Report - kellywhatcould.com/6offsm0hajmi

Report Overview

Visited public
2025-06-07 12:23:47
Tags
URL
kellywhatcould.com/6offsm0hajmi
Finishing URL
jilliandescribecompany.com/6offsm0hajmi
IP / ASN
186.2.163.224
#59692 IQWeb FZ-LLC
Title
Watch So High German 2001 AC3 BDRip iNTERNAL-SPiCY - VOE | Content Delivery Network (CDN) & Video Cloud

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2025-06-04	914 B	31 kB	142.250.74.10
imasdk.googleapis.com	11661	2005-01-25	2014-02-25	2025-06-07	441 B	461 kB	142.250.178.106
kellywhatcould.com	unknown	2025-05-17	2025-05-18	2025-05-18	499 B	2.4 kB	186.2.163.224
ptichoolsougn.net	unknown	2024-11-26	2024-12-10	2025-06-04	3.8 kB	167 kB	139.45.197.107
fleraprt.com	unknown	2022-01-14	2022-01-14	2025-06-06	1.2 kB	930 B	139.45.195.252
jilliandescribecompany.com	unknown	2025-05-24	2025-05-28	2025-06-06	23 kB	1.9 MB	186.2.163.111
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2025-06-04	3.3 kB	166 kB	142.250.74.35
tzegilo.com	unknown	2022-01-14	2022-01-14	2025-06-02	421 B	19 kB	172.67.193.52
cdn.pncloudfl.com	13313	2021-04-20	2021-06-07	2025-06-01	1.8 kB	184 kB	104.22.59.221
my.rtmark.net	9054	2014-10-29	2015-02-04	2025-06-05	459 B	849 B	104.18.41.22
cdnjs.cloudflare.com	235	2009-02-17	2012-05-23	2025-06-04	1.4 kB	176 kB	104.17.25.14
campfirecroutondecorator.com	unknown	2025-03-12	2025-03-16	2025-06-03	9.5 kB	263 kB	94.242.247.33
bobapsoabauns.com	unknown	2025-01-23	2025-03-26	2025-06-03	924 B	166 kB	172.67.166.60

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-06-07	medium	ptichoolsougn.net	Sinkholed
2025-06-07	medium	ptichoolsougn.net	Sinkholed
2025-06-07	medium	ptichoolsougn.net	Sinkholed
2025-06-07	medium	ptichoolsougn.net	Sinkholed
2025-06-07	medium	bobapsoabauns.com	Sinkholed
2025-06-07	medium	bobapsoabauns.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (25)

	URL	From	Size	First Seen	Last Seen
	jilliandescribecompany.com/js/loader.c7381b2.js	ScriptElement	87 kB	2025-05-16	2025-06-15
Pretty URL jilliandescribecompany.com/js/loader.c7381b2.js IP 186.2.163.111 ASN #59692 IQWeb FZ-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-16 04:35 Last Seen2025-06-15 06:44 Times Seen18 Hash b8fdf254afa3d3bc5c0da167a13c2e36 05fb272653e88f082394c503d7178b3c2f71e899 c5ff72987e6f553a72a6ca16125ab9f2c947a198dbc9d24157b3c39e1f1a2367 Loading...

	jilliandescribecompany.com/6offsm0hajmi	ScriptElement	454 B	2025-05-28	2025-06-15
Pretty URL jilliandescribecompany.com/6offsm0hajmi IP 186.2.163.111 ASN #59692 IQWeb FZ-LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-28 10:36 Last Seen2025-06-15 06:44 Times Seen15 Hash 803f85828b8a86c0403d44c6dea1b3b5 ce25ec8e91f62bcfa24d040625d18403f9526973 6b15d13a9509cad54fc4a34a24f9779af48c712d92ef0d65c5c0fc29ee50b24e Loading...

	jilliandescribecompany.com/6offsm0hajmi	ScriptElement	369 B	2025-04-23	2025-06-15
Pretty URL jilliandescribecompany.com/6offsm0hajmi IP 186.2.163.111 ASN #59692 IQWeb FZ-LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2025-04-23 04:06 Last Seen2025-06-15 06:44 Times Seen24 Hash 2115494b641b4e1a14f34d2d64552b29 fae5e680c19b68b4e43ced6a9d5b2e16908f6b32 8b73c45b8b1af92c506986362978acead1583913f419776f6db2196ec46a3b15 Loading...

	jilliandescribecompany.com/6offsm0hajmi	ScriptElement	864 B	2025-04-16	2025-06-15
Pretty URL jilliandescribecompany.com/6offsm0hajmi IP 186.2.163.111 ASN #59692 IQWeb FZ-LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2025-04-16 08:02 Last Seen2025-06-15 06:44 Times Seen45 Hash df2b5e52de60e369343479e91bb36b29 f5d3d73c0ce0255d4899e6151e7a54aef1e26a7b 5f82bdc3f3698939df748aa682bc49c5299d1cc25c6afbcc3e16ecf5fd0318f1 Loading...

	jilliandescribecompany.com/6offsm0hajmi	ScriptElement	21 B	2025-04-17	2025-06-15
Pretty URL jilliandescribecompany.com/6offsm0hajmi IP 186.2.163.111 ASN #59692 IQWeb FZ-LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2025-04-17 20:44 Last Seen2025-06-15 06:44 Times Seen32 Hash ba04ce282da046cf55192a5e83149805 c916ba55455060853a2531909c34c7a079efaa16 6ff7bd06bf9aba3e4153d194ef4306ca57da5d933bc98c7c177b62678e97aa2a Loading...

	jilliandescribecompany.com/jwplayer/8.36.6/jwpsrv.js	ScriptElement	67 kB	2025-04-10	2025-06-15
Pretty URL jilliandescribecompany.com/jwplayer/8.36.6/jwpsrv.js IP 186.2.163.111 ASN #59692 IQWeb FZ-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-10 04:03 Last Seen2025-06-15 06:44 Times Seen48 Hash b7c09a238f43ba40002820079de36b91 620bbc4b53e6fd80b6cd5c89271bc09973d51903 be32622dbb1e238992fe4d24d3fd2aaf05b5a283f58f249790b673f04e64c24f Loading...

	jilliandescribecompany.com/6offsm0hajmi	ScriptElement	68 B	2025-05-28	2025-06-15
Pretty URL jilliandescribecompany.com/6offsm0hajmi IP 186.2.163.111 ASN #59692 IQWeb FZ-LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-28 10:36 Last Seen2025-06-15 06:44 Times Seen15 Hash 680a5f9238e96e2226e6cd9976355f86 2c15fd7173ff52ce22d48c3e3d823e726f140aa1 995af4523a84645f2132a2682dacf44bbef5f4bd381f9345b19ba83dc426a764 Loading...

	jilliandescribecompany.com/6offsm0hajmi	ScriptElement	1.2 kB	2025-05-28	2025-06-15
Pretty URL jilliandescribecompany.com/6offsm0hajmi IP 186.2.163.111 ASN #59692 IQWeb FZ-LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-28 10:36 Last Seen2025-06-15 06:44 Times Seen15 Hash 1b7f650ed5e68a6093fb5079875dcb74 ac248fb3710103047c295df6e4bff5a1e0e22e82 f474421d0b21451cc69e9718fd24278d7137f131571ff402ed3ec6418ef15185 Loading...

	campfirecroutondecorator.com/check.html	ScriptElement	762 B	2025-03-07	2025-06-16
Pretty URL campfirecroutondecorator.com/check.html IP 94.242.247.33 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-07 08:34 Last Seen2025-06-16 07:24 Times Seen738 Hash 8f2e0cd22b41fa7c9212af0b11f449d3 6c552632a2eeaa712496444594c3e8c68eadbbb0 d7ca5af269e02e5109a61ef55df0196e2206204d6c742daba5a153defc097fda Loading...

	campfirecroutondecorator.com/in.js	ScriptElement	248 kB	2025-05-31	2025-06-09
Pretty URL campfirecroutondecorator.com/in.js IP 94.242.247.33 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-31 13:49 Last Seen2025-06-09 04:29 Times Seen14 Hash d1ef1d268005720967b61d636ab40cfe 92d49208e2c32f557025aea7a2e7b5c48b8104b8 2300128b0e876572c1dc63455b70d9b4dbb8e6791c9187ddfe2b6e4c3506eff7 Loading...

	campfirecroutondecorator.com/get/2060451?id=2060451&jp=_clinrkokxoplitrymwrwyn&dr=102&nojs=0&abvar=0&febuild=1.0.552-st&t=0&wcks=1&wgl=1&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=7Iobn9vsTVb6W0AujpXWVsPCTpVIbFIUEQtsql-&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&vcv=Mesa&vcn=llvmpipe&psr=Etf8v7OaHR0cHM6Ly9rZWxseXdoYXRjb3VsZC5jb20v&ix=0&x=1280&y=1024&md=0&psu=81AwGdNaHR0cHM6Ly9qaWxsaWFuZGVzY3JpYmVjb21wYW55LmNvbS82b2Zmc20waGFqbWk&afid=8558891360961024&eclog=0&seu=GMiNDE0aHR0cHM6Ly9rZWxseXdoYXRjb3VsZC5jb20v&snc=0&ssc=0&vp=8&dto=2&im=1&noch=1&de=0&cs=2&uf=0&freq=0	ScriptElement	9.2 kB	2025-06-07	2025-06-07
Pretty URL campfirecroutondecorator.com/get/2060451?id=2060451&jp=_clinrkokxoplitrymwrwyn&dr=102&nojs=0&abvar=0&febuild=1.0.552-st&t=0&wcks=1&wgl=1&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=7Iobn9vsTVb6W0AujpXWVsPCTpVIbFIUEQtsql-&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&vcv=Mesa&vcn=llvmpipe&psr=Etf8v7OaHR0cHM6Ly9rZWxseXdoYXRjb3VsZC5jb20v&ix=0&x=1280&y=1024&md=0&psu=81AwGdNaHR0cHM6Ly9qaWxsaWFuZGVzY3JpYmVjb21wYW55LmNvbS82b2Zmc20waGFqbWk&afid=8558891360961024&eclog=0&seu=GMiNDE0aHR0cHM6Ly9rZWxseXdoYXRjb3VsZC5jb20v&snc=0&ssc=0&vp=8&dto=2&im=1&noch=1&de=0&cs=2&uf=0&freq=0 IP 94.242.247.33 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-07 12:23 Last Seen2025-06-07 12:23 Times Seen1 Hash 944e51bc5c425126510ec89cb736cdf7 461473bc78ba9851743c564a5c1267708925bb8c e51a21133fb0f465e1e9c143aa7fd745e76ca189d97cc37b7cba24fe191d9da8 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js	ScriptElement	88 kB	2023-08-31	2025-06-16
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-31 16:03 Last Seen2025-06-16 07:41 Times Seen39231 Hash 2c872dbe60f4ba70fb85356113d8b35e ee48592d1fff952fcf06ce0b666ed4785493afdc fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a Loading...

	jilliandescribecompany.com/6offsm0hajmi	ScriptElement	102 B	2025-05-16	2025-06-15
Pretty URL jilliandescribecompany.com/6offsm0hajmi IP 186.2.163.111 ASN #59692 IQWeb FZ-LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-16 04:35 Last Seen2025-06-15 06:44 Times Seen18 Hash 49ff2300f43dca2ee8ad9e684f22aae9 af3832931ea1cb6faf81664f356a2f7e7fd23ed9 4668b1c4be37e700f7fa7f0514795b0e1dfd6c03eaf2d35e499cec8057bc1a01 Loading...

	jilliandescribecompany.com/6offsm0hajmi	ScriptElement	106 kB	2025-05-28	2025-06-15
Pretty URL jilliandescribecompany.com/6offsm0hajmi IP 186.2.163.111 ASN #59692 IQWeb FZ-LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-28 10:36 Last Seen2025-06-15 06:44 Times Seen15 Hash cb730835811fc6164ad0c41a4748ebcb 22c1d376d48813e67d49941f63eae358b293ee98 459338ffa0b669fd235404d2e2f8b72ea1b402f1ca2fc557a6764e92b10cb43d Loading...

	jilliandescribecompany.com/6offsm0hajmi	EventHandler	12 B	2025-06-06	2025-06-15
Pretty URL jilliandescribecompany.com/6offsm0hajmi IP 186.2.163.111 ASN #59692 IQWeb FZ-LLC Introduced by eventHandler Embedded in HTML false Observations First Seen2025-06-06 14:34 Last Seen2025-06-15 06:44 Times Seen13 Hash 1cf95757c58e27fb052532f0d99e2992 24bc19599cc089d52d21ab774e6c4d4a72e814ad 826de74e5d65a1158788aa20221d23d0b65b42937bb711427d0c21bbd9dedf09 Loading...

	jilliandescribecompany.com/6offsm0hajmi	Eval	9 B	2023-03-07	2025-06-15
Pretty URL jilliandescribecompany.com/6offsm0hajmi IP 186.2.163.111 ASN #59692 IQWeb FZ-LLC Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-06-15 12:21 Times Seen3371 Hash 73497a37c3561adbd8ce84e4f017b368 9193ae73cb3dd2833be8c942714d5544bfb628c9 9312a1adbbf0a4c05fc296d158ec3bd39acfe50e9e98ff02688139aad6fc3351 Loading...

	jilliandescribecompany.com/jwplayer/8.36.6/jwplayer.js	ScriptElement	154 kB	2025-04-16	2025-06-15
Pretty URL jilliandescribecompany.com/jwplayer/8.36.6/jwplayer.js IP 186.2.163.111 ASN #59692 IQWeb FZ-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-16 08:02 Last Seen2025-06-15 06:44 Times Seen46 Hash d06133f0e579d584066b7c5813c1f1a3 ca12bf94e6045100716b4ae059af2dee719dedd2 4e557ea7304bbb798328b1d5a74462393ea879a0288e513a371708bba3932bc4 Loading...

	jilliandescribecompany.com/jwplayer/8.36.6/jwplayer.core.controls.js	ScriptElement	340 kB	2025-04-27	2025-06-15
Pretty URL jilliandescribecompany.com/jwplayer/8.36.6/jwplayer.core.controls.js IP 186.2.163.111 ASN #59692 IQWeb FZ-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-27 22:01 Last Seen2025-06-15 06:44 Times Seen20 Hash c8fc89b8e42c4a24d4d3ee9944d04e9f 1d47b5067f9b3756f6a6cd10b44fe3c3cd58952c 2a9d386316399957231faaab81b0e2f30c45e5049d1e1ed3dee7f6e5d00e7ca4 Loading...

	jilliandescribecompany.com/6offsm0hajmi	ScriptElement	410 B	2025-06-07	2025-06-07
Pretty URL jilliandescribecompany.com/6offsm0hajmi IP 186.2.163.111 ASN #59692 IQWeb FZ-LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-07 12:23 Last Seen2025-06-07 12:23 Times Seen1 Hash ca5b4af40025677359db8ffbc66d1e83 372bd43c21e1e286de35b7e3077a789356bdfcc8 9c10702bf413a8cfca0d8076aaeb3b939c375f46fee0229600bc66ae521a502a Loading...

	cdnjs.cloudflare.com/ajax/libs/vanilla-lazyload/10.17.0/lazyload.min.js	ScriptElement	5.1 kB	2023-03-10	2025-06-15
Pretty URL cdnjs.cloudflare.com/ajax/libs/vanilla-lazyload/10.17.0/lazyload.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 00:45 Last Seen2025-06-15 06:44 Times Seen94 Hash 375e3e0688214ca1595fc28956430dd1 09ba8de39859cd17c2701057352dd5b8bc3c07f6 a052ce2a1bfa39fd0315ec22b7b123a0097dc99884a5b10c348931a2b0190b1f Loading...

	imasdk.googleapis.com/js/sdkloader/ima3.js	ScriptElement	460 kB	2025-06-06	2025-06-09
Pretty URL imasdk.googleapis.com/js/sdkloader/ima3.js IP 142.250.178.106 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-06 14:34 Last Seen2025-06-09 04:15 Times Seen7 Hash b40bf14ceae265c93e939d220d3c3629 c041db8a73261f1839eb33baa70c4ad430d5a9b1 d4aff76801d40ce68f3981abf460db629da8da65cfa8afb56df9075b4d9ccb1d Loading...

	jilliandescribecompany.com/6offsm0hajmi	ScriptElement	849 B	2025-05-28	2025-06-15
Pretty URL jilliandescribecompany.com/6offsm0hajmi IP 186.2.163.111 ASN #59692 IQWeb FZ-LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-28 10:36 Last Seen2025-06-15 06:44 Times Seen15 Hash a62e460fbde44f2a530da62245211db4 47114e7b018ddc2cda5b0ac878103af424d2da36 8e5285581b6e3bd0dac80106deffb8850543fe58ab3f6f3e4610a7b489d97720 Loading...

	jilliandescribecompany.com/jwplayer/8.36.6/provider.hlsjs.js	ScriptElement	461 kB	2025-04-16	2025-06-15
Pretty URL jilliandescribecompany.com/jwplayer/8.36.6/provider.hlsjs.js IP 186.2.163.111 ASN #59692 IQWeb FZ-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-16 08:02 Last Seen2025-06-15 06:44 Times Seen47 Hash 368c206a1d7773f59f3e0bc33abd667f 1ea49b423a61e884ead7aa6280a7925ce4a7babe 7c0f3ee7233b733cff63d69c75107142c7a619074ec95733ee1fc33f20537f2b Loading...

	ptichoolsougn.net/401/9013477	ScriptElement	162 kB	2025-06-07	2025-06-07
Pretty URL ptichoolsougn.net/401/9013477 IP 139.45.197.107 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-07 12:23 Last Seen2025-06-07 12:23 Times Seen1 Hash a3c0e6da60d406d4e917376db20c1d8f b1a67db190fdedde6004c2e059808d016300127c 02f56e7ec0be5c8ffbaefd6811c4d289b1fef31d16330ee15e6ab6d8b067ff09 Loading...

	tzegilo.com/stattag.js	ScriptElement	18 kB	2024-07-11	2025-06-16
Pretty URL tzegilo.com/stattag.js IP 172.67.193.52 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-11 16:28 Last Seen2025-06-16 01:29 Times Seen2243 Hash 01227f5edc20e0ff4ed643b27cb8bb68 d71a88f7341f2b1bdaa7deb9a66888607bd52598 75c91d86601e23ab56d872b31b42660f893fc6d6b0785e085c06c2c038e98fb2 Loading...

HTTP Transactions (50)

URL IP Response Size

ptichoolsougn.net/impression/t895rCzRXliAZJXMiNs4Mn2PmAyDKzu059QO0Hcx9ma0p07BzhP2ZOxDRQFOWGVw_jMczriUwVv9oGV80MQy_LsNkluMkbfyDjHQjPFKwz3E5TFDo-EoiPPnOAo7aH-3PpYukkX17KXFpCgL_vSfWWlpSFisL2NVPUmn91KCowrKuKAxeiJ35Cza1lAVCE9THeANVdnRXxljIYu7JnDH8eQyTRoqP259qqO2WZ6koP38XxZrOGS1sxHlfRA-hNm-OjzbfYS4m1TYjMOa20f0RZXo-G5UGnCdIrj9oTMFY43G_xwsRJ3XkJJCbfJfBTvdqcgFPexhHSs2KGm5mSMKpbUuV-rfwJXH3k3UcfIOQJEU-TQkgpOJurxKiFHcFVXi46RSXMYxd1stQd7I5xdmSlgUkQlTeXSMLKW6gq27Ma3_7zO69JuB0vin912G0ttKoOSVeCNx5D_daChebX7WIzFOPlBG8bQBjrKjQrhNoCFoEj4EewcChhFDM3fn9P0rVUayMcTgwYbOr3VDbx9AHUBlSPD9_o757Ujnoepj3wvro_8_q26Y633qw63QlB7q871TrdeQ-ovxfe_ye2DQNy8g4xqvJS3jGijDsoaxtLDLNzeCyy_GaVStJvC99BUTCQrwczjlj6WkAVNLzTrt1HbzehpOgQGKszLEPDJJOIIrsILXQCMBSA==?_z=9013477&js_build=8&sw_version=v1.644.0&dmn=ptichoolsougn.net&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Fjilliandescribecompany.com%2F6offsm0hajmi&drf=https%3A%2F%2Fkellywhatcould.com%2F&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1

139.45.197.107

200 OK

43 B

URL GET
ptichoolsougn.net/impression/t895rCzRXliAZJXMiNs4Mn2PmAyDKzu059QO0Hcx9ma0p07BzhP2ZOxDRQFOWGVw_jMczriUwVv9oGV80MQy_LsNkluMkbfyDjHQjPFKwz3E5TFDo-EoiPPnOAo7aH-3PpYukkX17KXFpCgL_vSfWWlpSFisL2NVPUmn91KCowrKuKAxeiJ35Cza1lAVCE9THeANVdnRXxljIYu7JnDH8eQyTRoqP259qqO2WZ6koP38XxZrOGS1sxHlfRA-hNm-OjzbfYS4m1TYjMOa20f0RZXo-G5UGnCdIrj9oTMFY43G_xwsRJ3XkJJCbfJfBTvdqcgFPexhHSs2KGm5mSMKpbUuV-rfwJXH3k3UcfIOQJEU-TQkgpOJurxKiFHcFVXi46RSXMYxd1stQd7I5xdmSlgUkQlTeXSMLKW6gq27Ma3_7zO69JuB0vin912G0ttKoOSVeCNx5D_daChebX7WIzFOPlBG8bQBjrKjQrhNoCFoEj4EewcChhFDM3fn9P0rVUayMcTgwYbOr3VDbx9AHUBlSPD9_o757Ujnoepj3wvro_8_q26Y633qw63QlB7q871TrdeQ-ovxfe_ye2DQNy8g4xqvJS3jGijDsoaxtLDLNzeCyy_GaVStJvC99BUTCQrwczjlj6WkAVNLzTrt1HbzehpOgQGKszLEPDJJOIIrsILXQCMBSA==?_z=9013477&js_build=8&sw_version=v1.644.0&dmn=ptichoolsougn.net&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Fjilliandescribecompany.com%2F6offsm0hajmi&drf=https%3A%2F%2Fkellywhatcould.com%2F&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1
IP
139.45.197.107:443
ASN
#9002 RETN Limited

Requested by
https://jilliandescribecompany.com/6offsm0hajmi
Certificate
IssuerLet's Encrypt
Subjectptichoolsougn.net
FingerprintD4:D5:69:CE:D9:AE:9E:84:EC:1E:51:5A:33:BD:1B:0D:6A:E3:C3:9A
ValidityMon, 05 May 2025 05:35:02 GMT - Sun, 03 Aug 2025 05:35:01 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impression/t895rCzRXliAZJXMiNs4Mn2PmAyDKzu059QO0Hcx9ma0p07BzhP2ZOxDRQFOWGVw_jMczriUwVv9oGV80MQy_LsNkluMkbfyDjHQjPFKwz3E5TFDo-EoiPPnOAo7aH-3PpYukkX17KXFpCgL_vSfWWlpSFisL2NVPUmn91KCowrKuKAxeiJ35Cza1lAVCE9THeANVdnRXxljIYu7JnDH8eQyTRoqP259qqO2WZ6koP38XxZrOGS1sxHlfRA-hNm-OjzbfYS4m1TYjMOa20f0RZXo-G5UGnCdIrj9oTMFY43G_xwsRJ3XkJJCbfJfBTvdqcgFPexhHSs2KGm5mSMKpbUuV-rfwJXH3k3UcfIOQJEU-TQkgpOJurxKiFHcFVXi46RSXMYxd1stQd7I5xdmSlgUkQlTeXSMLKW6gq27Ma3_7zO69JuB0vin912G0ttKoOSVeCNx5D_daChebX7WIzFOPlBG8bQBjrKjQrhNoCFoEj4EewcChhFDM3fn9P0rVUayMcTgwYbOr3VDbx9AHUBlSPD9_o757Ujnoepj3wvro_8_q26Y633qw63QlB7q871TrdeQ-ovxfe_ye2DQNy8g4xqvJS3jGijDsoaxtLDLNzeCyy_GaVStJvC99BUTCQrwczjlj6WkAVNLzTrt1HbzehpOgQGKszLEPDJJOIIrsILXQCMBSA==?_z=9013477&js_build=8&sw_version=v1.644.0&dmn=ptichoolsougn.net&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Fjilliandescribecompany.com%2F6offsm0hajmi&drf=https%3A%2F%2Fkellywhatcould.com%2F&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 HTTP/1.1
Host: ptichoolsougn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/
Cookie: OAID=0801e12e24b04927f48a45cc34bb36bb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Jun 2025 12:23:30 GMT
content-type: image/gif
content-length: 43
x-trace-id: d7b9db2eb9024a1e2f3f0aab41546ad7
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

ptichoolsougn.net/500/9013477?excludes=&oaid=0801e12e24b04927f48a45cc34bb36bb&var=&ymid=&tgp=&js_build=8&sw_version=v1.644.0&dmn=ptichoolsougn.net&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Fjilliandescribecompany.com%2F6offsm0hajmi&drf=https%3A%2F%2Fkellywhatcould.com%2F&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1

139.45.197.107

200 OK

1.7 kB

URL GET
ptichoolsougn.net/500/9013477?excludes=&oaid=0801e12e24b04927f48a45cc34bb36bb&var=&ymid=&tgp=&js_build=8&sw_version=v1.644.0&dmn=ptichoolsougn.net&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Fjilliandescribecompany.com%2F6offsm0hajmi&drf=https%3A%2F%2Fkellywhatcould.com%2F&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1
IP
139.45.197.107:443
ASN
#9002 RETN Limited

Requested by
https://jilliandescribecompany.com/6offsm0hajmi
Certificate
IssuerLet's Encrypt
Subjectptichoolsougn.net
FingerprintD4:D5:69:CE:D9:AE:9E:84:EC:1E:51:5A:33:BD:1B:0D:6A:E3:C3:9A
ValidityMon, 05 May 2025 05:35:02 GMT - Sun, 03 Aug 2025 05:35:01 GMT

File type
JSON text data
Size
1.7 kB (1660 bytes)
Hash
2ed8d8e4996f0d2f25d11b1d9840f9d4
8701ebf57622cd7517527d808ee0a6ca1ac9684d
11253e90e25d0e72b044ffad3db1911d73ab5806f490603e5ab3af5b78213f69

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /500/9013477?excludes=&oaid=0801e12e24b04927f48a45cc34bb36bb&var=&ymid=&tgp=&js_build=8&sw_version=v1.644.0&dmn=ptichoolsougn.net&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Fjilliandescribecompany.com%2F6offsm0hajmi&drf=https%3A%2F%2Fkellywhatcould.com%2F&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 HTTP/1.1
Host: ptichoolsougn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://jilliandescribecompany.com
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/
Cookie: OAID=0301e1dba38a47b8f9f2937524fc8965
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Jun 2025 12:23:27 GMT
content-type: application/javascript
x-trace-id: 027a25f11a0865d44f54e893c285cd09
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://jilliandescribecompany.com
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
set-cookie: OAID=0801e12e24b04927f48a45cc34bb36bb; expires=Sun, 07 Jun 2026 12:23:27 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

cdn.pncloudfl.com/pn/e32/57b/6f6/e3257b6f68b36174569379cb71c167a7ba5b54ef.png

104.22.59.221

200 OK

42 kB

URL GET
cdn.pncloudfl.com/pn/e32/57b/6f6/e3257b6f68b36174569379cb71c167a7ba5b54ef.png
IP
104.22.59.221:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jilliandescribecompany.com/6offsm0hajmi
Certificate
IssuerGoogle Trust Services
Subjectcdn.pncloudfl.com
Fingerprint1E:93:48:12:E8:A9:45:F0:1E:17:CE:34:F8:01:5D:4A:4B:DC:11:0D
ValidityFri, 18 Apr 2025 00:12:06 GMT - Thu, 17 Jul 2025 01:12:05 GMT

File type
RIFF (little-endian) data, Web/P image
Size
42 kB (42138 bytes)
Hash
d13af29974428fa01e7804c67ede5705
de1550f280bf59d15030197b8547f1bf433e64a5
fd75ba4841393ebb9a6fbf9e1662b6982462e61b37feb2e132b35f5b909f5745

HTTP Headers

GET /pn/e32/57b/6f6/e3257b6f68b36174569379cb71c167a7ba5b54ef.png HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Jun 2025 12:23:28 GMT
content-type: image/webp
content-length: 42138
cf-ray: 94c01ef04825b4f1-OSL
cache-control: max-age=432000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=67078
content-disposition: inline; filename="e3257b6f68b36174569379cb71c167a7ba5b54ef.webp"
vary: Accept
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
etag: c6c24990b7e35164c8d8346d4476a76b
expires: Mon, 09 Jun 2025 03:07:32 GMT
last-modified: Mon, 23 Dec 2019 09:12:09 GMT
x-cdn-host-id: ds7288,ds7445,ds5951,ds7445,ds5833
x-openstack-request-id: tx8d3cd2fd1e49448ab0565-0066cf3192
x-proxy-cache: HIT
x-timestamp: 1577092328.12642
x-trans-id: tx8d3cd2fd1e49448ab0565-0066cf3192
cf-cache-status: HIT
age: 33356
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=bdb3872b-1f0e-40df-bfe7-8e965c304b03

139.45.195.252

200 OK

12 B

URL POST
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=bdb3872b-1f0e-40df-bfe7-8e965c304b03
IP
139.45.195.252:443
ASN
#9002 RETN Limited

Requested by
https://jilliandescribecompany.com/6offsm0hajmi
Certificate
IssuerSectigo Limited
Subjectfleraprt.com
Fingerprint23:5D:23:03:7B:8D:47:5A:E9:9C:E7:E0:5C:7E:E6:4F:A2:DC:B6:D0
ValidityWed, 11 Dec 2024 00:00:00 GMT - Sun, 11 Jan 2026 23:59:59 GMT

File type
JSON text data
Size
12 B (12 bytes)
Hash
adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

HTTP Headers

POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=bdb3872b-1f0e-40df-bfe7-8e965c304b03 HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1453
Origin: https://jilliandescribecompany.com
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.5
Date: Sat, 07 Jun 2025 12:23:28 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://jilliandescribecompany.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

my.rtmark.net/gid.js

104.18.41.22

200 OK

65 B

URL GET
my.rtmark.net/gid.js
IP
104.18.41.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jilliandescribecompany.com/6offsm0hajmi
Certificate
IssuerGoogle Trust Services
Subjectmy.rtmark.net
Fingerprint61:93:FB:BF:25:C3:CE:7B:CB:69:5D:87:04:AA:ED:1B:35:8D:44:82
ValidityFri, 02 May 2025 11:10:51 GMT - Thu, 31 Jul 2025 12:10:47 GMT

File type
JSON text data
Size
65 B (65 bytes)
Hash
a838edf1b8a5c580b115206cc91beafa
56de148655b56c8302edec8266b087bd879ad91d
c966f218560b1cd0353023311d120eeeb1728ab5c4dd1a7484bbfcd4df36a476

HTTP Headers

GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jilliandescribecompany.com
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Jun 2025 12:23:27 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://jilliandescribecompany.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=0801e12e24b04927f48a45cc34bb36bb; expires=Sun, 07 Jun 2026 12:23:27 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 94c01ee9cb91b4f9-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

jilliandescribecompany.com/6offsm0hajmi

186.2.163.111

200 OK

163 kB

URL User Request GET
jilliandescribecompany.com/6offsm0hajmi
IP
186.2.163.111:443
ASN
#59692 IQWeb FZ-LLC

Certificate
IssuerLet's Encrypt
Subjectjilliandescribecompany.com
Fingerprint25:F2:38:0F:80:47:9F:BC:F7:07:25:C6:88:D6:EE:DB:5E:59:9B:83
ValidityThu, 05 Jun 2025 08:50:30 GMT - Wed, 03 Sep 2025 08:50:29 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (43524)
Size
163 kB (162808 bytes)
Hash
5cb58176c19bbd6e303f13f5cbbc8792
b22902e165f65d9ebb5f17b1316a440f181ab365
461ec008093a9bd9b15c00f80a5f1c1ffb99a0bd34fda84da2331b5860c81081

HTTP Headers

GET /6offsm0hajmi HTTP/1.1
Host: jilliandescribecompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kellywhatcould.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg8_=eSmPZSA7nVkmyxak; Domain=.jilliandescribecompany.com; Path=/; Expires=Sat, 07-Jun-2025 12:43:23 GMT
__ddg10_=1749299003; Domain=.jilliandescribecompany.com; Path=/; Expires=Sat, 07-Jun-2025 12:43:23 GMT
__ddg9_=91.90.42.154; Domain=.jilliandescribecompany.com; Path=/; Expires=Sat, 07-Jun-2025 12:43:23 GMT
__ddg1_=NrEyeRs5tAmHN93A5YjO; Domain=.jilliandescribecompany.com; HttpOnly; Path=/; Expires=Sun, 07-Jun-2026 12:23:23 GMT
XSRF-TOKEN=eyJpdiI6ImJ3c016ekV2dS9ZUytibnlDSmRGRHc9PSIsInZhbHVlIjoicTdMbURxbGFIU3lWclhEem13YnFmMlE0UVdqOEJYTVl6RlE4Kytxc2FMWkUvU3kvN3FDUW5CSTVJQlk3dVJNZVhTZURaY0ZjcnpDM1N0eDFCczhWcjBWcVhHQ3BEcy9GVUdtaHBoNG91Rmp6K2YrcVpLSHZpclM0VFRCTnE3ODMiLCJtYWMiOiI3NWI5ZTY5YWNiZDg3ZTA1MDQ3NGJhODExNTQ2MTc4NmU0ODFiOTc1ZmYzNDhiZmYxODg2YjBhZWQ5MzhkNTNhIiwidGFnIjoiIn0%3D; expires=Sat, 07 Jun 2025 13:53:23 GMT; Max-Age=5400; path=/; secure; samesite=none; partitioned
voe_session=eyJpdiI6IkJuZ21vWEhSNUhyOTJzSjQxU2FWUlE9PSIsInZhbHVlIjoieEJ1dDkybkpUK1cwcEZndlVtakgvSDIzM3VQK01vSmhJRENUdUl1WXJ4WDFvSVBoeXJLbWpQTHBVb0RGSnlUa243RVZpems3SS9veTVITExHR3NWL1NKQ3JIZFdUdGFNOVBDVDIvdlRNZ0trNzVFcGV5WXFDM3RxdEVPU3I5VFIiLCJtYWMiOiIxMGQxNGM2MzZiODQwMDY3Yjg5ZTYxYjY3YmUxZDVhNjdmMmRhMmE1M2YzMjA3YTA0MjcwMGRjZjkwNDY2ZjUyIiwidGFnIjoiIn0%3D; expires=Sat, 07 Jun 2025 13:53:23 GMT; Max-Age=5400; path=/; secure; httponly; samesite=none; partitioned
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
date: Sat, 07 Jun 2025 12:23:23 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

jilliandescribecompany.com/build/assets/D_HGTcPA.css

186.2.163.111

200 OK

5.5 kB

URL GET
jilliandescribecompany.com/build/assets/D_HGTcPA.css
IP
186.2.163.111:443
ASN
#59692 IQWeb FZ-LLC

Requested by
https://jilliandescribecompany.com/6offsm0hajmi
Certificate
IssuerLet's Encrypt
Subjectjilliandescribecompany.com
Fingerprint25:F2:38:0F:80:47:9F:BC:F7:07:25:C6:88:D6:EE:DB:5E:59:9B:83
ValidityThu, 05 Jun 2025 08:50:30 GMT - Wed, 03 Sep 2025 08:50:29 GMT

File type
ASCII text, with very long lines (5544)
Size
5.5 kB (5545 bytes)
Hash
a9ee771b7240383bb786aa7cb7029eec
87e99041217bd3f1d32bcf9c44a2f7726129fb1f
374828c97ef3560752905e3f33cce3f5ad507fe3ed942dca98fea389e016d499

HTTP Headers

GET /build/assets/D_HGTcPA.css HTTP/1.1
Host: jilliandescribecompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/6offsm0hajmi
Cookie: __ddg8_=eSmPZSA7nVkmyxak; __ddg10_=1749299003; __ddg9_=91.90.42.154; __ddg1_=NrEyeRs5tAmHN93A5YjO; XSRF-TOKEN=eyJpdiI6ImJ3c016ekV2dS9ZUytibnlDSmRGRHc9PSIsInZhbHVlIjoicTdMbURxbGFIU3lWclhEem13YnFmMlE0UVdqOEJYTVl6RlE4Kytxc2FMWkUvU3kvN3FDUW5CSTVJQlk3dVJNZVhTZURaY0ZjcnpDM1N0eDFCczhWcjBWcVhHQ3BEcy9GVUdtaHBoNG91Rmp6K2YrcVpLSHZpclM0VFRCTnE3ODMiLCJtYWMiOiI3NWI5ZTY5YWNiZDg3ZTA1MDQ3NGJhODExNTQ2MTc4NmU0ODFiOTc1ZmYzNDhiZmYxODg2YjBhZWQ5MzhkNTNhIiwidGFnIjoiIn0%3D; voe_session=eyJpdiI6IkJuZ21vWEhSNUhyOTJzSjQxU2FWUlE9PSIsInZhbHVlIjoieEJ1dDkybkpUK1cwcEZndlVtakgvSDIzM3VQK01vSmhJRENUdUl1WXJ4WDFvSVBoeXJLbWpQTHBVb0RGSnlUa243RVZpems3SS9veTVITExHR3NWL1NKQ3JIZFdUdGFNOVBDVDIvdlRNZ0trNzVFcGV5WXFDM3RxdEVPU3I5VFIiLCJtYWMiOiIxMGQxNGM2MzZiODQwMDY3Yjg5ZTYxYjY3YmUxZDVhNjdmMmRhMmE1M2YzMjA3YTA0MjcwMGRjZjkwNDY2ZjUyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg8_=3SsVNp6f7W6H8Axq; Domain=.jilliandescribecompany.com; Path=/; Expires=Sat, 07-Jun-2025 12:43:24 GMT
__ddg10_=1749299004; Domain=.jilliandescribecompany.com; Path=/; Expires=Sat, 07-Jun-2025 12:43:24 GMT
__ddg9_=91.90.42.154; Domain=.jilliandescribecompany.com; Path=/; Expires=Sat, 07-Jun-2025 12:43:24 GMT
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 24 May 2025 01:08:49 GMT
content-type: text/css
last-modified: Mon, 05 May 2025 16:07:50 GMT
etag: W/"6818e256-15a9"
expires: Mon, 23 Jun 2025 01:08:49 GMT
cache-control: max-age=2592000
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
age: 1250075
content-length: 1486
ddg-cache-status: HIT
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/bootstrap/5.3.3/js/bootstrap.bundle.min.js

104.17.25.14

200 OK

81 kB

URL GET
cdnjs.cloudflare.com/ajax/libs/bootstrap/5.3.3/js/bootstrap.bundle.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jilliandescribecompany.com/6offsm0hajmi
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint4B:06:E9:E2:47:47:F5:3C:33:58:F8:2A:95:70:22:5E:23:19:03:77
ValidityThu, 22 May 2025 14:38:44 GMT - Wed, 20 Aug 2025 15:38:38 GMT

File type
JavaScript source, ASCII text, with very long lines (65299)
Size
81 kB (80721 bytes)
Hash
2e477967e482f32e65d4ea9b2fd8e106
ddc6e9ead6d16ae9237399ce41e8c1620cc59c36
0833b2e9c3a26c258476c46266e6877fc75218625162e0460be9a3a098a61c6c

HTTP Headers

GET /ajax/libs/bootstrap/5.3.3/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jilliandescribecompany.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Jun 2025 12:23:24 GMT
content-type: application/javascript; charset=utf-8
content-length: 21170
cf-ray: 94c01ed91a0956c6-OSL
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "65d4c5f6-52b2"
last-modified: Tue, 20 Feb 2024 15:32:06 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 213808
expires: Thu, 28 May 2026 12:23:24 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XPSDBcTU0Saz8ce%2F6LzgtoIjpwfetvI4e7lGwqkPy0mTQ%2FZ9XeVWVV1ThXEsIu9yrA9XBFN8%2BgwqRxHqRCkHk%2BiftftLFHzTKskDT9TSAzFbXWiDZRB9AIob4K07fczME8pU6rvk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/vanilla-lazyload/10.17.0/lazyload.min.js

104.17.25.14

200 OK

5.1 kB

URL GET
cdnjs.cloudflare.com/ajax/libs/vanilla-lazyload/10.17.0/lazyload.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jilliandescribecompany.com/6offsm0hajmi
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint4B:06:E9:E2:47:47:F5:3C:33:58:F8:2A:95:70:22:5E:23:19:03:77
ValidityThu, 22 May 2025 14:38:44 GMT - Wed, 20 Aug 2025 15:38:38 GMT

File type
JavaScript source, ASCII text, with very long lines (5082)
Size
5.1 kB (5124 bytes)
Hash
375e3e0688214ca1595fc28956430dd1
09ba8de39859cd17c2701057352dd5b8bc3c07f6
a052ce2a1bfa39fd0315ec22b7b123a0097dc99884a5b10c348931a2b0190b1f

HTTP Headers

GET /ajax/libs/vanilla-lazyload/10.17.0/lazyload.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 07 Jun 2025 12:23:25 GMT
content-type: application/javascript; charset=utf-8
content-length: 1810
cf-ray: 94c01ee05c030b51-OSL
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04017-1404"
last-modified: Mon, 04 May 2020 16:17:27 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 124606
expires: Thu, 28 May 2026 12:23:25 GMT
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8O8mzIKwxMvEkfMKILZlq9wkR6yxTSH7brXrCV4b%2FVv2AfKYjx6eoBM254bVf3IXQXB%2FrDNS55sxiheEarH1aQRkQ2eVGBZTecrpGxmVhCOUAssyVxYoC%2FoRRbBlbW643LqbNlP1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

139.45.197.107

200 OK

0 B

URL OPTIONS
ptichoolsougn.net/500/9013477?excludes=&oaid=0801e12e24b04927f48a45cc34bb36bb&var=&ymid=&tgp=&js_build=8&sw_version=v1.644.0&dmn=ptichoolsougn.net&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Fjilliandescribecompany.com%2F6offsm0hajmi&drf=https%3A%2F%2Fkellywhatcould.com%2F&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1
IP
139.45.197.107:443
ASN
#9002 RETN Limited

Requested by
https://jilliandescribecompany.com/6offsm0hajmi
Certificate
IssuerLet's Encrypt
Subjectptichoolsougn.net
FingerprintD4:D5:69:CE:D9:AE:9E:84:EC:1E:51:5A:33:BD:1B:0D:6A:E3:C3:9A
ValidityMon, 05 May 2025 05:35:02 GMT - Sun, 03 Aug 2025 05:35:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /500/9013477?excludes=&oaid=0801e12e24b04927f48a45cc34bb36bb&var=&ymid=&tgp=&js_build=8&sw_version=v1.644.0&dmn=ptichoolsougn.net&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Fjilliandescribecompany.com%2F6offsm0hajmi&drf=https%3A%2F%2Fkellywhatcould.com%2F&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 HTTP/1.1
Host: ptichoolsougn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://jilliandescribecompany.com/
Origin: https://jilliandescribecompany.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Jun 2025 12:23:27 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://jilliandescribecompany.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-credentials: true
access-control-max-age: 600
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js

104.17.25.14

200 OK

88 kB

URL GET
cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jilliandescribecompany.com/6offsm0hajmi
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint4B:06:E9:E2:47:47:F5:3C:33:58:F8:2A:95:70:22:5E:23:19:03:77
ValidityThu, 22 May 2025 14:38:44 GMT - Wed, 20 Aug 2025 15:38:38 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
88 kB (87533 bytes)
Hash
2c872dbe60f4ba70fb85356113d8b35e
ee48592d1fff952fcf06ce0b666ed4785493afdc
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

HTTP Headers

GET /ajax/libs/jquery/3.7.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jilliandescribecompany.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Jun 2025 12:23:24 GMT
content-type: application/javascript; charset=utf-8
content-length: 27446
cf-ray: 94c01ed8d9bf56c6-OSL
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "64ed75bb-6b36"
last-modified: Tue, 29 Aug 2023 04:36:11 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 296379
expires: Thu, 28 May 2026 12:23:24 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CMNeUmRyB5vc08pplxuarVGnrXsrBoUds0a9Dy7jWxBThWRvwh86Z3FRYK7L4r%2BY06LGAnqg%2FYHmG8mSm7g6e7vAzEYXdp5WZy%2F7G0qklDW0Hq9T01W2SCpc0CspPOkOHuja6Uyf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/figtree/v8/_Xms-HUzqDCFdgfMm4S9DQ.woff2

142.250.74.35

200 OK

20 kB

URL GET
fonts.gstatic.com/s/figtree/v8/_Xms-HUzqDCFdgfMm4S9DQ.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://jilliandescribecompany.com/6offsm0hajmi
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint41:FF:72:9C:74:6F:D4:D1:3B:A8:03:EB:55:D2:D2:09:7E:7A:44:DC
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT

File type
Web Open Font Format (Version 2), TrueType, length 20156, version 1.0
Size
20 kB (20156 bytes)
Hash
202cfb54d4e66d1702404ade49339ceb
57fd1acf8d9651d9c38c0d4af7b78bc399be0652
4ba7d3d096695818fe0686be4f1e82c6b05134e18a22260336130335027462dd

HTTP Headers

GET /s/figtree/v8/_Xms-HUzqDCFdgfMm4S9DQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://jilliandescribecompany.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20156
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 05 Jun 2025 13:12:10 GMT
expires: Fri, 05 Jun 2026 13:12:10 GMT
cache-control: public, max-age=31536000
age: 169875
last-modified: Mon, 12 May 2025 21:45:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

jilliandescribecompany.com/jwplayer/8.36.6/provider.hlsjs.js

186.2.163.111

200 OK

461 kB

URL GET
jilliandescribecompany.com/jwplayer/8.36.6/provider.hlsjs.js
IP
186.2.163.111:443
ASN
#59692 IQWeb FZ-LLC

Requested by
https://jilliandescribecompany.com/6offsm0hajmi
Certificate
IssuerLet's Encrypt
Subjectjilliandescribecompany.com
Fingerprint25:F2:38:0F:80:47:9F:BC:F7:07:25:C6:88:D6:EE:DB:5E:59:9B:83
ValidityThu, 05 Jun 2025 08:50:30 GMT - Wed, 03 Sep 2025 08:50:29 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
461 kB (461123 bytes)
Hash
368c206a1d7773f59f3e0bc33abd667f
1ea49b423a61e884ead7aa6280a7925ce4a7babe
7c0f3ee7233b733cff63d69c75107142c7a619074ec95733ee1fc33f20537f2b

HTTP Headers

GET /jwplayer/8.36.6/provider.hlsjs.js HTTP/1.1
Host: jilliandescribecompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/6offsm0hajmi
Cookie: __ddg8_=YLbdKa24BVXCsCm8; __ddg10_=1749299005; __ddg9_=91.90.42.154; __ddg1_=NrEyeRs5tAmHN93A5YjO; XSRF-TOKEN=eyJpdiI6ImJ3c016ekV2dS9ZUytibnlDSmRGRHc9PSIsInZhbHVlIjoicTdMbURxbGFIU3lWclhEem13YnFmMlE0UVdqOEJYTVl6RlE4Kytxc2FMWkUvU3kvN3FDUW5CSTVJQlk3dVJNZVhTZURaY0ZjcnpDM1N0eDFCczhWcjBWcVhHQ3BEcy9GVUdtaHBoNG91Rmp6K2YrcVpLSHZpclM0VFRCTnE3ODMiLCJtYWMiOiI3NWI5ZTY5YWNiZDg3ZTA1MDQ3NGJhODExNTQ2MTc4NmU0ODFiOTc1ZmYzNDhiZmYxODg2YjBhZWQ5MzhkNTNhIiwidGFnIjoiIn0%3D; voe_session=eyJpdiI6IkJuZ21vWEhSNUhyOTJzSjQxU2FWUlE9PSIsInZhbHVlIjoieEJ1dDkybkpUK1cwcEZndlVtakgvSDIzM3VQK01vSmhJRENUdUl1WXJ4WDFvSVBoeXJLbWpQTHBVb0RGSnlUa243RVZpems3SS9veTVITExHR3NWL1NKQ3JIZFdUdGFNOVBDVDIvdlRNZ0trNzVFcGV5WXFDM3RxdEVPU3I5VFIiLCJtYWMiOiIxMGQxNGM2MzZiODQwMDY3Yjg5ZTYxYjY3YmUxZDVhNjdmMmRhMmE1M2YzMjA3YTA0MjcwMGRjZjkwNDY2ZjUyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg8_=7nFeHnzmTbxcoyhj; Domain=.jilliandescribecompany.com; Path=/; Expires=Sat, 07-Jun-2025 12:43:25 GMT
__ddg10_=1749299005; Domain=.jilliandescribecompany.com; Path=/; Expires=Sat, 07-Jun-2025 12:43:25 GMT
__ddg9_=91.90.42.154; Domain=.jilliandescribecompany.com; Path=/; Expires=Sat, 07-Jun-2025 12:43:25 GMT
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 24 May 2025 01:08:50 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 05 May 2025 16:07:50 GMT
etag: W/"6818e256-70943"
expires: Mon, 23 Jun 2025 01:08:50 GMT
cache-control: max-age=2592000
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
age: 1250075
content-length: 131280
ddg-cache-status: HIT
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2

142.250.74.35

200 OK

40 kB

URL GET
fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://jilliandescribecompany.com/6offsm0hajmi
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint41:FF:72:9C:74:6F:D4:D1:3B:A8:03:EB:55:D2:D2:09:7E:7A:44:DC
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT

File type
Web Open Font Format (Version 2), TrueType, length 40128, version 1.0
Size
40 kB (40128 bytes)
Hash
9a01b69183a9604ab3a439e388b30501
8ed1d59003d0dbe6360481017b44665153665fbe
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2

HTTP Headers

GET /s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://jilliandescribecompany.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 06 Jun 2025 00:24:14 GMT
expires: Sat, 06 Jun 2026 00:24:14 GMT
cache-control: public, max-age=31536000
age: 129556
last-modified: Thu, 29 May 2025 23:30:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

campfirecroutondecorator.com/in.js

94.242.247.33

200 OK

248 kB

URL GET
campfirecroutondecorator.com/in.js
IP
94.242.247.33:443
ASN
#7979 SERVERS-COM

Requested by
https://jilliandescribecompany.com/6offsm0hajmi
Certificate
IssuerGoogle Trust Services
Subjectcampfirecroutondecorator.com
FingerprintD5:5B:6F:15:16:6F:A4:82:8E:F3:8D:F5:C6:17:C0:7C:F1:98:47:FB
ValidityMon, 26 May 2025 15:13:37 GMT - Sun, 24 Aug 2025 15:13:36 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
248 kB (247765 bytes)
Hash
d1ef1d268005720967b61d636ab40cfe
92d49208e2c32f557025aea7a2e7b5c48b8104b8
2300128b0e876572c1dc63455b70d9b4dbb8e6791c9187ddfe2b6e4c3506eff7

HTTP Headers

GET /in.js HTTP/1.1
Host: campfirecroutondecorator.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Jun 2025 12:23:24 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 30 May 2025 10:36:20 GMT
vary: Accept-Encoding
etag: W/"68398a24-3c7d5"
expires: Sat, 14 Jun 2025 12:23:24 GMT
cache-control: max-age=604800
x-js-ab: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2

tzegilo.com/stattag.js

172.67.193.52

200 OK

18 kB

URL GET
tzegilo.com/stattag.js
IP
172.67.193.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jilliandescribecompany.com/6offsm0hajmi
Certificate
IssuerGoogle Trust Services
Subjecttzegilo.com
FingerprintBD:3B:17:0D:E4:BF:2D:A2:D2:DE:AD:AD:5B:4E:50:C8:BC:18:2A:3A
ValiditySat, 17 May 2025 12:47:13 GMT - Fri, 15 Aug 2025 13:41:30 GMT

File type
JavaScript source, ASCII text, with very long lines (17229)
Size
18 kB (17879 bytes)
Hash
01227f5edc20e0ff4ed643b27cb8bb68
d71a88f7341f2b1bdaa7deb9a66888607bd52598
75c91d86601e23ab56d872b31b42660f893fc6d6b0785e085c06c2c038e98fb2

HTTP Headers

GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Jun 2025 12:23:27 GMT
content-type: application/javascript
server: cloudflare
last-modified: Thu, 11 Jul 2024 10:23:58 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: accept-encoding
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=2LN6FBYwevbNLwM%2BWqJuZyea9wjL6MIVZOpcyQS59nVVJZLpHWLiAIYldbGgoeD4Vz%2BVWDJqtTfbGe3PLzo%2Fj%2FGlhCU0zB1l0Q%3D%3D"}]}
age: 3584
cache-control: max-age=14400
cf-cache-status: HIT
etag: W/"668fb2be-45d7"
content-encoding: br
cf-ray: 94c01eebab6ab4f1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

campfirecroutondecorator.com/get/2060451?id=2060451&jp=_clinrkokxoplitrymwrwyn&dr=102&nojs=0&abvar=0&febuild=1.0.552-st&t=0&wcks=1&wgl=1&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=7Iobn9vsTVb6W0AujpXWVsPCTpVIbFIUEQtsql-&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&vcv=Mesa&vcn=llvmpipe&psr=Etf8v7OaHR0cHM6Ly9rZWxseXdoYXRjb3VsZC5jb20v&ix=0&x=1280&y=1024&md=0&psu=81AwGdNaHR0cHM6Ly9qaWxsaWFuZGVzY3JpYmVjb21wYW55LmNvbS82b2Zmc20waGFqbWk&afid=8558891360961024&eclog=0&seu=GMiNDE0aHR0cHM6Ly9rZWxseXdoYXRjb3VsZC5jb20v&snc=0&ssc=0&vp=8&dto=2&im=1&noch=1&de=0&cs=2&uf=0&freq=0

94.242.247.33

200 OK

9.2 kB

URL GET
campfirecroutondecorator.com/get/2060451?id=2060451&jp=_clinrkokxoplitrymwrwyn&dr=102&nojs=0&abvar=0&febuild=1.0.552-st&t=0&wcks=1&wgl=1&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=7Iobn9vsTVb6W0AujpXWVsPCTpVIbFIUEQtsql-&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&vcv=Mesa&vcn=llvmpipe&psr=Etf8v7OaHR0cHM6Ly9rZWxseXdoYXRjb3VsZC5jb20v&ix=0&x=1280&y=1024&md=0&psu=81AwGdNaHR0cHM6Ly9qaWxsaWFuZGVzY3JpYmVjb21wYW55LmNvbS82b2Zmc20waGFqbWk&afid=8558891360961024&eclog=0&seu=GMiNDE0aHR0cHM6Ly9rZWxseXdoYXRjb3VsZC5jb20v&snc=0&ssc=0&vp=8&dto=2&im=1&noch=1&de=0&cs=2&uf=0&freq=0
IP
94.242.247.33:443
ASN
#7979 SERVERS-COM

Requested by
https://jilliandescribecompany.com/6offsm0hajmi
Certificate
IssuerGoogle Trust Services
Subjectcampfirecroutondecorator.com
FingerprintD5:5B:6F:15:16:6F:A4:82:8E:F3:8D:F5:C6:17:C0:7C:F1:98:47:FB
ValidityMon, 26 May 2025 15:13:37 GMT - Sun, 24 Aug 2025 15:13:36 GMT

File type
ASCII text, with very long lines (9204), with no line terminators
Size
9.2 kB (9204 bytes)
Hash
944e51bc5c425126510ec89cb736cdf7
461473bc78ba9851743c564a5c1267708925bb8c
e51a21133fb0f465e1e9c143aa7fd745e76ca189d97cc37b7cba24fe191d9da8

HTTP Headers

GET /get/2060451?id=2060451&jp=_clinrkokxoplitrymwrwyn&dr=102&nojs=0&abvar=0&febuild=1.0.552-st&t=0&wcks=1&wgl=1&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=7Iobn9vsTVb6W0AujpXWVsPCTpVIbFIUEQtsql-&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&vcv=Mesa&vcn=llvmpipe&psr=Etf8v7OaHR0cHM6Ly9rZWxseXdoYXRjb3VsZC5jb20v&ix=0&x=1280&y=1024&md=0&psu=81AwGdNaHR0cHM6Ly9qaWxsaWFuZGVzY3JpYmVjb21wYW55LmNvbS82b2Zmc20waGFqbWk&afid=8558891360961024&eclog=0&seu=GMiNDE0aHR0cHM6Ly9rZWxseXdoYXRjb3VsZC5jb20v&snc=0&ssc=0&vp=8&dto=2&im=1&noch=1&de=0&cs=2&uf=0&freq=0 HTTP/1.1
Host: campfirecroutondecorator.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/
Cookie: cart=1; cart_p=2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Jun 2025 12:23:27 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: CHCK=1; Path=/; Expires=Sat, 11 Jul 2026 12:23:27 GMT; Secure; SameSite=None
UID=25060707230cff2bb216594574b5de026f04; Path=/; Expires=Sat, 11 Jul 2026 12:23:27 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

cdn.pncloudfl.com/pn/e32/57b/6f6/e3257b6f68b36174569379cb71c167a7ba5b54ef.png

104.22.59.221

200 OK

42 kB

URL GET
cdn.pncloudfl.com/pn/e32/57b/6f6/e3257b6f68b36174569379cb71c167a7ba5b54ef.png
IP
104.22.59.221:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jilliandescribecompany.com/6offsm0hajmi
Certificate
IssuerGoogle Trust Services
Subjectcdn.pncloudfl.com
Fingerprint1E:93:48:12:E8:A9:45:F0:1E:17:CE:34:F8:01:5D:4A:4B:DC:11:0D
ValidityFri, 18 Apr 2025 00:12:06 GMT - Thu, 17 Jul 2025 01:12:05 GMT

File type
RIFF (little-endian) data, Web/P image
Size
42 kB (42138 bytes)
Hash
d13af29974428fa01e7804c67ede5705
de1550f280bf59d15030197b8547f1bf433e64a5
fd75ba4841393ebb9a6fbf9e1662b6982462e61b37feb2e132b35f5b909f5745

HTTP Headers

GET /pn/e32/57b/6f6/e3257b6f68b36174569379cb71c167a7ba5b54ef.png HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/3 200 OK
date: Sat, 07 Jun 2025 12:23:31 GMT
content-type: image/webp
content-length: 42138
cf-ray: 94c01f030e317131-OSL
cache-control: max-age=432000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=67078
content-disposition: inline; filename="e3257b6f68b36174569379cb71c167a7ba5b54ef.webp"
vary: Accept
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
etag: c6c24990b7e35164c8d8346d4476a76b
expires: Mon, 09 Jun 2025 03:07:32 GMT
last-modified: Mon, 23 Dec 2019 09:12:09 GMT
x-cdn-host-id: ds7288,ds7445,ds5951,ds7445,ds5833
x-openstack-request-id: tx8d3cd2fd1e49448ab0565-0066cf3192
x-proxy-cache: HIT
x-timestamp: 1577092328.12642
x-trans-id: tx8d3cd2fd1e49448ab0565-0066cf3192
cf-cache-status: HIT
age: 33359
accept-ranges: bytes
priority: u=4,i=?0
access-control-allow-origin: *
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

campfirecroutondecorator.com/chicken.gif?z=2060451&pb=50e04bc26c786450b9fe6f48244a14551749306207&pbc=Z3VGyfie3FlfS0Ro&pbu=6m7qvckwLX9fS0Ro&psp=wh_zV15kiI8fWlMQiAHJCmZ_f20BI1TPx4OaBYpVuqFwcKBwumWnO8UBD5SkH2pn3JsMyCM-fS1l4kJipfmXUPqmxCJMcDTHXdIY1jU3oOEokpUIVwl1qnIGcqxbIWzofjoKhNnOyFxsfIj3cC1fM34vepnn2Uy6s9MwVIToA1pBbSYToy3d6gbuar3LsUDvT7WJm61pV7X8ku9DPEhmo8FeDUpV8sCSB1LkQeDD2VOclokW7XsUTzNVMDhUaWo54XcX4mTMgaozdy1wPwWxUHSKxuweDIy9EEvGGecM6LUXXoJAJq3hMaiK6J_LQzH2GhBVRSBTi1Ct8bdgGmaw9aNnOOvp3YfG3xqU6EFPUBlPHPh7PXD1J5M-SZH6oEQzxhaqGqPn-VLSjMDG8RKfXuAE3_mokGD_hcuRAzMnO5vxvCBG7o5I0dOERO5TXVSJyvuPMQSsDRM3KGFt7_6aYccv619AJ-rKo1IJ7giZyZKpJtOqx3WbC3aVoGEL6uwA0jXLo72reTp6i4JeIcnc0dPvyIfs2cbFbhv1LVLJBDEthqwWEad9Fl7olZoBwhsqbX-AJwuXiRQ8KwbVC_jWsL45bmmE-xiSs7zn-QXlKWBo4S76bQeihkkzwy5zf2sWaef6RFxlkrJbFS7TcYniAHQ_iWcdLQ9HkYYCdaxaXi4S1FsVGNkWvYa9lARliBsqB5FtKbVAnKQdUG0q2NFxjPRLyC_4kD3x-yPs_hbl7Ybk96ot9nMGj0CTpcqhxa6MA-I4OnZjt1QyrAuaYLVcZknYb3GK0zNhiw_H6pMaBBST49o9HsmNutz6Vn1HA72lrjStZ4BK76NFX60ELceHWalmLGelk061iwSFa0t4Wn19BM2Icq69t0ZznpiRZhbKxuM_dxNpIJix6CjS82eCTZ1qpRFM0L42bHfdx7ab0-yPu3_0VfOsreS9v32cWUojzVCqtksDrfLHobPjjFyTKo_KTBjIOgMLXMrGaMxz6Df2l70oEc0_VuOSBF2sgG1orcUaFWGp_wnA20vyhG5wzbj7ThRBQsiT1w0axFa579IgQidbZO0BDHwvoWeT6cI4bGXYdsAjPGutORbCCc5ICof22L2JGvX5VQh4P29MP_cB3VwjQGoCvBMTd7LKyi7RtL3xouYsaHPJ7gG8fV4SQ7FvGp6c2yvmsuaNILxI6nFfhVEPPSRoeTaPDPpxSugA83wHpZ7VYH7iciUxuq0i2MbSgvBuqTSOTkm0aj1mj3ez8YxcT4-vf6Pzdxsywpmd1QVAreOPE1CGr0svE3Bi6vRIAkCOBQIvMkd8fA62ozPSRBbDexB1ffFpyEDS1K8XX6NCzYuax0I6QVd5aQol0FqvG5gviWG53e1XdmNuezcD3qPRm2ZBgp3OaSpO9AlRMaY_S3wRO9old7XI6of-vEjzTneFKhoTyIgG-3chHLLzRJqhlStIgy2dL6DoaV_yFvWqpg7WxPHNz-ba5OevZ003BNO2KbGbUJoY-HgEZfyhvUcoGSKn2hO7VYvIv5J1SNCObb03GB3xcwcCghA1Oe6Lo6iQapO17zXV_1ByHqLRKPT5y5V2HFGaGNeipAdo6oQVLnwmr2czMKitpzWwtRKmTQo3MYPNu423LizFyrTNvkTTymkR6S8j3EIjfbPB01dt7JopVrcbZ9nq1IBcbzbeHdjsdNN1EK7WwUJJ-b-sp1-ggdT97kwWPlH0xz81J0DR4q60jbYQN51cYxKuDsXYFuUBsO7Os2T3qsfVrukoD9DuXAixfd_QzE9GWBiNWgtowpp8HP12S-bCXswxk4r768gc4Vfw3oaN8uKPhCqVYDMRAbjAhRFUUpqcCap_2wqmoy3OGYualm0vO62Sc0llg5gGPv_bGtzaECacKiUdWPzemZiQYBqe7gpMWpcCrwBm76vYqXnvuu_V1AR6eoJAL9TFwEB6YvEzB656KETG31-kRRFKLzGiz1xuyBD8QH0hz_BFSd0iETyxwLoUR8J9NT2OCLu_spI2Zx1V9AZEMrCsmYBltOjLa0xZ8QFswz5ur64qhwekfPpbVYyQeqI57LEC-2ak--nMKvBktAsuGAtA0j3MxrTSxsYPr23k99vJu5lSWksOpedU0CRU7nCdreiRpePcuidRUuI6N5qcu6-Zl3b8aQdUo6Fo-qS34r5uDvKcoJ9J4v2IKMEv0N4UM2xU8yi-z1wv8JWLKrqgqk20xIZ39mTAMZ6SFyEo2A-f8bZkI1h0ubpYSLBQtnV4Ys59Jgr0LAbbbGxq6qBaRlMNrMhgKIjOJ-dEfo50bNITECg00kRplJG82bHvZSU0jNjuCZqPVyoF5XMcbYdQYKlG3k_UdflbB3TsYXusUKev7Qdo1N_rZ6pwSqPppJgEqGItb4FczHPVqIP6pt3qRWUcCgCaPz8JR3uOVdP6TJTt0HAkUk01p0BzOaZR1wYFesV7ekz7T_C3ElygAtg6GA1wg5hT&freq=0&nojs=0&abvar=0&febuild=1.0.552-st&t=0&wcks=1&wgl=1&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=7Iobn9vsTVb6W0AujpXWVsPCTpVIbFIUEQtsql-&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&vcv=Mesa&vcn=llvmpipe&psr=Etf8v7OaHR0cHM6Ly9rZWxseXdoYXRjb3VsZC5jb20v&ix=0&x=1280&y=1024&md=0&psu=3HXAIYXaHR0cHM6Ly9qaWxsaWFuZGVzY3JpYmVjb21wYW55LmNvbS82b2Zmc20waGFqbWk&afid=2929391827104256&caifrq=ABSSOAAAAAAAAAAB&eclog=0&seu=GMiNDE0aHR0cHM6Ly9rZWxseXdoYXRjb3VsZC5jb20v&snc=0&ssc=6&tp=0&vp=8&dto=2&im=1&noch=1&de=0&cs=2

94.242.247.33

200 OK

43 B

URL GET
campfirecroutondecorator.com/chicken.gif?z=2060451&pb=50e04bc26c786450b9fe6f48244a14551749306207&pbc=Z3VGyfie3FlfS0Ro&pbu=6m7qvckwLX9fS0Ro&psp=wh_zV15kiI8fWlMQiAHJCmZ_f20BI1TPx4OaBYpVuqFwcKBwumWnO8UBD5SkH2pn3JsMyCM-fS1l4kJipfmXUPqmxCJMcDTHXdIY1jU3oOEokpUIVwl1qnIGcqxbIWzofjoKhNnOyFxsfIj3cC1fM34vepnn2Uy6s9MwVIToA1pBbSYToy3d6gbuar3LsUDvT7WJm61pV7X8ku9DPEhmo8FeDUpV8sCSB1LkQeDD2VOclokW7XsUTzNVMDhUaWo54XcX4mTMgaozdy1wPwWxUHSKxuweDIy9EEvGGecM6LUXXoJAJq3hMaiK6J_LQzH2GhBVRSBTi1Ct8bdgGmaw9aNnOOvp3YfG3xqU6EFPUBlPHPh7PXD1J5M-SZH6oEQzxhaqGqPn-VLSjMDG8RKfXuAE3_mokGD_hcuRAzMnO5vxvCBG7o5I0dOERO5TXVSJyvuPMQSsDRM3KGFt7_6aYccv619AJ-rKo1IJ7giZyZKpJtOqx3WbC3aVoGEL6uwA0jXLo72reTp6i4JeIcnc0dPvyIfs2cbFbhv1LVLJBDEthqwWEad9Fl7olZoBwhsqbX-AJwuXiRQ8KwbVC_jWsL45bmmE-xiSs7zn-QXlKWBo4S76bQeihkkzwy5zf2sWaef6RFxlkrJbFS7TcYniAHQ_iWcdLQ9HkYYCdaxaXi4S1FsVGNkWvYa9lARliBsqB5FtKbVAnKQdUG0q2NFxjPRLyC_4kD3x-yPs_hbl7Ybk96ot9nMGj0CTpcqhxa6MA-I4OnZjt1QyrAuaYLVcZknYb3GK0zNhiw_H6pMaBBST49o9HsmNutz6Vn1HA72lrjStZ4BK76NFX60ELceHWalmLGelk061iwSFa0t4Wn19BM2Icq69t0ZznpiRZhbKxuM_dxNpIJix6CjS82eCTZ1qpRFM0L42bHfdx7ab0-yPu3_0VfOsreS9v32cWUojzVCqtksDrfLHobPjjFyTKo_KTBjIOgMLXMrGaMxz6Df2l70oEc0_VuOSBF2sgG1orcUaFWGp_wnA20vyhG5wzbj7ThRBQsiT1w0axFa579IgQidbZO0BDHwvoWeT6cI4bGXYdsAjPGutORbCCc5ICof22L2JGvX5VQh4P29MP_cB3VwjQGoCvBMTd7LKyi7RtL3xouYsaHPJ7gG8fV4SQ7FvGp6c2yvmsuaNILxI6nFfhVEPPSRoeTaPDPpxSugA83wHpZ7VYH7iciUxuq0i2MbSgvBuqTSOTkm0aj1mj3ez8YxcT4-vf6Pzdxsywpmd1QVAreOPE1CGr0svE3Bi6vRIAkCOBQIvMkd8fA62ozPSRBbDexB1ffFpyEDS1K8XX6NCzYuax0I6QVd5aQol0FqvG5gviWG53e1XdmNuezcD3qPRm2ZBgp3OaSpO9AlRMaY_S3wRO9old7XI6of-vEjzTneFKhoTyIgG-3chHLLzRJqhlStIgy2dL6DoaV_yFvWqpg7WxPHNz-ba5OevZ003BNO2KbGbUJoY-HgEZfyhvUcoGSKn2hO7VYvIv5J1SNCObb03GB3xcwcCghA1Oe6Lo6iQapO17zXV_1ByHqLRKPT5y5V2HFGaGNeipAdo6oQVLnwmr2czMKitpzWwtRKmTQo3MYPNu423LizFyrTNvkTTymkR6S8j3EIjfbPB01dt7JopVrcbZ9nq1IBcbzbeHdjsdNN1EK7WwUJJ-b-sp1-ggdT97kwWPlH0xz81J0DR4q60jbYQN51cYxKuDsXYFuUBsO7Os2T3qsfVrukoD9DuXAixfd_QzE9GWBiNWgtowpp8HP12S-bCXswxk4r768gc4Vfw3oaN8uKPhCqVYDMRAbjAhRFUUpqcCap_2wqmoy3OGYualm0vO62Sc0llg5gGPv_bGtzaECacKiUdWPzemZiQYBqe7gpMWpcCrwBm76vYqXnvuu_V1AR6eoJAL9TFwEB6YvEzB656KETG31-kRRFKLzGiz1xuyBD8QH0hz_BFSd0iETyxwLoUR8J9NT2OCLu_spI2Zx1V9AZEMrCsmYBltOjLa0xZ8QFswz5ur64qhwekfPpbVYyQeqI57LEC-2ak--nMKvBktAsuGAtA0j3MxrTSxsYPr23k99vJu5lSWksOpedU0CRU7nCdreiRpePcuidRUuI6N5qcu6-Zl3b8aQdUo6Fo-qS34r5uDvKcoJ9J4v2IKMEv0N4UM2xU8yi-z1wv8JWLKrqgqk20xIZ39mTAMZ6SFyEo2A-f8bZkI1h0ubpYSLBQtnV4Ys59Jgr0LAbbbGxq6qBaRlMNrMhgKIjOJ-dEfo50bNITECg00kRplJG82bHvZSU0jNjuCZqPVyoF5XMcbYdQYKlG3k_UdflbB3TsYXusUKev7Qdo1N_rZ6pwSqPppJgEqGItb4FczHPVqIP6pt3qRWUcCgCaPz8JR3uOVdP6TJTt0HAkUk01p0BzOaZR1wYFesV7ekz7T_C3ElygAtg6GA1wg5hT&freq=0&nojs=0&abvar=0&febuild=1.0.552-st&t=0&wcks=1&wgl=1&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=7Iobn9vsTVb6W0AujpXWVsPCTpVIbFIUEQtsql-&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&vcv=Mesa&vcn=llvmpipe&psr=Etf8v7OaHR0cHM6Ly9rZWxseXdoYXRjb3VsZC5jb20v&ix=0&x=1280&y=1024&md=0&psu=3HXAIYXaHR0cHM6Ly9qaWxsaWFuZGVzY3JpYmVjb21wYW55LmNvbS82b2Zmc20waGFqbWk&afid=2929391827104256&caifrq=ABSSOAAAAAAAAAAB&eclog=0&seu=GMiNDE0aHR0cHM6Ly9rZWxseXdoYXRjb3VsZC5jb20v&snc=0&ssc=6&tp=0&vp=8&dto=2&im=1&noch=1&de=0&cs=2
IP
94.242.247.33:443
ASN
#7979 SERVERS-COM

Requested by
https://jilliandescribecompany.com/6offsm0hajmi
Certificate
IssuerGoogle Trust Services
Subjectcampfirecroutondecorator.com
FingerprintD5:5B:6F:15:16:6F:A4:82:8E:F3:8D:F5:C6:17:C0:7C:F1:98:47:FB
ValidityMon, 26 May 2025 15:13:37 GMT - Sun, 24 Aug 2025 15:13:36 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

HTTP Headers

GET /chicken.gif?z=2060451&pb=50e04bc26c786450b9fe6f48244a14551749306207&pbc=Z3VGyfie3FlfS0Ro&pbu=6m7qvckwLX9fS0Ro&psp=wh_zV15kiI8fWlMQiAHJCmZ_f20BI1TPx4OaBYpVuqFwcKBwumWnO8UBD5SkH2pn3JsMyCM-fS1l4kJipfmXUPqmxCJMcDTHXdIY1jU3oOEokpUIVwl1qnIGcqxbIWzofjoKhNnOyFxsfIj3cC1fM34vepnn2Uy6s9MwVIToA1pBbSYToy3d6gbuar3LsUDvT7WJm61pV7X8ku9DPEhmo8FeDUpV8sCSB1LkQeDD2VOclokW7XsUTzNVMDhUaWo54XcX4mTMgaozdy1wPwWxUHSKxuweDIy9EEvGGecM6LUXXoJAJq3hMaiK6J_LQzH2GhBVRSBTi1Ct8bdgGmaw9aNnOOvp3YfG3xqU6EFPUBlPHPh7PXD1J5M-SZH6oEQzxhaqGqPn-VLSjMDG8RKfXuAE3_mokGD_hcuRAzMnO5vxvCBG7o5I0dOERO5TXVSJyvuPMQSsDRM3KGFt7_6aYccv619AJ-rKo1IJ7giZyZKpJtOqx3WbC3aVoGEL6uwA0jXLo72reTp6i4JeIcnc0dPvyIfs2cbFbhv1LVLJBDEthqwWEad9Fl7olZoBwhsqbX-AJwuXiRQ8KwbVC_jWsL45bmmE-xiSs7zn-QXlKWBo4S76bQeihkkzwy5zf2sWaef6RFxlkrJbFS7TcYniAHQ_iWcdLQ9HkYYCdaxaXi4S1FsVGNkWvYa9lARliBsqB5FtKbVAnKQdUG0q2NFxjPRLyC_4kD3x-yPs_hbl7Ybk96ot9nMGj0CTpcqhxa6MA-I4OnZjt1QyrAuaYLVcZknYb3GK0zNhiw_H6pMaBBST49o9HsmNutz6Vn1HA72lrjStZ4BK76NFX60ELceHWalmLGelk061iwSFa0t4Wn19BM2Icq69t0ZznpiRZhbKxuM_dxNpIJix6CjS82eCTZ1qpRFM0L42bHfdx7ab0-yPu3_0VfOsreS9v32cWUojzVCqtksDrfLHobPjjFyTKo_KTBjIOgMLXMrGaMxz6Df2l70oEc0_VuOSBF2sgG1orcUaFWGp_wnA20vyhG5wzbj7ThRBQsiT1w0axFa579IgQidbZO0BDHwvoWeT6cI4bGXYdsAjPGutORbCCc5ICof22L2JGvX5VQh4P29MP_cB3VwjQGoCvBMTd7LKyi7RtL3xouYsaHPJ7gG8fV4SQ7FvGp6c2yvmsuaNILxI6nFfhVEPPSRoeTaPDPpxSugA83wHpZ7VYH7iciUxuq0i2MbSgvBuqTSOTkm0aj1mj3ez8YxcT4-vf6Pzdxsywpmd1QVAreOPE1CGr0svE3Bi6vRIAkCOBQIvMkd8fA62ozPSRBbDexB1ffFpyEDS1K8XX6NCzYuax0I6QVd5aQol0FqvG5gviWG53e1XdmNuezcD3qPRm2ZBgp3OaSpO9AlRMaY_S3wRO9old7XI6of-vEjzTneFKhoTyIgG-3chHLLzRJqhlStIgy2dL6DoaV_yFvWqpg7WxPHNz-ba5OevZ003BNO2KbGbUJoY-HgEZfyhvUcoGSKn2hO7VYvIv5J1SNCObb03GB3xcwcCghA1Oe6Lo6iQapO17zXV_1ByHqLRKPT5y5V2HFGaGNeipAdo6oQVLnwmr2czMKitpzWwtRKmTQo3MYPNu423LizFyrTNvkTTymkR6S8j3EIjfbPB01dt7JopVrcbZ9nq1IBcbzbeHdjsdNN1EK7WwUJJ-b-sp1-ggdT97kwWPlH0xz81J0DR4q60jbYQN51cYxKuDsXYFuUBsO7Os2T3qsfVrukoD9DuXAixfd_QzE9GWBiNWgtowpp8HP12S-bCXswxk4r768gc4Vfw3oaN8uKPhCqVYDMRAbjAhRFUUpqcCap_2wqmoy3OGYualm0vO62Sc0llg5gGPv_bGtzaECacKiUdWPzemZiQYBqe7gpMWpcCrwBm76vYqXnvuu_V1AR6eoJAL9TFwEB6YvEzB656KETG31-kRRFKLzGiz1xuyBD8QH0hz_BFSd0iETyxwLoUR8J9NT2OCLu_spI2Zx1V9AZEMrCsmYBltOjLa0xZ8QFswz5ur64qhwekfPpbVYyQeqI57LEC-2ak--nMKvBktAsuGAtA0j3MxrTSxsYPr23k99vJu5lSWksOpedU0CRU7nCdreiRpePcuidRUuI6N5qcu6-Zl3b8aQdUo6Fo-qS34r5uDvKcoJ9J4v2IKMEv0N4UM2xU8yi-z1wv8JWLKrqgqk20xIZ39mTAMZ6SFyEo2A-f8bZkI1h0ubpYSLBQtnV4Ys59Jgr0LAbbbGxq6qBaRlMNrMhgKIjOJ-dEfo50bNITECg00kRplJG82bHvZSU0jNjuCZqPVyoF5XMcbYdQYKlG3k_UdflbB3TsYXusUKev7Qdo1N_rZ6pwSqPppJgEqGItb4FczHPVqIP6pt3qRWUcCgCaPz8JR3uOVdP6TJTt0HAkUk01p0BzOaZR1wYFesV7ekz7T_C3ElygAtg6GA1wg5hT&freq=0&nojs=0&abvar=0&febuild=1.0.552-st&t=0&wcks=1&wgl=1&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=7Iobn9vsTVb6W0AujpXWVsPCTpVIbFIUEQtsql-&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&vcv=Mesa&vcn=llvmpipe&psr=Etf8v7OaHR0cHM6Ly9rZWxseXdoYXRjb3VsZC5jb20v&ix=0&x=1280&y=1024&md=0&psu=3HXAIYXaHR0cHM6Ly9qaWxsaWFuZGVzY3JpYmVjb21wYW55LmNvbS82b2Zmc20waGFqbWk&afid=2929391827104256&caifrq=ABSSOAAAAAAAAAAB&eclog=0&seu=GMiNDE0aHR0cHM6Ly9rZWxseXdoYXRjb3VsZC5jb20v&snc=0&ssc=6&tp=0&vp=8&dto=2&im=1&noch=1&de=0&cs=2 HTTP/1.1
Host: campfirecroutondecorator.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: cart=1; cart_p=2; CHCK=1; UID=25060707230cff2bb216594574b5de026f04; BCAI=ABSSFwAAAAAAAAAB; BMI=AB8WTwAAAAAAAAAB; BCRI=wUMr%2BAAAAAAAAAAB
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 07 Jun 2025 12:23:31 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: OACICAP=ABSSOAAAAAAAAAAB; Path=/; Expires=Mon, 07 Jul 2025 12:23:31 GMT; Secure; SameSite=None
OACIBLOCK=ABSSOAAAAABoQ8dQ; Path=/; Expires=Mon, 07 Jul 2025 12:23:31 GMT; Secure; SameSite=None
BCAI=ABSSFwAAAAAAAAABABSSOAAAAAAAAAAB; Path=/; Expires=Sun, 08 Jun 2025 12:23:31 GMT; Secure; SameSite=None
BMI=AB8WTwAAAAAAAAABAB8WewAAAAAAAAAB; Path=/; Expires=Sun, 08 Jun 2025 12:23:31 GMT; Secure; SameSite=None
BCRI=wUMr%2BAAAAAAAAAABHfA7fgAAAAAAAAAB; Path=/; Expires=Sun, 08 Jun 2025 12:23:31 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

jilliandescribecompany.com/build/assets/BuCTy3rc.js

186.2.163.111

200 OK

2.1 kB

URL GET
jilliandescribecompany.com/build/assets/BuCTy3rc.js
IP
186.2.163.111:443
ASN
#59692 IQWeb FZ-LLC

Requested by
https://jilliandescribecompany.com/6offsm0hajmi
Certificate
IssuerLet's Encrypt
Subjectjilliandescribecompany.com
Fingerprint25:F2:38:0F:80:47:9F:BC:F7:07:25:C6:88:D6:EE:DB:5E:59:9B:83
ValidityThu, 05 Jun 2025 08:50:30 GMT - Wed, 03 Sep 2025 08:50:29 GMT

File type
ASCII text, with very long lines (2147)
Size
2.1 kB (2148 bytes)
Hash
31d05ed9547c617f50ac559069a1b8d6
a4d310246e556bb7d4fef195fa2ea915702eef98
78437ccdd5b15c77a2d3c837e79f3e7b3ea77dda4608a475601b25a2607f67ba

HTTP Headers

GET /build/assets/BuCTy3rc.js HTTP/1.1
Host: jilliandescribecompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/6offsm0hajmi
Cookie: __ddg8_=eSmPZSA7nVkmyxak; __ddg10_=1749299003; __ddg9_=91.90.42.154; __ddg1_=NrEyeRs5tAmHN93A5YjO; XSRF-TOKEN=eyJpdiI6ImJ3c016ekV2dS9ZUytibnlDSmRGRHc9PSIsInZhbHVlIjoicTdMbURxbGFIU3lWclhEem13YnFmMlE0UVdqOEJYTVl6RlE4Kytxc2FMWkUvU3kvN3FDUW5CSTVJQlk3dVJNZVhTZURaY0ZjcnpDM1N0eDFCczhWcjBWcVhHQ3BEcy9GVUdtaHBoNG91Rmp6K2YrcVpLSHZpclM0VFRCTnE3ODMiLCJtYWMiOiI3NWI5ZTY5YWNiZDg3ZTA1MDQ3NGJhODExNTQ2MTc4NmU0ODFiOTc1ZmYzNDhiZmYxODg2YjBhZWQ5MzhkNTNhIiwidGFnIjoiIn0%3D; voe_session=eyJpdiI6IkJuZ21vWEhSNUhyOTJzSjQxU2FWUlE9PSIsInZhbHVlIjoieEJ1dDkybkpUK1cwcEZndlVtakgvSDIzM3VQK01vSmhJRENUdUl1WXJ4WDFvSVBoeXJLbWpQTHBVb0RGSnlUa243RVZpems3SS9veTVITExHR3NWL1NKQ3JIZFdUdGFNOVBDVDIvdlRNZ0trNzVFcGV5WXFDM3RxdEVPU3I5VFIiLCJtYWMiOiIxMGQxNGM2MzZiODQwMDY3Yjg5ZTYxYjY3YmUxZDVhNjdmMmRhMmE1M2YzMjA3YTA0MjcwMGRjZjkwNDY2ZjUyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg8_=cc1ObiXjFofUX6jr; Domain=.jilliandescribecompany.com; Path=/; Expires=Sat, 07-Jun-2025 12:43:24 GMT
__ddg10_=1749299004; Domain=.jilliandescribecompany.com; Path=/; Expires=Sat, 07-Jun-2025 12:43:24 GMT
__ddg9_=91.90.42.154; Domain=.jilliandescribecompany.com; Path=/; Expires=Sat, 07-Jun-2025 12:43:24 GMT
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 24 May 2025 01:09:02 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 20 Apr 2025 22:33:04 GMT
etag: W/"68057620-864"
expires: Mon, 23 Jun 2025 01:09:02 GMT
cache-control: max-age=2592000
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
age: 1250062
content-length: 847
ddg-cache-status: HIT
X-Firefox-Spdy: h2

jilliandescribecompany.com/log/log_js_error

186.2.163.111

200 OK

13 B

URL POST
jilliandescribecompany.com/log/log_js_error
IP
186.2.163.111:443
ASN
#59692 IQWeb FZ-LLC

Requested by
https://jilliandescribecompany.com/6offsm0hajmi
Certificate
IssuerLet's Encrypt
Subjectjilliandescribecompany.com
Fingerprint25:F2:38:0F:80:47:9F:BC:F7:07:25:C6:88:D6:EE:DB:5E:59:9B:83
ValidityThu, 05 Jun 2025 08:50:30 GMT - Wed, 03 Sep 2025 08:50:29 GMT

File type
JSON text data
Size
13 B (13 bytes)
Hash
11a4a7f4bdeb09fec0e96f5bfc77f8f8
204b8ca987542dec72f121643984b47f1e53f0b1
8f08745c17c60fa28f8dcdac4a36178dade1efcc73644373ad21fb98da3b25f0

HTTP Headers

POST /log/log_js_error HTTP/1.1
Host: jilliandescribecompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 602
Origin: https://jilliandescribecompany.com
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/6offsm0hajmi
Cookie: __ddg8_=qHj6cEskhrKIpA5l; __ddg10_=1749299006; __ddg9_=91.90.42.154; __ddg1_=NrEyeRs5tAmHN93A5YjO; XSRF-TOKEN=eyJpdiI6IjJ5UmFXbTFIU01FNlE2eUt3azdUeXc9PSIsInZhbHVlIjoiZjlpaGZKUGZLRG13NkRHcjhSWlJ1UzZpYmQvLzJjK2YwNWR6NVZwVjhjNVdYYjZSYURZOHc1KzlIRmxlQXdOZUFNdisxYXIvK01HQjRXUlB1VDZaUmhjNkpmRm9tM1duUGtiNURaU3dTejNjMmFkNW9ySkh5ckVCMzA4cHI5bmMiLCJtYWMiOiJiMWY0ODgwZGJmZjdlZjRkMTdkOTQ5ZDUxYzEyOGVkMGY1ZjhkYjhmODE0OWQwN2VkMjk3N2RhODNhYTEwZWVmIiwidGFnIjoiIn0%3D; voe_session=eyJpdiI6ImgxMW1tNTE2QXFhNDErVUNkOTRBZkE9PSIsInZhbHVlIjoiTFh6elN5RlJYbW1PU0o2NWxiVUhWVDJjdWpoVThtZCtzUUlUanQyVlNpWGk5Q1NqdllWbzZqamJhaUhRTVVkRnNzMm40YWs3R0ZJOHA1NnJjZklBZzU2VzR6VUljMW5zNHcyTFFHS3Zzak1weEhNejBSRXRjalp2eDRVUHZ3MXkiLCJtYWMiOiJkNzE5MmM4NjA2MmIwMmQ5MDM0NDY0NjEzZmU2MWM1MTUyNzVlMzI1NDYyNjc5NjM3OWFiNDBiOTZkYmQ3NjkzIiwidGFnIjoiIn0%3D; UGVyc2lzdFN0b3JhZ2U=%7B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg8_=pjZidDyLcfkUqEGy; Domain=.jilliandescribecompany.com; Path=/; Expires=Sat, 07-Jun-2025 12:43:27 GMT
__ddg10_=1749299007; Domain=.jilliandescribecompany.com; Path=/; Expires=Sat, 07-Jun-2025 12:43:27 GMT
__ddg9_=91.90.42.154; Domain=.jilliandescribecompany.com; Path=/; Expires=Sat, 07-Jun-2025 12:43:27 GMT
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 07 Jun 2025 12:23:27 GMT
content-type: application/json
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

jilliandescribecompany.com/s/images/logos/voe-logo.svg?v=2

186.2.163.111

200 OK

1.9 kB

URL GET
jilliandescribecompany.com/s/images/logos/voe-logo.svg?v=2
IP
186.2.163.111:443
ASN
#59692 IQWeb FZ-LLC

Requested by
https://jilliandescribecompany.com/6offsm0hajmi
Certificate
IssuerLet's Encrypt
Subjectjilliandescribecompany.com
Fingerprint25:F2:38:0F:80:47:9F:BC:F7:07:25:C6:88:D6:EE:DB:5E:59:9B:83
ValidityThu, 05 Jun 2025 08:50:30 GMT - Wed, 03 Sep 2025 08:50:29 GMT

File type
SVG Scalable Vector Graphics image
Size
1.9 kB (1871 bytes)
Hash
bd6af39ad5f6b06bf2f48d4381f7e2d2
446e69b85868537aea68fdca15b5a10694f894ed
acf82d320d156d54ca827f03a45c073e0c00103dc78f1750cf011bc61e5216f6

HTTP Headers

GET /s/images/logos/voe-logo.svg?v=2 HTTP/1.1
Host: jilliandescribecompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/6offsm0hajmi
Cookie: __ddg8_=eSmPZSA7nVkmyxak; __ddg10_=1749299003; __ddg9_=91.90.42.154; __ddg1_=NrEyeRs5tAmHN93A5YjO; XSRF-TOKEN=eyJpdiI6ImJ3c016ekV2dS9ZUytibnlDSmRGRHc9PSIsInZhbHVlIjoicTdMbURxbGFIU3lWclhEem13YnFmMlE0UVdqOEJYTVl6RlE4Kytxc2FMWkUvU3kvN3FDUW5CSTVJQlk3dVJNZVhTZURaY0ZjcnpDM1N0eDFCczhWcjBWcVhHQ3BEcy9GVUdtaHBoNG91Rmp6K2YrcVpLSHZpclM0VFRCTnE3ODMiLCJtYWMiOiI3NWI5ZTY5YWNiZDg3ZTA1MDQ3NGJhODExNTQ2MTc4NmU0ODFiOTc1ZmYzNDhiZmYxODg2YjBhZWQ5MzhkNTNhIiwidGFnIjoiIn0%3D; voe_session=eyJpdiI6IkJuZ21vWEhSNUhyOTJzSjQxU2FWUlE9PSIsInZhbHVlIjoieEJ1dDkybkpUK1cwcEZndlVtakgvSDIzM3VQK01vSmhJRENUdUl1WXJ4WDFvSVBoeXJLbWpQTHBVb0RGSnlUa243RVZpems3SS9veTVITExHR3NWL1NKQ3JIZFdUdGFNOVBDVDIvdlRNZ0trNzVFcGV5WXFDM3RxdEVPU3I5VFIiLCJtYWMiOiIxMGQxNGM2MzZiODQwMDY3Yjg5ZTYxYjY3YmUxZDVhNjdmMmRhMmE1M2YzMjA3YTA0MjcwMGRjZjkwNDY2ZjUyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg8_=Xpdn2F0Rjgs04PR0; Domain=.jilliandescribecompany.com; Path=/; Expires=Sat, 07-Jun-2025 12:43:24 GMT
__ddg10_=1749299004; Domain=.jilliandescribecompany.com; Path=/; Expires=Sat, 07-Jun-2025 12:43:24 GMT
__ddg9_=91.90.42.154; Domain=.jilliandescribecompany.com; Path=/; Expires=Sat, 07-Jun-2025 12:43:24 GMT
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 24 May 2025 01:08:56 GMT
content-type: image/svg+xml
last-modified: Sun, 27 Apr 2025 04:35:04 GMT
vary: Accept-Encoding
etag: W/"680db3f8-74f"
expires: Mon, 23 Jun 2025 01:08:56 GMT
cache-control: max-age=2592000
content-encoding: br
age: 1250068
content-length: 958
ddg-cache-status: HIT
X-Firefox-Spdy: h2

jilliandescribecompany.com/s/js/site.min.js?ea7bc466cd21d4b756b621241c671b1d

186.2.163.111

200 OK

103 kB

URL GET
jilliandescribecompany.com/s/js/site.min.js?ea7bc466cd21d4b756b621241c671b1d
IP
186.2.163.111:443
ASN
#59692 IQWeb FZ-LLC

Requested by
https://jilliandescribecompany.com/6offsm0hajmi
Certificate
IssuerLet's Encrypt
Subjectjilliandescribecompany.com
Fingerprint25:F2:38:0F:80:47:9F:BC:F7:07:25:C6:88:D6:EE:DB:5E:59:9B:83
ValidityThu, 05 Jun 2025 08:50:30 GMT - Wed, 03 Sep 2025 08:50:29 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (52179)
Size
103 kB (102873 bytes)
Hash
72e89292dad5c7e8a82f6101fc52b71a
11917db2f454df110fedaf803ebf640052f953b8
1058329efc2e4de916dc58c5996ae6620836b878c33d13742b90f20ccddabe61

HTTP Headers

GET /s/js/site.min.js?ea7bc466cd21d4b756b621241c671b1d HTTP/1.1
Host: jilliandescribecompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/6offsm0hajmi
Cookie: __ddg8_=eSmPZSA7nVkmyxak; __ddg10_=1749299003; __ddg9_=91.90.42.154; __ddg1_=NrEyeRs5tAmHN93A5YjO; XSRF-TOKEN=eyJpdiI6ImJ3c016ekV2dS9ZUytibnlDSmRGRHc9PSIsInZhbHVlIjoicTdMbURxbGFIU3lWclhEem13YnFmMlE0UVdqOEJYTVl6RlE4Kytxc2FMWkUvU3kvN3FDUW5CSTVJQlk3dVJNZVhTZURaY0ZjcnpDM1N0eDFCczhWcjBWcVhHQ3BEcy9GVUdtaHBoNG91Rmp6K2YrcVpLSHZpclM0VFRCTnE3ODMiLCJtYWMiOiI3NWI5ZTY5YWNiZDg3ZTA1MDQ3NGJhODExNTQ2MTc4NmU0ODFiOTc1ZmYzNDhiZmYxODg2YjBhZWQ5MzhkNTNhIiwidGFnIjoiIn0%3D; voe_session=eyJpdiI6IkJuZ21vWEhSNUhyOTJzSjQxU2FWUlE9PSIsInZhbHVlIjoieEJ1dDkybkpUK1cwcEZndlVtakgvSDIzM3VQK01vSmhJRENUdUl1WXJ4WDFvSVBoeXJLbWpQTHBVb0RGSnlUa243RVZpems3SS9veTVITExHR3NWL1NKQ3JIZFdUdGFNOVBDVDIvdlRNZ0trNzVFcGV5WXFDM3RxdEVPU3I5VFIiLCJtYWMiOiIxMGQxNGM2MzZiODQwMDY3Yjg5ZTYxYjY3YmUxZDVhNjdmMmRhMmE1M2YzMjA3YTA0MjcwMGRjZjkwNDY2ZjUyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg8_=uXeKeoif8oLIRDJz; Domain=.jilliandescribecompany.com; Path=/; Expires=Sat, 07-Jun-2025 12:43:24 GMT
__ddg10_=1749299004; Domain=.jilliandescribecompany.com; Path=/; Expires=Sat, 07-Jun-2025 12:43:24 GMT
__ddg9_=91.90.42.154; Domain=.jilliandescribecompany.com; Path=/; Expires=Sat, 07-Jun-2025 12:43:24 GMT
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 24 May 2025 01:08:49 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 05 May 2025 16:07:50 GMT
etag: W/"6818e256-191d9"
expires: Mon, 23 Jun 2025 01:08:49 GMT
cache-control: max-age=2592000
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
age: 1250076
content-length: 23677
ddg-cache-status: HIT
X-Firefox-Spdy: h2

cdn.pncloudfl.com/pn/159/4e9/574/1594e95742a74b4d78cb97059ff18a3f1cdbc0cb.png

104.22.59.221

200 OK

48 kB

URL GET
cdn.pncloudfl.com/pn/159/4e9/574/1594e95742a74b4d78cb97059ff18a3f1cdbc0cb.png
IP
104.22.59.221:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jilliandescribecompany.com/6offsm0hajmi
Certificate
IssuerGoogle Trust Services
Subjectcdn.pncloudfl.com
Fingerprint1E:93:48:12:E8:A9:45:F0:1E:17:CE:34:F8:01:5D:4A:4B:DC:11:0D
ValidityFri, 18 Apr 2025 00:12:06 GMT - Thu, 17 Jul 2025 01:12:05 GMT

File type
RIFF (little-endian) data, Web/P image
Size
48 kB (47672 bytes)
Hash
63900872d4741b8272b98a1c98d7b322
12709fd6aaf8bbe0326041fe6580fc27b9ff530a
1b4ece5871412faabf0dcfa2ad53fdde34aae1a4218ba4074d4c3626424f8ba3

HTTP Headers

GET /pn/159/4e9/574/1594e95742a74b4d78cb97059ff18a3f1cdbc0cb.png HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/3 200 OK
date: Sat, 07 Jun 2025 12:23:30 GMT
content-type: image/webp
content-length: 47672
cf-ray: 94c01efccf287131-OSL
cache-control: max-age=432000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=74321
content-disposition: inline; filename="1594e95742a74b4d78cb97059ff18a3f1cdbc0cb.webp"
vary: Accept
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
etag: e7242897f9459085037ffcbcd74c060f
expires: Mon, 09 Jun 2025 00:48:47 GMT
last-modified: Mon, 23 Dec 2019 09:01:22 GMT
x-cdn-host-id: ds7445,ds5833
x-openstack-request-id: tx66dbb085bba94334a9ff4-0066ec1e16
x-proxy-cache: HIT
x-timestamp: 1577091681.42646
x-trans-id: tx66dbb085bba94334a9ff4-0066ec1e16
cf-cache-status: HIT
age: 41683
accept-ranges: bytes
priority: u=4,i=?0
access-control-allow-origin: *
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

jilliandescribecompany.com/s/images/logos/voe-logo-2.svg?v=2

186.2.163.111

200 OK

403 B

URL GET
jilliandescribecompany.com/s/images/logos/voe-logo-2.svg?v=2
IP
186.2.163.111:443
ASN
#59692 IQWeb FZ-LLC

Requested by
https://jilliandescribecompany.com/6offsm0hajmi
Certificate
IssuerLet's Encrypt
Subjectjilliandescribecompany.com
Fingerprint25:F2:38:0F:80:47:9F:BC:F7:07:25:C6:88:D6:EE:DB:5E:59:9B:83
ValidityThu, 05 Jun 2025 08:50:30 GMT - Wed, 03 Sep 2025 08:50:29 GMT

File type
SVG Scalable Vector Graphics image
Size
403 B (403 bytes)
Hash
a638d0dfa6feb7ce4b90e7c91c5b0df4
7a0a86f47b51781f48bb9f232f05193936490027
38b49bc67e053e96441e62f8423a9ed0e907ef768a0ffbba4370128760f814dc

HTTP Headers

GET /s/images/logos/voe-logo-2.svg?v=2 HTTP/1.1
Host: jilliandescribecompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/6offsm0hajmi
Cookie: __ddg8_=eSmPZSA7nVkmyxak; __ddg10_=1749299003; __ddg9_=91.90.42.154; __ddg1_=NrEyeRs5tAmHN93A5YjO; XSRF-TOKEN=eyJpdiI6ImJ3c016ekV2dS9ZUytibnlDSmRGRHc9PSIsInZhbHVlIjoicTdMbURxbGFIU3lWclhEem13YnFmMlE0UVdqOEJYTVl6RlE4Kytxc2FMWkUvU3kvN3FDUW5CSTVJQlk3dVJNZVhTZURaY0ZjcnpDM1N0eDFCczhWcjBWcVhHQ3BEcy9GVUdtaHBoNG91Rmp6K2YrcVpLSHZpclM0VFRCTnE3ODMiLCJtYWMiOiI3NWI5ZTY5YWNiZDg3ZTA1MDQ3NGJhODExNTQ2MTc4NmU0ODFiOTc1ZmYzNDhiZmYxODg2YjBhZWQ5MzhkNTNhIiwidGFnIjoiIn0%3D; voe_session=eyJpdiI6IkJuZ21vWEhSNUhyOTJzSjQxU2FWUlE9PSIsInZhbHVlIjoieEJ1dDkybkpUK1cwcEZndlVtakgvSDIzM3VQK01vSmhJRENUdUl1WXJ4WDFvSVBoeXJLbWpQTHBVb0RGSnlUa243RVZpems3SS9veTVITExHR3NWL1NKQ3JIZFdUdGFNOVBDVDIvdlRNZ0trNzVFcGV5WXFDM3RxdEVPU3I5VFIiLCJtYWMiOiIxMGQxNGM2MzZiODQwMDY3Yjg5ZTYxYjY3YmUxZDVhNjdmMmRhMmE1M2YzMjA3YTA0MjcwMGRjZjkwNDY2ZjUyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg8_=EPkdhAe78ZXcbEpC; Domain=.jilliandescribecompany.com; Path=/; Expires=Sat, 07-Jun-2025 12:43:24 GMT
__ddg10_=1749299004; Domain=.jilliandescribecompany.com; Path=/; Expires=Sat, 07-Jun-2025 12:43:24 GMT
__ddg9_=91.90.42.154; Domain=.jilliandescribecompany.com; Path=/; Expires=Sat, 07-Jun-2025 12:43:24 GMT
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 24 May 2025 01:08:56 GMT
content-type: image/svg+xml
last-modified: Sun, 27 Apr 2025 04:35:04 GMT
etag: W/"680db3f8-193"
expires: Mon, 23 Jun 2025 01:08:56 GMT
cache-control: max-age=2592000
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
age: 1250068
content-length: 221
ddg-cache-status: HIT
X-Firefox-Spdy: h2

jilliandescribecompany.com/jwplayer/8.36.6/jwplayer.core.controls.js

186.2.163.111

200 OK

340 kB

URL GET
jilliandescribecompany.com/jwplayer/8.36.6/jwplayer.core.controls.js
IP
186.2.163.111:443
ASN
#59692 IQWeb FZ-LLC

Requested by
https://jilliandescribecompany.com/6offsm0hajmi
Certificate
IssuerLet's Encrypt
Subjectjilliandescribecompany.com
Fingerprint25:F2:38:0F:80:47:9F:BC:F7:07:25:C6:88:D6:EE:DB:5E:59:9B:83
ValidityThu, 05 Jun 2025 08:50:30 GMT - Wed, 03 Sep 2025 08:50:29 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
340 kB (339998 bytes)
Hash
c8fc89b8e42c4a24d4d3ee9944d04e9f
1d47b5067f9b3756f6a6cd10b44fe3c3cd58952c
2a9d386316399957231faaab81b0e2f30c45e5049d1e1ed3dee7f6e5d00e7ca4

HTTP Headers

GET /jwplayer/8.36.6/jwplayer.core.controls.js HTTP/1.1
Host: jilliandescribecompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/6offsm0hajmi
Cookie: __ddg8_=YLbdKa24BVXCsCm8; __ddg10_=1749299005; __ddg9_=91.90.42.154; __ddg1_=NrEyeRs5tAmHN93A5YjO; XSRF-TOKEN=eyJpdiI6ImJ3c016ekV2dS9ZUytibnlDSmRGRHc9PSIsInZhbHVlIjoicTdMbURxbGFIU3lWclhEem13YnFmMlE0UVdqOEJYTVl6RlE4Kytxc2FMWkUvU3kvN3FDUW5CSTVJQlk3dVJNZVhTZURaY0ZjcnpDM1N0eDFCczhWcjBWcVhHQ3BEcy9GVUdtaHBoNG91Rmp6K2YrcVpLSHZpclM0VFRCTnE3ODMiLCJtYWMiOiI3NWI5ZTY5YWNiZDg3ZTA1MDQ3NGJhODExNTQ2MTc4NmU0ODFiOTc1ZmYzNDhiZmYxODg2YjBhZWQ5MzhkNTNhIiwidGFnIjoiIn0%3D; voe_session=eyJpdiI6IkJuZ21vWEhSNUhyOTJzSjQxU2FWUlE9PSIsInZhbHVlIjoieEJ1dDkybkpUK1cwcEZndlVtakgvSDIzM3VQK01vSmhJRENUdUl1WXJ4WDFvSVBoeXJLbWpQTHBVb0RGSnlUa243RVZpems3SS9veTVITExHR3NWL1NKQ3JIZFdUdGFNOVBDVDIvdlRNZ0trNzVFcGV5WXFDM3RxdEVPU3I5VFIiLCJtYWMiOiIxMGQxNGM2MzZiODQwMDY3Yjg5ZTYxYjY3YmUxZDVhNjdmMmRhMmE1M2YzMjA3YTA0MjcwMGRjZjkwNDY2ZjUyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg8_=QnL0BQ9Y9PomQ08A; Domain=.jilliandescribecompany.com; Path=/; Expires=Sat, 07-Jun-2025 12:43:25 GMT
__ddg10_=1749299005; Domain=.jilliandescribecompany.com; Path=/; Expires=Sat, 07-Jun-2025 12:43:25 GMT
__ddg9_=91.90.42.154; Domain=.jilliandescribecompany.com; Path=/; Expires=Sat, 07-Jun-2025 12:43:25 GMT
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 24 May 2025 01:08:50 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 05 May 2025 16:07:50 GMT
etag: W/"6818e256-5301e"
expires: Mon, 23 Jun 2025 01:08:50 GMT
cache-control: max-age=2592000
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
age: 1250075
content-length: 86302
ddg-cache-status: HIT
X-Firefox-Spdy: h2

ptichoolsougn.net/401/9013477

139.45.197.107

200 OK

162 kB

URL GET
ptichoolsougn.net/401/9013477
IP
139.45.197.107:443
ASN
#9002 RETN Limited

Requested by
https://jilliandescribecompany.com/6offsm0hajmi
Certificate
IssuerLet's Encrypt
Subjectptichoolsougn.net
FingerprintD4:D5:69:CE:D9:AE:9E:84:EC:1E:51:5A:33:BD:1B:0D:6A:E3:C3:9A
ValidityMon, 05 May 2025 05:35:02 GMT - Sun, 03 Aug 2025 05:35:01 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
162 kB (162242 bytes)
Hash
a3c0e6da60d406d4e917376db20c1d8f
b1a67db190fdedde6004c2e059808d016300127c
02f56e7ec0be5c8ffbaefd6811c4d289b1fef31d16330ee15e6ab6d8b067ff09

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /401/9013477 HTTP/1.1
Host: ptichoolsougn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Jun 2025 12:23:25 GMT
content-type: application/javascript
x-trace-id: 37fc802a985df4a0e0a002854eabbf6b
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
set-cookie: OAID=0301e1dba38a47b8f9f2937524fc8965; expires=Sun, 07 Jun 2026 12:23:25 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

jilliandescribecompany.com/engine/storyboard/6offsm0hajmi?t=0

186.2.163.111

200 OK

13 kB

URL GET
jilliandescribecompany.com/engine/storyboard/6offsm0hajmi?t=0
IP
186.2.163.111:443
ASN
#59692 IQWeb FZ-LLC

Requested by
https://jilliandescribecompany.com/6offsm0hajmi
Certificate
IssuerLet's Encrypt
Subjectjilliandescribecompany.com
Fingerprint25:F2:38:0F:80:47:9F:BC:F7:07:25:C6:88:D6:EE:DB:5E:59:9B:83
ValidityThu, 05 Jun 2025 08:50:30 GMT - Wed, 03 Sep 2025 08:50:29 GMT

File type
WebVTT subtitles, ASCII text
Size
13 kB (12570 bytes)
Hash
162075ec4c62f350d841a5df04c682da
501018abd7b86ac22dfbdaf41dd6cebddb77706e
e79eadc417a529de50bd9848bf24e140a66516455581e0166613af63f5179aed

HTTP Headers

GET /engine/storyboard/6offsm0hajmi?t=0 HTTP/1.1
Host: jilliandescribecompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/6offsm0hajmi
Cookie: __ddg8_=gncodKSvLYcV0J1m; __ddg10_=1749299005; __ddg9_=91.90.42.154; __ddg1_=NrEyeRs5tAmHN93A5YjO; XSRF-TOKEN=eyJpdiI6ImJ3c016ekV2dS9ZUytibnlDSmRGRHc9PSIsInZhbHVlIjoicTdMbURxbGFIU3lWclhEem13YnFmMlE0UVdqOEJYTVl6RlE4Kytxc2FMWkUvU3kvN3FDUW5CSTVJQlk3dVJNZVhTZURaY0ZjcnpDM1N0eDFCczhWcjBWcVhHQ3BEcy9GVUdtaHBoNG91Rmp6K2YrcVpLSHZpclM0VFRCTnE3ODMiLCJtYWMiOiI3NWI5ZTY5YWNiZDg3ZTA1MDQ3NGJhODExNTQ2MTc4NmU0ODFiOTc1ZmYzNDhiZmYxODg2YjBhZWQ5MzhkNTNhIiwidGFnIjoiIn0%3D; voe_session=eyJpdiI6IkJuZ21vWEhSNUhyOTJzSjQxU2FWUlE9PSIsInZhbHVlIjoieEJ1dDkybkpUK1cwcEZndlVtakgvSDIzM3VQK01vSmhJRENUdUl1WXJ4WDFvSVBoeXJLbWpQTHBVb0RGSnlUa243RVZpems3SS9veTVITExHR3NWL1NKQ3JIZFdUdGFNOVBDVDIvdlRNZ0trNzVFcGV5WXFDM3RxdEVPU3I5VFIiLCJtYWMiOiIxMGQxNGM2MzZiODQwMDY3Yjg5ZTYxYjY3YmUxZDVhNjdmMmRhMmE1M2YzMjA3YTA0MjcwMGRjZjkwNDY2ZjUyIiwidGFnIjoiIn0%3D; UGVyc2lzdFN0b3JhZ2U=%7B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg8_=qHj6cEskhrKIpA5l; Domain=.jilliandescribecompany.com; Path=/; Expires=Sat, 07-Jun-2025 12:43:26 GMT
__ddg10_=1749299006; Domain=.jilliandescribecompany.com; Path=/; Expires=Sat, 07-Jun-2025 12:43:26 GMT
__ddg9_=91.90.42.154; Domain=.jilliandescribecompany.com; Path=/; Expires=Sat, 07-Jun-2025 12:43:26 GMT
XSRF-TOKEN=eyJpdiI6IjJ5UmFXbTFIU01FNlE2eUt3azdUeXc9PSIsInZhbHVlIjoiZjlpaGZKUGZLRG13NkRHcjhSWlJ1UzZpYmQvLzJjK2YwNWR6NVZwVjhjNVdYYjZSYURZOHc1KzlIRmxlQXdOZUFNdisxYXIvK01HQjRXUlB1VDZaUmhjNkpmRm9tM1duUGtiNURaU3dTejNjMmFkNW9ySkh5ckVCMzA4cHI5bmMiLCJtYWMiOiJiMWY0ODgwZGJmZjdlZjRkMTdkOTQ5ZDUxYzEyOGVkMGY1ZjhkYjhmODE0OWQwN2VkMjk3N2RhODNhYTEwZWVmIiwidGFnIjoiIn0%3D; expires=Sat, 07 Jun 2025 13:53:26 GMT; Max-Age=5400; path=/; secure; samesite=none; partitioned
voe_session=eyJpdiI6ImgxMW1tNTE2QXFhNDErVUNkOTRBZkE9PSIsInZhbHVlIjoiTFh6elN5RlJYbW1PU0o2NWxiVUhWVDJjdWpoVThtZCtzUUlUanQyVlNpWGk5Q1NqdllWbzZqamJhaUhRTVVkRnNzMm40YWs3R0ZJOHA1NnJjZklBZzU2VzR6VUljMW5zNHcyTFFHS3Zzak1weEhNejBSRXRjalp2eDRVUHZ3MXkiLCJtYWMiOiJkNzE5MmM4NjA2MmIwMmQ5MDM0NDY0NjEzZmU2MWM1MTUyNzVlMzI1NDYyNjc5NjM3OWFiNDBiOTZkYmQ3NjkzIiwidGFnIjoiIn0%3D; expires=Sat, 07 Jun 2025 13:53:26 GMT; Max-Age=5400; path=/; secure; httponly; samesite=none; partitioned
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
content-type: text/vtt; charset=UTF-8
cache-control: no-cache, private
date: Sat, 07 Jun 2025 12:23:26 GMT
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2

142.250.74.35

200 OK

40 kB

URL GET
fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://jilliandescribecompany.com/6offsm0hajmi
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint41:FF:72:9C:74:6F:D4:D1:3B:A8:03:EB:55:D2:D2:09:7E:7A:44:DC
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT

File type
Web Open Font Format (Version 2), TrueType, length 40128, version 1.0
Size
40 kB (40128 bytes)
Hash
9a01b69183a9604ab3a439e388b30501
8ed1d59003d0dbe6360481017b44665153665fbe
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2

HTTP Headers

GET /s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://jilliandescribecompany.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 06 Jun 2025 00:24:14 GMT
expires: Sat, 06 Jun 2026 00:24:14 GMT
cache-control: public, max-age=31536000
age: 129556
last-modified: Thu, 29 May 2025 23:30:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

campfirecroutondecorator.com/check.html

94.242.247.33

200 OK

926 B

URL GET
campfirecroutondecorator.com/check.html
IP
94.242.247.33:443
ASN
#7979 SERVERS-COM

Requested by
https://jilliandescribecompany.com/6offsm0hajmi
Certificate
IssuerGoogle Trust Services
Subjectcampfirecroutondecorator.com
FingerprintD5:5B:6F:15:16:6F:A4:82:8E:F3:8D:F5:C6:17:C0:7C:F1:98:47:FB
ValidityMon, 26 May 2025 15:13:37 GMT - Sun, 24 Aug 2025 15:13:36 GMT

File type
HTML document, ASCII text
Size
926 B (926 bytes)
Hash
088dba8e97eede53134c93219f7ebbae
adb707654d1fe0af7d0d7a9f55660d22bd3625e4
6da0120b4c7bc45b63fcbb87595c3c1ea2cdca482b0c48d4d2ab434f9e897aff

HTTP Headers

GET /check.html HTTP/1.1
Host: campfirecroutondecorator.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Jun 2025 12:23:26 GMT
content-type: text/html; charset=utf-8
last-modified: Mon, 19 May 2025 08:12:42 GMT
vary: Accept-Encoding
etag: W/"682ae7fa-39e"
x-js-ab: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2

bobapsoabauns.com/www/images/545b04f9bce5a70f9754bb099df3f0e9.png

172.67.166.60

200 OK

82 kB

URL GET
bobapsoabauns.com/www/images/545b04f9bce5a70f9754bb099df3f0e9.png
IP
172.67.166.60:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jilliandescribecompany.com/6offsm0hajmi
Certificate
IssuerGoogle Trust Services
Subjectbobapsoabauns.com
Fingerprint8C:C2:83:27:EF:DF:2F:25:DF:58:17:A2:0F:5F:E7:86:EA:92:7F:D9
ValidityWed, 21 May 2025 20:50:33 GMT - Tue, 19 Aug 2025 21:47:54 GMT

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
Size
82 kB (81979 bytes)
Hash
545b04f9bce5a70f9754bb099df3f0e9
ae727e3526409cc6a2ff8be3f9ef15ec804d390c
cc6720855ee907afb29b0f8ab90c8e412016e7976515d6577d5cf61dd913be0b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /www/images/545b04f9bce5a70f9754bb099df3f0e9.png HTTP/1.1
Host: bobapsoabauns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Jun 2025 12:23:27 GMT
content-type: image/png
content-length: 81979
server: cloudflare
last-modified: Tue, 04 Mar 2025 18:50:37 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: "67c74b7d-1403b"
expires: Sun, 08 Jun 2025 06:21:46 GMT
cache-control: max-age=86400
timing-allow-origin: *
accept-ranges: bytes
age: 21701
cf-cache-status: HIT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=LXIaol%2FjBaGm%2FLMQ0qHcZmKb4cqXOMtAjEyEvOeqJPvcJiwb%2BrDOQIX4Tf5GN7jb6s%2FZ59Qzo5m2wZVzeCKBLFjdnAmylrg1bWUXI4GInQ%3D%3D"}]}
cf-ray: 94c01eefc9180b69-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Figtree:wght@400;600;800&display=swap

142.250.74.10

200 OK

2.5 kB

URL GET
fonts.googleapis.com/css2?family=Figtree:wght@400;600;800&display=swap
IP
142.250.74.10:443
ASN
#15169 GOOGLE

Requested by
https://jilliandescribecompany.com/6offsm0hajmi
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint1C:09:46:89:AD:F3:B6:3E:B4:89:F7:49:AC:15:E7:4E:A6:D2:AA:73
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT

File type
ASCII text
Size
2.5 kB (2508 bytes)
Hash
81697f14fef5e75334dddac376b63b52
e5a95321183528f482564419929d611b096aec6c
62779f80bdd9979d0857443f631b0242c5866967a949b2bb01b4102135fdc8f1

HTTP Headers

GET /css2?family=Figtree:wght@400;600;800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 07 Jun 2025 12:23:24 GMT
date: Sat, 07 Jun 2025 12:23:24 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

jilliandescribecompany.com/js/loader.c7381b2.js

186.2.163.111

200 OK

87 kB

URL GET
jilliandescribecompany.com/js/loader.c7381b2.js
IP
186.2.163.111:443
ASN
#59692 IQWeb FZ-LLC

Requested by
https://jilliandescribecompany.com/6offsm0hajmi
Certificate
IssuerLet's Encrypt
Subjectjilliandescribecompany.com
Fingerprint25:F2:38:0F:80:47:9F:BC:F7:07:25:C6:88:D6:EE:DB:5E:59:9B:83
ValidityThu, 05 Jun 2025 08:50:30 GMT - Wed, 03 Sep 2025 08:50:29 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
87 kB (86577 bytes)
Hash
b8fdf254afa3d3bc5c0da167a13c2e36
05fb272653e88f082394c503d7178b3c2f71e899
c5ff72987e6f553a72a6ca16125ab9f2c947a198dbc9d24157b3c39e1f1a2367

HTTP Headers

GET /js/loader.c7381b2.js HTTP/1.1
Host: jilliandescribecompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/6offsm0hajmi
Cookie: __ddg8_=eSmPZSA7nVkmyxak; __ddg10_=1749299003; __ddg9_=91.90.42.154; __ddg1_=NrEyeRs5tAmHN93A5YjO; XSRF-TOKEN=eyJpdiI6ImJ3c016ekV2dS9ZUytibnlDSmRGRHc9PSIsInZhbHVlIjoicTdMbURxbGFIU3lWclhEem13YnFmMlE0UVdqOEJYTVl6RlE4Kytxc2FMWkUvU3kvN3FDUW5CSTVJQlk3dVJNZVhTZURaY0ZjcnpDM1N0eDFCczhWcjBWcVhHQ3BEcy9GVUdtaHBoNG91Rmp6K2YrcVpLSHZpclM0VFRCTnE3ODMiLCJtYWMiOiI3NWI5ZTY5YWNiZDg3ZTA1MDQ3NGJhODExNTQ2MTc4NmU0ODFiOTc1ZmYzNDhiZmYxODg2YjBhZWQ5MzhkNTNhIiwidGFnIjoiIn0%3D; voe_session=eyJpdiI6IkJuZ21vWEhSNUhyOTJzSjQxU2FWUlE9PSIsInZhbHVlIjoieEJ1dDkybkpUK1cwcEZndlVtakgvSDIzM3VQK01vSmhJRENUdUl1WXJ4WDFvSVBoeXJLbWpQTHBVb0RGSnlUa243RVZpems3SS9veTVITExHR3NWL1NKQ3JIZFdUdGFNOVBDVDIvdlRNZ0trNzVFcGV5WXFDM3RxdEVPU3I5VFIiLCJtYWMiOiIxMGQxNGM2MzZiODQwMDY3Yjg5ZTYxYjY3YmUxZDVhNjdmMmRhMmE1M2YzMjA3YTA0MjcwMGRjZjkwNDY2ZjUyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg8_=Aa96bhDtPnUy6Ygj; Domain=.jilliandescribecompany.com; Path=/; Expires=Sat, 07-Jun-2025 12:43:24 GMT
__ddg10_=1749299004; Domain=.jilliandescribecompany.com; Path=/; Expires=Sat, 07-Jun-2025 12:43:24 GMT
__ddg9_=91.90.42.154; Domain=.jilliandescribecompany.com; Path=/; Expires=Sat, 07-Jun-2025 12:43:24 GMT
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 24 May 2025 01:08:49 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 05 May 2025 16:07:50 GMT
etag: W/"6818e256-15231"
expires: Mon, 23 Jun 2025 01:08:49 GMT
cache-control: max-age=2592000
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
age: 1250076
content-length: 28148
ddg-cache-status: HIT
X-Firefox-Spdy: h2

jilliandescribecompany.com/android-icon-192x192.png

186.2.163.111

200 OK

7.1 kB

URL GET
jilliandescribecompany.com/android-icon-192x192.png
IP
186.2.163.111:443
ASN
#59692 IQWeb FZ-LLC

Requested by
https://jilliandescribecompany.com/6offsm0hajmi
Certificate
IssuerLet's Encrypt
Subjectjilliandescribecompany.com
Fingerprint25:F2:38:0F:80:47:9F:BC:F7:07:25:C6:88:D6:EE:DB:5E:59:9B:83
ValidityThu, 05 Jun 2025 08:50:30 GMT - Wed, 03 Sep 2025 08:50:29 GMT

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
Size
7.1 kB (7068 bytes)
Hash
6e09fa5e43f9f169c8b65bdba9683b46
e986e9353a404b28a522b85dc0b7afb480b6cb27
7940cbb7ef222596bef1a1d1db04e8a1b745dfdeb769ff9a46f4e3717396af0b

HTTP Headers

GET /android-icon-192x192.png HTTP/1.1
Host: jilliandescribecompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/6offsm0hajmi
Cookie: __ddg8_=7nFeHnzmTbxcoyhj; __ddg10_=1749299005; __ddg9_=91.90.42.154; __ddg1_=NrEyeRs5tAmHN93A5YjO; XSRF-TOKEN=eyJpdiI6ImJ3c016ekV2dS9ZUytibnlDSmRGRHc9PSIsInZhbHVlIjoicTdMbURxbGFIU3lWclhEem13YnFmMlE0UVdqOEJYTVl6RlE4Kytxc2FMWkUvU3kvN3FDUW5CSTVJQlk3dVJNZVhTZURaY0ZjcnpDM1N0eDFCczhWcjBWcVhHQ3BEcy9GVUdtaHBoNG91Rmp6K2YrcVpLSHZpclM0VFRCTnE3ODMiLCJtYWMiOiI3NWI5ZTY5YWNiZDg3ZTA1MDQ3NGJhODExNTQ2MTc4NmU0ODFiOTc1ZmYzNDhiZmYxODg2YjBhZWQ5MzhkNTNhIiwidGFnIjoiIn0%3D; voe_session=eyJpdiI6IkJuZ21vWEhSNUhyOTJzSjQxU2FWUlE9PSIsInZhbHVlIjoieEJ1dDkybkpUK1cwcEZndlVtakgvSDIzM3VQK01vSmhJRENUdUl1WXJ4WDFvSVBoeXJLbWpQTHBVb0RGSnlUa243RVZpems3SS9veTVITExHR3NWL1NKQ3JIZFdUdGFNOVBDVDIvdlRNZ0trNzVFcGV5WXFDM3RxdEVPU3I5VFIiLCJtYWMiOiIxMGQxNGM2MzZiODQwMDY3Yjg5ZTYxYjY3YmUxZDVhNjdmMmRhMmE1M2YzMjA3YTA0MjcwMGRjZjkwNDY2ZjUyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg8_=imHwMtjKGi6SP9oQ; Domain=.jilliandescribecompany.com; Path=/; Expires=Sat, 07-Jun-2025 12:43:25 GMT
__ddg10_=1749299005; Domain=.jilliandescribecompany.com; Path=/; Expires=Sat, 07-Jun-2025 12:43:25 GMT
__ddg9_=91.90.42.154; Domain=.jilliandescribecompany.com; Path=/; Expires=Sat, 07-Jun-2025 12:43:25 GMT
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 24 May 2025 01:08:52 GMT
content-type: image/png
content-length: 7068
last-modified: Mon, 05 May 2025 16:07:50 GMT
etag: "6818e256-1b9c"
expires: Mon, 23 Jun 2025 01:08:52 GMT
cache-control: max-age=2592000
accept-ranges: bytes
age: 1250074
ddg-cache-status: HIT
X-Firefox-Spdy: h2

jilliandescribecompany.com/s/css/site.min.css?cb42e55bbdab3f11540fa3b620a6e66e

186.2.163.111

200 OK

271 kB

URL GET
jilliandescribecompany.com/s/css/site.min.css?cb42e55bbdab3f11540fa3b620a6e66e
IP
186.2.163.111:443
ASN
#59692 IQWeb FZ-LLC

Requested by
https://jilliandescribecompany.com/6offsm0hajmi
Certificate
IssuerLet's Encrypt
Subjectjilliandescribecompany.com
Fingerprint25:F2:38:0F:80:47:9F:BC:F7:07:25:C6:88:D6:EE:DB:5E:59:9B:83
ValidityThu, 05 Jun 2025 08:50:30 GMT - Wed, 03 Sep 2025 08:50:29 GMT

File type
Unicode text, UTF-8 text, with very long lines (65271)
Size
271 kB (270624 bytes)
Hash
c71fa701386844028fe6595289427599
8be981f11be9f5aab5fd100ee58b8a9332674382
39710492ff4eb2fd207455f6edca3b9649b46fd2644021344afdf1d4c9a5ca11

HTTP Headers

GET /s/css/site.min.css?cb42e55bbdab3f11540fa3b620a6e66e HTTP/1.1
Host: jilliandescribecompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/6offsm0hajmi
Cookie: __ddg8_=eSmPZSA7nVkmyxak; __ddg10_=1749299003; __ddg9_=91.90.42.154; __ddg1_=NrEyeRs5tAmHN93A5YjO; XSRF-TOKEN=eyJpdiI6ImJ3c016ekV2dS9ZUytibnlDSmRGRHc9PSIsInZhbHVlIjoicTdMbURxbGFIU3lWclhEem13YnFmMlE0UVdqOEJYTVl6RlE4Kytxc2FMWkUvU3kvN3FDUW5CSTVJQlk3dVJNZVhTZURaY0ZjcnpDM1N0eDFCczhWcjBWcVhHQ3BEcy9GVUdtaHBoNG91Rmp6K2YrcVpLSHZpclM0VFRCTnE3ODMiLCJtYWMiOiI3NWI5ZTY5YWNiZDg3ZTA1MDQ3NGJhODExNTQ2MTc4NmU0ODFiOTc1ZmYzNDhiZmYxODg2YjBhZWQ5MzhkNTNhIiwidGFnIjoiIn0%3D; voe_session=eyJpdiI6IkJuZ21vWEhSNUhyOTJzSjQxU2FWUlE9PSIsInZhbHVlIjoieEJ1dDkybkpUK1cwcEZndlVtakgvSDIzM3VQK01vSmhJRENUdUl1WXJ4WDFvSVBoeXJLbWpQTHBVb0RGSnlUa243RVZpems3SS9veTVITExHR3NWL1NKQ3JIZFdUdGFNOVBDVDIvdlRNZ0trNzVFcGV5WXFDM3RxdEVPU3I5VFIiLCJtYWMiOiIxMGQxNGM2MzZiODQwMDY3Yjg5ZTYxYjY3YmUxZDVhNjdmMmRhMmE1M2YzMjA3YTA0MjcwMGRjZjkwNDY2ZjUyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg8_=V8TmDVo1Y1YUQsZk; Domain=.jilliandescribecompany.com; Path=/; Expires=Sat, 07-Jun-2025 12:43:24 GMT
__ddg10_=1749299004; Domain=.jilliandescribecompany.com; Path=/; Expires=Sat, 07-Jun-2025 12:43:24 GMT
__ddg9_=91.90.42.154; Domain=.jilliandescribecompany.com; Path=/; Expires=Sat, 07-Jun-2025 12:43:24 GMT
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 24 May 2025 01:08:49 GMT
content-type: text/css
last-modified: Mon, 05 May 2025 16:07:50 GMT
etag: W/"6818e256-42120"
expires: Mon, 23 Jun 2025 01:08:49 GMT
cache-control: max-age=2592000
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
age: 1250075
content-length: 36983
ddg-cache-status: HIT
X-Firefox-Spdy: h2

jilliandescribecompany.com/jwplayer/8.36.6/jwpsrv.js

186.2.163.111

200 OK

67 kB

URL GET
jilliandescribecompany.com/jwplayer/8.36.6/jwpsrv.js
IP
186.2.163.111:443
ASN
#59692 IQWeb FZ-LLC

Requested by
https://jilliandescribecompany.com/6offsm0hajmi
Certificate
IssuerLet's Encrypt
Subjectjilliandescribecompany.com
Fingerprint25:F2:38:0F:80:47:9F:BC:F7:07:25:C6:88:D6:EE:DB:5E:59:9B:83
ValidityThu, 05 Jun 2025 08:50:30 GMT - Wed, 03 Sep 2025 08:50:29 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
67 kB (67344 bytes)
Hash
b7c09a238f43ba40002820079de36b91
620bbc4b53e6fd80b6cd5c89271bc09973d51903
be32622dbb1e238992fe4d24d3fd2aaf05b5a283f58f249790b673f04e64c24f

HTTP Headers

GET /jwplayer/8.36.6/jwpsrv.js HTTP/1.1
Host: jilliandescribecompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/6offsm0hajmi
Cookie: __ddg8_=uXeKeoif8oLIRDJz; __ddg10_=1749299004; __ddg9_=91.90.42.154; __ddg1_=NrEyeRs5tAmHN93A5YjO; XSRF-TOKEN=eyJpdiI6ImJ3c016ekV2dS9ZUytibnlDSmRGRHc9PSIsInZhbHVlIjoicTdMbURxbGFIU3lWclhEem13YnFmMlE0UVdqOEJYTVl6RlE4Kytxc2FMWkUvU3kvN3FDUW5CSTVJQlk3dVJNZVhTZURaY0ZjcnpDM1N0eDFCczhWcjBWcVhHQ3BEcy9GVUdtaHBoNG91Rmp6K2YrcVpLSHZpclM0VFRCTnE3ODMiLCJtYWMiOiI3NWI5ZTY5YWNiZDg3ZTA1MDQ3NGJhODExNTQ2MTc4NmU0ODFiOTc1ZmYzNDhiZmYxODg2YjBhZWQ5MzhkNTNhIiwidGFnIjoiIn0%3D; voe_session=eyJpdiI6IkJuZ21vWEhSNUhyOTJzSjQxU2FWUlE9PSIsInZhbHVlIjoieEJ1dDkybkpUK1cwcEZndlVtakgvSDIzM3VQK01vSmhJRENUdUl1WXJ4WDFvSVBoeXJLbWpQTHBVb0RGSnlUa243RVZpems3SS9veTVITExHR3NWL1NKQ3JIZFdUdGFNOVBDVDIvdlRNZ0trNzVFcGV5WXFDM3RxdEVPU3I5VFIiLCJtYWMiOiIxMGQxNGM2MzZiODQwMDY3Yjg5ZTYxYjY3YmUxZDVhNjdmMmRhMmE1M2YzMjA3YTA0MjcwMGRjZjkwNDY2ZjUyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg8_=YLbdKa24BVXCsCm8; Domain=.jilliandescribecompany.com; Path=/; Expires=Sat, 07-Jun-2025 12:43:25 GMT
__ddg10_=1749299005; Domain=.jilliandescribecompany.com; Path=/; Expires=Sat, 07-Jun-2025 12:43:25 GMT
__ddg9_=91.90.42.154; Domain=.jilliandescribecompany.com; Path=/; Expires=Sat, 07-Jun-2025 12:43:25 GMT
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sun, 01 Jun 2025 23:00:42 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 05 May 2025 16:07:50 GMT
etag: W/"6818e256-10710"
expires: Tue, 01 Jul 2025 23:00:42 GMT
cache-control: max-age=2592000
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
age: 480163
content-length: 19793
ddg-cache-status: HIT
X-Firefox-Spdy: h2

jilliandescribecompany.com/cache/6offsm0hajmi_storyboard_L2.jpg

186.2.163.111

200 OK

186 kB

URL GET
jilliandescribecompany.com/cache/6offsm0hajmi_storyboard_L2.jpg
IP
186.2.163.111:443
ASN
#59692 IQWeb FZ-LLC

Requested by
https://jilliandescribecompany.com/6offsm0hajmi
Certificate
IssuerLet's Encrypt
Subjectjilliandescribecompany.com
Fingerprint25:F2:38:0F:80:47:9F:BC:F7:07:25:C6:88:D6:EE:DB:5E:59:9B:83
ValidityThu, 05 Jun 2025 08:50:30 GMT - Wed, 03 Sep 2025 08:50:29 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1279x698, components 3
Size
186 kB (185851 bytes)
Hash
7add9a4bd1ca87c0fa193cd79f8d6eeb
a3d2956a091eef753d59ea91cfedd26b1a2e7489
26141976fe01ad9e7592e0ae2e862e9a68422d0eee677a565b45018d4a1ef1e2

HTTP Headers

GET /cache/6offsm0hajmi_storyboard_L2.jpg HTTP/1.1
Host: jilliandescribecompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/6offsm0hajmi
Cookie: __ddg8_=gncodKSvLYcV0J1m; __ddg10_=1749299005; __ddg9_=91.90.42.154; __ddg1_=NrEyeRs5tAmHN93A5YjO; XSRF-TOKEN=eyJpdiI6ImJ3c016ekV2dS9ZUytibnlDSmRGRHc9PSIsInZhbHVlIjoicTdMbURxbGFIU3lWclhEem13YnFmMlE0UVdqOEJYTVl6RlE4Kytxc2FMWkUvU3kvN3FDUW5CSTVJQlk3dVJNZVhTZURaY0ZjcnpDM1N0eDFCczhWcjBWcVhHQ3BEcy9GVUdtaHBoNG91Rmp6K2YrcVpLSHZpclM0VFRCTnE3ODMiLCJtYWMiOiI3NWI5ZTY5YWNiZDg3ZTA1MDQ3NGJhODExNTQ2MTc4NmU0ODFiOTc1ZmYzNDhiZmYxODg2YjBhZWQ5MzhkNTNhIiwidGFnIjoiIn0%3D; voe_session=eyJpdiI6IkJuZ21vWEhSNUhyOTJzSjQxU2FWUlE9PSIsInZhbHVlIjoieEJ1dDkybkpUK1cwcEZndlVtakgvSDIzM3VQK01vSmhJRENUdUl1WXJ4WDFvSVBoeXJLbWpQTHBVb0RGSnlUa243RVZpems3SS9veTVITExHR3NWL1NKQ3JIZFdUdGFNOVBDVDIvdlRNZ0trNzVFcGV5WXFDM3RxdEVPU3I5VFIiLCJtYWMiOiIxMGQxNGM2MzZiODQwMDY3Yjg5ZTYxYjY3YmUxZDVhNjdmMmRhMmE1M2YzMjA3YTA0MjcwMGRjZjkwNDY2ZjUyIiwidGFnIjoiIn0%3D; UGVyc2lzdFN0b3JhZ2U=%7B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg8_=FBBQASEuClPiEREp; Domain=.jilliandescribecompany.com; Path=/; Expires=Sat, 07-Jun-2025 12:43:26 GMT
__ddg10_=1749299006; Domain=.jilliandescribecompany.com; Path=/; Expires=Sat, 07-Jun-2025 12:43:26 GMT
__ddg9_=91.90.42.154; Domain=.jilliandescribecompany.com; Path=/; Expires=Sat, 07-Jun-2025 12:43:26 GMT
XSRF-TOKEN=eyJpdiI6Im5tbE9qYkNFTENtaVNRaVQ2bzdaa3c9PSIsInZhbHVlIjoiSk9GOWltcUJWWUMvUmxPampPdUZWK2pOY3IveHM1M0JSVjVxRVpJR2p6TVBwejIxaXBwcmNqZ0k0SUZ1cUY4bUNHNjVnQ1VtZXhYUi92aS9lZEFOYjBHOUtTZGRxK2tsRVZaWDVmTzhLQW1wSTdOL0V6VnNIcUtPSDdKWkhpRWEiLCJtYWMiOiJlMjNkNGIyY2UyYTljZTdlYzY5MDhmMGE1OTViMzUzYTE5NGJlMDYyYjM4ZWZjZmI4NjRhNDhjOGM2MjMzMWU5IiwidGFnIjoiIn0%3D; expires=Sat, 07 Jun 2025 13:53:26 GMT; Max-Age=5400; path=/; secure; samesite=none; partitioned
voe_session=eyJpdiI6IlREN0VTTVF0K00vYTBCL3BLUm1RL3c9PSIsInZhbHVlIjoiQ01TTW9xUXl3RnFVejJ2YUg0VzlRckNVbGFNRktGcTB5MWRHbStsQnN3YXZLSUJqMGdLb2NucHkrWU5SWUp5RktuT013SlBhc3F2RlI2QUUyY2IrWG10MFdnVUdCN1R6am1CRm1GMXhKMDRGUUpjNXRCaEUwK0NwMUhUVUdyWnUiLCJtYWMiOiJiZjYxOGZmYzgyMmNlOGNiYzMyZmY5OTdmMDQ3MmRlNDMyNWM1ZDUzMWY5Zjg1NGI3OTA2NjQwYzc3Nzk3YmNmIiwidGFnIjoiIn0%3D; expires=Sat, 07 Jun 2025 13:53:26 GMT; Max-Age=5400; path=/; secure; httponly; samesite=none; partitioned
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 07 Jun 2025 12:23:26 GMT
content-type: image/jpeg; charset=UTF-8
content-length: 185851
cache-control: max-age=2592000
expires: Mon, 07 Jul 2025 12:23:26 GMT
last-modified: Sun, 11 Jun 2023 21:32:30 GMT
etag: "64863d6e-2d5fb"
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: cache-control, content-range, accept, origin, session-id, content-disposition, x-requested-with, content-type, content-description, referer, user-agent
x-cache-status: MISS
age: 0
ddg-cache-status: MISS
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700

142.250.74.10

200 OK

27 kB

URL GET
fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700
IP
142.250.74.10:443
ASN
#15169 GOOGLE

Requested by
https://jilliandescribecompany.com/6offsm0hajmi
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint1C:09:46:89:AD:F3:B6:3E:B4:89:F7:49:AC:15:E7:4E:A6:D2:AA:73
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT

File type
ASCII text, with very long lines (1572)
Size
27 kB (26935 bytes)
Hash
c1dfd96443eb2be2a1f91f6adb6f9dbb
34fcc9ca9febd9112aeeb81b053d0d2bb6ab4b9c
59e10836dc5089dc4aa2f54b882ceb39184f2970d915a5de1a594d502876143a

HTTP Headers

GET /css2?family=Roboto:wght@100;300;400;500;700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 07 Jun 2025 12:23:30 GMT
date: Sat, 07 Jun 2025 12:23:30 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

jilliandescribecompany.com/favicon-16x16.png

186.2.163.111

200 OK

533 B

URL GET
jilliandescribecompany.com/favicon-16x16.png
IP
186.2.163.111:443
ASN
#59692 IQWeb FZ-LLC

Requested by
https://jilliandescribecompany.com/6offsm0hajmi
Certificate
IssuerLet's Encrypt
Subjectjilliandescribecompany.com
Fingerprint25:F2:38:0F:80:47:9F:BC:F7:07:25:C6:88:D6:EE:DB:5E:59:9B:83
ValidityThu, 05 Jun 2025 08:50:30 GMT - Wed, 03 Sep 2025 08:50:29 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
533 B (533 bytes)
Hash
4a1c219d978909f413ca1b9a39f7523d
08859f796b01690ee81a13e4bcc0976f16c473ca
dc91f3be29e28fa5aa027f4c3165a5df794424e66c1627b90a204482b470f0be

HTTP Headers

GET /favicon-16x16.png HTTP/1.1
Host: jilliandescribecompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/6offsm0hajmi
Cookie: __ddg8_=7nFeHnzmTbxcoyhj; __ddg10_=1749299005; __ddg9_=91.90.42.154; __ddg1_=NrEyeRs5tAmHN93A5YjO; XSRF-TOKEN=eyJpdiI6ImJ3c016ekV2dS9ZUytibnlDSmRGRHc9PSIsInZhbHVlIjoicTdMbURxbGFIU3lWclhEem13YnFmMlE0UVdqOEJYTVl6RlE4Kytxc2FMWkUvU3kvN3FDUW5CSTVJQlk3dVJNZVhTZURaY0ZjcnpDM1N0eDFCczhWcjBWcVhHQ3BEcy9GVUdtaHBoNG91Rmp6K2YrcVpLSHZpclM0VFRCTnE3ODMiLCJtYWMiOiI3NWI5ZTY5YWNiZDg3ZTA1MDQ3NGJhODExNTQ2MTc4NmU0ODFiOTc1ZmYzNDhiZmYxODg2YjBhZWQ5MzhkNTNhIiwidGFnIjoiIn0%3D; voe_session=eyJpdiI6IkJuZ21vWEhSNUhyOTJzSjQxU2FWUlE9PSIsInZhbHVlIjoieEJ1dDkybkpUK1cwcEZndlVtakgvSDIzM3VQK01vSmhJRENUdUl1WXJ4WDFvSVBoeXJLbWpQTHBVb0RGSnlUa243RVZpems3SS9veTVITExHR3NWL1NKQ3JIZFdUdGFNOVBDVDIvdlRNZ0trNzVFcGV5WXFDM3RxdEVPU3I5VFIiLCJtYWMiOiIxMGQxNGM2MzZiODQwMDY3Yjg5ZTYxYjY3YmUxZDVhNjdmMmRhMmE1M2YzMjA3YTA0MjcwMGRjZjkwNDY2ZjUyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg8_=gncodKSvLYcV0J1m; Domain=.jilliandescribecompany.com; Path=/; Expires=Sat, 07-Jun-2025 12:43:25 GMT
__ddg10_=1749299005; Domain=.jilliandescribecompany.com; Path=/; Expires=Sat, 07-Jun-2025 12:43:25 GMT
__ddg9_=91.90.42.154; Domain=.jilliandescribecompany.com; Path=/; Expires=Sat, 07-Jun-2025 12:43:25 GMT
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 24 May 2025 01:10:11 GMT
content-type: image/png
content-length: 533
last-modified: Mon, 14 Aug 2023 01:22:26 GMT
etag: "64d981d2-215"
expires: Mon, 23 Jun 2025 01:10:11 GMT
cache-control: max-age=2592000
accept-ranges: bytes
age: 1249995
ddg-cache-status: HIT
X-Firefox-Spdy: h2

fleraprt.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=bdb3872b-1f0e-40df-bfe7-8e965c304b03

139.45.195.252

200 OK

0 B

URL POST
fleraprt.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=bdb3872b-1f0e-40df-bfe7-8e965c304b03
IP
139.45.195.252:443
ASN
#9002 RETN Limited

Requested by
https://jilliandescribecompany.com/6offsm0hajmi
Certificate
IssuerSectigo Limited
Subjectfleraprt.com
Fingerprint23:5D:23:03:7B:8D:47:5A:E9:9C:E7:E0:5C:7E:E6:4F:A2:DC:B6:D0
ValidityWed, 11 Dec 2024 00:00:00 GMT - Sun, 11 Jan 2026 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=bdb3872b-1f0e-40df-bfe7-8e965c304b03 HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 450
Origin: https://jilliandescribecompany.com
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.5
Date: Sat, 07 Jun 2025 12:23:28 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://jilliandescribecompany.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

bobapsoabauns.com/www/images/545b04f9bce5a70f9754bb099df3f0e9.png

172.67.166.60

200 OK

82 kB

URL GET
bobapsoabauns.com/www/images/545b04f9bce5a70f9754bb099df3f0e9.png
IP
172.67.166.60:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jilliandescribecompany.com/6offsm0hajmi
Certificate
IssuerGoogle Trust Services
Subjectbobapsoabauns.com
Fingerprint8C:C2:83:27:EF:DF:2F:25:DF:58:17:A2:0F:5F:E7:86:EA:92:7F:D9
ValidityWed, 21 May 2025 20:50:33 GMT - Tue, 19 Aug 2025 21:47:54 GMT

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
Size
82 kB (81979 bytes)
Hash
545b04f9bce5a70f9754bb099df3f0e9
ae727e3526409cc6a2ff8be3f9ef15ec804d390c
cc6720855ee907afb29b0f8ab90c8e412016e7976515d6577d5cf61dd913be0b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /www/images/545b04f9bce5a70f9754bb099df3f0e9.png HTTP/1.1
Host: bobapsoabauns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 07 Jun 2025 12:23:30 GMT
content-type: image/png
content-length: 81979
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Uad57Zj9VlDRQ8Ul8TU2D2ipZOlVysii6B6TBx6mEmx9kNc1EysIs4ug7KX4Dlp2wUUpB7nAgHOIa5%2FVl3xWUDsDAMD2MZZm7P0jKjWYFb7IbQFZMk47rt6Ub%2B4VnqtvJETg5g%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 04 Mar 2025 18:50:37 GMT
etag: "67c74b7d-1403b"
expires: Sun, 08 Jun 2025 06:21:46 GMT
cache-control: max-age=86400
timing-allow-origin: *
accept-ranges: bytes
age: 21704
cf-cache-status: HIT
cf-ray: 94c01effec1c56ba-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6552&min_rtt=3025&rtt_var=5674&sent=20&recv=18&lost=0&retrans=0&sent_bytes=4197&recv_bytes=1714&delivery_rate=571823&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=12000&unsent_bytes=0&cid=bf54afd2611e4d41&ts=2577&inflight_dur=29&x=80"

fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMaxKUBGEe.woff2

142.250.74.35

200 OK

20 kB

URL GET
fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMaxKUBGEe.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://jilliandescribecompany.com/6offsm0hajmi
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint41:FF:72:9C:74:6F:D4:D1:3B:A8:03:EB:55:D2:D2:09:7E:7A:44:DC
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT

File type
Web Open Font Format (Version 2), TrueType, length 20408, version 1.0
Size
20 kB (20408 bytes)
Hash
e8730678d4610fa908d3cba1ef0b4ddf
1efcbee909ce74bf04878d74867f12a1e41ae7a4
e921785496ed2d98c2257c88a6f838afa6acbee05cb8467048501bfe2a301461

HTTP Headers

GET /s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMaxKUBGEe.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://jilliandescribecompany.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20408
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 06 Jun 2025 01:38:31 GMT
expires: Sat, 06 Jun 2026 01:38:31 GMT
cache-control: public, max-age=31536000
age: 125099
last-modified: Thu, 29 May 2025 23:49:47 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/figtree/v8/_Xms-HUzqDCFdgfMm4S9DQ.woff2

142.250.74.35

200 OK

20 kB

URL GET
fonts.gstatic.com/s/figtree/v8/_Xms-HUzqDCFdgfMm4S9DQ.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://jilliandescribecompany.com/6offsm0hajmi
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint41:FF:72:9C:74:6F:D4:D1:3B:A8:03:EB:55:D2:D2:09:7E:7A:44:DC
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT

File type
Web Open Font Format (Version 2), TrueType, length 20156, version 1.0
Size
20 kB (20156 bytes)
Hash
202cfb54d4e66d1702404ade49339ceb
57fd1acf8d9651d9c38c0d4af7b78bc399be0652
4ba7d3d096695818fe0686be4f1e82c6b05134e18a22260336130335027462dd

HTTP Headers

GET /s/figtree/v8/_Xms-HUzqDCFdgfMm4S9DQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://jilliandescribecompany.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20156
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 05 Jun 2025 13:12:10 GMT
expires: Fri, 05 Jun 2026 13:12:10 GMT
cache-control: public, max-age=31536000
age: 169875
last-modified: Mon, 12 May 2025 21:45:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.pncloudfl.com/pn/159/4e9/574/1594e95742a74b4d78cb97059ff18a3f1cdbc0cb.png

104.22.59.221

200 OK

48 kB

URL GET
cdn.pncloudfl.com/pn/159/4e9/574/1594e95742a74b4d78cb97059ff18a3f1cdbc0cb.png
IP
104.22.59.221:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jilliandescribecompany.com/6offsm0hajmi
Certificate
IssuerGoogle Trust Services
Subjectcdn.pncloudfl.com
Fingerprint1E:93:48:12:E8:A9:45:F0:1E:17:CE:34:F8:01:5D:4A:4B:DC:11:0D
ValidityFri, 18 Apr 2025 00:12:06 GMT - Thu, 17 Jul 2025 01:12:05 GMT

File type
RIFF (little-endian) data, Web/P image
Size
48 kB (47672 bytes)
Hash
63900872d4741b8272b98a1c98d7b322
12709fd6aaf8bbe0326041fe6580fc27b9ff530a
1b4ece5871412faabf0dcfa2ad53fdde34aae1a4218ba4074d4c3626424f8ba3

HTTP Headers

GET /pn/159/4e9/574/1594e95742a74b4d78cb97059ff18a3f1cdbc0cb.png HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Jun 2025 12:23:28 GMT
content-type: image/webp
content-length: 47672
cf-ray: 94c01ef04828b4f1-OSL
cache-control: max-age=432000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=74321
content-disposition: inline; filename="1594e95742a74b4d78cb97059ff18a3f1cdbc0cb.webp"
vary: Accept
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
etag: e7242897f9459085037ffcbcd74c060f
expires: Mon, 09 Jun 2025 00:48:47 GMT
last-modified: Mon, 23 Dec 2019 09:01:22 GMT
x-cdn-host-id: ds7445,ds5833
x-openstack-request-id: tx66dbb085bba94334a9ff4-0066ec1e16
x-proxy-cache: HIT
x-timestamp: 1577091681.42646
x-trans-id: tx66dbb085bba94334a9ff4-0066ec1e16
cf-cache-status: HIT
age: 41681
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

campfirecroutondecorator.com/chicken.gif?z=2060451&pb=50e04bc26c786450b9fe6f48244a14551749306207&pbc=Z3VGyfie3FlfS0Ro&pbu=6m7qvckwLX9fS0Ro&psp=8DLdoTCNYDfwEV_fAuNwz43C_tRAyVtbGOzsDZM2w54wnOt7G7Sx2fNVKZ9cD615mLMS1eKmkGm0fwWWpRVnnkT93uMQa85GTNzT6NzA1v6NVsIO9GSjG4vGqEI-eZhhcHVvIjaIMiWp-ssujD7mel_guk6vc_Aup3HGm_hvGl1nSntqYRWHy4TVT5HdTsfECa56pNE8tfY-n80qMjhLeKmxmlQBjAXZeZRFzLPO_jKtnHP5ubGMExTucnKXzxGGOWvmXj8t9mDstiwQnfDbWRiVOcux8N2KpEwlwoNE9Dqc_IyuIi0dyHnW_7_19sCwWy31akfroj6ZmrZr082KQ0lDtdjPjOaNqG5fVGKL28Gj-jrywFe2QG6L1fFkeaT-NqjTM4nBTKKl_WNnF0N5-D87WAB-1xs8pdahx87dLYE0O48xoEF8ttk5iOECz-dWwtMc1BS1ZJhEruNp4EyvykYQRoyA3v-dXxfhZbNtdTd5RMln5WkHnHThzDjNB1Resgt9D1n_RwNuQ4CYv8OXufxjh3UP6ldm_rz8tBymvO28LE6--PvlgJ4Qb2deH3-2VzCO5Yui1sabm8TSZu8_jLvf1TWHdDw0PDJE_KuG9uGn7EvgBJfBfhKIWopzJOfUFuMIvOiEXNWKCnNOxHW3CtQbr_3dAUVRXlGoNs9Is3nRylKINw_fn8NREcUgMnW-Ncrj_bFqYqkUz_UJSJzqXEDv9Q4PewiRZ0322P--OEC86LUkOW4mw22qIcnKeVMBd3TOkOTGP6OwYeRY-VS1AsoG_ZMF4XNCyJJ4Fk8oQnPApkPkZdnMCu8McfxEkqRI47ptHc1whml1gI-BVFvmvJd3HE2HSy-3GbnneVHiuLs2WBIold0k-_Udom0RQtZgd0T1Sb4bYCLDqqGY_noC5T5zbXQBCbzFWEYCw59661B_kczt3bRLyDUQcttCaptcJDh_dQ_ryP6aotdUSpAwx5GqAegIRMTwU-4NAP2cOfKz61IRKbRxY0CruT8h0w9JZG5ad33jIQwrGU6mkD_ZWabj4lE1J6Fo9P8RwLnxVPl79Fc-i_j2oM-V1_FY6hUCXqg_9WyAKzL9PpCbobYMt6CRNuAR4fB_A9oWAoqXeNU0QF5Fi4JABj4WRyOSGsxzu2V_eInZF4IqXgi4WELik_C8ePl4xFqAyBGIKHtE08ufKHcXU1ZLFGazb62WJdkz-WfHLZ0KRk9hyTNqX8lz3TpLJSIbF6ZsRbC-Y5-J1AvXNVotPBCFmWJukmFonIcfYii1xX-w3bIx-cph0gh-gezZn_9Fuz-4RWdDg44A_tttxSqCzRRzGVmyJrBM2OHF9qtgf6ASBF6WQNfAXql5aCSdLfFihlc6bk49ZXH2VUCDL0VPOYjoo9ta1STK37SUuvGT7X1B5ZcM_25Qd1uXhgtQjTXFAiLYXwb54bSJ5AlYTFVWjnhQ5RUcaUKtHewhkeJ79ZRIrkSeW0iEkSIxVv31UtqDUT8C0Ms7_Aw1K1uKY2GObYq3T9duMi9vggsapnRP_8d5mUJG1CwzA4-7h98HQEXIrdgattCJ7iWD6sTI4_sRYHm75YaJuZ89Bm_WY5uA3t-KkdDKuVFiaX9Ive3SyYLXKt_KQ4WwnYJTYNSMOqES4fAVW9-pS8NEe_1jWEiAKqr5e9q93V5U_OH8LbZglejo5BidUOcxzMO-Qy07MSPRZ-dcBvRl-hkxTgdZarRBM-2JWuM0AraG2x_scxfeHSinGnskU95JpBSBWbo8xbv2FV_JUv4xjj8UhQXvlnk_oxxptwl9MAJB7TWIzobZhYiSFJptk7CNLKzvkn3T1w6LMB0Eulq0XPJ1n_KJKYXuNHUyPfT5g7hBejBqP9-hwWYZPGr3NduuLG_cQB5Tr8ZW2f-WJu6bRp3S5izuCUyQdft6imbMa7fWgXft4ephNVSnKebP70YAzLCZvtf6SL45m10YoHj1zHZDQWM2EwJBguQqG_X0VREnHI1zY12zQCGXEh22QiH-rwRIEqC915XuCmcAMvO_h72ENbCu3IuMhfh1l9HGvkUwbbYZuqSOpXlF1v4r80upopz6FQIuO_d9qIo02Prf-jiakRA8d4FluP6QMHRNSoeTtyfzQrWlXYnr60q9ZKe7fT5b3MrsiUox9Rea2hu3vOOAss1hn-mIf4xtyGoQGex52qzf7NrbV-Y-_1bbhD0jWF9iRW37WiuMZglELhLENm9c0Ji71M3N4mIyUtvRsz4pGatkK-2hxt7bk58XXNUoSCeq4uS9SbYH1wON0I-tIGmqbmqRq4EnYAdGA5m3xtvIUWHVqKdoMuu6-Lbh6QQYaFtQQ_xkpMTSJfMVJq0ZGUf9i1aLKEI_-nXLkcTezDdcE8KT6r70vjsQPATeHqsId0bb77jW19kj2srIeKfUzg2TD2E8EfGyVSdCfNxEV7ucj5C7uQCnVczlm1ERqtDc272wpbkElAz6xEyP&freq=0&nojs=0&abvar=0&febuild=1.0.552-st&t=0&wcks=1&wgl=1&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=7Iobn9vsTVb6W0AujpXWVsPCTpVIbFIUEQtsql-&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&vcv=Mesa&vcn=llvmpipe&psr=Etf8v7OaHR0cHM6Ly9rZWxseXdoYXRjb3VsZC5jb20v&ix=0&x=1280&y=1024&md=0&psu=aSnlImOaHR0cHM6Ly9qaWxsaWFuZGVzY3JpYmVjb21wYW55LmNvbS82b2Zmc20waGFqbWk&afid=4055291733842432&eclog=0&seu=GMiNDE0aHR0cHM6Ly9rZWxseXdoYXRjb3VsZC5jb20v&snc=0&ssc=4&tp=0&vp=8&dto=2&im=1&noch=1&de=0&cs=2

94.242.247.33

200 OK

43 B

URL GET
campfirecroutondecorator.com/chicken.gif?z=2060451&pb=50e04bc26c786450b9fe6f48244a14551749306207&pbc=Z3VGyfie3FlfS0Ro&pbu=6m7qvckwLX9fS0Ro&psp=8DLdoTCNYDfwEV_fAuNwz43C_tRAyVtbGOzsDZM2w54wnOt7G7Sx2fNVKZ9cD615mLMS1eKmkGm0fwWWpRVnnkT93uMQa85GTNzT6NzA1v6NVsIO9GSjG4vGqEI-eZhhcHVvIjaIMiWp-ssujD7mel_guk6vc_Aup3HGm_hvGl1nSntqYRWHy4TVT5HdTsfECa56pNE8tfY-n80qMjhLeKmxmlQBjAXZeZRFzLPO_jKtnHP5ubGMExTucnKXzxGGOWvmXj8t9mDstiwQnfDbWRiVOcux8N2KpEwlwoNE9Dqc_IyuIi0dyHnW_7_19sCwWy31akfroj6ZmrZr082KQ0lDtdjPjOaNqG5fVGKL28Gj-jrywFe2QG6L1fFkeaT-NqjTM4nBTKKl_WNnF0N5-D87WAB-1xs8pdahx87dLYE0O48xoEF8ttk5iOECz-dWwtMc1BS1ZJhEruNp4EyvykYQRoyA3v-dXxfhZbNtdTd5RMln5WkHnHThzDjNB1Resgt9D1n_RwNuQ4CYv8OXufxjh3UP6ldm_rz8tBymvO28LE6--PvlgJ4Qb2deH3-2VzCO5Yui1sabm8TSZu8_jLvf1TWHdDw0PDJE_KuG9uGn7EvgBJfBfhKIWopzJOfUFuMIvOiEXNWKCnNOxHW3CtQbr_3dAUVRXlGoNs9Is3nRylKINw_fn8NREcUgMnW-Ncrj_bFqYqkUz_UJSJzqXEDv9Q4PewiRZ0322P--OEC86LUkOW4mw22qIcnKeVMBd3TOkOTGP6OwYeRY-VS1AsoG_ZMF4XNCyJJ4Fk8oQnPApkPkZdnMCu8McfxEkqRI47ptHc1whml1gI-BVFvmvJd3HE2HSy-3GbnneVHiuLs2WBIold0k-_Udom0RQtZgd0T1Sb4bYCLDqqGY_noC5T5zbXQBCbzFWEYCw59661B_kczt3bRLyDUQcttCaptcJDh_dQ_ryP6aotdUSpAwx5GqAegIRMTwU-4NAP2cOfKz61IRKbRxY0CruT8h0w9JZG5ad33jIQwrGU6mkD_ZWabj4lE1J6Fo9P8RwLnxVPl79Fc-i_j2oM-V1_FY6hUCXqg_9WyAKzL9PpCbobYMt6CRNuAR4fB_A9oWAoqXeNU0QF5Fi4JABj4WRyOSGsxzu2V_eInZF4IqXgi4WELik_C8ePl4xFqAyBGIKHtE08ufKHcXU1ZLFGazb62WJdkz-WfHLZ0KRk9hyTNqX8lz3TpLJSIbF6ZsRbC-Y5-J1AvXNVotPBCFmWJukmFonIcfYii1xX-w3bIx-cph0gh-gezZn_9Fuz-4RWdDg44A_tttxSqCzRRzGVmyJrBM2OHF9qtgf6ASBF6WQNfAXql5aCSdLfFihlc6bk49ZXH2VUCDL0VPOYjoo9ta1STK37SUuvGT7X1B5ZcM_25Qd1uXhgtQjTXFAiLYXwb54bSJ5AlYTFVWjnhQ5RUcaUKtHewhkeJ79ZRIrkSeW0iEkSIxVv31UtqDUT8C0Ms7_Aw1K1uKY2GObYq3T9duMi9vggsapnRP_8d5mUJG1CwzA4-7h98HQEXIrdgattCJ7iWD6sTI4_sRYHm75YaJuZ89Bm_WY5uA3t-KkdDKuVFiaX9Ive3SyYLXKt_KQ4WwnYJTYNSMOqES4fAVW9-pS8NEe_1jWEiAKqr5e9q93V5U_OH8LbZglejo5BidUOcxzMO-Qy07MSPRZ-dcBvRl-hkxTgdZarRBM-2JWuM0AraG2x_scxfeHSinGnskU95JpBSBWbo8xbv2FV_JUv4xjj8UhQXvlnk_oxxptwl9MAJB7TWIzobZhYiSFJptk7CNLKzvkn3T1w6LMB0Eulq0XPJ1n_KJKYXuNHUyPfT5g7hBejBqP9-hwWYZPGr3NduuLG_cQB5Tr8ZW2f-WJu6bRp3S5izuCUyQdft6imbMa7fWgXft4ephNVSnKebP70YAzLCZvtf6SL45m10YoHj1zHZDQWM2EwJBguQqG_X0VREnHI1zY12zQCGXEh22QiH-rwRIEqC915XuCmcAMvO_h72ENbCu3IuMhfh1l9HGvkUwbbYZuqSOpXlF1v4r80upopz6FQIuO_d9qIo02Prf-jiakRA8d4FluP6QMHRNSoeTtyfzQrWlXYnr60q9ZKe7fT5b3MrsiUox9Rea2hu3vOOAss1hn-mIf4xtyGoQGex52qzf7NrbV-Y-_1bbhD0jWF9iRW37WiuMZglELhLENm9c0Ji71M3N4mIyUtvRsz4pGatkK-2hxt7bk58XXNUoSCeq4uS9SbYH1wON0I-tIGmqbmqRq4EnYAdGA5m3xtvIUWHVqKdoMuu6-Lbh6QQYaFtQQ_xkpMTSJfMVJq0ZGUf9i1aLKEI_-nXLkcTezDdcE8KT6r70vjsQPATeHqsId0bb77jW19kj2srIeKfUzg2TD2E8EfGyVSdCfNxEV7ucj5C7uQCnVczlm1ERqtDc272wpbkElAz6xEyP&freq=0&nojs=0&abvar=0&febuild=1.0.552-st&t=0&wcks=1&wgl=1&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=7Iobn9vsTVb6W0AujpXWVsPCTpVIbFIUEQtsql-&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&vcv=Mesa&vcn=llvmpipe&psr=Etf8v7OaHR0cHM6Ly9rZWxseXdoYXRjb3VsZC5jb20v&ix=0&x=1280&y=1024&md=0&psu=aSnlImOaHR0cHM6Ly9qaWxsaWFuZGVzY3JpYmVjb21wYW55LmNvbS82b2Zmc20waGFqbWk&afid=4055291733842432&eclog=0&seu=GMiNDE0aHR0cHM6Ly9rZWxseXdoYXRjb3VsZC5jb20v&snc=0&ssc=4&tp=0&vp=8&dto=2&im=1&noch=1&de=0&cs=2
IP
94.242.247.33:443
ASN
#7979 SERVERS-COM

Requested by
https://jilliandescribecompany.com/6offsm0hajmi
Certificate
IssuerGoogle Trust Services
Subjectcampfirecroutondecorator.com
FingerprintD5:5B:6F:15:16:6F:A4:82:8E:F3:8D:F5:C6:17:C0:7C:F1:98:47:FB
ValidityMon, 26 May 2025 15:13:37 GMT - Sun, 24 Aug 2025 15:13:36 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

HTTP Headers

GET /chicken.gif?z=2060451&pb=50e04bc26c786450b9fe6f48244a14551749306207&pbc=Z3VGyfie3FlfS0Ro&pbu=6m7qvckwLX9fS0Ro&psp=8DLdoTCNYDfwEV_fAuNwz43C_tRAyVtbGOzsDZM2w54wnOt7G7Sx2fNVKZ9cD615mLMS1eKmkGm0fwWWpRVnnkT93uMQa85GTNzT6NzA1v6NVsIO9GSjG4vGqEI-eZhhcHVvIjaIMiWp-ssujD7mel_guk6vc_Aup3HGm_hvGl1nSntqYRWHy4TVT5HdTsfECa56pNE8tfY-n80qMjhLeKmxmlQBjAXZeZRFzLPO_jKtnHP5ubGMExTucnKXzxGGOWvmXj8t9mDstiwQnfDbWRiVOcux8N2KpEwlwoNE9Dqc_IyuIi0dyHnW_7_19sCwWy31akfroj6ZmrZr082KQ0lDtdjPjOaNqG5fVGKL28Gj-jrywFe2QG6L1fFkeaT-NqjTM4nBTKKl_WNnF0N5-D87WAB-1xs8pdahx87dLYE0O48xoEF8ttk5iOECz-dWwtMc1BS1ZJhEruNp4EyvykYQRoyA3v-dXxfhZbNtdTd5RMln5WkHnHThzDjNB1Resgt9D1n_RwNuQ4CYv8OXufxjh3UP6ldm_rz8tBymvO28LE6--PvlgJ4Qb2deH3-2VzCO5Yui1sabm8TSZu8_jLvf1TWHdDw0PDJE_KuG9uGn7EvgBJfBfhKIWopzJOfUFuMIvOiEXNWKCnNOxHW3CtQbr_3dAUVRXlGoNs9Is3nRylKINw_fn8NREcUgMnW-Ncrj_bFqYqkUz_UJSJzqXEDv9Q4PewiRZ0322P--OEC86LUkOW4mw22qIcnKeVMBd3TOkOTGP6OwYeRY-VS1AsoG_ZMF4XNCyJJ4Fk8oQnPApkPkZdnMCu8McfxEkqRI47ptHc1whml1gI-BVFvmvJd3HE2HSy-3GbnneVHiuLs2WBIold0k-_Udom0RQtZgd0T1Sb4bYCLDqqGY_noC5T5zbXQBCbzFWEYCw59661B_kczt3bRLyDUQcttCaptcJDh_dQ_ryP6aotdUSpAwx5GqAegIRMTwU-4NAP2cOfKz61IRKbRxY0CruT8h0w9JZG5ad33jIQwrGU6mkD_ZWabj4lE1J6Fo9P8RwLnxVPl79Fc-i_j2oM-V1_FY6hUCXqg_9WyAKzL9PpCbobYMt6CRNuAR4fB_A9oWAoqXeNU0QF5Fi4JABj4WRyOSGsxzu2V_eInZF4IqXgi4WELik_C8ePl4xFqAyBGIKHtE08ufKHcXU1ZLFGazb62WJdkz-WfHLZ0KRk9hyTNqX8lz3TpLJSIbF6ZsRbC-Y5-J1AvXNVotPBCFmWJukmFonIcfYii1xX-w3bIx-cph0gh-gezZn_9Fuz-4RWdDg44A_tttxSqCzRRzGVmyJrBM2OHF9qtgf6ASBF6WQNfAXql5aCSdLfFihlc6bk49ZXH2VUCDL0VPOYjoo9ta1STK37SUuvGT7X1B5ZcM_25Qd1uXhgtQjTXFAiLYXwb54bSJ5AlYTFVWjnhQ5RUcaUKtHewhkeJ79ZRIrkSeW0iEkSIxVv31UtqDUT8C0Ms7_Aw1K1uKY2GObYq3T9duMi9vggsapnRP_8d5mUJG1CwzA4-7h98HQEXIrdgattCJ7iWD6sTI4_sRYHm75YaJuZ89Bm_WY5uA3t-KkdDKuVFiaX9Ive3SyYLXKt_KQ4WwnYJTYNSMOqES4fAVW9-pS8NEe_1jWEiAKqr5e9q93V5U_OH8LbZglejo5BidUOcxzMO-Qy07MSPRZ-dcBvRl-hkxTgdZarRBM-2JWuM0AraG2x_scxfeHSinGnskU95JpBSBWbo8xbv2FV_JUv4xjj8UhQXvlnk_oxxptwl9MAJB7TWIzobZhYiSFJptk7CNLKzvkn3T1w6LMB0Eulq0XPJ1n_KJKYXuNHUyPfT5g7hBejBqP9-hwWYZPGr3NduuLG_cQB5Tr8ZW2f-WJu6bRp3S5izuCUyQdft6imbMa7fWgXft4ephNVSnKebP70YAzLCZvtf6SL45m10YoHj1zHZDQWM2EwJBguQqG_X0VREnHI1zY12zQCGXEh22QiH-rwRIEqC915XuCmcAMvO_h72ENbCu3IuMhfh1l9HGvkUwbbYZuqSOpXlF1v4r80upopz6FQIuO_d9qIo02Prf-jiakRA8d4FluP6QMHRNSoeTtyfzQrWlXYnr60q9ZKe7fT5b3MrsiUox9Rea2hu3vOOAss1hn-mIf4xtyGoQGex52qzf7NrbV-Y-_1bbhD0jWF9iRW37WiuMZglELhLENm9c0Ji71M3N4mIyUtvRsz4pGatkK-2hxt7bk58XXNUoSCeq4uS9SbYH1wON0I-tIGmqbmqRq4EnYAdGA5m3xtvIUWHVqKdoMuu6-Lbh6QQYaFtQQ_xkpMTSJfMVJq0ZGUf9i1aLKEI_-nXLkcTezDdcE8KT6r70vjsQPATeHqsId0bb77jW19kj2srIeKfUzg2TD2E8EfGyVSdCfNxEV7ucj5C7uQCnVczlm1ERqtDc272wpbkElAz6xEyP&freq=0&nojs=0&abvar=0&febuild=1.0.552-st&t=0&wcks=1&wgl=1&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=7Iobn9vsTVb6W0AujpXWVsPCTpVIbFIUEQtsql-&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&vcv=Mesa&vcn=llvmpipe&psr=Etf8v7OaHR0cHM6Ly9rZWxseXdoYXRjb3VsZC5jb20v&ix=0&x=1280&y=1024&md=0&psu=aSnlImOaHR0cHM6Ly9qaWxsaWFuZGVzY3JpYmVjb21wYW55LmNvbS82b2Zmc20waGFqbWk&afid=4055291733842432&eclog=0&seu=GMiNDE0aHR0cHM6Ly9rZWxseXdoYXRjb3VsZC5jb20v&snc=0&ssc=4&tp=0&vp=8&dto=2&im=1&noch=1&de=0&cs=2 HTTP/1.1
Host: campfirecroutondecorator.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: cart=1; cart_p=2; CHCK=1; UID=25060707230cff2bb216594574b5de026f04
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 07 Jun 2025 12:23:30 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: BCAI=ABSSFwAAAAAAAAAB; Path=/; Expires=Sun, 08 Jun 2025 12:23:30 GMT; Secure; SameSite=None
BMI=AB8WTwAAAAAAAAAB; Path=/; Expires=Sun, 08 Jun 2025 12:23:30 GMT; Secure; SameSite=None
BCRI=wUMr%2BAAAAAAAAAAB; Path=/; Expires=Sun, 08 Jun 2025 12:23:30 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

jilliandescribecompany.com/jwplayer/8.36.6/jwplayer.js

186.2.163.111

200 OK

154 kB

URL GET
jilliandescribecompany.com/jwplayer/8.36.6/jwplayer.js
IP
186.2.163.111:443
ASN
#59692 IQWeb FZ-LLC

Requested by
https://jilliandescribecompany.com/6offsm0hajmi
Certificate
IssuerLet's Encrypt
Subjectjilliandescribecompany.com
Fingerprint25:F2:38:0F:80:47:9F:BC:F7:07:25:C6:88:D6:EE:DB:5E:59:9B:83
ValidityThu, 05 Jun 2025 08:50:30 GMT - Wed, 03 Sep 2025 08:50:29 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Size
154 kB (153815 bytes)
Hash
d06133f0e579d584066b7c5813c1f1a3
ca12bf94e6045100716b4ae059af2dee719dedd2
4e557ea7304bbb798328b1d5a74462393ea879a0288e513a371708bba3932bc4

HTTP Headers

GET /jwplayer/8.36.6/jwplayer.js HTTP/1.1
Host: jilliandescribecompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/6offsm0hajmi
Cookie: __ddg8_=eSmPZSA7nVkmyxak; __ddg10_=1749299003; __ddg9_=91.90.42.154; __ddg1_=NrEyeRs5tAmHN93A5YjO; XSRF-TOKEN=eyJpdiI6ImJ3c016ekV2dS9ZUytibnlDSmRGRHc9PSIsInZhbHVlIjoicTdMbURxbGFIU3lWclhEem13YnFmMlE0UVdqOEJYTVl6RlE4Kytxc2FMWkUvU3kvN3FDUW5CSTVJQlk3dVJNZVhTZURaY0ZjcnpDM1N0eDFCczhWcjBWcVhHQ3BEcy9GVUdtaHBoNG91Rmp6K2YrcVpLSHZpclM0VFRCTnE3ODMiLCJtYWMiOiI3NWI5ZTY5YWNiZDg3ZTA1MDQ3NGJhODExNTQ2MTc4NmU0ODFiOTc1ZmYzNDhiZmYxODg2YjBhZWQ5MzhkNTNhIiwidGFnIjoiIn0%3D; voe_session=eyJpdiI6IkJuZ21vWEhSNUhyOTJzSjQxU2FWUlE9PSIsInZhbHVlIjoieEJ1dDkybkpUK1cwcEZndlVtakgvSDIzM3VQK01vSmhJRENUdUl1WXJ4WDFvSVBoeXJLbWpQTHBVb0RGSnlUa243RVZpems3SS9veTVITExHR3NWL1NKQ3JIZFdUdGFNOVBDVDIvdlRNZ0trNzVFcGV5WXFDM3RxdEVPU3I5VFIiLCJtYWMiOiIxMGQxNGM2MzZiODQwMDY3Yjg5ZTYxYjY3YmUxZDVhNjdmMmRhMmE1M2YzMjA3YTA0MjcwMGRjZjkwNDY2ZjUyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg8_=rNOYjcVCqBtE3mkQ; Domain=.jilliandescribecompany.com; Path=/; Expires=Sat, 07-Jun-2025 12:43:24 GMT
__ddg10_=1749299004; Domain=.jilliandescribecompany.com; Path=/; Expires=Sat, 07-Jun-2025 12:43:24 GMT
__ddg9_=91.90.42.154; Domain=.jilliandescribecompany.com; Path=/; Expires=Sat, 07-Jun-2025 12:43:24 GMT
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Thu, 05 Jun 2025 13:28:09 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 09 Apr 2025 13:29:04 GMT
etag: W/"67f67620-258d7"
expires: Sat, 05 Jul 2025 13:28:09 GMT
cache-control: max-age=2592000
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
age: 168915
content-length: 52409
ddg-cache-status: HIT
X-Firefox-Spdy: h2

imasdk.googleapis.com/js/sdkloader/ima3.js

142.250.178.106

200 OK

460 kB

URL GET
imasdk.googleapis.com/js/sdkloader/ima3.js
IP
142.250.178.106:443
ASN
#15169 GOOGLE

Requested by
https://jilliandescribecompany.com/6offsm0hajmi
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint1C:09:46:89:AD:F3:B6:3E:B4:89:F7:49:AC:15:E7:4E:A6:D2:AA:73
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT

File type
JavaScript source, ASCII text, with very long lines (3524)
Size
460 kB (460228 bytes)
Hash
b40bf14ceae265c93e939d220d3c3629
c041db8a73261f1839eb33baa70c4ad430d5a9b1
d4aff76801d40ce68f3981abf460db629da8da65cfa8afb56df9075b4d9ccb1d

HTTP Headers

GET /js/sdkloader/ima3.js HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 07 Jun 2025 12:23:24 GMT
expires: Sat, 07 Jun 2025 12:23:24 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 11146608360623790201
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 145224
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

jilliandescribecompany.com/s/images/logos/voe-logo-2.svg

186.2.163.111

200 OK

403 B

URL GET
jilliandescribecompany.com/s/images/logos/voe-logo-2.svg
IP
186.2.163.111:443
ASN
#59692 IQWeb FZ-LLC

Requested by
https://jilliandescribecompany.com/6offsm0hajmi
Certificate
IssuerLet's Encrypt
Subjectjilliandescribecompany.com
Fingerprint25:F2:38:0F:80:47:9F:BC:F7:07:25:C6:88:D6:EE:DB:5E:59:9B:83
ValidityThu, 05 Jun 2025 08:50:30 GMT - Wed, 03 Sep 2025 08:50:29 GMT

File type
SVG Scalable Vector Graphics image
Size
403 B (403 bytes)
Hash
a638d0dfa6feb7ce4b90e7c91c5b0df4
7a0a86f47b51781f48bb9f232f05193936490027
38b49bc67e053e96441e62f8423a9ed0e907ef768a0ffbba4370128760f814dc

HTTP Headers

GET /s/images/logos/voe-logo-2.svg HTTP/1.1
Host: jilliandescribecompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/6offsm0hajmi
Cookie: __ddg8_=YLbdKa24BVXCsCm8; __ddg10_=1749299005; __ddg9_=91.90.42.154; __ddg1_=NrEyeRs5tAmHN93A5YjO; XSRF-TOKEN=eyJpdiI6ImJ3c016ekV2dS9ZUytibnlDSmRGRHc9PSIsInZhbHVlIjoicTdMbURxbGFIU3lWclhEem13YnFmMlE0UVdqOEJYTVl6RlE4Kytxc2FMWkUvU3kvN3FDUW5CSTVJQlk3dVJNZVhTZURaY0ZjcnpDM1N0eDFCczhWcjBWcVhHQ3BEcy9GVUdtaHBoNG91Rmp6K2YrcVpLSHZpclM0VFRCTnE3ODMiLCJtYWMiOiI3NWI5ZTY5YWNiZDg3ZTA1MDQ3NGJhODExNTQ2MTc4NmU0ODFiOTc1ZmYzNDhiZmYxODg2YjBhZWQ5MzhkNTNhIiwidGFnIjoiIn0%3D; voe_session=eyJpdiI6IkJuZ21vWEhSNUhyOTJzSjQxU2FWUlE9PSIsInZhbHVlIjoieEJ1dDkybkpUK1cwcEZndlVtakgvSDIzM3VQK01vSmhJRENUdUl1WXJ4WDFvSVBoeXJLbWpQTHBVb0RGSnlUa243RVZpems3SS9veTVITExHR3NWL1NKQ3JIZFdUdGFNOVBDVDIvdlRNZ0trNzVFcGV5WXFDM3RxdEVPU3I5VFIiLCJtYWMiOiIxMGQxNGM2MzZiODQwMDY3Yjg5ZTYxYjY3YmUxZDVhNjdmMmRhMmE1M2YzMjA3YTA0MjcwMGRjZjkwNDY2ZjUyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg8_=tElevPhmS8jmjRNf; Domain=.jilliandescribecompany.com; Path=/; Expires=Sat, 07-Jun-2025 12:43:25 GMT
__ddg10_=1749299005; Domain=.jilliandescribecompany.com; Path=/; Expires=Sat, 07-Jun-2025 12:43:25 GMT
__ddg9_=91.90.42.154; Domain=.jilliandescribecompany.com; Path=/; Expires=Sat, 07-Jun-2025 12:43:25 GMT
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 24 May 2025 01:08:50 GMT
content-type: image/svg+xml
last-modified: Mon, 05 May 2025 16:07:51 GMT
etag: W/"6818e257-193"
expires: Mon, 23 Jun 2025 01:08:50 GMT
cache-control: max-age=2592000
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
age: 1250075
content-length: 221
ddg-cache-status: HIT
X-Firefox-Spdy: h2

kellywhatcould.com/6offsm0hajmi

186.2.163.224

200 OK

759 B

URL User Request GET
kellywhatcould.com/6offsm0hajmi
IP
186.2.163.224:443
ASN
#59692 IQWeb FZ-LLC

Certificate
IssuerLet's Encrypt
Subjectkellywhatcould.com
FingerprintE3:FD:62:B7:C1:BC:94:46:5E:2E:C8:97:A4:EE:04:4B:1A:CC:3A:3D
ValidityThu, 05 Jun 2025 08:44:16 GMT - Wed, 03 Sep 2025 08:44:15 GMT

File type
HTML document, ASCII text
Size
759 B (759 bytes)
Hash
a6c77d982e47585263040b318146b801
b97cba4c3f4ea63ba7d9ca61aa2890d5a9a5d4b8
fe99218d233e84780d88e52276f8dc47763bc5b6545e376882de29ea8b6c7cb6

HTTP Headers

GET /6offsm0hajmi HTTP/1.1
Host: kellywhatcould.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg8_=Xg2EWLmUgkenlSt6; Domain=.kellywhatcould.com; Path=/; Expires=Sat, 07-Jun-2025 12:43:23 GMT
__ddg10_=1749299003; Domain=.kellywhatcould.com; Path=/; Expires=Sat, 07-Jun-2025 12:43:23 GMT
__ddg9_=91.90.42.154; Domain=.kellywhatcould.com; Path=/; Expires=Sat, 07-Jun-2025 12:43:23 GMT
__ddg1_=c7hjUtsJk4IXHlOiI248; Domain=.kellywhatcould.com; HttpOnly; Path=/; Expires=Sun, 07-Jun-2026 12:23:23 GMT
XSRF-TOKEN=eyJpdiI6ImFzd3NaVTdxZ1oyZERSWVVmaFZUZGc9PSIsInZhbHVlIjoiM2hmcWk2RGlxVEU5cVo4UEd4YW0yank1bDhMVGNVZithQkwxcGtENXF0Qi9yZVYzVXViSU40VGxPdHlWS21oaWhMY2x1MklOTmM0dCtLZXdMZndsVnZWcXlVWlVlQnppbzVyb2F6SmZnc0NDTVN3Qmh6bFhsODJObHV0UnRMV2QiLCJtYWMiOiIxZDI5ODY2MzExZjZhZGM5NDc4YzJjZTgzMjE4MzI3OTI1NzkwNzRmMTEwMjFkMjhjYWJkZDcxYzkzYTI1YmYyIiwidGFnIjoiIn0%3D; expires=Sat, 07 Jun 2025 13:53:23 GMT; Max-Age=5400; path=/; secure; samesite=none; partitioned
voe_session=eyJpdiI6IlM1QzdGb0t2QUZuTTdiSXk5UUpwRVE9PSIsInZhbHVlIjoiTkMzZW1hZkZVSG1hVDFKQldwSVBiVTVZMSs5RjNjR2FLZTRyK1lJTU5hekNLbkpmQUVSM0R2WVJsRVA5TWVMa3pscXlyWFdvMzN2VjFUQW1wYVM0SVVsQWYzdFo3SzI0YjcvR2xndkE4MUd1c1BsRHcwWHJISFN5NUhaZUpCb3QiLCJtYWMiOiI0MzRjZTlkMjcxMmI0NDM3MGQ1OTYxNDIwYzAwZDYyMjE1OTQ1YTBkMGFmYzVlODYzMGJkOGVlYTUwZGNmNDUxIiwidGFnIjoiIn0%3D; expires=Sat, 07 Jun 2025 13:53:23 GMT; Max-Age=5400; path=/; secure; httponly; samesite=none; partitioned
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
date: Sat, 07 Jun 2025 12:23:23 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.gstatic.com/s/figtree/v8/_Xms-HUzqDCFdgfMm4S9DQ.woff2

142.250.74.35

200 OK

20 kB

URL GET
fonts.gstatic.com/s/figtree/v8/_Xms-HUzqDCFdgfMm4S9DQ.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://jilliandescribecompany.com/6offsm0hajmi
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint41:FF:72:9C:74:6F:D4:D1:3B:A8:03:EB:55:D2:D2:09:7E:7A:44:DC
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT

File type
Web Open Font Format (Version 2), TrueType, length 20156, version 1.0
Size
20 kB (20156 bytes)
Hash
202cfb54d4e66d1702404ade49339ceb
57fd1acf8d9651d9c38c0d4af7b78bc399be0652
4ba7d3d096695818fe0686be4f1e82c6b05134e18a22260336130335027462dd

HTTP Headers

GET /s/figtree/v8/_Xms-HUzqDCFdgfMm4S9DQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://jilliandescribecompany.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20156
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 05 Jun 2025 13:12:10 GMT
expires: Fri, 05 Jun 2026 13:12:10 GMT
cache-control: public, max-age=31536000
age: 169875
last-modified: Mon, 12 May 2025 21:45:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (25)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML