Report - watchsb.com/d/ywdgyxbq2ln1.html

Report Overview

Submitted URL
watchsb.com/d/ywdgyxbq2ln1.html
IP
172.64.142.8
ASN
#13335 CLOUDFLARENET
Submitted
2023-05-27 06:50:31
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
12

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
stealingattentions.com	unknown	2023-01-24	2023-01-24	2023-05-23	439 B	514 B	192.243.59.13
poshhateful.com	unknown	2022-04-19	2022-04-26	2023-05-24	402 B	327 B	192.243.61.227
addresseepaper.com	18169	2021-11-01	2021-11-01	2023-05-26	798 B	0 B	0.0.0.0
code.jquery.com	634	2005-12-10	2012-05-21	2023-05-26	407 B	31 kB	69.16.175.42
lv.chajagibbous.com	unknown	2023-03-30	2023-04-07	2023-05-26	409 B	1.5 kB	172.255.6.87
simplewebanalysis.com	unknown	2022-02-15	2022-02-25	2023-05-26	424 B	418 B	52.28.229.86
dearestimmortality.com	unknown	2022-04-04	2022-04-04	2023-05-23	466 B	514 B	192.243.61.227
unseenreport.com	unknown	2022-03-30	2022-03-30	2023-05-26	1.5 kB	846 B	192.243.61.227
ocsp.sectigo.com	487	2018-08-16	2019-11-29	2023-05-26	330 B	964 B	104.18.14.101
www.googletagmanager.com	75	2011-11-11	2013-05-22	2023-05-26	873 B	129 kB	142.250.74.40
watchsb.com	159133	2021-11-12	2016-11-07	2023-05-27	4.1 kB	357 kB	172.64.142.8
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2023-05-26	440 B	24 kB	185.244.209.62
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2023-05-26	1.0 kB	17 kB	142.250.74.35
residenceseeingstanding.com	unknown	2022-04-07	2022-04-07	2023-05-21	888 B	1.0 kB	173.233.137.44
ocsp.pki.goog	175	2016-06-13	2018-07-01	2023-05-26	1.3 kB	2.8 kB	142.250.74.131
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2023-05-26	456 B	1.6 kB	142.250.74.106
ocsp.r2m01.amazontrust.com	unknown	2007-05-11	2022-10-12	2023-05-26	340 B	944 B	54.230.80.227
akamai-content-images.com	unknown	2023-02-08	2023-02-09	2023-05-23	452 B	48 kB	172.67.151.242

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator
2023-05-27	medium	stealingattentions.com
2023-05-27	medium	poshhateful.com
2023-05-27	medium	unseenreport.com
2023-05-27	medium	unseenreport.com
2023-05-26	medium	addresseepaper.com
2023-05-26	medium	addresseepaper.com

ThreatFox

No alerts detected

JavaScript (13)

	URL	Size	First Seen	Last Seen
	watchsb.com/d/ywdgyxbq2ln1.html	165 B	2023-03-13	2023-07-30
Pretty URL watchsb.com/d/ywdgyxbq2ln1.html IP 172.64.142.8 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 15:45:18 Last Seen2023-07-30 21:21:52 Times Seen38 Hash 2d46af3bd8e8f59cb55c770241e51337 a310eb14eea3df340fe3e8cf8e6f9fa6bdba0f2a df493e9f0c9c8eeb5ac15f9c00bf2a8d1e022f1b2b886d14cf36e006927ad295 Loading...

	watchsb.com/d/ywdgyxbq2ln1.html	451 B	2023-03-13	2023-07-30
Pretty URL watchsb.com/d/ywdgyxbq2ln1.html IP 172.64.142.8 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 15:45:18 Last Seen2023-07-30 21:21:52 Times Seen38 Hash 5571a4a105eb216afe05cad570c4c12f 8ee05ea3861c9fff214826b179b81c79f0e35f07 692d681904c4a7c547f95228467bc53d7ee72a60f06d71b440aff4d3122ffce3 Loading...

	www.googletagmanager.com/gtag/js?id=UA-166622646-1	124 kB	2023-05-26	2023-05-27
Pretty URL www.googletagmanager.com/gtag/js?id=UA-166622646-1 IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-26 20:18:08 Last Seen2023-05-27 08:50:32 Times Seen3 Hash ad90ff6682b9985fb136e8e4a5f7dd25 cfcfbc13aeb0100339a862b931ef00671ce19b7c a8b212cdafc529dd113d27096a8a390e3816ff1f3817d5cbd66da41c66e2778e Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-04-20
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-04-20 02:44:12 Times Seen340514 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	www.googletagmanager.com/gtag/js?id=G-LKBMYHCW0K&l=dataLayer&cx=c	227 kB	2023-05-27	2023-05-27
Pretty URL www.googletagmanager.com/gtag/js?id=G-LKBMYHCW0K&l=dataLayer&cx=c IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-27 08:50:32 Last Seen2023-05-27 08:50:32 Times Seen2 Hash 15820146e7c4d98d57660dcc1f6fbcd6 88d3c0e70aeb33536a55fdef24a8760e4473d3f6 087326e5808191211d4d280d2079340eefc0658ef70ed1a752122cbb3ab4d50e Loading...

	lv.chajagibbous.com/tfkihe8cvk1/62124	5 B	2023-03-07	2024-04-19
Pretty URL lv.chajagibbous.com/tfkihe8cvk1/62124 IP 172.255.6.87 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:39 Last Seen2024-04-19 19:19:39 Times Seen6269 Hash f7a2939527fd9e68723da600e96d76bd a9e717b6364d2895ee0a716050db32ca0ef1bb42 d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a Loading...

	watchsb.com/d/sandbox%20eval%20code	147 B	2023-04-11	2024-04-20
Pretty URL watchsb.com/d/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-04-20 02:44:11 Times Seen341009 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	poshhateful.com/advertisers.js	0 B	2023-03-07	2024-04-20
Pretty URL poshhateful.com/advertisers.js IP 192.243.61.227 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-20 02:57:11 Times Seen36969314 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	code.jquery.com/jquery-3.2.1.min.js	87 kB	2023-03-07	2024-04-20
Pretty URL code.jquery.com/jquery-3.2.1.min.js IP 69.16.175.42 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-20 02:38:42 Times Seen61221 Hash c9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Loading...

	cdn.jsdelivr.net/npm/bootstrap@5.2.0/dist/js/bootstrap.bundle.min.js	80 kB	2023-03-07	2024-04-19
Pretty URL cdn.jsdelivr.net/npm/bootstrap@5.2.0/dist/js/bootstrap.bundle.min.js IP 185.244.209.62 ASN #58286 Electric-IT Business S.R.L. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:27:55 Last Seen2024-04-19 12:56:25 Times Seen1042 Hash 2faceb2d3db75ced808545e78fab94ed c663baa051856b64d746629a961e23bbf0fbaf8c c0c09020adb6f602b16d48374166b9e38ca92383a81650b6a9097c43cc43f31f Loading...

	watchsb.com/d5/js/app.js	549 B	2023-03-13	2024-03-04
Pretty URL watchsb.com/d5/js/app.js IP 172.64.142.8 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:39:10 Last Seen2024-03-04 05:05:26 Times Seen86 Hash 95e2fca94307522214cb73cea3a5e1f8 664a9a76f97cb1303d3a432f5fa2b37cf621b130 ea11f278064785e8271e271ce49946dc7e843218e326320a0900cb818e140dfd Loading...

	watchsb.com/d5/js/xupload.js?v19	11 kB	2023-03-13	2023-07-30
Pretty URL watchsb.com/d5/js/xupload.js?v19 IP 172.64.142.8 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:39:09 Last Seen2023-07-30 21:21:52 Times Seen82 Hash b26c24ab42be4af95502187fc56777ea 6bf6096fa207a37b7490a7c2d4466cf2f6ff320c 7279cf2f96083442b5d7f7ceb3fb88a4dc8940deeb8eab24d4af95e885f43d4c Loading...

	watchsb.com/js/mainpc.js	69 kB	2023-04-05	2023-07-30
Pretty URL watchsb.com/js/mainpc.js IP 172.64.142.8 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 23:24:56 Last Seen2023-07-30 21:21:52 Times Seen17 Hash 1804703ff7ebe7298a2afa5591a2004a 4b3c4b5c85c3f4fd8b1d26d532f010063111fbd7 e60c2de7d7e9e71e6a35cdc7e1c76a653148192595dc4afb32e28e18d6995ccb Loading...

HTTP Transactions (33)

URL IP Response Size

code.jquery.com/jquery-3.2.1.min.js

69.16.175.42

200 OK

30 kB

URL GET HTTP/2
code.jquery.com/jquery-3.2.1.min.js
IP
69.16.175.42:443
ASN
#20446 STACKPATH-CDN

Requested by
https://watchsb.com/d/ywdgyxbq2ln1.html
Certificate
IssuerSectigo Limited
Subject*.jquery.com
Fingerprint64:50:4C:BB:DF:F3:1D:70:CC:5D:9E:B7:BE:80:91:84:03:C1:D1:83
ValidityWed, 03 Aug 2022 00:00:00 GMT - Fri, 14 Jul 2023 23:59:59 GMT

File type
ASCII text, with very long lines (32058)
Size
30 kB (30125 bytes)
Hash
c9f5aeeca3ad37bf2aa006139b935f0a
1055018c28ab41087ef9ccefe411606893dabea2
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

HTTP Headers

GET /jquery-3.2.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://watchsb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 27 May 2023 06:50:12 GMT
content-encoding: gzip
content-length: 30125
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15283"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1685170212.dop069.sk1.t,1685170212.cds259.sk1.hn,1685170212.cds222.sk1.c
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8fdba15b1e036bbb416fbd6c272e5543
20193b9d3ced059164358e60bad68a0ea1bc87b9
1d3d0b81779aae77441b81abe782f4a37a1b88fd2863360de0865784279a7438

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 27 May 2023 06:50:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b9a762a1e577f4b078f4ad3de865303f
87d0f23fd6fc8378d53f72301c4444b362e4f3c9
44773657e91b7a1facdbc5538fea70b8dea0e1cdc850f4ee3eaee0d84bb02088

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 27 May 2023 06:50:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sectigo.com/

104.18.14.101

472 B

URL
ocsp.sectigo.com/
IP
104.18.14.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
bf8f95e0f8c40faff26f20e0bb2863c2
2d54a28ac7f441cdf8f88e248118f0321d8652fe
46adbc4e1122bb4f9219f0483c197dd6155036d212b4799185bd29d30e5c545b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 27 May 2023 06:50:12 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 26 May 2023 11:49:57 GMT
Expires: Fri, 02 Jun 2023 11:49:56 GMT
Etag: "2d54a28ac7f441cdf8f88e248118f0321d8652fe"
Cache-Control: max-age=536062,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7cdc5285cefb1c0e-OSL

www.googletagmanager.com/gtag/js?id=UA-166622646-1

142.250.74.40

200 OK

48 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-166622646-1
IP
142.250.74.40:443
ASN
#15169 GOOGLE

Requested by
https://watchsb.com/d/ywdgyxbq2ln1.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintEB:A2:AF:B3:20:F1:B1:77:23:0B:85:D2:B1:16:33:A7:97:49:EE:51
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT

File type
ASCII text, with very long lines (2271)
Size
48 kB (47847 bytes)
Hash
ad90ff6682b9985fb136e8e4a5f7dd25
cfcfbc13aeb0100339a862b931ef00671ce19b7c
a8b212cdafc529dd113d27096a8a390e3816ff1f3817d5cbd66da41c66e2778e

HTTP Headers

GET /gtag/js?id=UA-166622646-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://watchsb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 27 May 2023 06:50:12 GMT
expires: Sat, 27 May 2023 06:50:12 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 47847
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Poppins:wght@400;500;700&display=swap

142.250.74.106

200 OK

992 B

URL GET HTTP/2
fonts.googleapis.com/css2?family=Poppins:wght@400;500;700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://watchsb.com/d/ywdgyxbq2ln1.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:AC:74:E6:97:66:CD:D0:F1:EA:0D:01:37:89:65:2E:98:22:84:6C
ValidityMon, 08 May 2023 08:24:50 GMT - Mon, 31 Jul 2023 08:24:49 GMT

File type
gzip compressed data, max compression\012- data
Size
992 B (992 bytes)
Hash
fd7947cf3b15682827d8915b65d3782e
35f405d5f09a53712561f73368d3657358fda391
fe99976164d3d93e38d4652842984a5378e7d204050bb1d7c98cd2c8b0574cc3

HTTP Headers

GET /css2?family=Poppins:wght@400;500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://watchsb.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 27 May 2023 06:50:12 GMT
date: Sat, 27 May 2023 06:50:12 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

watchsb.com/d5/js/xupload.js?v19

172.64.142.8

200 OK

4.1 kB

URL GET HTTP/3
watchsb.com/d5/js/xupload.js?v19
IP
172.64.142.8:443
ASN
#13335 CLOUDFLARENET

Requested by
https://watchsb.com/d/ywdgyxbq2ln1.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintBF:69:A6:E9:1C:04:97:E1:BA:3B:A6:73:C7:76:32:5C:69:66:CF:EA
ValidityWed, 01 Mar 2023 00:00:00 GMT - Wed, 28 Feb 2024 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
4.1 kB (4123 bytes)
Hash
b26c24ab42be4af95502187fc56777ea
6bf6096fa207a37b7490a7c2d4466cf2f6ff320c
7279cf2f96083442b5d7f7ceb3fb88a4dc8940deeb8eab24d4af95e885f43d4c

HTTP Headers

GET /d5/js/xupload.js?v19 HTTP/1.1
Host: watchsb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://watchsb.com/d/ywdgyxbq2ln1.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 27 May 2023 06:50:12 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 19 Jan 2023 14:47:06 GMT
etag: W/"2958-5f29f01c04eea"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 1647
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LQeKYXwOGFoXBViNzqelF2h0moN18iH%2Fg2w9yQ8GsgIzOrL3uQt25y0o2iJQ9LuzXVwRoHq9uXCT70%2Fbvem3U4TFaBv%2FvNT1RSNMDhURMgzAYkFdgSL5xZKzAlf64w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cdc52859b19416b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400

cdn.jsdelivr.net/npm/bootstrap@5.2.0/dist/js/bootstrap.bundle.min.js

185.244.209.62

200 OK

23 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/bootstrap@5.2.0/dist/js/bootstrap.bundle.min.js
IP
185.244.209.62:443
ASN
#58286 Electric-IT Business S.R.L.

Requested by
https://watchsb.com/d/ywdgyxbq2ln1.html
Certificate
IssuerSectigo Limited
Subjectcdn.jsdelivr.net
Fingerprint95:B3:FD:0C:F5:9E:0C:6C:F5:81:AB:DD:5D:6D:67:BF:FF:4A:FD:CC
ValiditySat, 01 Oct 2022 00:00:00 GMT - Fri, 20 Oct 2023 23:59:59 GMT

File type
ASCII text, with very long lines (65299)
Size
23 kB (22600 bytes)
Hash
2faceb2d3db75ced808545e78fab94ed
c663baa051856b64d746629a961e23bbf0fbaf8c
c0c09020adb6f602b16d48374166b9e38ca92383a81650b6a9097c43cc43f31f

HTTP Headers

GET /npm/bootstrap@5.2.0/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://watchsb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 27 May 2023 06:50:12 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 5.2.0
x-jsd-version-type: version
etag: W/"137ae-xmO6oFGFa2TXRmKalh4ju/D7r4w"
age: 8097218
x-served-by: cache-fra-eddf8230139-FRA, cache-ams21076-AMS
x-cache: HIT, HIT
vary: Accept-Encoding, Accept-Encoding
content-encoding: br
cache: HIT, HIT
x-cached-since: 2023-05-27T01:34:28+00:00, 2023-05-27T01:37:05+00:00
x-id: am3-up-gc89, osix-up-gc4
x-nginx: nginx-be, nginx-be
X-Firefox-Spdy: h2

lv.chajagibbous.com/tfkihe8cvk1/62124

172.255.6.87

200 OK

25 B

URL GET HTTP/1.1
lv.chajagibbous.com/tfkihe8cvk1/62124
IP
172.255.6.87:443
ASN
#7979 SERVERS-COM

Requested by
https://watchsb.com/d/ywdgyxbq2ln1.html
Certificate
IssuerLet's Encrypt
Subjectlv.chajagibbous.com
FingerprintE0:CF:48:9A:D3:37:90:5B:E1:B2:B5:5F:41:DB:1B:3D:9A:99:C2:1A
ValidityThu, 30 Mar 2023 11:00:26 GMT - Wed, 28 Jun 2023 11:00:25 GMT

File type
ASCII text, with no line terminators
Size
25 B (25 bytes)
Hash
f7a2939527fd9e68723da600e96d76bd
a9e717b6364d2895ee0a716050db32ca0ef1bb42
d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a

HTTP Headers

GET /tfkihe8cvk1/62124 HTTP/1.1
Host: lv.chajagibbous.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://watchsb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 27 May 2023 06:50:12 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://watchsb.com
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jU1Sg0AQhSH8RQ1oV3EAj8AQMcnSTVbegZphGhwD06lmQuLtHa3S3fteffVeEASr8hHCJY0husgGnl8aXe97Ve31tsZq34vda9UoIbp6u1PycIA7M7dOqhFdDOt5kuxat8SwGdAim67tSGMOT976a06WrjaGRLG0Oodk8saYQ6aYrjNyGUFs5YSQHQ1jTzdvyE9iiIQQPhvrc1jBiuYyKu4heTf2cis2aVAUaQAP51G6nnhqjfaYDCw1QvgG6046HIi%2FINM4nxydAWjU7b%2F%2Fe5qMP2uQalxM55HcB%2FI3ouZOdQ%3D%3D; expires=Sun, 28-May-2023 06:50:12 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJw9i8sKwjAURGuUYNVWBvwAf8D6QBdu1aXUhbgOtd6WYM0tTXzUr%2FcFruYwc8bzPDEIIXSJ3nIaLSfRfBZNF3M0c2KIeIdeylfjqlqZ5EKQMVf3pIasKNdsAnR%2FoFI%2BETrxbnQwZ8N38x8%2BtwCtVLs6gP%2BJrxu20dS2RLgq9GO45%2BLq3raFb8gpWxKd4K%2BTY0HjzX6L8N9%2Bz7KBtraqrPhRv7nv9IWebEhxlllyUqBxk%2BIFsdRBIw%3D%3D; expires=Sun, 28-May-2023 06:50:12 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d4e2d954927aa1532ece1f3aad871a48
64080e5552252600638702178c90cd946984d117
7dc0934c025e5057e7011bc9b1d43c7dad69fd03c2398f15baab0385a96b230d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 27 May 2023 06:50:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d4e2d954927aa1532ece1f3aad871a48
64080e5552252600638702178c90cd946984d117
7dc0934c025e5057e7011bc9b1d43c7dad69fd03c2398f15baab0385a96b230d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 27 May 2023 06:50:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=G-LKBMYHCW0K&l=dataLayer&cx=c

142.250.74.40

200 OK

80 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-LKBMYHCW0K&l=dataLayer&cx=c
IP
142.250.74.40:443
ASN
#15169 GOOGLE

Requested by
https://watchsb.com/d/ywdgyxbq2ln1.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintEB:A2:AF:B3:20:F1:B1:77:23:0B:85:D2:B1:16:33:A7:97:49:EE:51
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT

File type
ASCII text, with very long lines (3288)
Size
80 kB (80074 bytes)
Hash
15820146e7c4d98d57660dcc1f6fbcd6
88d3c0e70aeb33536a55fdef24a8760e4473d3f6
087326e5808191211d4d280d2079340eefc0658ef70ed1a752122cbb3ab4d50e

HTTP Headers

GET /gtag/js?id=G-LKBMYHCW0K&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://watchsb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 27 May 2023 06:50:13 GMT
expires: Sat, 27 May 2023 06:50:13 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 80074
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

142.250.74.35

200 OK

7.9 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://watchsb.com/d/ywdgyxbq2ln1.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Size
7.9 kB (7884 bytes)
Hash
9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

HTTP Headers

GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://watchsb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 May 2023 00:16:36 GMT
expires: Thu, 23 May 2024 00:16:36 GMT
cache-control: public, max-age=31536000
age: 282817
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

142.250.74.35

200 OK

7.8 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://watchsb.com/d/ywdgyxbq2ln1.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Size
7.8 kB (7816 bytes)
Hash
25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

HTTP Headers

GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://watchsb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 20 May 2023 18:05:59 GMT
expires: Sun, 19 May 2024 18:05:59 GMT
cache-control: public, max-age=31536000
age: 564254
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

watchsb.com/d5/images/logo.svg

172.64.142.8

200 OK

1.6 kB

URL GET HTTP/3
watchsb.com/d5/images/logo.svg
IP
172.64.142.8:443
ASN
#13335 CLOUDFLARENET

Requested by
https://watchsb.com/d/ywdgyxbq2ln1.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintBF:69:A6:E9:1C:04:97:E1:BA:3B:A6:73:C7:76:32:5C:69:66:CF:EA
ValidityWed, 01 Mar 2023 00:00:00 GMT - Wed, 28 Feb 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3208), with no line terminators
Size
1.6 kB (1646 bytes)
Hash
b28a3593baedb571280c55145f22cafc
186c5672f734ee0e2d7a5ad60e3307f2b65ccff1
d579494645b1a83588fc9daf3e1e6146d1c642516cc5139da481a6c04f104730

HTTP Headers

GET /d5/images/logo.svg HTTP/1.1
Host: watchsb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://watchsb.com/d/ywdgyxbq2ln1.html
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 27 May 2023 06:50:12 GMT
content-type: image/svg+xml
last-modified: Wed, 04 Jan 2023 22:31:10 GMT
etag: W/"c88-5f177bdc38fee"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 2215
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hkzxTbMU8fM5rG3OxSTLdYESkpdMySbXBbB5Msv%2Be6ZjvpxVQno8Gf39xuUoBOYcqwobQI11n17c5gDmmccIYee9AEbC2UvYfsRa3BVdZF1Qt3Y0OLp2uxtKOZoKIA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cdc52859b30416b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400

ocsp.r2m01.amazontrust.com/

54.230.80.227

471 B

URL
ocsp.r2m01.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
eec4103d18616475614a1d0ffdb96446
011a3e5ed19ea889d5007262c3530cbb7e844c3a
b34424d1b43474acd2a57c6e679eeed982af7dfaebe11174a1b3ed68ac83c92c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=7200'
Date: Sat, 27 May 2023 06:50:13 GMT
Last-Modified: Sat, 27 May 2023 05:18:45 GMT
Server: ECAcc (bsa/EA8F)
X-Cache: Miss from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: l51tDBWiNYvVsg-0TzFuwkym-sIaipnnHuP3EsN2bNNHHl2ykpnvdA==
Age: 5488

simplewebanalysis.com/stats

52.28.229.86

200 OK

40 B

URL GET HTTP/2
simplewebanalysis.com/stats
IP
52.28.229.86:443
ASN
#16509 AMAZON-02

Requested by
https://watchsb.com/d/ywdgyxbq2ln1.html
Certificate
IssuerAmazon
Subjectsimplewebanalysis.com
FingerprintE5:9D:30:D3:0E:8A:EF:0D:43:46:4C:4C:53:AD:05:78:63:E9:04:07
ValidityThu, 02 Mar 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
016d24956160f553812fcd957f6eb22a
727d51c7db13183ee2aae639b50ef151ec4bef3a
e8ba1986045c72b38a1e3dcbb66b73d7ec7cdbfc66b67752da76034b7c8638b5

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://watchsb.com
DNT: 1
Connection: keep-alive
Referer: https://watchsb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 27 May 2023 06:50:13 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://watchsb.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=3d6e39e2-7172-4693-ae50-c4dc061c4978:2:1; expires=Tue, 24 May 2033 06:50:13 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

akamai-content-images.com/ywdgyxbq2ln1_xt.jpg

172.67.151.242

200 OK

47 kB

URL GET HTTP/2
akamai-content-images.com/ywdgyxbq2ln1_xt.jpg
IP
172.67.151.242:443
ASN
#13335 CLOUDFLARENET

Requested by
https://watchsb.com/d/ywdgyxbq2ln1.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.akamai-content-images.com
Fingerprint8F:70:4E:3D:1D:DD:42:66:70:F9:CD:78:08:53:62:C5:6A:83:31:B4
ValiditySat, 08 Apr 2023 19:17:44 GMT - Fri, 07 Jul 2023 19:17:43 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 875x368, components 3\012- data
Size
47 kB (46886 bytes)
Hash
b9da9e70a1fbb1047c684caa57058acb
80ec7eb3b0af9991e732b219368af5c337b77900
8b9075390ddcfb75f7dff3c3d315710efedd779f5d9919768fd20febeb6e42d7

HTTP Headers

GET /ywdgyxbq2ln1_xt.jpg HTTP/1.1
Host: akamai-content-images.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://watchsb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 27 May 2023 06:50:13 GMT
content-type: image/jpeg
content-length: 46886
last-modified: Wed, 07 Dec 2022 21:24:27 GMT
etag: "6391048b-b726"
expires: Sat, 10 Jun 2023 06:50:13 GMT
cache-control: max-age=1209600
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YI7Y9lFEPCFXSCUUGaedlsSAsib4Jscj0HwVn44UFMtP6xpF0K7LAFp4irm4QiOOcSHoMEhPxDAMIscIHL5g39zrpS0cIPmtVqCvoMrpQDR4BEtuGApsOpCcA9lBTsur7DbWh0IYa8r9twSr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cdc5285cb1ab51d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

stealingattentions.com/54/42/5b/54425b8e8ac39b56c91d1586d719761f.js

192.243.59.13

403 Forbidden

0 B

URL GET HTTP/1.1
stealingattentions.com/54/42/5b/54425b8e8ac39b56c91d1586d719761f.js
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://watchsb.com/d/ywdgyxbq2ln1.html
Certificate
IssuerLet's Encrypt
Subject*.stealingattentions.com
FingerprintF8:89:F2:D2:D0:7D:86:45:97:EC:68:CC:2B:10:18:D1:91:B9:AD:5F
ValidityThu, 25 May 2023 06:26:23 GMT - Wed, 23 Aug 2023 06:26:22 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /54/42/5b/54425b8e8ac39b56c91d1586d719761f.js HTTP/1.1
Host: stealingattentions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://watchsb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Server: nginx/1.19.5
Date: Sat, 27 May 2023 06:50:13 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA

watchsb.com/d5/images/favicon/apple-touch-icon.png

172.64.142.8

200 OK

5.4 kB

URL GET HTTP/3
watchsb.com/d5/images/favicon/apple-touch-icon.png
IP
172.64.142.8:443
ASN
#13335 CLOUDFLARENET

Requested by
https://watchsb.com/d/ywdgyxbq2ln1.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintBF:69:A6:E9:1C:04:97:E1:BA:3B:A6:73:C7:76:32:5C:69:66:CF:EA
ValidityWed, 01 Mar 2023 00:00:00 GMT - Wed, 28 Feb 2024 23:59:59 GMT

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size
5.4 kB (5387 bytes)
Hash
5bfb39ef98bec8bae2c31e7965d22e81
7d16a8c37b1c7ee649bc246ce66080efc235ef8c
ba31665ca1fb55172e56df3b0026d0a0ab8059eff90a3db365e4c744f287a90b

HTTP Headers

GET /d5/images/favicon/apple-touch-icon.png HTTP/1.1
Host: watchsb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://watchsb.com/d/ywdgyxbq2ln1.html
Cookie: lang=1; _ga_LKBMYHCW0K=GS1.1.1685170212.1.0.1685170213.0.0.0; _ga=GA1.1.1348996895.1685170213; dom3ic8zudi28v8lr6fgphwffqoz0j6c=3d6e39e2-7172-4693-ae50-c4dc061c4978%3A2%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 27 May 2023 06:50:13 GMT
content-type: image/png
content-length: 5387
last-modified: Wed, 04 Jan 2023 22:31:11 GMT
etag: "150b-5f177bdcf8291"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 6264
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iEs6AKXkZ1JdL2W5HeQOnlG0E4yIF%2BsbLr%2FMFzjx%2BKpniVXhj5h4oyo4EOsCT%2F6d%2BpWCEGZMmaOHRBxz5KNqqoOJaw9a348xwfBrXc5vC0L1ud4SHPNHDKaBRQLP8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cdc528aeb3c416b-LHR
alt-svc: h3=":443"; ma=86400

watchsb.com/d5/images/favicon/favicon-16x16.png

172.64.142.8

200 OK

563 B

URL GET HTTP/3
watchsb.com/d5/images/favicon/favicon-16x16.png
IP
172.64.142.8:443
ASN
#13335 CLOUDFLARENET

Requested by
https://watchsb.com/d/ywdgyxbq2ln1.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintBF:69:A6:E9:1C:04:97:E1:BA:3B:A6:73:C7:76:32:5C:69:66:CF:EA
ValidityWed, 01 Mar 2023 00:00:00 GMT - Wed, 28 Feb 2024 23:59:59 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
563 B (563 bytes)
Hash
d092fe8b946d9df897e64cfb88f1a785
79ec00cdd790753fcade7707b86c9ce64b4e13fc
ec998bf67f1de484cb106cf499731ed3b0339024cd0835fb3972960b462ef68c

HTTP Headers

GET /d5/images/favicon/favicon-16x16.png HTTP/1.1
Host: watchsb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://watchsb.com/d/ywdgyxbq2ln1.html
Cookie: lang=1; _ga_LKBMYHCW0K=GS1.1.1685170212.1.0.1685170213.0.0.0; _ga=GA1.1.1348996895.1685170213; dom3ic8zudi28v8lr6fgphwffqoz0j6c=3d6e39e2-7172-4693-ae50-c4dc061c4978%3A2%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 27 May 2023 06:50:13 GMT
content-type: image/png
content-length: 563
last-modified: Wed, 04 Jan 2023 22:31:11 GMT
etag: "233-5f177bdcf8679"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 1330
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4IQfWK%2BsmGFX087SzxjSFngolY%2BTJm07kRj%2BDOELDLhGbDGnmalXg%2FR%2F8D7BOf8GH65STQ5%2BXMMDik3k2ufsKxFN0IokGK7SFmc1Dzr1JdA6uAFWZjFoYCTG6ssLMA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cdc528aeb3f416b-LHR
alt-svc: h3=":443"; ma=86400

dearestimmortality.com/ac/96/89/ac9689ea4c0b75250967275b2219e87e.json

192.243.61.227

403 Forbidden

0 B

URL GET HTTP/1.1
dearestimmortality.com/ac/96/89/ac9689ea4c0b75250967275b2219e87e.json
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://watchsb.com/d/ywdgyxbq2ln1.html
Certificate
IssuerLet's Encrypt
Subject*.dearestimmortality.com
FingerprintA3:FD:91:01:F5:9D:58:61:B2:87:0E:E1:60:04:B2:2E:74:67:7C:57
ValidityFri, 31 Mar 2023 06:13:33 GMT - Thu, 29 Jun 2023 06:13:32 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ac/96/89/ac9689ea4c0b75250967275b2219e87e.json HTTP/1.1
Host: dearestimmortality.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://watchsb.com
DNT: 1
Connection: keep-alive
Referer: https://watchsb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Server: nginx/1.19.5
Date: Sat, 27 May 2023 06:50:14 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA

poshhateful.com/advertisers.js

192.243.61.227

200 OK

0 B

URL GET HTTP/1.1
poshhateful.com/advertisers.js
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://watchsb.com/d/ywdgyxbq2ln1.html
Certificate
IssuerLet's Encrypt
Subjectposhhateful.com
Fingerprint86:EA:FA:D7:E2:8F:7D:8C:A8:64:EE:3D:F1:60:9F:90:9E:8B:FF:D5
ValiditySun, 16 Apr 2023 07:05:46 GMT - Sat, 15 Jul 2023 07:05:45 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: poshhateful.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://watchsb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 27 May 2023 06:50:14 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f62007182723191c0b6a7af60d42da14
Strict-Transport-Security: max-age=0; includeSubdomains

unseenreport.com/pxf.gif?uuid=3d6e39e2-7172-4693-ae50-c4dc061c4978&eb=18b30c6599f2cc55a4e95ff938f1022d&te=baea64896a02d34b4567f77c6840ba09&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=12.2079&b_frame=0&pk=ac9689ea4c0b75250967275b2219e87e&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=6

192.243.61.227

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=3d6e39e2-7172-4693-ae50-c4dc061c4978&eb=18b30c6599f2cc55a4e95ff938f1022d&te=baea64896a02d34b4567f77c6840ba09&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=12.2079&b_frame=0&pk=ac9689ea4c0b75250967275b2219e87e&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=6
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://watchsb.com/d/ywdgyxbq2ln1.html
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint40:56:AA:CA:A6:92:50:E4:39:53:0A:50:8E:2A:1C:06:EC:49:B4:DD
ValidityFri, 26 May 2023 07:21:53 GMT - Thu, 24 Aug 2023 07:21:52 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=3d6e39e2-7172-4693-ae50-c4dc061c4978&eb=18b30c6599f2cc55a4e95ff938f1022d&te=baea64896a02d34b4567f77c6840ba09&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=12.2079&b_frame=0&pk=ac9689ea4c0b75250967275b2219e87e&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=6 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://watchsb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 27 May 2023 06:50:14 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9b27bc555d06cbc9b543c3902d2acaef
Strict-Transport-Security: max-age=0; includeSubdomains

residenceseeingstanding.com/a7/a4/a3/a7a4a3d358e01b43771ddd49cda3539d.js

173.233.137.44

403 Forbidden

0 B

URL GET HTTP/1.1
residenceseeingstanding.com/a7/a4/a3/a7a4a3d358e01b43771ddd49cda3539d.js
IP
173.233.137.44:443
ASN
#7979 SERVERS-COM

Requested by
https://watchsb.com/d/ywdgyxbq2ln1.html
Certificate
IssuerLet's Encrypt
Subject*.residenceseeingstanding.com
Fingerprint32:47:72:DE:FE:E0:AE:C7:05:C0:02:20:CC:8A:8E:0F:02:54:55:46
ValidityMon, 03 Apr 2023 06:35:15 GMT - Sun, 02 Jul 2023 06:35:14 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /a7/a4/a3/a7a4a3d358e01b43771ddd49cda3539d.js HTTP/1.1
Host: residenceseeingstanding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://watchsb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Server: nginx/1.19.5
Date: Sat, 27 May 2023 06:50:14 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA

residenceseeingstanding.com/a7/a4/a3/a7a4a3d358e01b43771ddd49cda3539d.js

173.233.137.44

403 Forbidden

0 B

URL GET HTTP/1.1
residenceseeingstanding.com/a7/a4/a3/a7a4a3d358e01b43771ddd49cda3539d.js
IP
173.233.137.44:443
ASN
#7979 SERVERS-COM

Requested by
https://watchsb.com/d/ywdgyxbq2ln1.html
Certificate
IssuerLet's Encrypt
Subject*.residenceseeingstanding.com
Fingerprint32:47:72:DE:FE:E0:AE:C7:05:C0:02:20:CC:8A:8E:0F:02:54:55:46
ValidityMon, 03 Apr 2023 06:35:15 GMT - Sun, 02 Jul 2023 06:35:14 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /a7/a4/a3/a7a4a3d358e01b43771ddd49cda3539d.js HTTP/1.1
Host: residenceseeingstanding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://watchsb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Server: nginx/1.19.5
Date: Sat, 27 May 2023 06:50:18 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA

192.243.61.227

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=3d6e39e2-7172-4693-ae50-c4dc061c4978&eb=18b30c6599f2cc55a4e95ff938f1022d&te=baea64896a02d34b4567f77c6840ba09&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=12.2079&b_frame=0&pk=ac9689ea4c0b75250967275b2219e87e&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=6
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://watchsb.com/d/ywdgyxbq2ln1.html
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint40:56:AA:CA:A6:92:50:E4:39:53:0A:50:8E:2A:1C:06:EC:49:B4:DD
ValidityFri, 26 May 2023 07:21:53 GMT - Thu, 24 Aug 2023 07:21:52 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=3d6e39e2-7172-4693-ae50-c4dc061c4978&eb=18b30c6599f2cc55a4e95ff938f1022d&te=baea64896a02d34b4567f77c6840ba09&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=12.2079&b_frame=0&pk=ac9689ea4c0b75250967275b2219e87e&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=6 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://watchsb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 27 May 2023 06:50:18 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 49e15a5ca2257c7be56c6dab68f38c30
Strict-Transport-Security: max-age=0; includeSubdomains

watchsb.com/d5/css/style.css?v=4

172.64.142.8

200 OK

256 kB

URL GET HTTP/3
watchsb.com/d5/css/style.css?v=4
IP
172.64.142.8:443
ASN
#13335 CLOUDFLARENET

Requested by
https://watchsb.com/d/ywdgyxbq2ln1.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintBF:69:A6:E9:1C:04:97:E1:BA:3B:A6:73:C7:76:32:5C:69:66:CF:EA
ValidityWed, 01 Mar 2023 00:00:00 GMT - Wed, 28 Feb 2024 23:59:59 GMT

File type
ASCII text, with very long lines (651)
Size
256 kB (256481 bytes)
Hash
fd5f3048af5612ac89285508b7981615
de96a2d741e87ee7516a5c3391ecc3bdc6f8afe2
b98360604d128a33b3650e02b1b1386a04fdefae0a0862841f95a24125011f48

HTTP Headers

GET /d5/css/style.css?v=4 HTTP/1.1
Host: watchsb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://watchsb.com/d/ywdgyxbq2ln1.html
Cookie: lang=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 27 May 2023 06:50:12 GMT
content-type: text/css
last-modified: Sun, 15 Jan 2023 21:44:14 GMT
etag: W/"3e9e1-5f2545e25f3cc"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 713
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ra8%2BpVmzqKl2obXJwQUwWM2i%2FYU9XI3IHphMx1mZOJgKWTHMzfZhvooNFNXjiJZPVm1dLdLHGhfeew24DqRR4ovCousIyQiQQpOpgy1YikrUUbA6OgG2KPLZJnnoVw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cdc52858b03416b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400

addresseepaper.com/sfp.js

0.0.0.0

0 B

URL GET
addresseepaper.com/sfp.js
IP
0.0.0.0:0
ASN
#0

Requested by
https://watchsb.com/d/ywdgyxbq2ln1.html

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://watchsb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

watchsb.com/d5/js/app.js

172.64.142.8

200 OK

549 B

URL GET HTTP/3
watchsb.com/d5/js/app.js
IP
172.64.142.8:443
ASN
#13335 CLOUDFLARENET

Requested by
https://watchsb.com/d/ywdgyxbq2ln1.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintBF:69:A6:E9:1C:04:97:E1:BA:3B:A6:73:C7:76:32:5C:69:66:CF:EA
ValidityWed, 01 Mar 2023 00:00:00 GMT - Wed, 28 Feb 2024 23:59:59 GMT

File type
ASCII text, with very long lines (580), with no line terminators
Size
549 B (549 bytes)
Hash
f07109fcc5fcb922256c304f022116f3
1c391e7569d31c69b1a0836038d1fac2c3b902d3
a7870d6dfdf66d18a1479618a51c433dd6d0e3d03c69db104b1ee09cefa90430

HTTP Headers

GET /d5/js/app.js HTTP/1.1
Host: watchsb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://watchsb.com/d/ywdgyxbq2ln1.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 27 May 2023 06:50:12 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 04 Jan 2023 22:31:12 GMT
etag: W/"225-5f177bdd83cf9"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 1647
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f0q2q%2FM6wUzJu6ropMrAlpU9m1s67zGiDi%2Fs0pcSHtRL%2BPSgGj5bJ8bWnk2DtfPDvIHutdzeJL98G3LkGoiT7c3T2OTcEaNdxHHRmCRP1f%2BW%2B8d%2Fe8uT3XNsMUOUAA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cdc52859b16416b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400

addresseepaper.com/sfp.js

0.0.0.0

0 B

URL GET
addresseepaper.com/sfp.js
IP
0.0.0.0:0
ASN
#0

Requested by
https://watchsb.com/d/ywdgyxbq2ln1.html

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://watchsb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

watchsb.com/d/ywdgyxbq2ln1.html

172.64.142.8

200 OK

13 kB

URL User Request GET HTTP/2
watchsb.com/d/ywdgyxbq2ln1.html
IP
172.64.142.8:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintBF:69:A6:E9:1C:04:97:E1:BA:3B:A6:73:C7:76:32:5C:69:66:CF:EA
ValidityWed, 01 Mar 2023 00:00:00 GMT - Wed, 28 Feb 2024 23:59:59 GMT

File type

Size
13 kB (13116 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /d/ywdgyxbq2ln1.html HTTP/1.1
Host: watchsb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 27 May 2023 06:50:12 GMT
content-type: text/html; charset=UTF-8
expires: Fri, 26 May 2023 06:50:12 GMT
set-cookie: lang=1; domain=.watchsb.com; path=/; HttpOnly
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iYxudMN23ClmSht9yEhv%2FaWKkk99COoeib5ryB5POvTEQfjj8TpB%2BRucPvKt3bXRmZ1MF2L7lzP%2FN%2FnEeha%2F%2FTQmx%2Fv97F1MSAyjEuI2HH0YRnC3mRYK5z4PglzbNw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cdc52827a28418f-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

watchsb.com/js/mainpc.js

172.64.142.8

200 OK

69 kB

URL GET HTTP/3
watchsb.com/js/mainpc.js
IP
172.64.142.8:443
ASN
#13335 CLOUDFLARENET

Requested by
https://watchsb.com/d/ywdgyxbq2ln1.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintBF:69:A6:E9:1C:04:97:E1:BA:3B:A6:73:C7:76:32:5C:69:66:CF:EA
ValidityWed, 01 Mar 2023 00:00:00 GMT - Wed, 28 Feb 2024 23:59:59 GMT

File type

Size
69 kB (69168 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/mainpc.js HTTP/1.1
Host: watchsb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://watchsb.com/d/ywdgyxbq2ln1.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 27 May 2023 06:50:12 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 25 May 2022 20:16:27 GMT
etag: W/"628e8e9b-10e30"
expires: Sat, 03 Jun 2023 02:09:06 GMT
cache-control: max-age=604800
access-control-allow-origin: *
cf-cache-status: HIT
age: 16866
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8MhQXQHpolIMzz8Op1bMwB%2BijTPqOtUeDIMVVmoH%2FILUGs6uQyDo%2Bi5H%2BZYd%2BXD6xpKsvo0ZypyER2W1FREbBa0vetC6l23m8HasAUdzZN74miwIPjytGQHpp5rpnA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cdc5285ab54416b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (13)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML