info
Issuer Google Trust Services LLC
Subject creative-bars1.com
Fingerprint 49:C8:A4:CE:31:56:FC:06:71:93:06:7A:69:DD:ED:B2:EF:C9:41:97
Validity Tue, 19 Dec 2023 15:02:46 GMT - Mon, 18 Mar 2024 15:02:45 GMT
GET /sb/ssp/vpn/classic-push/small/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 11 Feb 2024 22:32:09 GMT
content-type: image/png
content-length: 591
last-modified: Tue, 21 Sep 2021 12:03:43 GMT
etag: "6149ca1f-24f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 8253012
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jJYDjcy9wSmJTLhzVSYkpeK6RhwBufGQ%2FgwnyO%2B%2FZuirbQiYzOdZytisP7b7mko3fQ%2FXuXYJ6viNqC88Dr272B6cv8e3sQV3UNQwLPngRzuM4RGf9nfyjVhS35G%2FUtfOdbai5rtQY3kV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 85400bd3ffbc652d-LHR
alt-svc: h3=":443"; ma=86400
POST txyqowlptfmn.s4.adsco.re/
200 OK 0 B URL
txyqowlptfmn.s4.adsco.re/
IP / ASN
185.200.116.51
#9009 M247 Europe SRL
Requested by https://lightdl.xyz/
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5606313
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject *.s4.adsco.re
Fingerprint AE:19:09:85:8B:22:B4:A7:C6:B6:F4:46:86:9E:DC:E1:FC:4A:0E:54
Validity Fri, 19 Jan 2024 09:12:31 GMT - Thu, 18 Apr 2024 09:12:30 GMT
POST / HTTP/1.1
Host: txyqowlptfmn.s4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://lightdl.xyz
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 11 Feb 2024 22:32:09 GMT
content-type: text/html
content-length: 0
last-modified: Tue, 03 Oct 2023 13:29:59 GMT
etag: "651c1757-0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2
GET cdn.cloudimagesb.com/si/07/9c/1b/079c1b9b48633e3ef398faef0739f24f/1701651986.png
200 OK 16 kB URL
cdn.cloudimagesb.com/si/07/9c/1b/079c1b9b48633e3ef398faef0739f24f/1701651986.png
IP / ASN
45.133.44.10
#39572 DataWeb Global Group B.V.
Requested by https://lightdl.xyz/
Resource Info
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
First Seen 2023-12-04
Last Seen 2025-08-02
Times Seen 706
Size 16 kB (16093 bytes)
MD5 14cf262fabfd850855c42847d14fe775
SHA1 2fafa28f167f018a0fb1f261f47380c8810803c9
SHA256 972004ebada4077c3a4d03dcb45175ea467faf54da72be727a1c5c75e688b8af
Certificate Info
Issuer Let's Encrypt
Subject cdn.cloudimagesb.com
Fingerprint 71:38:53:46:20:AD:CB:67:E9:56:B6:72:8C:A7:4C:60:7B:37:35:13
Validity Mon, 22 Jan 2024 05:00:36 GMT - Sun, 21 Apr 2024 05:00:35 GMT
GET /si/07/9c/1b/079c1b9b48633e3ef398faef0739f24f/1701651986.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 11 Feb 2024 22:32:09 GMT
content-type: image/png
content-length: 16093
server: nginx/1.21.6
last-modified: Mon, 04 Dec 2023 01:06:35 GMT
etag: "656d261b-3edd"
expires: Tue, 13 Feb 2024 22:32:09 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
GET cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/css/animate.css
200 OK 5.6 kB URL
cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/css/animate.css
IP / ASN
172.64.161.4
#13335 CLOUDFLARENET
Requested by https://lightdl.xyz/
Resource Info
File type ASCII text
First Seen 2024-01-20
Last Seen 2025-08-02
Times Seen 4044
Size 5.6 kB (5586 bytes)
MD5 3d4123dbfb33d27a5cfdfcfa91df6783
SHA1 e7d0eeeec54b848f0bc3da8685fa3bc88429d660
SHA256 cb7d1393b65701b2f97d8da244c2c6023e9cbc3463ecb0136b915cfc775c6887
Certificate Info
Issuer Google Trust Services LLC
Subject creative-bars1.com
Fingerprint 49:C8:A4:CE:31:56:FC:06:71:93:06:7A:69:DD:ED:B2:EF:C9:41:97
Validity Tue, 19 Dec 2023 15:02:46 GMT - Mon, 18 Mar 2024 15:02:45 GMT
GET /sb/ssp/vpn/classic-push/small/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lightdl.xyz
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 11 Feb 2024 22:32:09 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:19:42 GMT
etag: W/"65aa84fe-13361"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 124550
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xyOhfM9jWc6VD9%2BnD9J9ixn811uKPIsoTj0%2FdZvSMs2txt2q1j7wTaAJNSIlEpY8u6JEeir6tPyGU7jloJbzcldUvzsJmHYvyJrZtR7Ak6mVlTZYTImaGDF3Qv4OyQTdQYM3qfxvzqed"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 85400bd30bc9640a-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET monarchoysterbureau.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fanimate.css&l=78689&fd=129
200 OK 0 B URL
monarchoysterbureau.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fanimate.css&l=78689&fd=129
IP / ASN
172.240.108.92
#7979 SERVERS-COM
Requested by https://lightdl.xyz/
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5606313
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject monarchoysterbureau.com
Fingerprint 6C:50:BC:D1:6B:D6:3C:E0:62:95:9A:9E:6D:D9:7A:D3:77:E3:EC:90
Validity Mon, 05 Feb 2024 17:38:51 GMT - Sun, 05 May 2024 17:38:50 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fanimate.css&l=78689&fd=129 HTTP/1.1
Host: monarchoysterbureau.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Cookie: u_pl=16744733; uid_id2=5c2deef1-e489-471e-b555-e780cb423d81:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 11 Feb 2024 22:32:09 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
GET cdn.barscreative1.com/sb/au/0c/c8/e1/0cc8e13ba9d5dbc867b982993e805a9d/1632728593.html
200 OK 376 kB URL
cdn.barscreative1.com/sb/au/0c/c8/e1/0cc8e13ba9d5dbc867b982993e805a9d/1632728593.html
IP / ASN
45.133.44.3
#39572 DataWeb Global Group B.V.
Requested by https://lightdl.xyz/
Resource Info
File type gzip compressed data, from Unix
First Seen 2024-08-20
Last Seen 2024-08-20
Times Seen 1
Size 376 kB (376401 bytes)
MD5 3b4f9a83e5c7bf3152ccba94c19ed34c
SHA1 6c267f73d56688b66fa31a547828b0a056f99a9b
SHA256 a64382044c7f1a8869df78fe7666545a07b1600d9413be16e6d439d03d8f542d
Certificate Info
Issuer Let's Encrypt
Subject cdn.barscreative1.com
Fingerprint 0F:4E:8E:BE:C9:40:4B:09:BB:C5:73:C2:49:28:4D:F3:D4:95:2F:A3
Validity Wed, 10 Jan 2024 03:01:07 GMT - Tue, 09 Apr 2024 03:01:06 GMT
GET /sb/au/0c/c8/e1/0cc8e13ba9d5dbc867b982993e805a9d/1632728593.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lightdl.xyz
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 11 Feb 2024 22:32:09 GMT
content-type: text/html; charset=utf-8
server: nginx/1.21.6
last-modified: Mon, 27 Sep 2021 07:43:24 GMT
etag: W/"6151761c-52d"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Sun, 11 Feb 2024 23:32:09 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
GET cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/js/script.js
200 OK 341 B URL
cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/js/script.js
IP / ASN
172.64.161.4
#13335 CLOUDFLARENET
Requested by https://lightdl.xyz/
Resource Info
File type ASCII text
First Seen 2023-06-25
Last Seen 2025-08-02
Times Seen 671
Size 341 B (341 bytes)
MD5 0013fbb3bd9e7300fa1bc9f62501dcf0
SHA1 447e4a8994979e2e158b9beff79b94e7d1b29508
SHA256 4cf18df81115ddab6967dc82096077ee024223dac3c6ffc9b810bffb7780a20e
Certificate Info
Issuer Google Trust Services LLC
Subject creative-bars1.com
Fingerprint 49:C8:A4:CE:31:56:FC:06:71:93:06:7A:69:DD:ED:B2:EF:C9:41:97
Validity Tue, 19 Dec 2023 15:02:46 GMT - Mon, 18 Mar 2024 15:02:45 GMT
GET /sb/ssp/vpn/classic-push/small/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lightdl.xyz
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 11 Feb 2024 22:32:09 GMT
content-type: application/javascript
last-modified: Fri, 19 Jan 2024 14:19:42 GMT
etag: W/"65aa84fe-3c2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 124549
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RwSmA5HTO2pDBIOKz93sMhKNEJUwj4sWzVsKXfmH7o819qdzcu5HuwVBuAijZ17f8TN6YoR9mJTGJffgJ99oZnTBMv%2FyDgnfQ6b0TAXw3W9%2FGju40b0JvWf%2FdmpuXR%2BY1%2B9po7LfAA%2Bo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 85400bd599be652d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET cdn4ads.com/nbmsklrwcohwap?FLUCKglX=BQLyAAAAAAAACZUAAowB2qhRPOUUuae9zHro8Y9JXSUbOmQW-VTbpswi82t_7mu_XbhFub7V-0NPhaTtbfyz2eZ8LMEB4v_CpTIXfs0LKrhGQaiSuSYGODp47Xb7gsTFO0idbeRCWuLc-4fdnBTgtl6BBF2LFKrJwG53Jqyt8XPJ5rMbtnZ1xF3yRU4wL9wUBBhTgM8nLR952kOIE7zf5C2DH05dfti3bKBk-_hfgChedPJ7DhGn2WDixct4OOUoyn_msg2YG9OQwHo2l1zOYqdixWxkbtc8uoH_QRHizN6TXe-14R7W1Q7mPXtHDXLQgvYAYGbtoFsGn3OpKZ2w_LTI9ZNY_2S3Fn0QcawG1NVzcejpxkx2o-ZV1GHbJQHrrIaAw2RTYpy5_uF8Ui5_8cXYhRJDK9O002buD4n91qgwQbH4gmRaYbcdf9diq4wKJUk_uJpovwzQuwXqcvRgi0k2F_-Ux_JbEyK3L3YvW1FWkYEjDV2f3eF92kO11xbfDPMydbCa0wqaYPW0Dv8XXTvAnvfRLFnKvh7ZtdCVFuTkcGDPdqEgnmc7gsf4tT69JLHpC1G0oiuTcCebq_4xodSW7Iy58X_Oh3ifH6YXFMq0XMK_dKO4gEs-Y0Shmb6ECG0ciCKT98ghWLaHi0CsJztAdB-Stnb0mPt0bD42BpwJ7O0npirrwTCpUtpiOSCIuy4eLm8l5jKZD3q0cHfmoffLXyYGT7yHpVY2x9jlPxtvbBr8bpt4sAxNlI12zuJp-3vhf8ZHcWoG1Qthphjo7v7Nw4IiFrOuPtb9GWYLdyHwm-GuvUIxoX4itNFwriTBeDv1sRuxhJD2GqoDKYBycAs31y_Yl_zNDDaKfqmBMzvwh498IHZN5u-2NY5vtN3FkRzrEF58Vpwg0KBWSN5AZm21YBXrBi8tcz1Rr2aA5IxmspbrA7tzmZpIVufIUJZT6mBN9ltlG1bO8GBQc1mrUP0LEEwWSjDlravdYTFkPK3lrlJVn1R3NbELAk0a&tuvCUmAf=4&tocqlPUm=2035086&YXSFTkOM=&ktRbmuLN=0,0&RfitPOuz=&SnENmKLl=https%3A%2F%2Flightdl.xyz%2F%3F__cf_chl_tk%3DY4eWb9LMhxOoobGVb7pPpNfUoZmMXI8umM2t3UuFTCE-1707690716-0-3280&vnofBzbD=1280,1024,1,1280,1024,0
200 OK 929 B URL
cdn4ads.com/nbmsklrwcohwap?FLUCKglX=BQLyAAAAAAAACZUAAowB2qhRPOUUuae9zHro8Y9JXSUbOmQW-VTbpswi82t_7mu_XbhFub7V-0NPhaTtbfyz2eZ8LMEB4v_CpTIXfs0LKrhGQaiSuSYGODp47Xb7gsTFO0idbeRCWuLc-4fdnBTgtl6BBF2LFKrJwG53Jqyt8XPJ5rMbtnZ1xF3yRU4wL9wUBBhTgM8nLR952kOIE7zf5C2DH05dfti3bKBk-_hfgChedPJ7DhGn2WDixct4OOUoyn_msg2YG9OQwHo2l1zOYqdixWxkbtc8uoH_QRHizN6TXe-14R7W1Q7mPXtHDXLQgvYAYGbtoFsGn3OpKZ2w_LTI9ZNY_2S3Fn0QcawG1NVzcejpxkx2o-ZV1GHbJQHrrIaAw2RTYpy5_uF8Ui5_8cXYhRJDK9O002buD4n91qgwQbH4gmRaYbcdf9diq4wKJUk_uJpovwzQuwXqcvRgi0k2F_-Ux_JbEyK3L3YvW1FWkYEjDV2f3eF92kO11xbfDPMydbCa0wqaYPW0Dv8XXTvAnvfRLFnKvh7ZtdCVFuTkcGDPdqEgnmc7gsf4tT69JLHpC1G0oiuTcCebq_4xodSW7Iy58X_Oh3ifH6YXFMq0XMK_dKO4gEs-Y0Shmb6ECG0ciCKT98ghWLaHi0CsJztAdB-Stnb0mPt0bD42BpwJ7O0npirrwTCpUtpiOSCIuy4eLm8l5jKZD3q0cHfmoffLXyYGT7yHpVY2x9jlPxtvbBr8bpt4sAxNlI12zuJp-3vhf8ZHcWoG1Qthphjo7v7Nw4IiFrOuPtb9GWYLdyHwm-GuvUIxoX4itNFwriTBeDv1sRuxhJD2GqoDKYBycAs31y_Yl_zNDDaKfqmBMzvwh498IHZN5u-2NY5vtN3FkRzrEF58Vpwg0KBWSN5AZm21YBXrBi8tcz1Rr2aA5IxmspbrA7tzmZpIVufIUJZT6mBN9ltlG1bO8GBQc1mrUP0LEEwWSjDlravdYTFkPK3lrlJVn1R3NbELAk0a&tuvCUmAf=4&tocqlPUm=2035086&YXSFTkOM=&ktRbmuLN=0,0&RfitPOuz=&SnENmKLl=https%3A%2F%2Flightdl.xyz%2F%3F__cf_chl_tk%3DY4eWb9LMhxOoobGVb7pPpNfUoZmMXI8umM2t3UuFTCE-1707690716-0-3280&vnofBzbD=1280,1024,1,1280,1024,0
IP / ASN
216.59.63.128
#53334 TUT-AS
Requested by https://lightdl.xyz/
Resource Info
File type JavaScript source, ASCII text, with very long lines (977)
First Seen 2024-08-20
Last Seen 2024-08-20
Times Seen 1
Size 929 B (929 bytes)
MD5 30813cd248bb550b023e5e625d797e4d
SHA1 c22b1c09169f2bda53a7728e31d6ee39be289b07
SHA256 c37e1fa2f057ec47032a9c362a677a1b151e56a86856e825575613b96ecc2a96
Certificate Info
Issuer Sectigo Limited
Subject cdn4ads.com
Fingerprint 68:D8:58:BD:34:E8:B3:D8:CA:10:F2:9A:EA:B3:4E:27:B5:5C:87:B1
Validity Mon, 14 Aug 2023 00:00:00 GMT - Fri, 13 Sep 2024 23:59:59 GMT
GET /nbmsklrwcohwap?FLUCKglX=BQLyAAAAAAAACZUAAowB2qhRPOUUuae9zHro8Y9JXSUbOmQW-VTbpswi82t_7mu_XbhFub7V-0NPhaTtbfyz2eZ8LMEB4v_CpTIXfs0LKrhGQaiSuSYGODp47Xb7gsTFO0idbeRCWuLc-4fdnBTgtl6BBF2LFKrJwG53Jqyt8XPJ5rMbtnZ1xF3yRU4wL9wUBBhTgM8nLR952kOIE7zf5C2DH05dfti3bKBk-_hfgChedPJ7DhGn2WDixct4OOUoyn_msg2YG9OQwHo2l1zOYqdixWxkbtc8uoH_QRHizN6TXe-14R7W1Q7mPXtHDXLQgvYAYGbtoFsGn3OpKZ2w_LTI9ZNY_2S3Fn0QcawG1NVzcejpxkx2o-ZV1GHbJQHrrIaAw2RTYpy5_uF8Ui5_8cXYhRJDK9O002buD4n91qgwQbH4gmRaYbcdf9diq4wKJUk_uJpovwzQuwXqcvRgi0k2F_-Ux_JbEyK3L3YvW1FWkYEjDV2f3eF92kO11xbfDPMydbCa0wqaYPW0Dv8XXTvAnvfRLFnKvh7ZtdCVFuTkcGDPdqEgnmc7gsf4tT69JLHpC1G0oiuTcCebq_4xodSW7Iy58X_Oh3ifH6YXFMq0XMK_dKO4gEs-Y0Shmb6ECG0ciCKT98ghWLaHi0CsJztAdB-Stnb0mPt0bD42BpwJ7O0npirrwTCpUtpiOSCIuy4eLm8l5jKZD3q0cHfmoffLXyYGT7yHpVY2x9jlPxtvbBr8bpt4sAxNlI12zuJp-3vhf8ZHcWoG1Qthphjo7v7Nw4IiFrOuPtb9GWYLdyHwm-GuvUIxoX4itNFwriTBeDv1sRuxhJD2GqoDKYBycAs31y_Yl_zNDDaKfqmBMzvwh498IHZN5u-2NY5vtN3FkRzrEF58Vpwg0KBWSN5AZm21YBXrBi8tcz1Rr2aA5IxmspbrA7tzmZpIVufIUJZT6mBN9ltlG1bO8GBQc1mrUP0LEEwWSjDlravdYTFkPK3lrlJVn1R3NbELAk0a&tuvCUmAf=4&tocqlPUm=2035086&YXSFTkOM=&ktRbmuLN=0,0&RfitPOuz=&SnENmKLl=https%3A%2F%2Flightdl.xyz%2F%3F__cf_chl_tk%3DY4eWb9LMhxOoobGVb7pPpNfUoZmMXI8umM2t3UuFTCE-1707690716-0-3280&vnofBzbD=1280,1024,1,1280,1024,0 HTTP/1.1
Host: cdn4ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
asf: 0
cache-control: private, no-store, no-cache, must-revalidate, no-transform, max-age=0
pragma: no-cache
content-type: application/javascript; charset=utf-8
set-cookie: PP_CV=yes; expires=Sun, 11-Feb-2024 23:32:10 GMT; Max-Age=3600
fraudcheck=0374b2db6d300895c88383bbc7392f67; expires=Tue, 12-Mar-2024 22:32:10 GMT; Max-Age=2592000; path=/; domain=.popads.net
PopAds_CF_Pass=1; expires=Mon, 12-Feb-2024 04:32:10 GMT; Max-Age=21600
link: <http://myadsserver.com>;rel=preconnect
content-length: 929
content-encoding: br
vary: Accept-Encoding
date: Sun, 11 Feb 2024 22:32:10 GMT
X-Firefox-Spdy: h2
GET fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
200 OK 16 kB URL
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP / ASN
142.250.74.99
#15169 GOOGLE
Requested by https://lightdl.xyz/
Resource Info
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0
First Seen 2023-04-05
Last Seen 2025-08-02
Times Seen 85155
Size 16 kB (15860 bytes)
MD5 e9f5aaf547f165386cd313b995dddd8e
SHA1 acdef5603c2387b0e5bffd744b679a24a8bc1968
SHA256 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Certificate Info
Issuer Google Trust Services LLC
Subject *.gstatic.com
Fingerprint 9D:25:7E:5C:DF:C3:E5:5B:00:4F:04:97:A3:48:A3:30:60:9A:DB:48
Validity Tue, 09 Jan 2024 06:30:50 GMT - Tue, 02 Apr 2024 06:30:49 GMT
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lightdl.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Feb 2024 18:32:35 GMT
expires: Sat, 08 Feb 2025 18:32:35 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 187175
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP / ASN
142.250.74.99
#15169 GOOGLE
Requested by https://lightdl.xyz/
Resource Info
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
First Seen 2023-04-05
Last Seen 2025-08-02
Times Seen 151637
Size 16 kB (15744 bytes)
MD5 15d9f621c3bd1599f0169dcf0bd5e63e
SHA1 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
SHA256 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Certificate Info
Issuer Google Trust Services LLC
Subject *.gstatic.com
Fingerprint 9D:25:7E:5C:DF:C3:E5:5B:00:4F:04:97:A3:48:A3:30:60:9A:DB:48
Validity Tue, 09 Jan 2024 06:30:50 GMT - Tue, 02 Apr 2024 06:30:49 GMT
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lightdl.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Feb 2024 03:02:52 GMT
expires: Fri, 07 Feb 2025 03:02:52 GMT
cache-control: public, max-age=31536000
age: 329358
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET monarchoysterbureau.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSz2skRRTHq7PxoiAoe3JZmIOHFcyke6bnR9zDYoyRaNyE3RW9Sf3qSZmarqaqe3oyp%2BiC7HHwL%2Bh8J9mgLrK5ieAinQWRgLDjKQdz8eJZYfGmzDg47oPu9159X8HnvXqfH2QXJEBGz9feNwOlNV1uVP3KtY%2BC4HplU8VZv9JvNz9uhtcrtvfGSrPqv1Z5R%2FJds1zzA98P%2FKCyrqyMTH95IkIlD1aC6opfDWvVoBGib5%2FNXebBUQ%2Bid0FehhLjxcfeZSheIu4%2BXJNuNzXJ6293M01TY9ETxx%2FEu7HJY3TnYWQ9RPHxrBrGPVl%2FBBMfTXFhev8VMjUm3o%2BPwOLjGSRY73DKyTRkDCZeQN4rIXUJRUtwcxdKPCEAF7i5hbh7%2F6axOd37V6UTdUwWn%2F4JlY%2FJ4q%2BXEXe%2FWdWqX7ltdJYqEzv0owKqX0J1SiTZKdKBB5WfgqefQYmfyfLTTcTdwy2nDZQ4f7XBa0LKKFiSYXtlKWwFcok1Go0l2Wr7nIW1umgH0wEpVUJFJbQcgjoP2eRTHrLIQ5Z46IrzCg%2BCoOULTv32Cud10ZKsKfyAtqKABn6zjYxPehgiTYbgeghu95HYfeyqIWz2A9xOASc8uJSgJwrkkiB3BDklyBVBnhLkveJIaFdzxX2hXcaCma%2FNfL0YmbRzQI9M2pExAbXDg%2BSCvDQd3t%2BfXsWuPK9E1Odhk4ZN1maRX69T3mww3uCUScmieginCii3MG11oMbklecNEjUmz%2F31LRg9hdOn4MoDza6C5qNWzQfdGYVtH4P4RKvOTipMHmtDRbW%2FN4AwBZJ0Eemed6AvyJUpzMbWCSQ%2Fu%2FFbfWrgtkBiC3yiHhN09L3RLZOTw1smd%2BRkK0lVVw3o5JVvpzSVl756T%2B7lxoqNNTf88k0%2BESbhgzvSpZs0FiruOPL1qhJC2nVjuSTfb7gPJdvO3M5qZuMs2dx%2Ba32jm1jpnDJxCTpZ2D8suBqTF6%2FcmS7wte%2B2oWwJmxXoZmdkZlCmBE%2F24ZI5vzMEVs9rWOIhz4qRrbH5oVYEWs5zygq4%2F%2BVsHo8sndymqjhw99CxC6DpXcTdAj1boKcLUD2Eyy6N0sSe3fhlhsH0wohpu3DItNVfTMc8%2BT2EU%2BeVui9aTEayxWTYCCPJBWs0mM8jzuqi3eZI3Vj%2B9O7v%2FwAAAP%2F%2FAQAA%2F%2F8x5x1KmgQAAA%3D%3D
200 OK 7 B URL
monarchoysterbureau.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSz2skRRTHq7PxoiAoe3JZmIOHFcyke6bnR9zDYoyRaNyE3RW9Sf3qSZmarqaqe3oyp%2BiC7HHwL%2Bh8J9mgLrK5ieAinQWRgLDjKQdz8eJZYfGmzDg47oPu9159X8HnvXqfH2QXJEBGz9feNwOlNV1uVP3KtY%2BC4HplU8VZv9JvNz9uhtcrtvfGSrPqv1Z5R%2FJds1zzA98P%2FKCyrqyMTH95IkIlD1aC6opfDWvVoBGib5%2FNXebBUQ%2Bid0FehhLjxcfeZSheIu4%2BXJNuNzXJ6293M01TY9ETxx%2FEu7HJY3TnYWQ9RPHxrBrGPVl%2FBBMfTXFhev8VMjUm3o%2BPwOLjGSRY73DKyTRkDCZeQN4rIXUJRUtwcxdKPCEAF7i5hbh7%2F6axOd37V6UTdUwWn%2F4JlY%2FJ4q%2BXEXe%2FWdWqX7ltdJYqEzv0owKqX0J1SiTZKdKBB5WfgqefQYmfyfLTTcTdwy2nDZQ4f7XBa0LKKFiSYXtlKWwFcok1Go0l2Wr7nIW1umgH0wEpVUJFJbQcgjoP2eRTHrLIQ5Z46IrzCg%2BCoOULTv32Cud10ZKsKfyAtqKABn6zjYxPehgiTYbgeghu95HYfeyqIWz2A9xOASc8uJSgJwrkkiB3BDklyBVBnhLkveJIaFdzxX2hXcaCma%2FNfL0YmbRzQI9M2pExAbXDg%2BSCvDQd3t%2BfXsWuPK9E1Odhk4ZN1maRX69T3mww3uCUScmieginCii3MG11oMbklecNEjUmz%2F31LRg9hdOn4MoDza6C5qNWzQfdGYVtH4P4RKvOTipMHmtDRbW%2FN4AwBZJ0Eemed6AvyJUpzMbWCSQ%2Fu%2FFbfWrgtkBiC3yiHhN09L3RLZOTw1smd%2BRkK0lVVw3o5JVvpzSVl756T%2B7lxoqNNTf88k0%2BESbhgzvSpZs0FiruOPL1qhJC2nVjuSTfb7gPJdvO3M5qZuMs2dx%2Ba32jm1jpnDJxCTpZ2D8suBqTF6%2FcmS7wte%2B2oWwJmxXoZmdkZlCmBE%2F24ZI5vzMEVs9rWOIhz4qRrbH5oVYEWs5zygq4%2F%2BVsHo8sndymqjhw99CxC6DpXcTdAj1boKcLUD2Eyy6N0sSe3fhlhsH0wohpu3DItNVfTMc8%2BT2EU%2BeVui9aTEayxWTYCCPJBWs0mM8jzuqi3eZI3Vj%2B9O7v%2FwAAAP%2F%2FAQAA%2F%2F8x5x1KmgQAAA%3D%3D
IP / ASN
172.240.108.68
#7979 SERVERS-COM
Requested by https://lightdl.xyz/
Resource Info
File type ASCII text, with no line terminators
First Seen 2023-04-05
Last Seen 2025-08-02
Times Seen 19107
Size 7 B (7 bytes)
MD5 132d6af1b46048b45cf86cdee7991d31
SHA1 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
SHA256 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Certificate Info
Issuer Let's Encrypt
Subject monarchoysterbureau.com
Fingerprint 6C:50:BC:D1:6B:D6:3C:E0:62:95:9A:9E:6D:D9:7A:D3:77:E3:EC:90
Validity Mon, 05 Feb 2024 17:38:51 GMT - Sun, 05 May 2024 17:38:50 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1SSz2skRRTHq7PxoiAoe3JZmIOHFcyke6bnR9zDYoyRaNyE3RW9Sf3qSZmarqaqe3oyp%2BiC7HHwL%2Bh8J9mgLrK5ieAinQWRgLDjKQdz8eJZYfGmzDg47oPu9159X8HnvXqfH2QXJEBGz9feNwOlNV1uVP3KtY%2BC4HplU8VZv9JvNz9uhtcrtvfGSrPqv1Z5R%2FJds1zzA98P%2FKCyrqyMTH95IkIlD1aC6opfDWvVoBGib5%2FNXebBUQ%2Bid0FehhLjxcfeZSheIu4%2BXJNuNzXJ6293M01TY9ETxx%2FEu7HJY3TnYWQ9RPHxrBrGPVl%2FBBMfTXFhev8VMjUm3o%2BPwOLjGSRY73DKyTRkDCZeQN4rIXUJRUtwcxdKPCEAF7i5hbh7%2F6axOd37V6UTdUwWn%2F4JlY%2FJ4q%2BXEXe%2FWdWqX7ltdJYqEzv0owKqX0J1SiTZKdKBB5WfgqefQYmfyfLTTcTdwy2nDZQ4f7XBa0LKKFiSYXtlKWwFcok1Go0l2Wr7nIW1umgH0wEpVUJFJbQcgjoP2eRTHrLIQ5Z46IrzCg%2BCoOULTv32Cud10ZKsKfyAtqKABn6zjYxPehgiTYbgeghu95HYfeyqIWz2A9xOASc8uJSgJwrkkiB3BDklyBVBnhLkveJIaFdzxX2hXcaCma%2FNfL0YmbRzQI9M2pExAbXDg%2BSCvDQd3t%2BfXsWuPK9E1Odhk4ZN1maRX69T3mww3uCUScmieginCii3MG11oMbklecNEjUmz%2F31LRg9hdOn4MoDza6C5qNWzQfdGYVtH4P4RKvOTipMHmtDRbW%2FN4AwBZJ0Eemed6AvyJUpzMbWCSQ%2Fu%2FFbfWrgtkBiC3yiHhN09L3RLZOTw1smd%2BRkK0lVVw3o5JVvpzSVl756T%2B7lxoqNNTf88k0%2BESbhgzvSpZs0FiruOPL1qhJC2nVjuSTfb7gPJdvO3M5qZuMs2dx%2Ba32jm1jpnDJxCTpZ2D8suBqTF6%2FcmS7wte%2B2oWwJmxXoZmdkZlCmBE%2F24ZI5vzMEVs9rWOIhz4qRrbH5oVYEWs5zygq4%2F%2BVsHo8sndymqjhw99CxC6DpXcTdAj1boKcLUD2Eyy6N0sSe3fhlhsH0wohpu3DItNVfTMc8%2BT2EU%2BeVui9aTEayxWTYCCPJBWs0mM8jzuqi3eZI3Vj%2B9O7v%2FwAAAP%2F%2FAQAA%2F%2F8x5x1KmgQAAA%3D%3D HTTP/1.1
Host: monarchoysterbureau.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Cookie: u_pl=16744733; uid_id2=5c2deef1-e489-471e-b555-e780cb423d81:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 11 Feb 2024 22:32:10 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 52624c136c729aa9e55a76388500332a
Strict-Transport-Security: max-age=0; includeSubdomains
GET monarchoysterbureau.com/pixel/sbs?c=1
200 OK 0 B URL
monarchoysterbureau.com/pixel/sbs?c=1
IP / ASN
172.240.108.92
#7979 SERVERS-COM
Requested by https://lightdl.xyz/
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5606313
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject monarchoysterbureau.com
Fingerprint 6C:50:BC:D1:6B:D6:3C:E0:62:95:9A:9E:6D:D9:7A:D3:77:E3:EC:90
Validity Mon, 05 Feb 2024 17:38:51 GMT - Sun, 05 May 2024 17:38:50 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: monarchoysterbureau.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Cookie: u_pl=16744733; uid_id2=5c2deef1-e489-471e-b555-e780cb423d81:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 11 Feb 2024 22:32:10 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
GET lightdl.xyz/wp-content/plugins/td-composer/legacy/Newspaper/js/tdInfiniteLoader.js?ver=12.6.4
200 OK 1.9 kB URL
lightdl.xyz/wp-content/plugins/td-composer/legacy/Newspaper/js/tdInfiniteLoader.js?ver=12.6.4
IP / ASN
172.67.213.158
#13335 CLOUDFLARENET
Requested by https://lightdl.xyz/
Resource Info
File type JavaScript source, ASCII text, with very long lines (1893), with no line terminators
First Seen 2023-09-22
Last Seen 2024-08-21
Times Seen 62
Size 1.9 kB (1869 bytes)
MD5 ae2ba46f8199eba2d07fb0edba0e575a
SHA1 d9d3f436d7ecd756578472437b200d856d625392
SHA256 468207377cc178d941f0d6193d937091830ae9434c8c7bab119d5d4458c468ad
Certificate Info
Issuer Google Trust Services LLC
Subject lightdl.xyz
Fingerprint 5D:FC:B6:9A:2C:A8:E4:6C:7B:F5:B2:ED:9A:C2:5F:F4:15:78:BF:01
Validity Tue, 19 Dec 2023 16:34:42 GMT - Mon, 18 Mar 2024 16:34:41 GMT
GET /wp-content/plugins/td-composer/legacy/Newspaper/js/tdInfiniteLoader.js?ver=12.6.4 HTTP/1.1
Host: lightdl.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Cookie: cf_clearance=EGd7UjLMaiBbEd9SQ3HVs4oYlaH4rhWC26McBt6gE2k-1707690716-1-AW5aGNBVBDF5aJ6u0zQaLWKx3YSQL5DMeE+JO2J++exoZnKtppDbBoHN5d8g41O5Q7jlwoAF3vVoyM11yCCWWN4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 11 Feb 2024 22:32:05 GMT
content-type: text/javascript
cf-bgj: minify
cf-polished: origSize=1874
last-modified: Sat, 10 Feb 2024 14:16:28 GMT
vary: Accept-Encoding, Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: HIT
age: 5761
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3lbHBVnT%2B%2Ba%2BYyTHejauEtvK05oc%2BaAD7Zr5tZ80gsKoK7t%2FiS1utdtd14gXU9VhL3abO18MlpWsn%2B1nqICBt2X3fdOpeBxseUg3Yhe312StHd2UvjGaQi0geZVMqA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 85400bb8a97fb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET lightdl.xyz/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
200 OK 88 kB URL
lightdl.xyz/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
IP / ASN
172.67.213.158
#13335 CLOUDFLARENET
Requested by https://lightdl.xyz/
Resource Info
File type JavaScript source, ASCII text, with very long lines (65447)
First Seen 2023-11-03
Last Seen 2025-08-02
Times Seen 153870
Size 88 kB (87553 bytes)
MD5 826eb77e86b02ab7724fe3d0141ff87c
SHA1 79cd3587d565afe290076a8d36c31c305a573d18
SHA256 cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
Certificate Info
Issuer Google Trust Services LLC
Subject lightdl.xyz
Fingerprint 5D:FC:B6:9A:2C:A8:E4:6C:7B:F5:B2:ED:9A:C2:5F:F4:15:78:BF:01
Validity Tue, 19 Dec 2023 16:34:42 GMT - Mon, 18 Mar 2024 16:34:41 GMT
GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1
Host: lightdl.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Cookie: cf_clearance=EGd7UjLMaiBbEd9SQ3HVs4oYlaH4rhWC26McBt6gE2k-1707690716-1-AW5aGNBVBDF5aJ6u0zQaLWKx3YSQL5DMeE+JO2J++exoZnKtppDbBoHN5d8g41O5Q7jlwoAF3vVoyM11yCCWWN4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 11 Feb 2024 22:32:05 GMT
content-type: text/javascript
vary: Accept-Encoding, Accept-Encoding,User-Agent
last-modified: Wed, 27 Dec 2023 04:46:26 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 5760
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mO1B5Jf96B7ftcwyOdWzQHpvC%2FafMi25QIttl3OnhSravlMnS0ujIgUQFq1QOCD9mSiAqOKfRsVpbxKdSIhL9B0qIN6VKyYU3yNmXPLFDzDwIl5lcbWFkGE3lO346Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 85400bb73829b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET lightdl.xyz/wp-content/plugins/td-composer/legacy/Newspaper/js/tdAjaxSearch.js?ver=12.6.4
200 OK 6.1 kB URL
lightdl.xyz/wp-content/plugins/td-composer/legacy/Newspaper/js/tdAjaxSearch.js?ver=12.6.4
IP / ASN
172.67.213.158
#13335 CLOUDFLARENET
Requested by https://lightdl.xyz/
Resource Info
File type JavaScript source, ASCII text, with very long lines (6256), with no line terminators
First Seen 2023-10-20
Last Seen 2025-02-07
Times Seen 70
Size 6.1 kB (6132 bytes)
MD5 a478a78b27fa96dd29deabca430bec10
SHA1 c16033521e86401b5aa081942b4258885c9bf465
SHA256 1b94161da446a60dd3623eb510aa251e61b2e2bf8d6b3317df6f0eb9273d8c6c
Certificate Info
Issuer Google Trust Services LLC
Subject lightdl.xyz
Fingerprint 5D:FC:B6:9A:2C:A8:E4:6C:7B:F5:B2:ED:9A:C2:5F:F4:15:78:BF:01
Validity Tue, 19 Dec 2023 16:34:42 GMT - Mon, 18 Mar 2024 16:34:41 GMT
GET /wp-content/plugins/td-composer/legacy/Newspaper/js/tdAjaxSearch.js?ver=12.6.4 HTTP/1.1
Host: lightdl.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Cookie: cf_clearance=EGd7UjLMaiBbEd9SQ3HVs4oYlaH4rhWC26McBt6gE2k-1707690716-1-AW5aGNBVBDF5aJ6u0zQaLWKx3YSQL5DMeE+JO2J++exoZnKtppDbBoHN5d8g41O5Q7jlwoAF3vVoyM11yCCWWN4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 11 Feb 2024 22:32:05 GMT
content-type: text/javascript
cf-bgj: minify
cf-polished: origSize=6145
last-modified: Sat, 10 Feb 2024 14:16:28 GMT
vary: Accept-Encoding, Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: HIT
age: 5761
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EKEX0J48KciL4Bqzy3C8LUC%2FwjuoqkBsqiBlOK5PDvw44XhaL5%2BJTchTal3j34F%2BYGmROAXnBYa%2BKGgspy5Aw%2FWzs7lYC3JqIG3sFfe2TVnNa0cBZLIcEFhdMpiuiw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 85400bb8a97db515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET stats.wp.com/e-202406.js
200 OK 7.3 kB URL
stats.wp.com/e-202406.js
IP / ASN
192.0.76.3
#2635 AUTOMATTIC
Requested by https://lightdl.xyz/
Resource Info
File type JavaScript source, ASCII text, with very long lines (7504), with no line terminators
First Seen 2024-01-08
Last Seen 2025-03-06
Times Seen 1652
Size 7.3 kB (7329 bytes)
MD5 43bf680c0caba9b62f1c46e128d40360
SHA1 e8950271ef6af3759a7429b45a7e583e6e24e305
SHA256 21ef883e41d9b0fc02bd11801d9823daf93a2b294a6f05b6080bad1b689facab
Certificate Info
Issuer Sectigo Limited
Subject *.wp.com
Fingerprint 5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
Validity Tue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT
GET /e-202406.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 11 Feb 2024 22:32:05 GMT
content-type: application/javascript
vary: Accept-Encoding
x-minify: t
x-minify-cache: hit
etag: W/14377-1704402356443.5398
content-encoding: br
expires: Mon, 03 Feb 2025 16:24:07 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET lightdl.xyz/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=9e24474348f1755e0ebe145b87be714d
200 OK 30 kB URL
lightdl.xyz/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=9e24474348f1755e0ebe145b87be714d
IP / ASN
172.67.213.158
#13335 CLOUDFLARENET
Requested by https://lightdl.xyz/
Resource Info
File type JavaScript source, ASCII text, with very long lines (1037)
First Seen 2023-11-11
Last Seen 2025-08-02
Times Seen 1168
Size 30 kB (29608 bytes)
MD5 46274bb8b2b01adb4ddec66747e81be4
SHA1 1f2512ecd0a9dc53097c7da53c7451d8447f6f7b
SHA256 119976944646a79019ce03beff913584eb2f12e344b1e549c58a0da61fb1e6c7
Certificate Info
Issuer Google Trust Services LLC
Subject lightdl.xyz
Fingerprint 5D:FC:B6:9A:2C:A8:E4:6C:7B:F5:B2:ED:9A:C2:5F:F4:15:78:BF:01
Validity Tue, 19 Dec 2023 16:34:42 GMT - Mon, 18 Mar 2024 16:34:41 GMT
GET /wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=9e24474348f1755e0ebe145b87be714d HTTP/1.1
Host: lightdl.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Cookie: cf_clearance=EGd7UjLMaiBbEd9SQ3HVs4oYlaH4rhWC26McBt6gE2k-1707690716-1-AW5aGNBVBDF5aJ6u0zQaLWKx3YSQL5DMeE+JO2J++exoZnKtppDbBoHN5d8g41O5Q7jlwoAF3vVoyM11yCCWWN4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 11 Feb 2024 22:32:05 GMT
content-type: text/javascript
vary: Accept-Encoding, Accept-Encoding,User-Agent
last-modified: Sat, 10 Feb 2024 14:16:36 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 5761
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EksYzCTecoIOfwCAyjGe89WLNPf%2FvS3G6%2BcAxdr47YzOyBRYDaJRV30Oo%2FaphgCC5RnF%2BWX2Udsu6Cg97UwwDARydr8UhiDsjzvUyzR3PQfft4JJI5%2BgqRlVDP3aGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 85400bb8995fb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
200 OK 7.0 kB URL
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP / ASN
142.250.74.106
#15169 GOOGLE
Requested by https://lightdl.xyz/
Resource Info
File type ASCII text, with very long lines (7193), with no line terminators
First Seen 2024-02-10
Last Seen 2024-08-20
Times Seen 2579
Size 7.0 kB (7004 bytes)
MD5 16b49a99486594c0b42d9bd7821deb2c
SHA1 2fb46e5e86d6b37d4497cc04bfd89b3cb33a276a
SHA256 3f3540952441e06ef81189cf63d46bac242804e386779dbb0cdd78ed10025c21
Certificate Info
Issuer Google Trust Services LLC
Subject upload.video.google.com
Fingerprint 6F:81:CD:1A:A2:80:8C:76:2C:D8:63:D0:74:1B:DD:35:C8:79:84:20
Validity Tue, 09 Jan 2024 06:30:50 GMT - Tue, 02 Apr 2024 06:30:49 GMT
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 11 Feb 2024 22:32:09 GMT
date: Sun, 11 Feb 2024 22:32:09 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET lightdl.xyz/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
200 OK 14 kB URL
lightdl.xyz/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
IP / ASN
172.67.213.158
#13335 CLOUDFLARENET
Requested by https://lightdl.xyz/
Resource Info
File type JavaScript source, ASCII text, with very long lines (13479)
First Seen 2023-05-09
Last Seen 2025-08-02
Times Seen 159557
Size 14 kB (13577 bytes)
MD5 9ffeb32e2d9efbf8f70caabded242267
SHA1 3ad0c10e501ac2a9bfa18f9cd7e700219b378738
SHA256 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
Certificate Info
Issuer Google Trust Services LLC
Subject lightdl.xyz
Fingerprint 5D:FC:B6:9A:2C:A8:E4:6C:7B:F5:B2:ED:9A:C2:5F:F4:15:78:BF:01
Validity Tue, 19 Dec 2023 16:34:42 GMT - Mon, 18 Mar 2024 16:34:41 GMT
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1
Host: lightdl.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Cookie: cf_clearance=EGd7UjLMaiBbEd9SQ3HVs4oYlaH4rhWC26McBt6gE2k-1707690716-1-AW5aGNBVBDF5aJ6u0zQaLWKx3YSQL5DMeE+JO2J++exoZnKtppDbBoHN5d8g41O5Q7jlwoAF3vVoyM11yCCWWN4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 11 Feb 2024 22:32:05 GMT
content-type: text/javascript
vary: Accept-Encoding, Accept-Encoding,User-Agent
last-modified: Wed, 27 Dec 2023 04:46:26 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 5760
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CLsFhOJg1by3LLbusPpbCtNcPVNFIMlJsuNgmwrLIYMD03l2cYh0xLvOuU8Z%2F1YzOWX7T4QiFRwo8DzpZuMBABWjvVn8rDFGcF2VOLP0brAOJDXKZqp%2BfDCdgTzasQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 85400bb7382ab515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET lightdl.xyz/wp-content/plugins/td-composer/legacy/Newspaper/js/tdSocialSharing.js?ver=12.6.4
200 OK 2.6 kB URL
lightdl.xyz/wp-content/plugins/td-composer/legacy/Newspaper/js/tdSocialSharing.js?ver=12.6.4
IP / ASN
172.67.213.158
#13335 CLOUDFLARENET
Requested by https://lightdl.xyz/
Resource Info
File type JavaScript source, ASCII text, with very long lines (2738), with no line terminators
First Seen 2023-09-22
Last Seen 2024-12-20
Times Seen 400
Size 2.6 kB (2626 bytes)
MD5 68e9e8a293ed614e444a3ec602196177
SHA1 a3689da5d216030dcca975e74f7da0adbf3ee4a3
SHA256 c94ef8229fec91b114859a14ca9700a27b8b007bea0e5a36db28481adfed34b2
Certificate Info
Issuer Google Trust Services LLC
Subject lightdl.xyz
Fingerprint 5D:FC:B6:9A:2C:A8:E4:6C:7B:F5:B2:ED:9A:C2:5F:F4:15:78:BF:01
Validity Tue, 19 Dec 2023 16:34:42 GMT - Mon, 18 Mar 2024 16:34:41 GMT
GET /wp-content/plugins/td-composer/legacy/Newspaper/js/tdSocialSharing.js?ver=12.6.4 HTTP/1.1
Host: lightdl.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Cookie: cf_clearance=EGd7UjLMaiBbEd9SQ3HVs4oYlaH4rhWC26McBt6gE2k-1707690716-1-AW5aGNBVBDF5aJ6u0zQaLWKx3YSQL5DMeE+JO2J++exoZnKtppDbBoHN5d8g41O5Q7jlwoAF3vVoyM11yCCWWN4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 11 Feb 2024 22:32:05 GMT
content-type: text/javascript
cf-bgj: minify
cf-polished: origSize=2632
last-modified: Sat, 10 Feb 2024 14:16:28 GMT
vary: Accept-Encoding, Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: HIT
age: 5761
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8c8w5M%2FH77gfEzmqEG46b8k9RReTfxBnfV8JJ3N2lOim3c%2FMwO7dxPMp%2FPhps8jKn35mOFfwkulVRfdts6SC4tVCh%2FExCFMCrqkn8%2FPQij2q8huEVIQBYggacec6rw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 85400bb88958b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET monarchoysterbureau.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fjs%2Fscript.js&l=962&fd=35
200 OK 0 B URL
monarchoysterbureau.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fjs%2Fscript.js&l=962&fd=35
IP / ASN
172.240.108.68
#7979 SERVERS-COM
Requested by https://lightdl.xyz/
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5606313
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject monarchoysterbureau.com
Fingerprint 6C:50:BC:D1:6B:D6:3C:E0:62:95:9A:9E:6D:D9:7A:D3:77:E3:EC:90
Validity Mon, 05 Feb 2024 17:38:51 GMT - Sun, 05 May 2024 17:38:50 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fjs%2Fscript.js&l=962&fd=35 HTTP/1.1
Host: monarchoysterbureau.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Cookie: u_pl=16744733; uid_id2=5c2deef1-e489-471e-b555-e780cb423d81:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 11 Feb 2024 22:32:09 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
GET monarchoysterbureau.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fstyle.css&l=3355&fd=127
200 OK 0 B URL
monarchoysterbureau.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fstyle.css&l=3355&fd=127
IP / ASN
172.240.108.68
#7979 SERVERS-COM
Requested by https://lightdl.xyz/
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5606313
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject monarchoysterbureau.com
Fingerprint 6C:50:BC:D1:6B:D6:3C:E0:62:95:9A:9E:6D:D9:7A:D3:77:E3:EC:90
Validity Mon, 05 Feb 2024 17:38:51 GMT - Sun, 05 May 2024 17:38:50 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fstyle.css&l=3355&fd=127 HTTP/1.1
Host: monarchoysterbureau.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Cookie: u_pl=16744733; uid_id2=5c2deef1-e489-471e-b555-e780cb423d81:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 11 Feb 2024 22:32:09 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
GET fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300&display=swap&ver=12.6.4
200 OK 33 kB URL
fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300&display=swap&ver=12.6.4
IP / ASN
142.250.74.106
#15169 GOOGLE
Requested by https://lightdl.xyz/
Resource Info
File type ASCII text, with very long lines (1572)
First Seen 2024-02-11
Last Seen 2024-08-20
Times Seen 30
Size 33 kB (32616 bytes)
MD5 aad06e70994979aaa6a60069f61aa975
SHA1 c9f8885efff1380d8575efb7bce505f044f51113
SHA256 c2d203df436ce2ee384f4646c61e86946b62796363134874a92a9375f755de1a
Certificate Info
Issuer Google Trust Services LLC
Subject upload.video.google.com
Fingerprint 6F:81:CD:1A:A2:80:8C:76:2C:D8:63:D0:74:1B:DD:35:C8:79:84:20
Validity Tue, 09 Jan 2024 06:30:50 GMT - Tue, 02 Apr 2024 06:30:49 GMT
GET /css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300&display=swap&ver=12.6.4 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 11 Feb 2024 22:32:05 GMT
date: Sun, 11 Feb 2024 22:32:05 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET lightdl.xyz/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=963059d7cceb10dc9b9adeec7fadb27d
200 OK 38 kB URL
lightdl.xyz/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=963059d7cceb10dc9b9adeec7fadb27d
IP / ASN
172.67.213.158
#13335 CLOUDFLARENET
Requested by https://lightdl.xyz/
Resource Info
File type ASCII text, with very long lines (38499), with no line terminators
First Seen 2023-10-29
Last Seen 2025-02-07
Times Seen 63
Size 38 kB (38499 bytes)
MD5 3d3b0373078c30bbd31f9ecdd5dddbae
SHA1 2aab17d00757ee262cc8673d992b81a6e22cd383
SHA256 4834e9f1e9d73b8d2baf08fd6294f6cb4a360ad0cb7b91ea707dffa4866be240
Certificate Info
Issuer Google Trust Services LLC
Subject lightdl.xyz
Fingerprint 5D:FC:B6:9A:2C:A8:E4:6C:7B:F5:B2:ED:9A:C2:5F:F4:15:78:BF:01
Validity Tue, 19 Dec 2023 16:34:42 GMT - Mon, 18 Mar 2024 16:34:41 GMT
GET /wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=963059d7cceb10dc9b9adeec7fadb27d HTTP/1.1
Host: lightdl.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Cookie: cf_clearance=EGd7UjLMaiBbEd9SQ3HVs4oYlaH4rhWC26McBt6gE2k-1707690716-1-AW5aGNBVBDF5aJ6u0zQaLWKx3YSQL5DMeE+JO2J++exoZnKtppDbBoHN5d8g41O5Q7jlwoAF3vVoyM11yCCWWN4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 11 Feb 2024 22:32:04 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=38728
last-modified: Sat, 10 Feb 2024 14:16:28 GMT
vary: Accept-Encoding, Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: HIT
age: 5760
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bjRJffZI9Ky2tlqCppuamQQQbgsaxRCffxg01bAYJL3GjiMPyZAqgIfaAYkTgJZTq6CU36xyOF%2BgMRi9dB57L9mMNUAbaMzZJWhBNEZ6ItZXRxZTangcTzu1R%2FkG%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 85400bb70ffab515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET lightdl.xyz/wp-content/plugins/td-composer/legacy/Newspaper/js/tdModalPostImages.js?ver=12.6.4
200 OK 8.9 kB URL
lightdl.xyz/wp-content/plugins/td-composer/legacy/Newspaper/js/tdModalPostImages.js?ver=12.6.4
IP / ASN
172.67.213.158
#13335 CLOUDFLARENET
Requested by https://lightdl.xyz/
Resource Info
File type JavaScript source, ASCII text, with very long lines (9124), with no line terminators
First Seen 2023-09-22
Last Seen 2024-12-20
Times Seen 409
Size 8.9 kB (8874 bytes)
MD5 44785af421847a7ee93a07b1d1d5477e
SHA1 ea35178a4ae8aab905c8e59f57baa9d1e82e486c
SHA256 8438c10dc0700da15e9b21a1ed90650ab3f5a30cd4e81e61cfa1d50b06fc2dc3
Certificate Info
Issuer Google Trust Services LLC
Subject lightdl.xyz
Fingerprint 5D:FC:B6:9A:2C:A8:E4:6C:7B:F5:B2:ED:9A:C2:5F:F4:15:78:BF:01
Validity Tue, 19 Dec 2023 16:34:42 GMT - Mon, 18 Mar 2024 16:34:41 GMT
GET /wp-content/plugins/td-composer/legacy/Newspaper/js/tdModalPostImages.js?ver=12.6.4 HTTP/1.1
Host: lightdl.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Cookie: cf_clearance=EGd7UjLMaiBbEd9SQ3HVs4oYlaH4rhWC26McBt6gE2k-1707690716-1-AW5aGNBVBDF5aJ6u0zQaLWKx3YSQL5DMeE+JO2J++exoZnKtppDbBoHN5d8g41O5Q7jlwoAF3vVoyM11yCCWWN4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 11 Feb 2024 22:32:05 GMT
content-type: text/javascript
cf-bgj: minify
cf-polished: origSize=8892
last-modified: Sat, 10 Feb 2024 14:16:28 GMT
vary: Accept-Encoding, Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: HIT
age: 5761
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ltIZqnl9ss56CvBXLX6mQE7gQtv93wBdVpMS2ujiyri7ZpqaqqcXp%2BZneGDretrdzxV8qx8WfieLKAHA4PkVmBlUc6VwWpg7hhsSb2f1C7%2BO6fR%2BDXMvXUKBccCx4w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 85400bb88959b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET lightdl.xyz/wp-content/plugins/td-cloud-library/assets/css/tdb_main.css?ver=9e24474348f1755e0ebe145b87be714d
200 OK 43 kB URL
lightdl.xyz/wp-content/plugins/td-cloud-library/assets/css/tdb_main.css?ver=9e24474348f1755e0ebe145b87be714d
IP / ASN
172.67.213.158
#13335 CLOUDFLARENET
Requested by https://lightdl.xyz/
Resource Info
File type ASCII text, with very long lines (43167), with no line terminators
First Seen 2023-10-29
Last Seen 2025-02-07
Times Seen 569
Size 43 kB (43167 bytes)
MD5 b71962ba842ec8fe80423633c446a102
SHA1 c3a32491c7c95d151c54149de77cf9c84f62cc27
SHA256 afcc663536de33d814d9d34e095d967c24ce211d814f8957ff9ff313bea37693
Certificate Info
Issuer Google Trust Services LLC
Subject lightdl.xyz
Fingerprint 5D:FC:B6:9A:2C:A8:E4:6C:7B:F5:B2:ED:9A:C2:5F:F4:15:78:BF:01
Validity Tue, 19 Dec 2023 16:34:42 GMT - Mon, 18 Mar 2024 16:34:41 GMT
GET /wp-content/plugins/td-cloud-library/assets/css/tdb_main.css?ver=9e24474348f1755e0ebe145b87be714d HTTP/1.1
Host: lightdl.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Cookie: cf_clearance=EGd7UjLMaiBbEd9SQ3HVs4oYlaH4rhWC26McBt6gE2k-1707690716-1-AW5aGNBVBDF5aJ6u0zQaLWKx3YSQL5DMeE+JO2J++exoZnKtppDbBoHN5d8g41O5Q7jlwoAF3vVoyM11yCCWWN4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 11 Feb 2024 22:32:04 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=48163
last-modified: Sat, 10 Feb 2024 14:16:36 GMT
vary: Accept-Encoding, Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: HIT
age: 5760
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8lOXFB1nI2MeOjogsF%2BPjHfjX%2Ba%2F%2Bpuxs%2FHgRWAeFU%2BtnkJfGJhc3JGGraMLZQOAhvPJz2A%2B0MwJasBIcD0Q0HUYe8Igj%2FpedTjFD62PnlQ7DK4YAgEXLV6pQsvRKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 85400bb71810b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET lightdl.xyz/wp-content/plugins/td-composer/legacy/Newspaper/js/tdPostImages.js?ver=12.6.4
200 OK 2.4 kB URL
lightdl.xyz/wp-content/plugins/td-composer/legacy/Newspaper/js/tdPostImages.js?ver=12.6.4
IP / ASN
172.67.213.158
#13335 CLOUDFLARENET
Requested by https://lightdl.xyz/
Resource Info
File type JavaScript source, ASCII text, with very long lines (2576), with no line terminators
First Seen 2023-09-22
Last Seen 2025-02-07
Times Seen 386
Size 2.4 kB (2443 bytes)
MD5 f252713cb4b4c74045e169b9c3be9ca0
SHA1 8a40e82bc4a04307f511037cd9c67064b12c8fb4
SHA256 f2b009fef23926d87a0db68c63846d142c8451bec08e2d7e3bdb1fcdc16f7cb0
Certificate Info
Issuer Google Trust Services LLC
Subject lightdl.xyz
Fingerprint 5D:FC:B6:9A:2C:A8:E4:6C:7B:F5:B2:ED:9A:C2:5F:F4:15:78:BF:01
Validity Tue, 19 Dec 2023 16:34:42 GMT - Mon, 18 Mar 2024 16:34:41 GMT
GET /wp-content/plugins/td-composer/legacy/Newspaper/js/tdPostImages.js?ver=12.6.4 HTTP/1.1
Host: lightdl.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Cookie: cf_clearance=EGd7UjLMaiBbEd9SQ3HVs4oYlaH4rhWC26McBt6gE2k-1707690716-1-AW5aGNBVBDF5aJ6u0zQaLWKx3YSQL5DMeE+JO2J++exoZnKtppDbBoHN5d8g41O5Q7jlwoAF3vVoyM11yCCWWN4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 11 Feb 2024 22:32:05 GMT
content-type: text/javascript
cf-bgj: minify
cf-polished: origSize=2449
last-modified: Sat, 10 Feb 2024 14:16:28 GMT
vary: Accept-Encoding, Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: HIT
age: 5761
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t1uhoVe41tM4ljdfSVWmHxjHPFJ3msAv9GeFAJjtrxIuPQV93gxK%2BKRzaoNvobiPlytbdahxMSuKRaAmO%2BpLjKMUIL3SMKZiIo4O%2FpJc5OKj9%2FdUSyja%2Bu6cdJPhbA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 85400bb88955b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET lightdl.xyz/wp-content/themes/Newspaper/style.css?ver=12.6.4
200 OK 114 kB URL
lightdl.xyz/wp-content/themes/Newspaper/style.css?ver=12.6.4
IP / ASN
172.67.213.158
#13335 CLOUDFLARENET
Requested by https://lightdl.xyz/
Resource Info
File type ASCII text, with very long lines (65536), with no line terminators
First Seen 2023-11-23
Last Seen 2025-02-07
Times Seen 48
Size 114 kB (114297 bytes)
MD5 6050cc44c0f915f754b8ebb95c62c8b5
SHA1 8af9a25ff2a289d71d107bdc3f4bb516af1d3390
SHA256 4c8e252ca4e5d2d5e9ed4b681995105f525e35bab43539d099d4eb50ba345902
Certificate Info
Issuer Google Trust Services LLC
Subject lightdl.xyz
Fingerprint 5D:FC:B6:9A:2C:A8:E4:6C:7B:F5:B2:ED:9A:C2:5F:F4:15:78:BF:01
Validity Tue, 19 Dec 2023 16:34:42 GMT - Mon, 18 Mar 2024 16:34:41 GMT
GET /wp-content/themes/Newspaper/style.css?ver=12.6.4 HTTP/1.1
Host: lightdl.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Cookie: cf_clearance=EGd7UjLMaiBbEd9SQ3HVs4oYlaH4rhWC26McBt6gE2k-1707690716-1-AW5aGNBVBDF5aJ6u0zQaLWKx3YSQL5DMeE+JO2J++exoZnKtppDbBoHN5d8g41O5Q7jlwoAF3vVoyM11yCCWWN4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 11 Feb 2024 22:32:04 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=157014
last-modified: Sat, 10 Feb 2024 14:16:19 GMT
vary: Accept-Encoding, Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: HIT
age: 5760
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YAzWeXpJBSTKHAd23A1glPBySsjJmga4eSA2pKY6lMsN7fugwoS%2F5pO3DtV9bDIPnXWTax6sHtwun844OPVosT7uc0ZSIzOZw1IftZKlaZIHmFBVYKX0ZEQbzbzc%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 85400bb70800b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET unseenreport.com/pxf.gif?uuid=230feca4-4d8d-43e3-8819-424282ec869d&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=285df780ad9f1ead33467ba105295e80&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=22
200 OK 0 B URL
unseenreport.com/pxf.gif?uuid=230feca4-4d8d-43e3-8819-424282ec869d&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=285df780ad9f1ead33467ba105295e80&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=22
IP / ASN
192.243.59.20
#39572 DataWeb Global Group B.V.
Requested by https://lightdl.xyz/
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5606313
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject *.unseenreport.com
Fingerprint 18:C3:E7:4B:C5:EA:23:FC:38:62:D0:43:31:B5:79:2E:62:86:60:9E
Validity Sun, 21 Jan 2024 08:27:47 GMT - Sat, 20 Apr 2024 08:27:46 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pxf.gif?uuid=230feca4-4d8d-43e3-8819-424282ec869d&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=285df780ad9f1ead33467ba105295e80&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=22 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 11 Feb 2024 22:32:08 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 352f62148866f3210d123be6aa08e56d
Strict-Transport-Security: max-age=0; includeSubdomains
GET lightdl.xyz/wp-content/uploads/2023/01/True-Detective-2014.png
200 OK 376 kB URL
lightdl.xyz/wp-content/uploads/2023/01/True-Detective-2014.png
IP / ASN
172.67.213.158
#13335 CLOUDFLARENET
Requested by https://lightdl.xyz/
Resource Info
File type PNG image data, 421 x 590, 8-bit/color RGBA, non-interlaced
First Seen 2024-08-20
Last Seen 2024-08-20
Times Seen 1
Size 376 kB (375961 bytes)
MD5 c9799b55afcd4f7a5f15f85129213727
SHA1 bff4d517783dbe371754e7e0130502946258fe7e
SHA256 cdbb2184ec80b6d90f9861a9239e4274a60355efdb4c16bfd1fd31318a22c87b
Certificate Info
Issuer Google Trust Services LLC
Subject lightdl.xyz
Fingerprint 5D:FC:B6:9A:2C:A8:E4:6C:7B:F5:B2:ED:9A:C2:5F:F4:15:78:BF:01
Validity Tue, 19 Dec 2023 16:34:42 GMT - Mon, 18 Mar 2024 16:34:41 GMT
GET /wp-content/uploads/2023/01/True-Detective-2014.png HTTP/1.1
Host: lightdl.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Cookie: cf_clearance=GjAejpMsjC72BZLZLVu2H38tFm6mlq8uCBdSwQRTJ9k-1707690727-1-AXNzfGzB1nCE2c7tt9MyUTX8JvcXbWjB6nQQg8M7ygfOinPIkvhAZgRNmwADL4QEkxFbpipIB+VYg9467mQNP/w=; dom3ic8zudi28v8lr6fgphwffqoz0j6c=230feca4-4d8d-43e3-8819-424282ec869d%3A2%3A1; pp_main_285df780ad9f1ead33467ba105295e80=1; sb_main_fa0c46a46b8bf033ac65bc5cabeebf34=1; sb_count_fa0c46a46b8bf033ac65bc5cabeebf34=1; a=BTPtQPLvWSmunr8sJLGoCwcGLvtrVVx5; pbpr0tpuw4isk85t8yg3jb2lj5vqf=monarchoysterbureau.com; token_QpUJAAAAAAAAGu98Hdz1l_lcSZ2rY60Ajjk9U1c=BQLyAAAAAAAACZUAAowB2qhRPOUUuae9zHro8Y9JXSUbOmQW-VTbpswi82t_7mu_XbhFub7V-0NPhaTtbfyz2eZ8LMEB4v_CpTIXfs0LKrhGQaiSuSYGODp47Xb7gsTFO0idbeRCWuLc-4fdnBTgtl6BBF2LFKrJwG53Jqyt8XPJ5rMbtnZ1xF3yRU4wL9wUBBhTgM8nLR952kOIE7zf5C2DH05dfti3bKBk-_hfgChedPJ7DhGn2WDixct4OOUoyn_msg2YG9OQwHo2l1zOYqdixWxkbtc8uoH_QRHizN6TXe-14R7W1Q7mPXtHDXLQgvYAYGbtoFsGn3OpKZ2w_LTI9ZNY_2S3Fn0QcawG1NVzcejpxkx2o-ZV1GHbJQHrrIaAw2RTYpy5_uF8Ui5_8cXYhRJDK9O002buD4n91qgwQbH4gmRaYbcdf9diq4wKJUk_uJpovwzQuwXqcvRgi0k2F_-Ux_JbEyK3L3YvW1FWkYEjDV2f3eF92kO11xbfDPMydbCa0wqaYPW0Dv8XXTvAnvfRLFnKvh7ZtdCVFuTkcGDPdqEgnmc7gsf4tT69JLHpC1G0oiuTcCebq_4xodSW7Iy58X_Oh3ifH6YXFMq0XMK_dKO4gEs-Y0Shmb6ECG0ciCKT98ghWLaHi0CsJztAdB-Stnb0mPt0bD42BpwJ7O0npirrwTCpUtpiOSCIuy4eLm8l5jKZD3q0cHfmoffLXyYGT7yHpVY2x9jlPxtvbBr8bpt4sAxNlI12zuJp-3vhf8ZHcWoG1Qthphjo7v7Nw4IiFrOuPtb9GWYLdyHwm-GuvUIxoX4itNFwriTBeDv1sRuxhJD2GqoDKYBycAs31y_Yl_zNDDaKfqmBMzvwh498IHZN5u-2NY5vtN3FkRzrEF58Vpwg0KBWSN5AZm21YBXrBi8tcz1Rr2aA5IxmspbrA7tzmZpIVufIUJZT6mBN9ltlG1bO8GBQc1mrUP0LEEwWSjDlravdYTFkPK3lrlJVn1R3NbELAk0a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 11 Feb 2024 22:32:09 GMT
content-type: image/png
content-length: 375961
last-modified: Fri, 20 Jan 2023 12:37:30 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 5757
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GsOFqTYlj6rXjy01nYzlPw9t7h8WaQ%2F%2B5YPmJsWIVkqTnCF%2Fbap184QT8%2Ba0yCPAYh4jXYPIvbqqTdoNTqMnH7FKSINnIhX%2Bio144CeALlcosDx4zBSUGntWgzG5rQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 85400bd5a89cb515-OSL
alt-svc: h3=":443"; ma=86400
GET monarchoysterbureau.com/sbar.json?key=fa0c46a46b8bf033ac65bc5cabeebf34&uuid=5c2deef1-e489-471e-b555-e780cb423d81%3A1%3A1
200 OK 13 kB URL
monarchoysterbureau.com/sbar.json?key=fa0c46a46b8bf033ac65bc5cabeebf34&uuid=5c2deef1-e489-471e-b555-e780cb423d81%3A1%3A1
IP / ASN
172.240.108.68
#7979 SERVERS-COM
Requested by https://lightdl.xyz/
Resource Info
File type JSON text data
First Seen 2024-08-20
Last Seen 2024-08-20
Times Seen 1
Size 13 kB (12581 bytes)
MD5 68d4cba549a54f49dfd0dc0fb1d6198f
SHA1 bd8d13eac8d75d9818ba5805f03bd55de2877254
SHA256 85cb9149f50be2126311896604a50e6d2a511f7af72d020b61aec42595be7bbc
Certificate Info
Issuer Let's Encrypt
Subject monarchoysterbureau.com
Fingerprint 6C:50:BC:D1:6B:D6:3C:E0:62:95:9A:9E:6D:D9:7A:D3:77:E3:EC:90
Validity Mon, 05 Feb 2024 17:38:51 GMT - Sun, 05 May 2024 17:38:50 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /sbar.json?key=fa0c46a46b8bf033ac65bc5cabeebf34&uuid=5c2deef1-e489-471e-b555-e780cb423d81%3A1%3A1 HTTP/1.1
Host: monarchoysterbureau.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lightdl.xyz
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 11 Feb 2024 22:32:08 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://lightdl.xyz
Access-Control-Allow-Origin: https://lightdl.xyz
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16744733; expires=Mon, 12 Feb 2024 22:32:08 GMT; secure; SameSite=None
uid_id2=5c2deef1-e489-471e-b555-e780cb423d81:1:1; expires=Sun, 18 Feb 2024 22:32:08 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 12 Feb 2024 22:32:08 GMT; secure; SameSite=None
uncs=1; expires=Mon, 12 Feb 2024 22:32:08 GMT; secure; SameSite=None
pdhtkv29=true; expires=Mon, 12 Feb 2024 22:32:08 GMT; secure; SameSite=None
uncs29=1; expires=Mon, 12 Feb 2024 22:32:08 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2076451d81b8fcb9ebe0fa64e7ba7048
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
GET lightdl.xyz/wp-content/plugins/td-composer/legacy/Newspaper/js/tdLoadingBox.js?ver=12.6.4
200 OK 2.7 kB URL
lightdl.xyz/wp-content/plugins/td-composer/legacy/Newspaper/js/tdLoadingBox.js?ver=12.6.4
IP / ASN
172.67.213.158
#13335 CLOUDFLARENET
Requested by https://lightdl.xyz/
Resource Info
File type JavaScript source, ASCII text, with very long lines (2744), with no line terminators
First Seen 2023-09-22
Last Seen 2025-01-25
Times Seen 56
Size 2.7 kB (2665 bytes)
MD5 4b58033778cd00908c66d8c65417dccf
SHA1 7e7402e615fd8218d405fb130a5f67767f1e21f4
SHA256 ad34f48a3ad97cb3d8d0d67ebc4ac0d96e5a7fabd3b7148065f6668d06d454a2
Certificate Info
Issuer Google Trust Services LLC
Subject lightdl.xyz
Fingerprint 5D:FC:B6:9A:2C:A8:E4:6C:7B:F5:B2:ED:9A:C2:5F:F4:15:78:BF:01
Validity Tue, 19 Dec 2023 16:34:42 GMT - Mon, 18 Mar 2024 16:34:41 GMT
GET /wp-content/plugins/td-composer/legacy/Newspaper/js/tdLoadingBox.js?ver=12.6.4 HTTP/1.1
Host: lightdl.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Cookie: cf_clearance=EGd7UjLMaiBbEd9SQ3HVs4oYlaH4rhWC26McBt6gE2k-1707690716-1-AW5aGNBVBDF5aJ6u0zQaLWKx3YSQL5DMeE+JO2J++exoZnKtppDbBoHN5d8g41O5Q7jlwoAF3vVoyM11yCCWWN4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 11 Feb 2024 22:32:05 GMT
content-type: text/javascript
cf-bgj: minify
cf-polished: origSize=2670
last-modified: Sat, 10 Feb 2024 14:16:28 GMT
vary: Accept-Encoding, Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: HIT
age: 5761
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xbj9oN5FA%2FQJi1qtlk2nxFn78VLKJokUFFzks4Cgv0I4fWHj%2Bss9SlBJ6V%2F338Dyrap%2Bib3H8H794sZHT%2BP1%2FpAFxGZOnFyNsQCj0WmU7hGteUoL2BvqiKjEEBxLBg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 85400bb8996bb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET friendshipmale.com/sfp.js
200 OK 86 kB URL
friendshipmale.com/sfp.js
IP / ASN
104.21.234.33
#13335 CLOUDFLARENET
Requested by https://lightdl.xyz/
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5606313
Size 86 kB (85468 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Cloudflare, Inc.
Subject friendshipmale.com
Fingerprint 77:97:02:FC:C8:FC:DE:5B:AC:45:9E:A1:D2:B1:B7:9C:1B:F8:23:92
Validity Thu, 18 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 11 Feb 2024 22:32:06 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 5dfa64dce4e3f28211f0cf534e944177
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 11 Feb 2024 22:32:06 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kjpYGV3k78HFGTKE1JTd5enmwqOTBtDXKuMrTrUbC6%2FWvaqjdCBFeN3nDXubiFRdS3dKjVqXAZQU1aNjmWcBzNqqfBR5QEwKqskiiSRz1mgnLs%2FvHa6E2Jc4bJt8wJBy6YKVwy0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 85400bbecbbf23b1-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET lightdl.xyz/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
200 OK 11 kB URL
lightdl.xyz/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
IP / ASN
172.67.213.158
#13335 CLOUDFLARENET
Requested by https://lightdl.xyz/
Resource Info
File type ASCII text, with very long lines (11256), with no line terminators
First Seen 2023-04-05
Last Seen 2025-08-02
Times Seen 24226
Size 11 kB (11256 bytes)
MD5 2b0dd7eecea03b4bdedb94ba622fdb03
SHA1 703becba85161118dd6fc66af465428ef43f561c
SHA256 b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
Certificate Info
Issuer Google Trust Services LLC
Subject lightdl.xyz
Fingerprint 5D:FC:B6:9A:2C:A8:E4:6C:7B:F5:B2:ED:9A:C2:5F:F4:15:78:BF:01
Validity Tue, 19 Dec 2023 16:34:42 GMT - Mon, 18 Mar 2024 16:34:41 GMT
GET /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17 HTTP/1.1
Host: lightdl.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Cookie: cf_clearance=EGd7UjLMaiBbEd9SQ3HVs4oYlaH4rhWC26McBt6gE2k-1707690716-1-AW5aGNBVBDF5aJ6u0zQaLWKx3YSQL5DMeE+JO2J++exoZnKtppDbBoHN5d8g41O5Q7jlwoAF3vVoyM11yCCWWN4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 11 Feb 2024 22:32:04 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding,User-Agent
last-modified: Tue, 29 Sep 2020 21:23:06 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 5760
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i6cFHLyFC1T4M5cSm%2BtukW%2BYfck6gXAFqsMfUK%2BjgiyoQlivlfkSC%2FKmTjCbi81aoTjacp6DWMAuLG11SwxfjRlJ8skbr%2BI2fD9Pg3Lt8TXFraGXGQIzi3%2BYUmFPEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 85400bb70ff5b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET c.adsco.re/
200 OK 80 kB IP / ASN
104.17.167.186
#13335 CLOUDFLARENET
Requested by https://lightdl.xyz/
Resource Info
File type JavaScript source, ASCII text, with very long lines (689)
First Seen 2024-01-04
Last Seen 2024-08-20
Times Seen 125
Size 80 kB (80497 bytes)
MD5 fbfdfc8a7b237f83487953380fa94ea6
SHA1 544f40973c0a6048146ae04b01358987adbb720f
SHA256 63c49b928a156ee76c800810934964e1c585a5e5e1b8bbc6767eff5adce503e7
Certificate Info
Issuer Sectigo Limited
Subject *.adsco.re
Fingerprint 40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73
Validity Sat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 11 Feb 2024 22:32:08 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Wed, 13 Mar 2024 22:32:08 GMT
etag: W/"+/38insjf4NIeVM4D6lOpg=="
cf-cache-status: HIT
age: 1575
vary: Accept-Encoding
server: cloudflare
cf-ray: 85400bcc2ba71c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET lightdl.xyz/wp-content/uploads/2024/01/Shop-for-Killers-2024.png
200 OK 1.3 MB URL
lightdl.xyz/wp-content/uploads/2024/01/Shop-for-Killers-2024.png
IP / ASN
172.67.213.158
#13335 CLOUDFLARENET
Requested by https://lightdl.xyz/
Resource Info
File type PNG image data, 695 x 844, 8-bit/color RGBA, non-interlaced
First Seen 2024-08-20
Last Seen 2024-08-20
Times Seen 1
Size 1.3 MB (1346509 bytes)
MD5 8ad7549f845f304f9f995d3a9cad5fdd
SHA1 4987a83bd9a097d253a54dbde844099ebb88d001
SHA256 c705bb46bbd768cfbbd74f8e574114bd295eb710571726e1881f91c0af703e91
Certificate Info
Issuer Google Trust Services LLC
Subject lightdl.xyz
Fingerprint 5D:FC:B6:9A:2C:A8:E4:6C:7B:F5:B2:ED:9A:C2:5F:F4:15:78:BF:01
Validity Tue, 19 Dec 2023 16:34:42 GMT - Mon, 18 Mar 2024 16:34:41 GMT
GET /wp-content/uploads/2024/01/Shop-for-Killers-2024.png HTTP/1.1
Host: lightdl.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Cookie: cf_clearance=GjAejpMsjC72BZLZLVu2H38tFm6mlq8uCBdSwQRTJ9k-1707690727-1-AXNzfGzB1nCE2c7tt9MyUTX8JvcXbWjB6nQQg8M7ygfOinPIkvhAZgRNmwADL4QEkxFbpipIB+VYg9467mQNP/w=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 11 Feb 2024 22:32:07 GMT
content-type: image/png
content-length: 1346509
last-modified: Sat, 27 Jan 2024 03:57:28 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 5762
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2U73iwBdQHx6k1z3AufSbeYvCvHtKsaBJ1wFcjD%2BB8EG1g9Z34EQmrMiarcOPamie1nx%2BQ5D9m7lHMzWJbWCf9c2vyqwzbxTlwtPS14FMvuGuhnyGWZ9%2FDgeic2L%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 85400bc47dc0b515-OSL
alt-svc: h3=":443"; ma=86400
GET lightdl.xyz/wp-content/plugins/td-cloud-library/assets/js/tdbSearch.js?ver=9e24474348f1755e0ebe145b87be714d
200 OK 5.9 kB URL
lightdl.xyz/wp-content/plugins/td-cloud-library/assets/js/tdbSearch.js?ver=9e24474348f1755e0ebe145b87be714d
IP / ASN
172.67.213.158
#13335 CLOUDFLARENET
Requested by https://lightdl.xyz/
Resource Info
File type JavaScript source, ASCII text, with very long lines (6048), with no line terminators
First Seen 2023-10-20
Last Seen 2025-02-07
Times Seen 42
Size 5.9 kB (5933 bytes)
MD5 3e38ee17076230da165d2682077da444
SHA1 a62a0eee02b5842c3bb89704dab46d1c147b0a09
SHA256 709de0dd11b75aab387a255d67ce303879909e06464641d4534e50331d9ae8d6
Certificate Info
Issuer Google Trust Services LLC
Subject lightdl.xyz
Fingerprint 5D:FC:B6:9A:2C:A8:E4:6C:7B:F5:B2:ED:9A:C2:5F:F4:15:78:BF:01
Validity Tue, 19 Dec 2023 16:34:42 GMT - Mon, 18 Mar 2024 16:34:41 GMT
GET /wp-content/plugins/td-cloud-library/assets/js/tdbSearch.js?ver=9e24474348f1755e0ebe145b87be714d HTTP/1.1
Host: lightdl.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Cookie: cf_clearance=EGd7UjLMaiBbEd9SQ3HVs4oYlaH4rhWC26McBt6gE2k-1707690716-1-AW5aGNBVBDF5aJ6u0zQaLWKx3YSQL5DMeE+JO2J++exoZnKtppDbBoHN5d8g41O5Q7jlwoAF3vVoyM11yCCWWN4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 11 Feb 2024 22:32:05 GMT
content-type: text/javascript
cf-bgj: minify
cf-polished: origSize=5945
last-modified: Sat, 10 Feb 2024 14:16:36 GMT
vary: Accept-Encoding, Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: HIT
age: 5761
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jCUWZVIVQkfC5Y1BqM3HjoOYmEdJf%2F1Gi%2FNmH%2B0I7MUTcE45ruk%2BTpgriT0qJo622apZ05StMogMXnJYzH1zQEkqtlAiaoNUykEQos2xithQG%2B5zYhWFZ8vwhTiVXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 85400bb8a97eb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET friendshipmale.com/sfp.js
200 OK 86 kB URL
friendshipmale.com/sfp.js
IP / ASN
104.21.234.33
#13335 CLOUDFLARENET
Requested by https://lightdl.xyz/
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5606313
Size 86 kB (85468 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Cloudflare, Inc.
Subject friendshipmale.com
Fingerprint 77:97:02:FC:C8:FC:DE:5B:AC:45:9E:A1:D2:B1:B7:9C:1B:F8:23:92
Validity Thu, 18 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 11 Feb 2024 22:32:06 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 190de1ec3b89f777df7e3305fe4cce9f
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 11 Feb 2024 22:32:06 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FlsCtvqbgSTYE4bnxdhjrlGZ%2BrXLRtJUudUejAOtP1HBE6OnjrSbaF1QNGW%2BTXqz5Lx%2BZwEEOKxvM8EDL6fWwEE%2F3ICclocr4shhdI48MsN0crv8aUDNPNqthp8sErZTq0bPykU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 85400bbeab8a23b1-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET lightdl.xyz/wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css?ver=f37a0b116c45d11f14bca079946a1778
200 OK 584 kB URL
lightdl.xyz/wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css?ver=f37a0b116c45d11f14bca079946a1778
IP / ASN
172.67.213.158
#13335 CLOUDFLARENET
Requested by https://lightdl.xyz/
Resource Info
File type ASCII text, with very long lines (65536), with no line terminators
First Seen 2024-02-11
Last Seen 2024-08-20
Times Seen 18
Size 584 kB (584452 bytes)
MD5 3ee4848cda414108efbd9acc86722ec7
SHA1 634acdfaa4447e39946d58a744a3ee6e74463f99
SHA256 ceb8ae059b8e2d487faaebe8d2b68467f9a46173c2628c99fda39b7333432d27
Certificate Info
Issuer Google Trust Services LLC
Subject lightdl.xyz
Fingerprint 5D:FC:B6:9A:2C:A8:E4:6C:7B:F5:B2:ED:9A:C2:5F:F4:15:78:BF:01
Validity Tue, 19 Dec 2023 16:34:42 GMT - Mon, 18 Mar 2024 16:34:41 GMT
GET /wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css?ver=f37a0b116c45d11f14bca079946a1778 HTTP/1.1
Host: lightdl.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Cookie: cf_clearance=EGd7UjLMaiBbEd9SQ3HVs4oYlaH4rhWC26McBt6gE2k-1707690716-1-AW5aGNBVBDF5aJ6u0zQaLWKx3YSQL5DMeE+JO2J++exoZnKtppDbBoHN5d8g41O5Q7jlwoAF3vVoyM11yCCWWN4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 11 Feb 2024 22:32:04 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=734325
last-modified: Sat, 10 Feb 2024 14:16:52 GMT
vary: Accept-Encoding, Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: HIT
age: 5760
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yf83E1%2BI9CI0YpM4IvRYr13rLuwIDyLMtOVWbmansgURxQ5KuKVOZZZwGQNyycQaXziCEOQglQsNq3rfsLEBCUIoJjnTf6CWMYlAuzRODrEde0XRKd6SUhGHngwZiw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 85400bb7180eb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET www.cdn4ads.com/kjump.min.css
200 OK 37 kB URL
www.cdn4ads.com/kjump.min.css
IP / ASN
185.76.9.21
#60068 Datacamp Limited
Requested by https://lightdl.xyz/
Resource Info
File type JavaScript source, ASCII text, with very long lines (1568)
First Seen 2024-08-20
Last Seen 2024-08-20
Times Seen 1
Size 37 kB (37069 bytes)
MD5 b2502b368f536b82993a2af8166f7890
SHA1 c98d14689ecb43c60908ac1b35fc27c6ed2a12bf
SHA256 85b4110e874514dab2b2f32d675f4125c7d2a68d19bf2c4b6629dac5ba32d75a
Certificate Info
Issuer Let's Encrypt
Subject 1037973644.rsc.cdn77.org
Fingerprint 1F:5E:86:EF:90:F1:A2:65:73:21:DF:85:05:70:C0:D9:92:9B:29:3D
Validity Mon, 11 Dec 2023 22:56:50 GMT - Sun, 10 Mar 2024 22:56:49 GMT
GET /kjump.min.css HTTP/1.1
Host: www.cdn4ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lightdl.xyz
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 11 Feb 2024 22:32:06 GMT
content-type: application/x-javascript
vary: Accept-Encoding, Origin
expires: Mon, 12 Feb 2024 07:33:00 GMT
access-control-allow-origin: https://lightdl.xyz
link: <https://cdn4ads.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
cache-control: public, max-age=604800
x-77-nzt: EwwBuUwJFAH3AHAIAAwBuUwKEwH3L0sAAAwBisclwQH3iwAAAA
x-77-nzt-ray: af58563081362f68e64ac965956c050d
x-accel-expires: @1707723180
x-accel-date: 1707137766
x-77-cache: HIT
x-77-age: 572346
content-encoding: gzip
server: CDN77-Turbo
x-cache-lb: HIT, HIT
x-age-lb: 19247, 552960
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
GET lightdl.xyz/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.4.3
200 OK 4.2 kB URL
lightdl.xyz/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.4.3
IP / ASN
172.67.213.158
#13335 CLOUDFLARENET
Requested by https://lightdl.xyz/
Resource Info
File type ASCII text, with very long lines (4186), with no line terminators
First Seen 2023-04-05
Last Seen 2025-08-02
Times Seen 24459
Size 4.2 kB (4186 bytes)
MD5 ea958276b7de454bd3c2873f0dc47e5f
SHA1 b143f6e8e8f79d8f104c26b0057ef5514d763219
SHA256 2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
Certificate Info
Issuer Google Trust Services LLC
Subject lightdl.xyz
Fingerprint 5D:FC:B6:9A:2C:A8:E4:6C:7B:F5:B2:ED:9A:C2:5F:F4:15:78:BF:01
Validity Tue, 19 Dec 2023 16:34:42 GMT - Mon, 18 Mar 2024 16:34:41 GMT
GET /wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.4.3 HTTP/1.1
Host: lightdl.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Cookie: cf_clearance=EGd7UjLMaiBbEd9SQ3HVs4oYlaH4rhWC26McBt6gE2k-1707690716-1-AW5aGNBVBDF5aJ6u0zQaLWKx3YSQL5DMeE+JO2J++exoZnKtppDbBoHN5d8g41O5Q7jlwoAF3vVoyM11yCCWWN4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 11 Feb 2024 22:32:04 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding,User-Agent
last-modified: Sat, 08 Jun 2019 02:15:02 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 5760
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GEUB8hWcFWrNTQuAKPpHiMVXM93GA3bQB%2Fky44IMrz%2Fg7mP5mawj%2FIeZOdkcSfPF%2FhR3EmuSdBu1%2BOc7zRlHkBk%2FIT30O7hkiDiCpEDSMOKOAdpsa5%2FMU8Hk8REOzg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 85400bb70ff8b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET lightdl.xyz/wp-content/plugins/jetpack/css/jetpack.css?ver=12.1
200 OK 100 kB URL
lightdl.xyz/wp-content/plugins/jetpack/css/jetpack.css?ver=12.1
IP / ASN
172.67.213.158
#13335 CLOUDFLARENET
Requested by https://lightdl.xyz/
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5606313
Size 100 kB (99643 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Google Trust Services LLC
Subject lightdl.xyz
Fingerprint 5D:FC:B6:9A:2C:A8:E4:6C:7B:F5:B2:ED:9A:C2:5F:F4:15:78:BF:01
Validity Tue, 19 Dec 2023 16:34:42 GMT - Mon, 18 Mar 2024 16:34:41 GMT
GET /wp-content/plugins/jetpack/css/jetpack.css?ver=12.1 HTTP/1.1
Host: lightdl.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Cookie: cf_clearance=EGd7UjLMaiBbEd9SQ3HVs4oYlaH4rhWC26McBt6gE2k-1707690716-1-AW5aGNBVBDF5aJ6u0zQaLWKx3YSQL5DMeE+JO2J++exoZnKtppDbBoHN5d8g41O5Q7jlwoAF3vVoyM11yCCWWN4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 11 Feb 2024 22:32:05 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=99690
last-modified: Wed, 10 May 2023 02:20:39 GMT
vary: Accept-Encoding, Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: HIT
age: 5760
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HVSNB3y%2BoZ7d5y%2BQHmKNhcSkx9R7hMOatS6JyoSC%2FLY0MJCmnc7h4Df6aVjC%2Bf%2FYODxQvXlq8BV6a78rtandDam98NV9%2BA%2BOTB8cbZJ90Oqm1E6M8BzqczcFhtV12w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 85400bb73826b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET lightdl.xyz/wp-content/plugins/td-cloud-library/assets/js/tdbMenu.js?ver=9e24474348f1755e0ebe145b87be714d
200 OK 11 kB URL
lightdl.xyz/wp-content/plugins/td-cloud-library/assets/js/tdbMenu.js?ver=9e24474348f1755e0ebe145b87be714d
IP / ASN
172.67.213.158
#13335 CLOUDFLARENET
Requested by https://lightdl.xyz/
Resource Info
File type JavaScript source, ASCII text, with very long lines (10758), with no line terminators
First Seen 2023-12-22
Last Seen 2025-07-14
Times Seen 530
Size 11 kB (10758 bytes)
MD5 f6e41c15ff8a7c8f22499f506572460e
SHA1 dd0e01bafaedec16b5f7f2bdef888ccc5b1625ee
SHA256 f1c62d99354195470e5b00ea8c9590bfc5810e78bf2e16fd72ae60785c19e0be
Certificate Info
Issuer Google Trust Services LLC
Subject lightdl.xyz
Fingerprint 5D:FC:B6:9A:2C:A8:E4:6C:7B:F5:B2:ED:9A:C2:5F:F4:15:78:BF:01
Validity Tue, 19 Dec 2023 16:34:42 GMT - Mon, 18 Mar 2024 16:34:41 GMT
GET /wp-content/plugins/td-cloud-library/assets/js/tdbMenu.js?ver=9e24474348f1755e0ebe145b87be714d HTTP/1.1
Host: lightdl.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Cookie: cf_clearance=EGd7UjLMaiBbEd9SQ3HVs4oYlaH4rhWC26McBt6gE2k-1707690716-1-AW5aGNBVBDF5aJ6u0zQaLWKx3YSQL5DMeE+JO2J++exoZnKtppDbBoHN5d8g41O5Q7jlwoAF3vVoyM11yCCWWN4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 11 Feb 2024 22:32:05 GMT
content-type: text/javascript
cf-bgj: minify
cf-polished: origSize=10781
last-modified: Sat, 10 Feb 2024 14:16:36 GMT
vary: Accept-Encoding, Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: HIT
age: 5761
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=imJTPY4T9f%2BJ1wnvxEaC%2B6iwwiZ2k8RVifeP4KBDHMn%2BJtJEBro3tAsXMQqDSeNQ%2BuQ2DZ2hz3de3%2B0CSO3Qqq%2B%2FdeLdP8j8HvMlWS%2FwjURh2NNMuA85tJQhPjM0Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 85400bb8a97bb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET c.adsco.re/
0 B IP / ASN
0.0.0.0
#0
Requested by https://lightdl.xyz/
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5606313
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Sectigo Limited
Subject *.adsco.re
Fingerprint 40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73
Validity Sat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 11 Feb 2024 22:32:07 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Wed, 13 Mar 2024 22:32:07 GMT
etag: W/"+/38insjf4NIeVM4D6lOpg=="
cf-cache-status: HIT
age: 1574
vary: Accept-Encoding
server: cloudflare
cf-ray: 85400bc62ae656cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET lightdl.xyz/wp-content/plugins/td-composer/legacy/Newspaper/js/tdSmartSidebar.js?ver=12.6.4
200 OK 9.7 kB URL
lightdl.xyz/wp-content/plugins/td-composer/legacy/Newspaper/js/tdSmartSidebar.js?ver=12.6.4
IP / ASN
172.67.213.158
#13335 CLOUDFLARENET
Requested by https://lightdl.xyz/
Resource Info
File type JavaScript source, ASCII text, with very long lines (9910), with no line terminators
First Seen 2023-11-26
Last Seen 2024-08-20
Times Seen 32
Size 9.7 kB (9696 bytes)
MD5 4311f3cda8a782f3811c73f412d6a82c
SHA1 227fda8466db7d00e0c90f0b14575c13d6851db2
SHA256 6500b870e40f6ff305a83d01b12e5d32222a1ad63fb4cb5d41d4ab0f89041852
Certificate Info
Issuer Google Trust Services LLC
Subject lightdl.xyz
Fingerprint 5D:FC:B6:9A:2C:A8:E4:6C:7B:F5:B2:ED:9A:C2:5F:F4:15:78:BF:01
Validity Tue, 19 Dec 2023 16:34:42 GMT - Mon, 18 Mar 2024 16:34:41 GMT
GET /wp-content/plugins/td-composer/legacy/Newspaper/js/tdSmartSidebar.js?ver=12.6.4 HTTP/1.1
Host: lightdl.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Cookie: cf_clearance=EGd7UjLMaiBbEd9SQ3HVs4oYlaH4rhWC26McBt6gE2k-1707690716-1-AW5aGNBVBDF5aJ6u0zQaLWKx3YSQL5DMeE+JO2J++exoZnKtppDbBoHN5d8g41O5Q7jlwoAF3vVoyM11yCCWWN4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 11 Feb 2024 22:32:05 GMT
content-type: text/javascript
cf-bgj: minify
cf-polished: origSize=9716
last-modified: Sat, 10 Feb 2024 14:16:28 GMT
vary: Accept-Encoding, Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: HIT
age: 5761
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qQjFaiMMx0DIfNYsTNbFJqPrulC8VPyfXtATyD%2F27EvJ2sntunEuWRETSoTyt1nEj49qO01B5vDcWURUgl609tb2QQqeS61aS5LMJ06wNq7UC8IbQkau7ZrwBdBD4A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 85400bb8a982b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/js/jquery.min.js
200 OK 84 kB URL
cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/js/jquery.min.js
IP / ASN
172.64.161.4
#13335 CLOUDFLARENET
Requested by https://lightdl.xyz/
Resource Info
File type JavaScript source, ASCII text, with very long lines (32025)
First Seen 2023-03-07
Last Seen 2025-08-02
Times Seen 8790
Size 84 kB (84380 bytes)
MD5 4a356126b9573eb7bd1e9a7494737410
SHA1 8258d046f17dd3c15a5d3984e1868b7b5d1db329
SHA256 22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
Certificate Info
Issuer Google Trust Services LLC
Subject creative-bars1.com
Fingerprint 49:C8:A4:CE:31:56:FC:06:71:93:06:7A:69:DD:ED:B2:EF:C9:41:97
Validity Tue, 19 Dec 2023 15:02:46 GMT - Mon, 18 Mar 2024 15:02:45 GMT
GET /sb/ssp/vpn/classic-push/small/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 11 Feb 2024 22:32:09 GMT
content-type: application/javascript
last-modified: Tue, 21 Sep 2021 12:03:44 GMT
etag: W/"6149ca20-1499c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 7577983
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NyrbTyjqt6nGMSJF0l%2FIM98%2FCu1NpyDbE7RlJ6jY6sjYnLL37dx%2F9GW%2BNEBG9cDfj1mTJJFL0qoCuEVSPEa75YRXnC6%2FtrAHM%2FzpGIvu3yNoQ3UN7Mv3vA2gIDCHLxGZtR0o14aSjjZI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 85400bd3ffd2652d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET lightdl.xyz/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=963059d7cceb10dc9b9adeec7fadb27d
200 OK 139 kB URL
lightdl.xyz/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=963059d7cceb10dc9b9adeec7fadb27d
IP / ASN
172.67.213.158
#13335 CLOUDFLARENET
Requested by https://lightdl.xyz/
Resource Info
File type ASCII text, with very long lines (65536), with no line terminators
First Seen 2024-02-11
Last Seen 2024-08-20
Times Seen 8
Size 139 kB (139318 bytes)
MD5 dc8bc3bce61abcdbb417cc72fc0124ad
SHA1 c9a823d4e2c32e78b61a9cfa6f07d4ea9f09d7c9
SHA256 112fa8df8bf2ca6431122822caf7499cba8f69d84f01e115af4bd93eb4959289
Certificate Info
Issuer Google Trust Services LLC
Subject lightdl.xyz
Fingerprint 5D:FC:B6:9A:2C:A8:E4:6C:7B:F5:B2:ED:9A:C2:5F:F4:15:78:BF:01
Validity Tue, 19 Dec 2023 16:34:42 GMT - Mon, 18 Mar 2024 16:34:41 GMT
GET /wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=963059d7cceb10dc9b9adeec7fadb27d HTTP/1.1
Host: lightdl.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Cookie: cf_clearance=EGd7UjLMaiBbEd9SQ3HVs4oYlaH4rhWC26McBt6gE2k-1707690716-1-AW5aGNBVBDF5aJ6u0zQaLWKx3YSQL5DMeE+JO2J++exoZnKtppDbBoHN5d8g41O5Q7jlwoAF3vVoyM11yCCWWN4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 11 Feb 2024 22:32:04 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=170553
last-modified: Sat, 10 Feb 2024 14:16:28 GMT
vary: Accept-Encoding, Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: HIT
age: 5760
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=70unR8dyNEpaEQ5h9HgZL45SUgSOldUDDi4XNJ6L8RRZdC7LpfSf%2BWBcMCRbMFhwuUtqSuV2aEchBpDkRlhd8SnP0pGrU8Wahxd%2Fcp36VrKEY4PuKpyGQYmd8GCrWw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 85400bb71802b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET lightdl.xyz/wp-includes/js/comment-reply.min.js?ver=6.4.3
200 OK 3.0 kB URL
lightdl.xyz/wp-includes/js/comment-reply.min.js?ver=6.4.3
IP / ASN
172.67.213.158
#13335 CLOUDFLARENET
Requested by https://lightdl.xyz/
Resource Info
File type ASCII text, with very long lines (3056), with no line terminators
First Seen 2023-04-05
Last Seen 2025-04-06
Times Seen 7019
Size 3.0 kB (2981 bytes)
MD5 dc7f90d513295c29acc441fe114a2cab
SHA1 ca9e5069d9afc4aa13ab2e152313dfb476e842ef
SHA256 f87915c58d8c25473c726646b58d2fe0ba9a136987571e6c810aba3c67b4f74c
Certificate Info
Issuer Google Trust Services LLC
Subject lightdl.xyz
Fingerprint 5D:FC:B6:9A:2C:A8:E4:6C:7B:F5:B2:ED:9A:C2:5F:F4:15:78:BF:01
Validity Tue, 19 Dec 2023 16:34:42 GMT - Mon, 18 Mar 2024 16:34:41 GMT
GET /wp-includes/js/comment-reply.min.js?ver=6.4.3 HTTP/1.1
Host: lightdl.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Cookie: cf_clearance=EGd7UjLMaiBbEd9SQ3HVs4oYlaH4rhWC26McBt6gE2k-1707690716-1-AW5aGNBVBDF5aJ6u0zQaLWKx3YSQL5DMeE+JO2J++exoZnKtppDbBoHN5d8g41O5Q7jlwoAF3vVoyM11yCCWWN4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 11 Feb 2024 22:32:05 GMT
content-type: text/javascript
vary: Accept-Encoding, Accept-Encoding,User-Agent
last-modified: Fri, 12 Aug 2022 22:48:20 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 5761
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3tt6aZmq1RXrf371eXXcqhxRqYa0kpvNmNasTMwkputdfGW5vhcimO9Myp%2FL5G%2B%2BGt1UddAfJmmtXHRz2jPzwURnM1gEitsbDwpLCZt1xN87hahGTh4JmKjSP8MsfA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 85400bb8895ab515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/css/style.css
200 OK 3.4 kB URL
cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/css/style.css
IP / ASN
172.64.161.4
#13335 CLOUDFLARENET
Requested by https://lightdl.xyz/
Resource Info
File type ASCII text, with very long lines (3537), with no line terminators
First Seen 2024-02-11
Last Seen 2025-03-17
Times Seen 374
Size 3.4 kB (3355 bytes)
MD5 b8a277e051f047a41d3229377460f0c9
SHA1 596b934114e1b6e3cee15ef19925c7f2ff5607e7
SHA256 9cf981fe6d59b72cb9d12e4bc958983bac07f16b8f1b40bb1c6ced0bf2d6b2d0
Certificate Info
Issuer Google Trust Services LLC
Subject creative-bars1.com
Fingerprint 49:C8:A4:CE:31:56:FC:06:71:93:06:7A:69:DD:ED:B2:EF:C9:41:97
Validity Tue, 19 Dec 2023 15:02:46 GMT - Mon, 18 Mar 2024 15:02:45 GMT
GET /sb/ssp/vpn/classic-push/small/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lightdl.xyz
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 11 Feb 2024 22:32:09 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:19:42 GMT
etag: W/"65aa84fe-d1b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 124550
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ET7hDjGtFtKZ6wO3LnRxDF5tVQFt6pcoPwPoc3%2FkloK7f8O1Odih%2FbGwHXSZurW3BTu5z4V7Bg4ZfFeVuAy2ZG4z%2FeCwFA5KinE8618fdKL1Srs1sXzJrhBfEw%2FkzmaMt1A8susl3HfB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 85400bd31bee640a-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET lightdl.xyz/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-videopress/build/block-editor/blocks/video/view.css?minify=false&ver=317afd605f368082816f
200 OK 1.6 kB URL
lightdl.xyz/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-videopress/build/block-editor/blocks/video/view.css?minify=false&ver=317afd605f368082816f
IP / ASN
172.67.213.158
#13335 CLOUDFLARENET
Requested by https://lightdl.xyz/
Resource Info
File type ASCII text, with very long lines (1610), with no line terminators
First Seen 2023-05-01
Last Seen 2025-07-22
Times Seen 166
Size 1.6 kB (1610 bytes)
MD5 85001da72d2adacd89f64191337692ca
SHA1 f4aabaaef3d271c4e6cbcfb974b3d3b403a32db0
SHA256 95d19d87f29a6ea4e274e3681e839eac392e30647f4d373841c3c9c30749b64b
Certificate Info
Issuer Google Trust Services LLC
Subject lightdl.xyz
Fingerprint 5D:FC:B6:9A:2C:A8:E4:6C:7B:F5:B2:ED:9A:C2:5F:F4:15:78:BF:01
Validity Tue, 19 Dec 2023 16:34:42 GMT - Mon, 18 Mar 2024 16:34:41 GMT
GET /wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-videopress/build/block-editor/blocks/video/view.css?minify=false&ver=317afd605f368082816f HTTP/1.1
Host: lightdl.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Cookie: cf_clearance=EGd7UjLMaiBbEd9SQ3HVs4oYlaH4rhWC26McBt6gE2k-1707690716-1-AW5aGNBVBDF5aJ6u0zQaLWKx3YSQL5DMeE+JO2J++exoZnKtppDbBoHN5d8g41O5Q7jlwoAF3vVoyM11yCCWWN4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 11 Feb 2024 22:32:04 GMT
content-type: text/css
cf-bgj: minify
last-modified: Wed, 10 May 2023 02:20:39 GMT
vary: Accept-Encoding, Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: HIT
age: 5760
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Muzgel2sqVsmmbGOYBVaGeLujh9DZVDAQwOhkxfT3jG68lt%2Fj62AMbYwvfWMt56NwcKGQjMpl1qKX9GZaqbrCPymbdDszALhaPw%2F9u7QBdMKbzqsCHUf1bIr9r67Vg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 85400bb70ff2b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET lightdl.xyz/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=12.6.4
200 OK 160 kB URL
lightdl.xyz/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=12.6.4
IP / ASN
172.67.213.158
#13335 CLOUDFLARENET
Requested by https://lightdl.xyz/
Resource Info
File type JavaScript source, ASCII text, with very long lines (670)
First Seen 2024-02-11
Last Seen 2025-07-31
Times Seen 90
Size 160 kB (160478 bytes)
MD5 2b3a6d1c0c1cc1f4ca173aa7c1645bdb
SHA1 896718612ca0d597bac65e66dbe78563a807f9d5
SHA256 7e88c3dc7e72d5e8348aebad64e1666a2bffc1b6d98c00239d8dca4f62887bd4
Certificate Info
Issuer Google Trust Services LLC
Subject lightdl.xyz
Fingerprint 5D:FC:B6:9A:2C:A8:E4:6C:7B:F5:B2:ED:9A:C2:5F:F4:15:78:BF:01
Validity Tue, 19 Dec 2023 16:34:42 GMT - Mon, 18 Mar 2024 16:34:41 GMT
GET /wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=12.6.4 HTTP/1.1
Host: lightdl.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lightdl.xyz/
Cookie: cf_clearance=EGd7UjLMaiBbEd9SQ3HVs4oYlaH4rhWC26McBt6gE2k-1707690716-1-AW5aGNBVBDF5aJ6u0zQaLWKx3YSQL5DMeE+JO2J++exoZnKtppDbBoHN5d8g41O5Q7jlwoAF3vVoyM11yCCWWN4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 11 Feb 2024 22:32:05 GMT
content-type: text/javascript
vary: Accept-Encoding, Accept-Encoding,User-Agent
last-modified: Sat, 10 Feb 2024 14:16:28 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 5761
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o4HNDWnh1Z3XDUHzxrnayRbVH6mcBwXeE8Hsck0adEjXNbVWUZwOicFHdUaVh5lNlMUAteWleXEu4HaM1n26b7CmvWMNHc5%2FPkE2%2B0q1Pbey89U1ixZC%2B4O7So4iBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 85400bb88952b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
