Report - xbucketlife.blogspot.com/

Report Overview

Visitedpublic

2025-02-26 12:24:58

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.blogger.com	8975	1999-06-22	2012-05-22	2025-02-20	473 B	7.3 kB	172.217.21.169
maxcdn.bootstrapcdn.com	724	2012-05-25	2014-06-18	2025-02-26	476 B	8.0 kB	104.18.11.207
www.profitablecpmrate.com	unknown	2024-10-15	2024-10-23	2025-02-23	1.1 kB	1.3 kB	172.240.108.76
xbucketlife.blogspot.com	unknown	2000-07-31	2025-02-26	2025-02-26	944 B	34 kB	142.250.74.161
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2025-02-26	443 B	10 kB	104.18.186.31
code.jquery.com	634	2005-12-10	2012-05-21	2025-02-26	434 B	6.4 kB	151.101.2.137

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-02-26	medium	profitablecpmrate.com	Sinkholed
2025-02-26	medium	profitablecpmrate.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (8)

URL IP Response Size

xbucketlife.blogspot.com/

142.250.74.161

200 OK

31 kB

URL

xbucketlife.blogspot.com/

IP / ASN

142.250.74.161

#15169 GOOGLE

Requested byN/A

Resource Info

File typeHTML document, ASCII text, with very long lines (407)

First Seen2025-02-26

Last Seen2025-02-26

Times Seen1

Size31 kB (31195 bytes)

MD5b4653d055263b06c08bdf2f7390de25b

SHA1fa17d3c59047b2f7023794c81d668f14383d0185

SHA256632e60523a54ad9600fb7b2b8887c4265aaefbdb969b9410c43737c28768791c

HTTP Headers

GET / HTTP/1.1
Host: xbucketlife.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Wed, 26 Feb 2025 12:24:29 GMT
date: Wed, 26 Feb 2025 12:24:29 GMT
cache-control: private, max-age=0
last-modified: Sat, 08 Feb 2025 15:36:46 GMT
etag: W/"3727ceee4f11f7822fdceff3ba46d7fd08336eff02659d7a2a034cc9687ebbfd"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 31195
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

xbucketlife.blogspot.com/js/cookienotice.js

142.250.74.161

200 OK

2.0 kB

URL

xbucketlife.blogspot.com/js/cookienotice.js

IP / ASN

142.250.74.161

#15169 GOOGLE

Requested byN/A

Resource Info

File typeJavaScript source, ASCII text

First Seen2023-03-07

Last Seen2025-08-02

Times Seen49604

Size2.0 kB (2026 bytes)

MD5a705132a2174f88e196ec3610d68faa8

SHA13bad57a48d973a678fec600d45933010f6edc659

SHA256068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

HTTP Headers

GET /js/cookienotice.js HTTP/1.1
Host: xbucketlife.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xbucketlife.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 2026
date: Wed, 26 Feb 2025 12:24:29 GMT
expires: Wed, 05 Mar 2025 12:24:29 GMT
cache-control: public, max-age=604800
last-modified: Wed, 26 Feb 2025 08:53:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

cdn.jsdelivr.net/jquery.slick/1.5.5/slick.min.js

104.18.186.31

200 OK

8.9 kB

URL

cdn.jsdelivr.net/jquery.slick/1.5.5/slick.min.js

IP / ASN

104.18.186.31

#13335 CLOUDFLARENET

Requested byN/A

Resource Info

File typeJavaScript source, ASCII text, with very long lines (32178)

First Seen2023-03-07

Last Seen2025-07-27

Times Seen58

Size8.9 kB (8897 bytes)

MD521778f373fce5457a66da1622474a3dd

SHA1add39dc39ac692b653b85471a7e8a969303ef397

SHA25622529609ad54b33ee1695008d3daa6e35f133849c49ee00d7e9bc02eb0dd9a56

HTTP Headers

GET /jquery.slick/1.5.5/slick.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xbucketlife.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 26 Feb 2025 12:24:29 GMT
content-type: application/javascript; charset=utf-8
content-length: 8897
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
etag: W/"9040-rdOdw5rGkrZTuFRxp+ipaTA+85c"
content-encoding: gzip
x-served-by: cache-fra-eddf8230082-FRA, cache-lga21920-LGA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 20399102
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5aUsrbvZcweQNVv7jhmK1juDYJReo%2BkD8rwaSMdJQRto%2FfRqvjPSQx30gk7R3cArDSLF3MuOB4ITxaW86kSG62iyvTTRM9m%2BOvLUkru2tp4mHB07YxNKQBVQdsfEy7Z%2FP5c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 917fe990dcf5b518-OSL
X-Firefox-Spdy: h2

code.jquery.com/jquery-migrate-1.2.1.js

151.101.2.137

200 OK

5.8 kB

URL

code.jquery.com/jquery-migrate-1.2.1.js

IP / ASN

151.101.2.137

#54113 FASTLY

Requested byN/A

Resource Info

File typeJavaScript source, ASCII text

First Seen2023-03-07

Last Seen2025-08-01

Times Seen752

Size5.8 kB (5783 bytes)

MD57d87ce904ab76326bff3147c72a45b2a

SHA1b5a7a40ada6f87047f00e95915356aff82cb0959

SHA25658564bc237b683f482c3a82def059f27b2be41109d237d7a2380074b5b4f22be

HTTP Headers

GET /jquery-migrate-1.2.1.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xbucketlife.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-40ed"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 26 Feb 2025 12:24:29 GMT
age: 2363742
x-served-by: cache-lga21971-LGA, cache-hel1410022-HEL
x-cache: HIT, HIT
x-cache-hits: 20, 749
x-timer: S1740572670.589022,VS0,VE0
vary: Accept-Encoding
content-length: 5783
X-Firefox-Spdy: h2

www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css

172.217.21.169

200 OK

6.6 kB

URL

www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css

IP / ASN

172.217.21.169

#15169 GOOGLE

Requested byN/A

Resource Info

File typeASCII text, with very long lines (30596)

First Seen2023-04-05

Last Seen2025-08-02

Times Seen18859

Size6.6 kB (6620 bytes)

MD5e3f09df1bc175f411d1ec3dfb5afb17b

SHA13994ec3efe3c2447e7bbfdd97bb7e190dd1658f9

SHA2561a2eca9e492e3a21e02dd77ad44d7af45c4091d35ede79e948b7a3f23e5b3617

HTTP Headers

GET /static/v1/widgets/55013136-widget_css_bundle.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xbucketlife.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 20 Feb 2025 13:40:37 GMT
expires: Fri, 20 Feb 2026 13:40:37 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 20 Feb 2025 09:58:01 GMT
content-type: text/css
vary: Accept-Encoding
age: 513832
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css

104.18.11.207

200 OK

7.1 kB

URL

maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css

IP / ASN

104.18.11.207

#13335 CLOUDFLARENET

Requested byN/A

Resource Info

File typeASCII text, with very long lines (28900)

First Seen2023-04-05

Last Seen2025-08-02

Times Seen7207

Size7.1 kB (7071 bytes)

MD54083f5d376eb849a458cc790b53ba080

SHA1fb5b49426dee7f1508500e698d1b3c6b04c8fcce

SHA256008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420

HTTP Headers

GET /font-awesome/4.6.3/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xbucketlife.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 26 Feb 2025 12:24:29 GMT
content-type: text/css; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: "4083f5d376eb849a458cc790b53ba080"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 10/13/2024 00:51:43
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 864
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requesttime: 0
cdn-requestid: 5e5d18001b0e52b721892e74e0b1b13c
cdn-cache: HIT
cf-cache-status: HIT
age: 898499
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 917fe9908a0c1c06-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.profitablecpmrate.com/jg22bniz?key=5983c39b51642d0f526c9da6748e2524

172.240.108.76

200 OK

118 B

URL

www.profitablecpmrate.com/jg22bniz?key=5983c39b51642d0f526c9da6748e2524

IP / ASN

172.240.108.76

#7979 SERVERS-COM

Requested byN/A

Resource Info

File typeHTML document, ASCII text, with no line terminators

First Seen2024-05-29

Last Seen2025-07-27

Times Seen1145

Size118 B (118 bytes)

MD5b0f623103cd51d764412d46f8a7e0816

SHA13c88223adef88d7cb3ef5536b4b398ef54f31781

SHA256fe40b26bcb3f34ba8f180d33623bb3b109597ba9b3f5596ba1bc6b665b8dcb67

Certificate Info

IssuerLet's Encrypt

Subjectprofitablecpmrate.com

Fingerprint0E:06:DB:C5:80:67:C5:69:07:B3:59:69:FD:29:14:B1:5F:AE:FE:AF

ValidityWed, 12 Feb 2025 22:28:59 GMT - Tue, 13 May 2025 22:28:58 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /jg22bniz?key=5983c39b51642d0f526c9da6748e2524 HTTP/1.1
Host: www.profitablecpmrate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xbucketlife.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 26 Feb 2025 12:24:30 GMT
Content-Type: text/html
Content-Length: 118
Connection: keep-alive
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
x-envoy-upstream-service-time: 2
Host: www.profitablecpmrate.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 54951b41d258e4217c66ab4701c50851
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET www.profitablecpmrate.com/favicon.ico

172.240.108.76

200 OK

0 B

URL

www.profitablecpmrate.com/favicon.ico

IP / ASN

172.240.108.76

#7979 SERVERS-COM

Requested byhttps://www.profitablecpmrate.com/jg22bniz?key=5983c39b51642d0f526c9da6748e2524

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-02

Times Seen5607219

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerLet's Encrypt

Subjectprofitablecpmrate.com

Fingerprint0E:06:DB:C5:80:67:C5:69:07:B3:59:69:FD:29:14:B1:5F:AE:FE:AF

ValidityWed, 12 Feb 2025 22:28:59 GMT - Tue, 13 May 2025 22:28:58 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.profitablecpmrate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.profitablecpmrate.com/jg22bniz?key=5983c39b51642d0f526c9da6748e2524
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 26 Feb 2025 12:24:30 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: e4ebaeea47dfd82260272d48604f813f
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains