| cdnjs.cloudflare.com/ajax/libs/vanilla-lazyload/10.17.0/lazyload.min.js |  104.17.24.14 | 200 OK | 5.1 kB |
URL GET cdnjs.cloudflare.com/ajax/libs/vanilla-lazyload/10.17.0/lazyload.min.js IP104.17.24.14:443
Requested byhttps://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9 CertificateIssuerGoogle Trust Services Subjectcdnjs.cloudflare.com Fingerprint4B:06:E9:E2:47:47:F5:3C:33:58:F8:2A:95:70:22:5E:23:19:03:77 ValidityThu, 22 May 2025 14:38:44 GMT - Wed, 20 Aug 2025 15:38:38 GMT
File typeJavaScript source, ASCII text, with very long lines (5082) Hash375e3e0688214ca1595fc28956430dd1 09ba8de39859cd17c2701057352dd5b8bc3c07f6 a052ce2a1bfa39fd0315ec22b7b123a0097dc99884a5b10c348931a2b0190b1f
GET /ajax/libs/vanilla-lazyload/10.17.0/lazyload.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 28 May 2025 10:36:28 GMT
content-type: application/javascript; charset=utf-8
content-length: 1810
server: cloudflare
strict-transport-security: max-age=15780000
cf-ray: 946d1c74b9740b31-OSL
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04017-1404"
last-modified: Mon, 04 May 2020 16:17:27 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1486973
expires: Mon, 18 May 2026 10:36:28 GMT
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FiLTslVkqe5LMKqCT8kAUGXMjviPkr3ruUXflpRKWhI3N4OQA7DC9kcFC7WTgG0s8KJxjOjrEmwGA1EwHaC77Toa%2BPGZEHqqWwtH0iPPCRvrJrbYKfv3DmIg8jep5vzPN3aogT5O"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| theetheks.com/500/8865093?excludes=22954946&oaid=0801d7ced21e45afea2b5154b94fb335&var=&ymid=&tgp=&js_build=8&sw_version=v1.633.2&dmn=theetheks.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Fjilliandescribecompany.com%2Faccess%2FeyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 |  139.45.197.119 | 200 OK | 1.5 kB |
URL GET theetheks.com/500/8865093?excludes=22954946&oaid=0801d7ced21e45afea2b5154b94fb335&var=&ymid=&tgp=&js_build=8&sw_version=v1.633.2&dmn=theetheks.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Fjilliandescribecompany.com%2Faccess%2FeyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 IP139.45.197.119:443
Requested byhttps://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9 CertificateIssuerLet's Encrypt Subjecttheetheks.com Fingerprint49:39:94:26:26:3F:1D:88:F9:26:12:60:9C:80:54:07:4F:6D:A5:3B ValidityWed, 23 Apr 2025 05:24:46 GMT - Tue, 22 Jul 2025 05:24:45 GMT
Hash9f1eabb644f07787a43f2148bbcf9151 e32af972ad2f59607451b2615a5bf79f0f22b5d4 29df6fa702b4a58c0da300f7eba5e01cc96e184b0bd1e0db10495b02bef44cef
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /500/8865093?excludes=22954946&oaid=0801d7ced21e45afea2b5154b94fb335&var=&ymid=&tgp=&js_build=8&sw_version=v1.633.2&dmn=theetheks.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Fjilliandescribecompany.com%2Faccess%2FeyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 HTTP/1.1
Host: theetheks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://jilliandescribecompany.com
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/
Cookie: OAID=0801d7ced21e45afea2b5154b94fb335
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 28 May 2025 10:36:37 GMT
content-type: application/javascript
x-trace-id: d9f318b159d1dc7d2d65a28f4ff4203d
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://jilliandescribecompany.com
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
set-cookie: OAID=0801d7ced21e45afea2b5154b94fb335; expires=Thu, 28 May 2026 10:36:37 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| jilliandescribecompany.com/build/assets/D_HGTcPA.css |  186.2.163.111 | 200 OK | 5.5 kB |
URL GET jilliandescribecompany.com/build/assets/D_HGTcPA.css IP186.2.163.111:443
Requested byhttps://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9 CertificateIssuerLet's Encrypt Subjectjilliandescribecompany.com Fingerprint2A:DB:89:8B:4F:4D:1A:FB:25:6C:69:83:C3:BF:C7:BE:3F:E1:1D:2F ValiditySat, 24 May 2025 00:06:33 GMT - Fri, 22 Aug 2025 00:06:32 GMT
File typeASCII text, with very long lines (5544) Hasha9ee771b7240383bb786aa7cb7029eec 87e99041217bd3f1d32bcf9c44a2f7726129fb1f 374828c97ef3560752905e3f33cce3f5ad507fe3ed942dca98fea389e016d499
GET /build/assets/D_HGTcPA.css HTTP/1.1
Host: jilliandescribecompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9
Cookie: __ddg8_=ai8jiQCOgOXxAtzx; __ddg10_=1748428586; __ddg9_=91.90.42.154; __ddg1_=D09lEBBxolDmYPxGtLms; XSRF-TOKEN=eyJpdiI6IlpsWEhIVi9nY2RyaEppWTFXYnptZUE9PSIsInZhbHVlIjoiWi9mUU9KT1ZUVjcxSE1yVUlSd0s2WDFzSFU0Z2t3TXhPWGo0emJZR2xlMEp4QjVKM2ZUVHN1S2Z2dkxSemxFTVlyeEY1TzlHVURYYUhaODZEbnZhWlhsRVRQbWExS0g3T2NyZzcybUVmR3F6cU9STitUNldqZnVVelV1TFpDYmQiLCJtYWMiOiJiYzE0NTUyOTE0NjllNTk2MjQzZjlkNWNlZjkxMTM5ZTNkNDM4MmEyMTNiNDFjYjA2MjRmYTA3NGM1NGU5NTgxIiwidGFnIjoiIn0%3D; voe_session=eyJpdiI6ImYzSFZ1TFl5ekNGbjZ6S204MFU0dmc9PSIsInZhbHVlIjoiVHMzQzZ4TFZjTmpaY3ZTOHIrS0NDaEszZ1dDSzhHWjd3dFZud2NEY3k4TFB1K255cTgyVlFOVktXY2ZpcUtJL0YxUG5UMFgzTENadEJYYUNmZWIzazR5T3NIc2p5UnZaTnJaMGdFMzJjM0F6NGRSdXlDYktWNzFRR0ZmNUU0VFkiLCJtYWMiOiI1MzJiNTczNzhiNjdhMWFiYzY2OWM2MjY2MDg5ODVkYjY2YTcxM2FlZWRlM2MxZTU4ZjY4MzQxMDc4ZmMxNGE4IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg8_=HFEgj2TKM6MDs8JD; Domain=.jilliandescribecompany.com; Path=/; Expires=Wed, 28-May-2025 10:56:27 GMT
__ddg10_=1748428587; Domain=.jilliandescribecompany.com; Path=/; Expires=Wed, 28-May-2025 10:56:27 GMT
__ddg9_=91.90.42.154; Domain=.jilliandescribecompany.com; Path=/; Expires=Wed, 28-May-2025 10:56:27 GMT
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 24 May 2025 01:08:49 GMT
content-type: text/css
last-modified: Mon, 05 May 2025 16:07:50 GMT
etag: W/"6818e256-15a9"
expires: Mon, 23 Jun 2025 01:08:49 GMT
cache-control: max-age=2592000
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
age: 379658
content-length: 1486
ddg-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/bootstrap/5.3.3/js/bootstrap.bundle.min.js | 104.17.24.14 | 200 OK | 81 kB |
URL GET cdnjs.cloudflare.com/ajax/libs/bootstrap/5.3.3/js/bootstrap.bundle.min.js IP104.17.24.14:443
Requested byhttps://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9 CertificateIssuerGoogle Trust Services Subjectcdnjs.cloudflare.com Fingerprint4B:06:E9:E2:47:47:F5:3C:33:58:F8:2A:95:70:22:5E:23:19:03:77 ValidityThu, 22 May 2025 14:38:44 GMT - Wed, 20 Aug 2025 15:38:38 GMT
File typeJavaScript source, ASCII text, with very long lines (65299) Hash2e477967e482f32e65d4ea9b2fd8e106 ddc6e9ead6d16ae9237399ce41e8c1620cc59c36 0833b2e9c3a26c258476c46266e6877fc75218625162e0460be9a3a098a61c6c
GET /ajax/libs/bootstrap/5.3.3/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jilliandescribecompany.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 28 May 2025 10:36:27 GMT
content-type: application/javascript; charset=utf-8
content-length: 21170
server: cloudflare
strict-transport-security: max-age=15780000
cf-ray: 946d1c6eeac656bf-OSL
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "65d4c5f6-52b2"
last-modified: Tue, 20 Feb 2024 15:32:06 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 472406
expires: Mon, 18 May 2026 10:36:27 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=giigKJ3Hg4QA3zevl5fL6QnMqJZFVM3F%2BQoqEbwbdBTwMuk2tlNgFtcgLnHln57E6d7zoFI2oZ6lF9rCwQQH37ET%2BNZ1T0Jnm81LJ66CYEbwBeL6Nwh7AVCn17UX5uyYV0jkk5TY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| jilliandescribecompany.com/jwplayer/8.36.6/jwpsrv.js | 186.2.163.111 | 200 OK | 67 kB |
URL GET jilliandescribecompany.com/jwplayer/8.36.6/jwpsrv.js IP186.2.163.111:443
Requested byhttps://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9 CertificateIssuerLet's Encrypt Subjectjilliandescribecompany.com Fingerprint2A:DB:89:8B:4F:4D:1A:FB:25:6C:69:83:C3:BF:C7:BE:3F:E1:1D:2F ValiditySat, 24 May 2025 00:06:33 GMT - Fri, 22 Aug 2025 00:06:32 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hashb7c09a238f43ba40002820079de36b91 620bbc4b53e6fd80b6cd5c89271bc09973d51903 be32622dbb1e238992fe4d24d3fd2aaf05b5a283f58f249790b673f04e64c24f
GET /jwplayer/8.36.6/jwpsrv.js HTTP/1.1
Host: jilliandescribecompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9
Cookie: __ddg8_=SRs9I2StB05PoBxd; __ddg10_=1748428587; __ddg9_=91.90.42.154; __ddg1_=D09lEBBxolDmYPxGtLms; XSRF-TOKEN=eyJpdiI6IlpsWEhIVi9nY2RyaEppWTFXYnptZUE9PSIsInZhbHVlIjoiWi9mUU9KT1ZUVjcxSE1yVUlSd0s2WDFzSFU0Z2t3TXhPWGo0emJZR2xlMEp4QjVKM2ZUVHN1S2Z2dkxSemxFTVlyeEY1TzlHVURYYUhaODZEbnZhWlhsRVRQbWExS0g3T2NyZzcybUVmR3F6cU9STitUNldqZnVVelV1TFpDYmQiLCJtYWMiOiJiYzE0NTUyOTE0NjllNTk2MjQzZjlkNWNlZjkxMTM5ZTNkNDM4MmEyMTNiNDFjYjA2MjRmYTA3NGM1NGU5NTgxIiwidGFnIjoiIn0%3D; voe_session=eyJpdiI6ImYzSFZ1TFl5ekNGbjZ6S204MFU0dmc9PSIsInZhbHVlIjoiVHMzQzZ4TFZjTmpaY3ZTOHIrS0NDaEszZ1dDSzhHWjd3dFZud2NEY3k4TFB1K255cTgyVlFOVktXY2ZpcUtJL0YxUG5UMFgzTENadEJYYUNmZWIzazR5T3NIc2p5UnZaTnJaMGdFMzJjM0F6NGRSdXlDYktWNzFRR0ZmNUU0VFkiLCJtYWMiOiI1MzJiNTczNzhiNjdhMWFiYzY2OWM2MjY2MDg5ODVkYjY2YTcxM2FlZWRlM2MxZTU4ZjY4MzQxMDc4ZmMxNGE4IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg8_=uJTErltvYhdNnuZU; Domain=.jilliandescribecompany.com; Path=/; Expires=Wed, 28-May-2025 10:56:28 GMT
__ddg10_=1748428588; Domain=.jilliandescribecompany.com; Path=/; Expires=Wed, 28-May-2025 10:56:28 GMT
__ddg9_=91.90.42.154; Domain=.jilliandescribecompany.com; Path=/; Expires=Wed, 28-May-2025 10:56:28 GMT
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 24 May 2025 01:08:50 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 05 May 2025 16:07:50 GMT
etag: W/"6818e256-10710"
expires: Mon, 23 Jun 2025 01:08:50 GMT
cache-control: max-age=2592000
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
age: 379658
content-length: 19479
ddg-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| jilliandescribecompany.com/jwplayer/8.36.6/jwplayer.core.controls.js | 186.2.163.111 | 200 OK | 340 kB |
URL GET jilliandescribecompany.com/jwplayer/8.36.6/jwplayer.core.controls.js IP186.2.163.111:443
Requested byhttps://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9 CertificateIssuerLet's Encrypt Subjectjilliandescribecompany.com Fingerprint2A:DB:89:8B:4F:4D:1A:FB:25:6C:69:83:C3:BF:C7:BE:3F:E1:1D:2F ValiditySat, 24 May 2025 00:06:33 GMT - Fri, 22 Aug 2025 00:06:32 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size340 kB (339998 bytes) Hashc8fc89b8e42c4a24d4d3ee9944d04e9f 1d47b5067f9b3756f6a6cd10b44fe3c3cd58952c 2a9d386316399957231faaab81b0e2f30c45e5049d1e1ed3dee7f6e5d00e7ca4
GET /jwplayer/8.36.6/jwplayer.core.controls.js HTTP/1.1
Host: jilliandescribecompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9
Cookie: __ddg8_=uJTErltvYhdNnuZU; __ddg10_=1748428588; __ddg9_=91.90.42.154; __ddg1_=D09lEBBxolDmYPxGtLms; XSRF-TOKEN=eyJpdiI6IlpsWEhIVi9nY2RyaEppWTFXYnptZUE9PSIsInZhbHVlIjoiWi9mUU9KT1ZUVjcxSE1yVUlSd0s2WDFzSFU0Z2t3TXhPWGo0emJZR2xlMEp4QjVKM2ZUVHN1S2Z2dkxSemxFTVlyeEY1TzlHVURYYUhaODZEbnZhWlhsRVRQbWExS0g3T2NyZzcybUVmR3F6cU9STitUNldqZnVVelV1TFpDYmQiLCJtYWMiOiJiYzE0NTUyOTE0NjllNTk2MjQzZjlkNWNlZjkxMTM5ZTNkNDM4MmEyMTNiNDFjYjA2MjRmYTA3NGM1NGU5NTgxIiwidGFnIjoiIn0%3D; voe_session=eyJpdiI6ImYzSFZ1TFl5ekNGbjZ6S204MFU0dmc9PSIsInZhbHVlIjoiVHMzQzZ4TFZjTmpaY3ZTOHIrS0NDaEszZ1dDSzhHWjd3dFZud2NEY3k4TFB1K255cTgyVlFOVktXY2ZpcUtJL0YxUG5UMFgzTENadEJYYUNmZWIzazR5T3NIc2p5UnZaTnJaMGdFMzJjM0F6NGRSdXlDYktWNzFRR0ZmNUU0VFkiLCJtYWMiOiI1MzJiNTczNzhiNjdhMWFiYzY2OWM2MjY2MDg5ODVkYjY2YTcxM2FlZWRlM2MxZTU4ZjY4MzQxMDc4ZmMxNGE4IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg8_=n0DCP6rU8hrJkchj; Domain=.jilliandescribecompany.com; Path=/; Expires=Wed, 28-May-2025 10:56:28 GMT
__ddg10_=1748428588; Domain=.jilliandescribecompany.com; Path=/; Expires=Wed, 28-May-2025 10:56:28 GMT
__ddg9_=91.90.42.154; Domain=.jilliandescribecompany.com; Path=/; Expires=Wed, 28-May-2025 10:56:28 GMT
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 24 May 2025 01:08:50 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 05 May 2025 16:07:50 GMT
etag: W/"6818e256-5301e"
expires: Mon, 23 Jun 2025 01:08:50 GMT
cache-control: max-age=2592000
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
age: 379658
content-length: 86302
ddg-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| tzegilo.com/stattag.js | 172.67.193.52 | 200 OK | 18 kB |
IP172.67.193.52:443
Requested byhttps://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9 CertificateIssuerGoogle Trust Services Subjecttzegilo.com FingerprintBD:3B:17:0D:E4:BF:2D:A2:D2:DE:AD:AD:5B:4E:50:C8:BC:18:2A:3A ValiditySat, 17 May 2025 12:47:13 GMT - Fri, 15 Aug 2025 13:41:30 GMT
File typeJavaScript source, ASCII text, with very long lines (17229) Hash01227f5edc20e0ff4ed643b27cb8bb68 d71a88f7341f2b1bdaa7deb9a66888607bd52598 75c91d86601e23ab56d872b31b42660f893fc6d6b0785e085c06c2c038e98fb2
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 28 May 2025 10:36:29 GMT
content-type: application/javascript
server: cloudflare
last-modified: Thu, 11 Jul 2024 10:23:58 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: accept-encoding
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=v9CviS5AocoO35c%2BjI03YYeiDLo9taFgASxY1Edt0hCCaJYfWwBCLO9Qbxa7BZ1%2BwF37FIv8x%2FKajNA9tE1AzwoT2hCYh%2Fy56w%3D%3D"}]}
age: 6496
cache-control: max-age=14400
cf-cache-status: HIT
etag: W/"668fb2be-45d7"
content-encoding: br
cf-ray: 946d1c79ddd356c7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| jilliandescribecompany.com/s/css/site.min.css?cb42e55bbdab3f11540fa3b620a6e66e | 186.2.163.111 | 200 OK | 271 kB |
URL GET jilliandescribecompany.com/s/css/site.min.css?cb42e55bbdab3f11540fa3b620a6e66e IP186.2.163.111:443
Requested byhttps://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9 CertificateIssuerLet's Encrypt Subjectjilliandescribecompany.com Fingerprint2A:DB:89:8B:4F:4D:1A:FB:25:6C:69:83:C3:BF:C7:BE:3F:E1:1D:2F ValiditySat, 24 May 2025 00:06:33 GMT - Fri, 22 Aug 2025 00:06:32 GMT
File typeUnicode text, UTF-8 text, with very long lines (65271) Size271 kB (270624 bytes) Hashc71fa701386844028fe6595289427599 8be981f11be9f5aab5fd100ee58b8a9332674382 39710492ff4eb2fd207455f6edca3b9649b46fd2644021344afdf1d4c9a5ca11
GET /s/css/site.min.css?cb42e55bbdab3f11540fa3b620a6e66e HTTP/1.1
Host: jilliandescribecompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9
Cookie: __ddg8_=ai8jiQCOgOXxAtzx; __ddg10_=1748428586; __ddg9_=91.90.42.154; __ddg1_=D09lEBBxolDmYPxGtLms; XSRF-TOKEN=eyJpdiI6IlpsWEhIVi9nY2RyaEppWTFXYnptZUE9PSIsInZhbHVlIjoiWi9mUU9KT1ZUVjcxSE1yVUlSd0s2WDFzSFU0Z2t3TXhPWGo0emJZR2xlMEp4QjVKM2ZUVHN1S2Z2dkxSemxFTVlyeEY1TzlHVURYYUhaODZEbnZhWlhsRVRQbWExS0g3T2NyZzcybUVmR3F6cU9STitUNldqZnVVelV1TFpDYmQiLCJtYWMiOiJiYzE0NTUyOTE0NjllNTk2MjQzZjlkNWNlZjkxMTM5ZTNkNDM4MmEyMTNiNDFjYjA2MjRmYTA3NGM1NGU5NTgxIiwidGFnIjoiIn0%3D; voe_session=eyJpdiI6ImYzSFZ1TFl5ekNGbjZ6S204MFU0dmc9PSIsInZhbHVlIjoiVHMzQzZ4TFZjTmpaY3ZTOHIrS0NDaEszZ1dDSzhHWjd3dFZud2NEY3k4TFB1K255cTgyVlFOVktXY2ZpcUtJL0YxUG5UMFgzTENadEJYYUNmZWIzazR5T3NIc2p5UnZaTnJaMGdFMzJjM0F6NGRSdXlDYktWNzFRR0ZmNUU0VFkiLCJtYWMiOiI1MzJiNTczNzhiNjdhMWFiYzY2OWM2MjY2MDg5ODVkYjY2YTcxM2FlZWRlM2MxZTU4ZjY4MzQxMDc4ZmMxNGE4IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg8_=oZo5lgn7xkDJ0DuY; Domain=.jilliandescribecompany.com; Path=/; Expires=Wed, 28-May-2025 10:56:27 GMT
__ddg10_=1748428587; Domain=.jilliandescribecompany.com; Path=/; Expires=Wed, 28-May-2025 10:56:27 GMT
__ddg9_=91.90.42.154; Domain=.jilliandescribecompany.com; Path=/; Expires=Wed, 28-May-2025 10:56:27 GMT
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 24 May 2025 01:08:49 GMT
content-type: text/css
last-modified: Mon, 05 May 2025 16:07:50 GMT
etag: W/"6818e256-42120"
expires: Mon, 23 Jun 2025 01:08:49 GMT
cache-control: max-age=2592000
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
age: 379658
content-length: 36983
ddg-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/figtree/v8/_Xms-HUzqDCFdgfMm4S9DQ.woff2 |  142.250.178.67 | 200 OK | 20 kB |
URL GET fonts.gstatic.com/s/figtree/v8/_Xms-HUzqDCFdgfMm4S9DQ.woff2 IP142.250.178.67:443
Requested byhttps://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9 CertificateIssuerGoogle Trust Services Subject*.gstatic.com Fingerprint58:93:D6:74:22:41:22:FC:10:8C:BD:51:81:F5:29:DE:00:91:9B:FD ValidityTue, 29 Apr 2025 19:29:18 GMT - Tue, 22 Jul 2025 19:29:17 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 20156, version 1.0 Hash202cfb54d4e66d1702404ade49339ceb 57fd1acf8d9651d9c38c0d4af7b78bc399be0652 4ba7d3d096695818fe0686be4f1e82c6b05134e18a22260336130335027462dd
GET /s/figtree/v8/_Xms-HUzqDCFdgfMm4S9DQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://jilliandescribecompany.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20156
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 27 May 2025 16:37:14 GMT
expires: Wed, 27 May 2026 16:37:14 GMT
cache-control: public, max-age=31536000
age: 64754
last-modified: Mon, 12 May 2025 21:45:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| jilliandescribecompany.com/engine/storyboard/uwnvrxpjvfhq?t=0 | 186.2.163.111 | 200 OK | 13 kB |
URL GET jilliandescribecompany.com/engine/storyboard/uwnvrxpjvfhq?t=0 IP186.2.163.111:443
Requested byhttps://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9 CertificateIssuerLet's Encrypt Subjectjilliandescribecompany.com Fingerprint2A:DB:89:8B:4F:4D:1A:FB:25:6C:69:83:C3:BF:C7:BE:3F:E1:1D:2F ValiditySat, 24 May 2025 00:06:33 GMT - Fri, 22 Aug 2025 00:06:32 GMT
File typeWebVTT subtitles, ASCII text Hash235ee44adac52ac5106def95ca1befee 03f10d505bc082ca312e4341da132dc519e911bb 1b18527cd457d18078399feb825940a87e66b358677ad76192c111b26220d9df
GET /engine/storyboard/uwnvrxpjvfhq?t=0 HTTP/1.1
Host: jilliandescribecompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9
Cookie: __ddg8_=N5Zhma2IqhB7jcvm; __ddg10_=1748428588; __ddg9_=91.90.42.154; __ddg1_=D09lEBBxolDmYPxGtLms; XSRF-TOKEN=eyJpdiI6IlpsWEhIVi9nY2RyaEppWTFXYnptZUE9PSIsInZhbHVlIjoiWi9mUU9KT1ZUVjcxSE1yVUlSd0s2WDFzSFU0Z2t3TXhPWGo0emJZR2xlMEp4QjVKM2ZUVHN1S2Z2dkxSemxFTVlyeEY1TzlHVURYYUhaODZEbnZhWlhsRVRQbWExS0g3T2NyZzcybUVmR3F6cU9STitUNldqZnVVelV1TFpDYmQiLCJtYWMiOiJiYzE0NTUyOTE0NjllNTk2MjQzZjlkNWNlZjkxMTM5ZTNkNDM4MmEyMTNiNDFjYjA2MjRmYTA3NGM1NGU5NTgxIiwidGFnIjoiIn0%3D; voe_session=eyJpdiI6ImYzSFZ1TFl5ekNGbjZ6S204MFU0dmc9PSIsInZhbHVlIjoiVHMzQzZ4TFZjTmpaY3ZTOHIrS0NDaEszZ1dDSzhHWjd3dFZud2NEY3k4TFB1K255cTgyVlFOVktXY2ZpcUtJL0YxUG5UMFgzTENadEJYYUNmZWIzazR5T3NIc2p5UnZaTnJaMGdFMzJjM0F6NGRSdXlDYktWNzFRR0ZmNUU0VFkiLCJtYWMiOiI1MzJiNTczNzhiNjdhMWFiYzY2OWM2MjY2MDg5ODVkYjY2YTcxM2FlZWRlM2MxZTU4ZjY4MzQxMDc4ZmMxNGE4IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg8_=R5yetkoaJRecbENH; Domain=.jilliandescribecompany.com; Path=/; Expires=Wed, 28-May-2025 10:56:28 GMT
__ddg10_=1748428588; Domain=.jilliandescribecompany.com; Path=/; Expires=Wed, 28-May-2025 10:56:28 GMT
__ddg9_=91.90.42.154; Domain=.jilliandescribecompany.com; Path=/; Expires=Wed, 28-May-2025 10:56:28 GMT
XSRF-TOKEN=eyJpdiI6InlSUTk2NTkrS2JubTFieVBZUnIwTmc9PSIsInZhbHVlIjoiZWszQ1Z3T3c4NHZrNU5oZjAwL29qUDVud1Vsdjh0S0hDVFhxWG9wNHJ2Y29ET0Ivei81aU5yTlJua1lsSkR4NG1QWlE4eVFzcURBOWhRRU5Ua0JEWEU0eHp6NTEydHVacmZCZzNQdldtanA5WlZINnlMSTRCK1NnYWcrYU1xU1AiLCJtYWMiOiIxOWEwYThjODUwMDJjM2VmYTU1NzNmMTJkNzQ1NTk2MjU0OTI4YWFiYmQ3YmQ2OTUxZmU1ZmUxMDUzNGU2NjUwIiwidGFnIjoiIn0%3D; expires=Wed, 28 May 2025 12:06:28 GMT; Max-Age=5400; path=/; secure; samesite=none; partitioned
voe_session=eyJpdiI6InhOSVhadTRSZFNwWGM5MFl0MCt5K1E9PSIsInZhbHVlIjoidWxSRUYrUnFNQTRLYmUwNGNLNFh0djhqajl6MjRUWlh6eHVDaEpyMzhwdEs5WktSTkVoMDVqa01sNzQwWDF2RTV6K1Z0V2xJMnRGNExMVnkrNGFaZU1SRVhkOGtuT0tKQS9ISHBWbXFHOUVJa0F3dm9VVGhoVmxRR25oU05FZFgiLCJtYWMiOiJmM2E2OGQ4ODIwYWQwM2E0ZWNhMjY1YzQ3YTNlYjZmMzU0MTEwYmY4ZWZkNDUzYjFlYjc5OWQ1NjJmYjlhMzJmIiwidGFnIjoiIn0%3D; expires=Wed, 28 May 2025 12:06:28 GMT; Max-Age=5400; path=/; secure; httponly; samesite=none; partitioned
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
content-type: text/vtt; charset=UTF-8
cache-control: no-cache, private
date: Wed, 28 May 2025 10:36:28 GMT
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Figtree:wght@400;600;800&display=swap | 142.250.74.10 | 200 OK | 2.5 kB |
URL GET fonts.googleapis.com/css2?family=Figtree:wght@400;600;800&display=swap IP142.250.74.10:443
Requested byhttps://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9 CertificateIssuerGoogle Trust Services Subjectupload.video.google.com FingerprintE8:3A:D1:2C:16:97:56:94:8B:01:F8:ED:EB:81:17:F8:D7:6C:B2:41 ValidityTue, 29 Apr 2025 19:29:18 GMT - Tue, 22 Jul 2025 19:29:17 GMT
Hash81697f14fef5e75334dddac376b63b52 e5a95321183528f482564419929d611b096aec6c 62779f80bdd9979d0857443f631b0242c5866967a949b2bb01b4102135fdc8f1
GET /css2?family=Figtree:wght@400;600;800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 28 May 2025 10:36:27 GMT
date: Wed, 28 May 2025 10:36:27 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| jilliandescribecompany.com/cache/uwnvrxpjvfhq_storyboard_L0.jpg | 186.2.163.111 | 200 OK | 235 kB |
URL GET jilliandescribecompany.com/cache/uwnvrxpjvfhq_storyboard_L0.jpg IP186.2.163.111:443
Requested byhttps://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9 CertificateIssuerLet's Encrypt Subjectjilliandescribecompany.com Fingerprint2A:DB:89:8B:4F:4D:1A:FB:25:6C:69:83:C3:BF:C7:BE:3F:E1:1D:2F ValiditySat, 24 May 2025 00:06:33 GMT - Fri, 22 Aug 2025 00:06:32 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1250x700, components 3 Size235 kB (234688 bytes) Hash587afc0747849bcb842fddaaf5f41345 132daecbd5b26bc5d8bff48f3aaade9a9b1f27ad 723cac449ef810d27fadff50ad9577e0c01014663310e8efa620e326bea22933
GET /cache/uwnvrxpjvfhq_storyboard_L0.jpg HTTP/1.1
Host: jilliandescribecompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9
Cookie: __ddg8_=XyMiEKTAU0fJ0Gal; __ddg10_=1748428588; __ddg9_=91.90.42.154; __ddg1_=D09lEBBxolDmYPxGtLms; XSRF-TOKEN=eyJpdiI6ImJYQ1F0NnhINTRvVVdNWHFCZ3BkcWc9PSIsInZhbHVlIjoialJMTHFQL1BwNTg2UnNjUisrdlBHbmFoVTFhaE9DcXRYVDZpK3NxZWlzcVhvME9pWEJ4bC82TW9uMFQvZGdseHBzL3YrK0F1OEZ6YTA2bjREbzZHV2x3Q3RCNW5qenZnUG1mTUkwak9WNFg5MkNuK3dESUIrdHppMHUvVTRTV1oiLCJtYWMiOiIyMDU4OTVmNjUxOWYwNmJiODJiN2ZjZDMxNjExMGJiOGYyMTI2YWM5YjFjNmEyZTI3NWFiNGI0OGYzYWE0NjBlIiwidGFnIjoiIn0%3D; voe_session=eyJpdiI6IjdQU0h1blcyNGUzdm9Bb3NsOEl2TEE9PSIsInZhbHVlIjoiUm5KRlNyM2JEUk5PSGMwUGZtTnRyU25MV3lmY3B4Z2lxRHlFcUFsRU5BdTF5Y2t6L2RuTEZUU3BNWlpTRXFnMHJ4cSs1ejZMYTc0NDQ2ajJhUHBlVkd4L3UreHZDbngzNGJ5WjVndzJOdUVuOVQwNmZPeU0zMFhURmFFMzVWUmgiLCJtYWMiOiJjNGQ4ODU3OWQ1NWJhZTdlNjEzM2JmMzgxMWZmY2U0ZmQwNjFjMzIyYzc4MzY5ZDBiOWYzYzAwYzk1MWMxYjY5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg8_=rqr5RMi06ccmY9S1; Domain=.jilliandescribecompany.com; Path=/; Expires=Wed, 28-May-2025 10:56:29 GMT
__ddg10_=1748428589; Domain=.jilliandescribecompany.com; Path=/; Expires=Wed, 28-May-2025 10:56:29 GMT
__ddg9_=91.90.42.154; Domain=.jilliandescribecompany.com; Path=/; Expires=Wed, 28-May-2025 10:56:29 GMT
XSRF-TOKEN=eyJpdiI6IldrQ0p6Y25VL1B3bVBhY2lzY3VjSUE9PSIsInZhbHVlIjoid01TNk1YSFMvdzkwWEt1VmxqczJWd21KMllmaEwvc085aXZUR0NoZDhzZDNxVnFpRU0rV2NkYUdDa05lWjUwVDBvZ3BkSzgxNG9LVVpGbnBBYjJ0MFhMVWMxMVpJSjdqRW9hR1AyM1Zya0hRTlkycXFIZEFLeGR5eW0vRWlhejciLCJtYWMiOiI2ZjM3NzMwNDc2N2JmMzk4ODc4NGM3MGQ3NjgyYmQxYTc0OGY3N2YyNDdiNTdlNDExNGYwYWIyYzM2ZDE2NTVhIiwidGFnIjoiIn0%3D; expires=Wed, 28 May 2025 12:06:29 GMT; Max-Age=5400; path=/; secure; samesite=none; partitioned
voe_session=eyJpdiI6InZqYzNpdyt3TlQ3SS9QSmhhcTN5NEE9PSIsInZhbHVlIjoiamh4MjJacFQ2dmtpN1d4bkNyUkdFSk1sT2xQMnBva0huLzF3eFhnNjVuTDB0Nmhua1lINmEwUHJwLzRsZmd4dVQ1TzQ0UlhCdlluTjg5dHlHdmR2eWdSMlRpWnJySEVqSlNBSU9mNG0wb3BkcXRkZ2xKK09lOEtKNTMwUDhTTnMiLCJtYWMiOiIyN2M5ODcxYzcxNDAwNjJlMTYwMTA3ZDExNjZkOGUyOWY3NjBjOGE3MThiYjJjNmIyYWZjMmVjOTAxOGQzMzBkIiwidGFnIjoiIn0%3D; expires=Wed, 28 May 2025 12:06:29 GMT; Max-Age=5400; path=/; secure; httponly; samesite=none; partitioned
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Wed, 28 May 2025 10:36:29 GMT
content-type: image/jpeg; charset=UTF-8
content-length: 234688
cache-control: max-age=2592000
expires: Fri, 27 Jun 2025 10:36:29 GMT
last-modified: Fri, 14 Mar 2025 23:33:55 GMT
etag: "67d4bce3-394c0"
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: cache-control, content-range, accept, origin, session-id, content-disposition, x-requested-with, content-type, content-description, referer, user-agent
x-cache-status: MISS
age: 0
ddg-cache-status: MISS
X-Firefox-Spdy: h2
|
|
| jilliandescribecompany.com/android-icon-192x192.png | 186.2.163.111 | 200 OK | 7.1 kB |
URL GET jilliandescribecompany.com/android-icon-192x192.png IP186.2.163.111:443
Requested byhttps://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9 CertificateIssuerLet's Encrypt Subjectjilliandescribecompany.com Fingerprint2A:DB:89:8B:4F:4D:1A:FB:25:6C:69:83:C3:BF:C7:BE:3F:E1:1D:2F ValiditySat, 24 May 2025 00:06:33 GMT - Fri, 22 Aug 2025 00:06:32 GMT
File typePNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced Hash6e09fa5e43f9f169c8b65bdba9683b46 e986e9353a404b28a522b85dc0b7afb480b6cb27 7940cbb7ef222596bef1a1d1db04e8a1b745dfdeb769ff9a46f4e3717396af0b
GET /android-icon-192x192.png HTTP/1.1
Host: jilliandescribecompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9
Cookie: __ddg8_=N5Zhma2IqhB7jcvm; __ddg10_=1748428588; __ddg9_=91.90.42.154; __ddg1_=D09lEBBxolDmYPxGtLms; XSRF-TOKEN=eyJpdiI6IlpsWEhIVi9nY2RyaEppWTFXYnptZUE9PSIsInZhbHVlIjoiWi9mUU9KT1ZUVjcxSE1yVUlSd0s2WDFzSFU0Z2t3TXhPWGo0emJZR2xlMEp4QjVKM2ZUVHN1S2Z2dkxSemxFTVlyeEY1TzlHVURYYUhaODZEbnZhWlhsRVRQbWExS0g3T2NyZzcybUVmR3F6cU9STitUNldqZnVVelV1TFpDYmQiLCJtYWMiOiJiYzE0NTUyOTE0NjllNTk2MjQzZjlkNWNlZjkxMTM5ZTNkNDM4MmEyMTNiNDFjYjA2MjRmYTA3NGM1NGU5NTgxIiwidGFnIjoiIn0%3D; voe_session=eyJpdiI6ImYzSFZ1TFl5ekNGbjZ6S204MFU0dmc9PSIsInZhbHVlIjoiVHMzQzZ4TFZjTmpaY3ZTOHIrS0NDaEszZ1dDSzhHWjd3dFZud2NEY3k4TFB1K255cTgyVlFOVktXY2ZpcUtJL0YxUG5UMFgzTENadEJYYUNmZWIzazR5T3NIc2p5UnZaTnJaMGdFMzJjM0F6NGRSdXlDYktWNzFRR0ZmNUU0VFkiLCJtYWMiOiI1MzJiNTczNzhiNjdhMWFiYzY2OWM2MjY2MDg5ODVkYjY2YTcxM2FlZWRlM2MxZTU4ZjY4MzQxMDc4ZmMxNGE4IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg8_=NIJWGEBg9jmctXug; Domain=.jilliandescribecompany.com; Path=/; Expires=Wed, 28-May-2025 10:56:28 GMT
__ddg10_=1748428588; Domain=.jilliandescribecompany.com; Path=/; Expires=Wed, 28-May-2025 10:56:28 GMT
__ddg9_=91.90.42.154; Domain=.jilliandescribecompany.com; Path=/; Expires=Wed, 28-May-2025 10:56:28 GMT
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 24 May 2025 01:08:52 GMT
content-type: image/png
content-length: 7068
last-modified: Mon, 05 May 2025 16:07:50 GMT
etag: "6818e256-1b9c"
expires: Mon, 23 Jun 2025 01:08:52 GMT
cache-control: max-age=2592000
accept-ranges: bytes
age: 379657
ddg-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| bobapsoabauns.com/www/images/545b04f9bce5a70f9754bb099df3f0e9.png | 104.21.73.203 | 200 OK | 82 kB |
URL GET bobapsoabauns.com/www/images/545b04f9bce5a70f9754bb099df3f0e9.png IP104.21.73.203:443
Requested byhttps://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9 CertificateIssuerGoogle Trust Services Subjectbobapsoabauns.com Fingerprint8C:C2:83:27:EF:DF:2F:25:DF:58:17:A2:0F:5F:E7:86:EA:92:7F:D9 ValidityWed, 21 May 2025 20:50:33 GMT - Tue, 19 Aug 2025 21:47:54 GMT
File typePNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced Hash545b04f9bce5a70f9754bb099df3f0e9 ae727e3526409cc6a2ff8be3f9ef15ec804d390c cc6720855ee907afb29b0f8ab90c8e412016e7976515d6577d5cf61dd913be0b
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /www/images/545b04f9bce5a70f9754bb099df3f0e9.png HTTP/1.1
Host: bobapsoabauns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 28 May 2025 10:36:37 GMT
content-type: image/png
content-length: 81979
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ntEk5vYsUNzsMmToPg3JZOYxOEcuKe4j5SN5Y1tPcqZMcAp30rM6mVaUf7Z2SNa6%2F6TpqYWtRwe8yEXQ9jRP0O7ShJ7rqNR77JjU9aDGqR9qpNj2Aw2CaPYwSi6hJ3jysFE4%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 04 Mar 2025 18:50:37 GMT
etag: "67c74b7d-1403b"
expires: Thu, 29 May 2025 05:51:45 GMT
cache-control: max-age=86400
timing-allow-origin: *
accept-ranges: bytes
age: 17091
cf-cache-status: HIT
cf-ray: 946d1cad0c4f56b4-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2944&min_rtt=1429&rtt_var=1508&sent=93&recv=25&lost=0&retrans=0&sent_bytes=87924&recv_bytes=2312&delivery_rate=16792893&cwnd=48000&unsent_bytes=0&cid=1d2476ba81203e04&ts=7202&x=80"
|
|
| jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9 | 186.2.163.111 | 200 OK | 156 kB |
URL User Request GET jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9 IP186.2.163.111:443
CertificateIssuerLet's Encrypt Subjectjilliandescribecompany.com Fingerprint2A:DB:89:8B:4F:4D:1A:FB:25:6C:69:83:C3:BF:C7:BE:3F:E1:1D:2F ValiditySat, 24 May 2025 00:06:33 GMT - Fri, 22 Aug 2025 00:06:32 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (43186) Size156 kB (155760 bytes) Hash3c62f7a48d8150b9ad34a4693d308e91 52351d2da0fc351733c162976e1da9e34c8a5158 09fba776a8855f1be42bea926b5ccd10c4c71c57d608453f41dff1be196de370
GET /access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9 HTTP/1.1
Host: jilliandescribecompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __ddg8_=6RYkLvB80LnLTzCa; __ddg10_=1748428586; __ddg9_=91.90.42.154; __ddg1_=D09lEBBxolDmYPxGtLms; XSRF-TOKEN=eyJpdiI6ImQrcFhieGVIV2lNYkhHemlEeTNYL2c9PSIsInZhbHVlIjoiS0lTTXJLKzkzeklZRFgvZjkxTXVLakp6RkNTNENJc081bmpHaHZEbzNQaW1GS2JENG0ydCtraW5HTWY5VE5FNmFSV1BsbkVQMzh5bDF1YjFkR1NacStpRGVjWXVKeXNjYngxbkFnbmJ2Y0hUb1FCb2l5ekJjNEwycWNCWk5oRWwiLCJtYWMiOiI3NDc3YmU3MTM5MDk5NWZkM2VjODBiZmFmNjAxODI2NGI4NTJkNmVkYTc4NmNmN2RjNGI5YTFlZWIwYWE1YzdhIiwidGFnIjoiIn0%3D; voe_session=eyJpdiI6IlhMamlROXZ3YlpiVmFHdjZ5alFIY0E9PSIsInZhbHVlIjoiblBvNTRFcjdEMEpJc0cxTmV0MElqUWMvUXRnVWpQOHQyeGlpTURXb0NuS3cwc1RJcWxGUmRIWTd5Z2ZlTXAxREl3a2Vma0lnaHBUTWlPZTZheDQxQ2NaV1dxY01qTG5tVjJYd3BUSW9GZzd4V09GZEpLZ1RYeVV1UFZpa2phdi8iLCJtYWMiOiI1M2U1YzZkNWQyNTJkOTE3MmUyOTE3NzMyZThmOTZmZmFhMTljYjVlZWQxYjcwNWVmOWJhYTgwNzMwOGU0ZGVlIiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg8_=ai8jiQCOgOXxAtzx; Domain=.jilliandescribecompany.com; Path=/; Expires=Wed, 28-May-2025 10:56:26 GMT
__ddg10_=1748428586; Domain=.jilliandescribecompany.com; Path=/; Expires=Wed, 28-May-2025 10:56:26 GMT
__ddg9_=91.90.42.154; Domain=.jilliandescribecompany.com; Path=/; Expires=Wed, 28-May-2025 10:56:26 GMT
XSRF-TOKEN=eyJpdiI6IlpsWEhIVi9nY2RyaEppWTFXYnptZUE9PSIsInZhbHVlIjoiWi9mUU9KT1ZUVjcxSE1yVUlSd0s2WDFzSFU0Z2t3TXhPWGo0emJZR2xlMEp4QjVKM2ZUVHN1S2Z2dkxSemxFTVlyeEY1TzlHVURYYUhaODZEbnZhWlhsRVRQbWExS0g3T2NyZzcybUVmR3F6cU9STitUNldqZnVVelV1TFpDYmQiLCJtYWMiOiJiYzE0NTUyOTE0NjllNTk2MjQzZjlkNWNlZjkxMTM5ZTNkNDM4MmEyMTNiNDFjYjA2MjRmYTA3NGM1NGU5NTgxIiwidGFnIjoiIn0%3D; expires=Wed, 28 May 2025 12:06:26 GMT; Max-Age=5400; path=/; secure; samesite=none; partitioned
voe_session=eyJpdiI6ImYzSFZ1TFl5ekNGbjZ6S204MFU0dmc9PSIsInZhbHVlIjoiVHMzQzZ4TFZjTmpaY3ZTOHIrS0NDaEszZ1dDSzhHWjd3dFZud2NEY3k4TFB1K255cTgyVlFOVktXY2ZpcUtJL0YxUG5UMFgzTENadEJYYUNmZWIzazR5T3NIc2p5UnZaTnJaMGdFMzJjM0F6NGRSdXlDYktWNzFRR0ZmNUU0VFkiLCJtYWMiOiI1MzJiNTczNzhiNjdhMWFiYzY2OWM2MjY2MDg5ODVkYjY2YTcxM2FlZWRlM2MxZTU4ZjY4MzQxMDc4ZmMxNGE4IiwidGFnIjoiIn0%3D; expires=Wed, 28 May 2025 12:06:26 GMT; Max-Age=5400; path=/; secure; httponly; samesite=none; partitioned
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
date: Wed, 28 May 2025 10:36:26 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| jilliandescribecompany.com/s/images/logos/voe-logo-2.svg?v=2 | 186.2.163.111 | 200 OK | 403 B |
URL GET jilliandescribecompany.com/s/images/logos/voe-logo-2.svg?v=2 IP186.2.163.111:443
Requested byhttps://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9 CertificateIssuerLet's Encrypt Subjectjilliandescribecompany.com Fingerprint2A:DB:89:8B:4F:4D:1A:FB:25:6C:69:83:C3:BF:C7:BE:3F:E1:1D:2F ValiditySat, 24 May 2025 00:06:33 GMT - Fri, 22 Aug 2025 00:06:32 GMT
File typeSVG Scalable Vector Graphics image Hasha638d0dfa6feb7ce4b90e7c91c5b0df4 7a0a86f47b51781f48bb9f232f05193936490027 38b49bc67e053e96441e62f8423a9ed0e907ef768a0ffbba4370128760f814dc
GET /s/images/logos/voe-logo-2.svg?v=2 HTTP/1.1
Host: jilliandescribecompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9
Cookie: __ddg8_=ai8jiQCOgOXxAtzx; __ddg10_=1748428586; __ddg9_=91.90.42.154; __ddg1_=D09lEBBxolDmYPxGtLms; XSRF-TOKEN=eyJpdiI6IlpsWEhIVi9nY2RyaEppWTFXYnptZUE9PSIsInZhbHVlIjoiWi9mUU9KT1ZUVjcxSE1yVUlSd0s2WDFzSFU0Z2t3TXhPWGo0emJZR2xlMEp4QjVKM2ZUVHN1S2Z2dkxSemxFTVlyeEY1TzlHVURYYUhaODZEbnZhWlhsRVRQbWExS0g3T2NyZzcybUVmR3F6cU9STitUNldqZnVVelV1TFpDYmQiLCJtYWMiOiJiYzE0NTUyOTE0NjllNTk2MjQzZjlkNWNlZjkxMTM5ZTNkNDM4MmEyMTNiNDFjYjA2MjRmYTA3NGM1NGU5NTgxIiwidGFnIjoiIn0%3D; voe_session=eyJpdiI6ImYzSFZ1TFl5ekNGbjZ6S204MFU0dmc9PSIsInZhbHVlIjoiVHMzQzZ4TFZjTmpaY3ZTOHIrS0NDaEszZ1dDSzhHWjd3dFZud2NEY3k4TFB1K255cTgyVlFOVktXY2ZpcUtJL0YxUG5UMFgzTENadEJYYUNmZWIzazR5T3NIc2p5UnZaTnJaMGdFMzJjM0F6NGRSdXlDYktWNzFRR0ZmNUU0VFkiLCJtYWMiOiI1MzJiNTczNzhiNjdhMWFiYzY2OWM2MjY2MDg5ODVkYjY2YTcxM2FlZWRlM2MxZTU4ZjY4MzQxMDc4ZmMxNGE4IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg8_=SRs9I2StB05PoBxd; Domain=.jilliandescribecompany.com; Path=/; Expires=Wed, 28-May-2025 10:56:27 GMT
__ddg10_=1748428587; Domain=.jilliandescribecompany.com; Path=/; Expires=Wed, 28-May-2025 10:56:27 GMT
__ddg9_=91.90.42.154; Domain=.jilliandescribecompany.com; Path=/; Expires=Wed, 28-May-2025 10:56:27 GMT
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 24 May 2025 01:08:56 GMT
content-type: image/svg+xml
last-modified: Sun, 27 Apr 2025 04:35:04 GMT
etag: W/"680db3f8-193"
expires: Mon, 23 Jun 2025 01:08:56 GMT
cache-control: max-age=2592000
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
age: 379651
content-length: 221
ddg-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/figtree/v8/_Xms-HUzqDCFdgfMm4S9DQ.woff2 | 142.250.178.67 | 200 OK | 20 kB |
URL GET fonts.gstatic.com/s/figtree/v8/_Xms-HUzqDCFdgfMm4S9DQ.woff2 IP142.250.178.67:443
Requested byhttps://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9 CertificateIssuerGoogle Trust Services Subject*.gstatic.com Fingerprint58:93:D6:74:22:41:22:FC:10:8C:BD:51:81:F5:29:DE:00:91:9B:FD ValidityTue, 29 Apr 2025 19:29:18 GMT - Tue, 22 Jul 2025 19:29:17 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 20156, version 1.0 Hash202cfb54d4e66d1702404ade49339ceb 57fd1acf8d9651d9c38c0d4af7b78bc399be0652 4ba7d3d096695818fe0686be4f1e82c6b05134e18a22260336130335027462dd
GET /s/figtree/v8/_Xms-HUzqDCFdgfMm4S9DQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://jilliandescribecompany.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20156
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 27 May 2025 16:37:14 GMT
expires: Wed, 27 May 2026 16:37:14 GMT
cache-control: public, max-age=31536000
age: 64754
last-modified: Mon, 12 May 2025 21:45:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| jilliandescribecompany.com/favicon-16x16.png | 186.2.163.111 | 200 OK | 533 B |
URL GET jilliandescribecompany.com/favicon-16x16.png IP186.2.163.111:443
Requested byhttps://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9 CertificateIssuerLet's Encrypt Subjectjilliandescribecompany.com Fingerprint2A:DB:89:8B:4F:4D:1A:FB:25:6C:69:83:C3:BF:C7:BE:3F:E1:1D:2F ValiditySat, 24 May 2025 00:06:33 GMT - Fri, 22 Aug 2025 00:06:32 GMT
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced Hash4a1c219d978909f413ca1b9a39f7523d 08859f796b01690ee81a13e4bcc0976f16c473ca dc91f3be29e28fa5aa027f4c3165a5df794424e66c1627b90a204482b470f0be
GET /favicon-16x16.png HTTP/1.1
Host: jilliandescribecompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9
Cookie: __ddg8_=N5Zhma2IqhB7jcvm; __ddg10_=1748428588; __ddg9_=91.90.42.154; __ddg1_=D09lEBBxolDmYPxGtLms; XSRF-TOKEN=eyJpdiI6IlpsWEhIVi9nY2RyaEppWTFXYnptZUE9PSIsInZhbHVlIjoiWi9mUU9KT1ZUVjcxSE1yVUlSd0s2WDFzSFU0Z2t3TXhPWGo0emJZR2xlMEp4QjVKM2ZUVHN1S2Z2dkxSemxFTVlyeEY1TzlHVURYYUhaODZEbnZhWlhsRVRQbWExS0g3T2NyZzcybUVmR3F6cU9STitUNldqZnVVelV1TFpDYmQiLCJtYWMiOiJiYzE0NTUyOTE0NjllNTk2MjQzZjlkNWNlZjkxMTM5ZTNkNDM4MmEyMTNiNDFjYjA2MjRmYTA3NGM1NGU5NTgxIiwidGFnIjoiIn0%3D; voe_session=eyJpdiI6ImYzSFZ1TFl5ekNGbjZ6S204MFU0dmc9PSIsInZhbHVlIjoiVHMzQzZ4TFZjTmpaY3ZTOHIrS0NDaEszZ1dDSzhHWjd3dFZud2NEY3k4TFB1K255cTgyVlFOVktXY2ZpcUtJL0YxUG5UMFgzTENadEJYYUNmZWIzazR5T3NIc2p5UnZaTnJaMGdFMzJjM0F6NGRSdXlDYktWNzFRR0ZmNUU0VFkiLCJtYWMiOiI1MzJiNTczNzhiNjdhMWFiYzY2OWM2MjY2MDg5ODVkYjY2YTcxM2FlZWRlM2MxZTU4ZjY4MzQxMDc4ZmMxNGE4IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg8_=9vtBZTXryl1JvSyd; Domain=.jilliandescribecompany.com; Path=/; Expires=Wed, 28-May-2025 10:56:28 GMT
__ddg10_=1748428588; Domain=.jilliandescribecompany.com; Path=/; Expires=Wed, 28-May-2025 10:56:28 GMT
__ddg9_=91.90.42.154; Domain=.jilliandescribecompany.com; Path=/; Expires=Wed, 28-May-2025 10:56:28 GMT
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 24 May 2025 01:10:11 GMT
content-type: image/png
content-length: 533
last-modified: Mon, 14 Aug 2023 01:22:26 GMT
etag: "64d981d2-215"
expires: Mon, 23 Jun 2025 01:10:11 GMT
cache-control: max-age=2592000
accept-ranges: bytes
age: 379578
ddg-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| bobapsoabauns.com/www/images/90c3285604e00c4164892d7a1826e68e.png | 104.21.73.203 | 200 OK | 81 kB |
URL GET bobapsoabauns.com/www/images/90c3285604e00c4164892d7a1826e68e.png IP104.21.73.203:443
Requested byhttps://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9 CertificateIssuerGoogle Trust Services Subjectbobapsoabauns.com Fingerprint8C:C2:83:27:EF:DF:2F:25:DF:58:17:A2:0F:5F:E7:86:EA:92:7F:D9 ValidityWed, 21 May 2025 20:50:33 GMT - Tue, 19 Aug 2025 21:47:54 GMT
File typePNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced Hash90c3285604e00c4164892d7a1826e68e b115037bae8351aa4a926cf201cfb2896fd3aa96 2ff3d019e9979db4f9d1c06b008bb30b936fe253f7bb8e18f06effff4723e91d
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /www/images/90c3285604e00c4164892d7a1826e68e.png HTTP/1.1
Host: bobapsoabauns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 28 May 2025 10:36:32 GMT
content-type: image/png
content-length: 80908
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wkO7sXhiP4mOfBpKsL4DJIN33QFpxQyYu1e%2F32R9v5pWA8kUXuYgSGlQ%2BW9ipC%2Bih3qTvV2C9toqWBmp%2FHEJBo%2FX1m2K0iBwq8s0HUL4%2BPAx9Kysr1JCGwR%2ByLZ1V%2FCn7KnpuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 04 Mar 2025 18:50:36 GMT
etag: "67c74b7c-13c0c"
expires: Wed, 28 May 2025 21:17:00 GMT
cache-control: max-age=86400
timing-allow-origin: *
accept-ranges: bytes
age: 47971
cf-cache-status: HIT
cf-ray: 946d1c8c0bd056b4-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3515&min_rtt=2046&rtt_var=1429&sent=21&recv=21&lost=0&retrans=0&sent_bytes=4246&recv_bytes=1863&delivery_rate=500280&cwnd=12000&unsent_bytes=0&cid=1d2476ba81203e04&ts=1915&x=80"
|
|
| jilliandescribecompany.com/js/loader.c7381b2.js | 186.2.163.111 | 200 OK | 87 kB |
URL GET jilliandescribecompany.com/js/loader.c7381b2.js IP186.2.163.111:443
Requested byhttps://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9 CertificateIssuerLet's Encrypt Subjectjilliandescribecompany.com Fingerprint2A:DB:89:8B:4F:4D:1A:FB:25:6C:69:83:C3:BF:C7:BE:3F:E1:1D:2F ValiditySat, 24 May 2025 00:06:33 GMT - Fri, 22 Aug 2025 00:06:32 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hashb8fdf254afa3d3bc5c0da167a13c2e36 05fb272653e88f082394c503d7178b3c2f71e899 c5ff72987e6f553a72a6ca16125ab9f2c947a198dbc9d24157b3c39e1f1a2367
GET /js/loader.c7381b2.js HTTP/1.1
Host: jilliandescribecompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9
Cookie: __ddg8_=ai8jiQCOgOXxAtzx; __ddg10_=1748428586; __ddg9_=91.90.42.154; __ddg1_=D09lEBBxolDmYPxGtLms; XSRF-TOKEN=eyJpdiI6IlpsWEhIVi9nY2RyaEppWTFXYnptZUE9PSIsInZhbHVlIjoiWi9mUU9KT1ZUVjcxSE1yVUlSd0s2WDFzSFU0Z2t3TXhPWGo0emJZR2xlMEp4QjVKM2ZUVHN1S2Z2dkxSemxFTVlyeEY1TzlHVURYYUhaODZEbnZhWlhsRVRQbWExS0g3T2NyZzcybUVmR3F6cU9STitUNldqZnVVelV1TFpDYmQiLCJtYWMiOiJiYzE0NTUyOTE0NjllNTk2MjQzZjlkNWNlZjkxMTM5ZTNkNDM4MmEyMTNiNDFjYjA2MjRmYTA3NGM1NGU5NTgxIiwidGFnIjoiIn0%3D; voe_session=eyJpdiI6ImYzSFZ1TFl5ekNGbjZ6S204MFU0dmc9PSIsInZhbHVlIjoiVHMzQzZ4TFZjTmpaY3ZTOHIrS0NDaEszZ1dDSzhHWjd3dFZud2NEY3k4TFB1K255cTgyVlFOVktXY2ZpcUtJL0YxUG5UMFgzTENadEJYYUNmZWIzazR5T3NIc2p5UnZaTnJaMGdFMzJjM0F6NGRSdXlDYktWNzFRR0ZmNUU0VFkiLCJtYWMiOiI1MzJiNTczNzhiNjdhMWFiYzY2OWM2MjY2MDg5ODVkYjY2YTcxM2FlZWRlM2MxZTU4ZjY4MzQxMDc4ZmMxNGE4IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg8_=kcIIK1cqFqjyCuIe; Domain=.jilliandescribecompany.com; Path=/; Expires=Wed, 28-May-2025 10:56:27 GMT
__ddg10_=1748428587; Domain=.jilliandescribecompany.com; Path=/; Expires=Wed, 28-May-2025 10:56:27 GMT
__ddg9_=91.90.42.154; Domain=.jilliandescribecompany.com; Path=/; Expires=Wed, 28-May-2025 10:56:27 GMT
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 24 May 2025 01:08:49 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 05 May 2025 16:07:50 GMT
etag: W/"6818e256-15231"
expires: Mon, 23 Jun 2025 01:08:49 GMT
cache-control: max-age=2592000
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
age: 379659
content-length: 28148
ddg-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| ptichoolsougn.net/500/9013477?excludes=&oaid=0801d7ced21e45afea2b5154b94fb335&var=&ymid=&tgp=&js_build=8&sw_version=v1.633.2&dmn=ptichoolsougn.net&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fjilliandescribecompany.com%2Faccess%2FeyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 | 139.45.197.107 | 200 OK | 1.6 kB |
URL GET ptichoolsougn.net/500/9013477?excludes=&oaid=0801d7ced21e45afea2b5154b94fb335&var=&ymid=&tgp=&js_build=8&sw_version=v1.633.2&dmn=ptichoolsougn.net&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fjilliandescribecompany.com%2Faccess%2FeyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 IP139.45.197.107:443
Requested byhttps://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9 CertificateIssuerLet's Encrypt Subjectptichoolsougn.net FingerprintD4:D5:69:CE:D9:AE:9E:84:EC:1E:51:5A:33:BD:1B:0D:6A:E3:C3:9A ValidityMon, 05 May 2025 05:35:02 GMT - Sun, 03 Aug 2025 05:35:01 GMT
Hasha6d505c116f5f8c412b926fc97140788 238705d8a04d4eb328ac78e06700da6a08c813c2 497f29eeffa0caa3bdac9c4f725bd3fb81f41e0635b296eed7edda7fd57e4195
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /500/9013477?excludes=&oaid=0801d7ced21e45afea2b5154b94fb335&var=&ymid=&tgp=&js_build=8&sw_version=v1.633.2&dmn=ptichoolsougn.net&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fjilliandescribecompany.com%2Faccess%2FeyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 HTTP/1.1
Host: ptichoolsougn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://jilliandescribecompany.com
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/
Cookie: OAID=0301d736236a4057fdf2793b6804371f
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 28 May 2025 10:36:29 GMT
content-type: application/javascript
x-trace-id: a349a3118ebe88ef5059e24349c0c084
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: https://jilliandescribecompany.com
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
set-cookie: OAID=0801d7ced21e45afea2b5154b94fb335; expires=Thu, 28 May 2026 10:36:29 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| theetheks.com/500/8865093?excludes=&oaid=0801d7ced21e45afea2b5154b94fb335&var=&ymid=&tgp=&js_build=8&sw_version=v1.633.2&dmn=theetheks.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fjilliandescribecompany.com%2Faccess%2FeyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 | 139.45.197.119 | 200 OK | 1.6 kB |
URL GET theetheks.com/500/8865093?excludes=&oaid=0801d7ced21e45afea2b5154b94fb335&var=&ymid=&tgp=&js_build=8&sw_version=v1.633.2&dmn=theetheks.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fjilliandescribecompany.com%2Faccess%2FeyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 IP139.45.197.119:443
Requested byhttps://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9 CertificateIssuerLet's Encrypt Subjecttheetheks.com Fingerprint49:39:94:26:26:3F:1D:88:F9:26:12:60:9C:80:54:07:4F:6D:A5:3B ValidityWed, 23 Apr 2025 05:24:46 GMT - Tue, 22 Jul 2025 05:24:45 GMT
Hash9d357fda2816e95c96e8a323ef11edb7 e1a40895785e30665b47a273885815e531c2a616 492afe941c558aa31031d221f341d354fe3a1c8e44a0a2d94c22970d52afdb5f
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /500/8865093?excludes=&oaid=0801d7ced21e45afea2b5154b94fb335&var=&ymid=&tgp=&js_build=8&sw_version=v1.633.2&dmn=theetheks.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fjilliandescribecompany.com%2Faccess%2FeyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 HTTP/1.1
Host: theetheks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://jilliandescribecompany.com
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/
Cookie: OAID=0301d73a5dac4e0de07b0b7414399eab
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 28 May 2025 10:36:29 GMT
content-type: application/javascript
x-trace-id: d1d497b08efdb281110852405a391870
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://jilliandescribecompany.com
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
set-cookie: OAID=0801d7ced21e45afea2b5154b94fb335; expires=Thu, 28 May 2026 10:36:29 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| bobapsoabauns.com/www/images/90c3285604e00c4164892d7a1826e68e.png | 104.21.73.203 | 200 OK | 81 kB |
URL GET bobapsoabauns.com/www/images/90c3285604e00c4164892d7a1826e68e.png IP104.21.73.203:443
Requested byhttps://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9 CertificateIssuerGoogle Trust Services Subjectbobapsoabauns.com Fingerprint8C:C2:83:27:EF:DF:2F:25:DF:58:17:A2:0F:5F:E7:86:EA:92:7F:D9 ValidityWed, 21 May 2025 20:50:33 GMT - Tue, 19 Aug 2025 21:47:54 GMT
File typePNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced Hash90c3285604e00c4164892d7a1826e68e b115037bae8351aa4a926cf201cfb2896fd3aa96 2ff3d019e9979db4f9d1c06b008bb30b936fe253f7bb8e18f06effff4723e91d
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /www/images/90c3285604e00c4164892d7a1826e68e.png HTTP/1.1
Host: bobapsoabauns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 28 May 2025 10:36:30 GMT
content-type: image/png
content-length: 80908
server: cloudflare
last-modified: Tue, 04 Mar 2025 18:50:36 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: "67c74b7c-13c0c"
expires: Wed, 28 May 2025 21:17:00 GMT
cache-control: max-age=86400
timing-allow-origin: *
accept-ranges: bytes
age: 47969
cf-cache-status: HIT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=iBTJ2ZV%2FFmKg3uYJw5WuAdzJAvQ4rdodtP2dTmsVH5a9tNw072kgOnwqtJSXKZngSS56XU6vnxkfWDY%2BlfuKtnt4%2Ft5OeHqVyA45yUlTgw%3D%3D"}]}
cf-ray: 946d1c800e6256b9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700 | 142.250.74.10 | 200 OK | 27 kB |
URL GET fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700 IP142.250.74.10:443
Requested byhttps://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9 CertificateIssuerGoogle Trust Services Subjectupload.video.google.com FingerprintE8:3A:D1:2C:16:97:56:94:8B:01:F8:ED:EB:81:17:F8:D7:6C:B2:41 ValidityTue, 29 Apr 2025 19:29:18 GMT - Tue, 22 Jul 2025 19:29:17 GMT
File typeASCII text, with very long lines (1572) Hashda8ad2595d78edf21895319e7d02fe73 d707ec9d6f68fbcfc0e2ebe711b97ad7d67e9aa9 95bce9ed84dcd1e30d88c5e2b2368d24c4e6c60ca58210293d28b3394d1d629a
GET /css2?family=Roboto:wght@100;300;400;500;700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 28 May 2025 10:36:31 GMT
date: Wed, 28 May 2025 10:36:31 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 | 142.250.178.67 | 200 OK | 40 kB |
URL GET fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 IP142.250.178.67:443
Requested byhttps://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9 CertificateIssuerGoogle Trust Services Subject*.gstatic.com Fingerprint58:93:D6:74:22:41:22:FC:10:8C:BD:51:81:F5:29:DE:00:91:9B:FD ValidityTue, 29 Apr 2025 19:29:18 GMT - Tue, 22 Jul 2025 19:29:17 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 40128, version 1.0 Hash9a01b69183a9604ab3a439e388b30501 8ed1d59003d0dbe6360481017b44665153665fbe 20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2
GET /s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://jilliandescribecompany.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 May 2025 18:15:43 GMT
expires: Fri, 22 May 2026 18:15:43 GMT
cache-control: public, max-age=31536000
age: 490849
last-modified: Wed, 08 Jan 2025 18:23:10 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js | 104.17.24.14 | 200 OK | 88 kB |
URL GET cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js IP104.17.24.14:443
Requested byhttps://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9 CertificateIssuerGoogle Trust Services Subjectcdnjs.cloudflare.com Fingerprint4B:06:E9:E2:47:47:F5:3C:33:58:F8:2A:95:70:22:5E:23:19:03:77 ValidityThu, 22 May 2025 14:38:44 GMT - Wed, 20 Aug 2025 15:38:38 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash2c872dbe60f4ba70fb85356113d8b35e ee48592d1fff952fcf06ce0b666ed4785493afdc fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
GET /ajax/libs/jquery/3.7.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jilliandescribecompany.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 28 May 2025 10:36:27 GMT
content-type: application/javascript; charset=utf-8
content-length: 27446
server: cloudflare
strict-transport-security: max-age=15780000
cf-ray: 946d1c6eda9c56bf-OSL
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "64ed75bb-6b36"
last-modified: Tue, 29 Aug 2023 04:36:11 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 498803
expires: Mon, 18 May 2026 10:36:27 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LvCuQw2RnAUWRsKclIrnUdX5MQfLdHUmnP4KV8Tdm8wvN8Bx2%2F%2FZiPCA4bOzaEzpjrogWG%2Bz%2Fe8HO%2FjC5LpkKUL8qXzD1ys5bLtscYA5vL3U3V9ruTRPd0FpcnpjSfRxb%2BqFKbi%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| theetheks.com/500/8865093?excludes=22954946&oaid=0801d7ced21e45afea2b5154b94fb335&var=&ymid=&tgp=&js_build=8&sw_version=v1.633.2&dmn=theetheks.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Fjilliandescribecompany.com%2Faccess%2FeyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 | 139.45.197.119 | 200 OK | 0 B |
URL OPTIONS theetheks.com/500/8865093?excludes=22954946&oaid=0801d7ced21e45afea2b5154b94fb335&var=&ymid=&tgp=&js_build=8&sw_version=v1.633.2&dmn=theetheks.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Fjilliandescribecompany.com%2Faccess%2FeyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 IP139.45.197.119:443
Requested byhttps://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9 CertificateIssuerLet's Encrypt Subjecttheetheks.com Fingerprint49:39:94:26:26:3F:1D:88:F9:26:12:60:9C:80:54:07:4F:6D:A5:3B ValidityWed, 23 Apr 2025 05:24:46 GMT - Tue, 22 Jul 2025 05:24:45 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
OPTIONS /500/8865093?excludes=22954946&oaid=0801d7ced21e45afea2b5154b94fb335&var=&ymid=&tgp=&js_build=8&sw_version=v1.633.2&dmn=theetheks.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Fjilliandescribecompany.com%2Faccess%2FeyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 HTTP/1.1
Host: theetheks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://jilliandescribecompany.com/
Origin: https://jilliandescribecompany.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 28 May 2025 10:36:37 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://jilliandescribecompany.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-credentials: true
access-control-max-age: 600
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| jilliandescribecompany.com/uwnvrxpjvfhq | 186.2.163.111 | 302 Found | 156 kB |
URL User Request GET jilliandescribecompany.com/uwnvrxpjvfhq IP186.2.163.111:443
CertificateIssuerLet's Encrypt Subjectjilliandescribecompany.com Fingerprint2A:DB:89:8B:4F:4D:1A:FB:25:6C:69:83:C3:BF:C7:BE:3F:E1:1D:2F ValiditySat, 24 May 2025 00:06:33 GMT - Fri, 22 Aug 2025 00:06:32 GMT
Size156 kB (155760 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uwnvrxpjvfhq HTTP/1.1
Host: jilliandescribecompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: ddos-guard
set-cookie: __ddg8_=6RYkLvB80LnLTzCa; Domain=.jilliandescribecompany.com; Path=/; Expires=Wed, 28-May-2025 10:56:26 GMT
__ddg10_=1748428586; Domain=.jilliandescribecompany.com; Path=/; Expires=Wed, 28-May-2025 10:56:26 GMT
__ddg9_=91.90.42.154; Domain=.jilliandescribecompany.com; Path=/; Expires=Wed, 28-May-2025 10:56:26 GMT
__ddg1_=D09lEBBxolDmYPxGtLms; Domain=.jilliandescribecompany.com; HttpOnly; Path=/; Expires=Thu, 28-May-2026 10:36:26 GMT
XSRF-TOKEN=eyJpdiI6ImQrcFhieGVIV2lNYkhHemlEeTNYL2c9PSIsInZhbHVlIjoiS0lTTXJLKzkzeklZRFgvZjkxTXVLakp6RkNTNENJc081bmpHaHZEbzNQaW1GS2JENG0ydCtraW5HTWY5VE5FNmFSV1BsbkVQMzh5bDF1YjFkR1NacStpRGVjWXVKeXNjYngxbkFnbmJ2Y0hUb1FCb2l5ekJjNEwycWNCWk5oRWwiLCJtYWMiOiI3NDc3YmU3MTM5MDk5NWZkM2VjODBiZmFmNjAxODI2NGI4NTJkNmVkYTc4NmNmN2RjNGI5YTFlZWIwYWE1YzdhIiwidGFnIjoiIn0%3D; expires=Wed, 28 May 2025 12:06:26 GMT; Max-Age=5400; path=/; secure; samesite=none; partitioned
voe_session=eyJpdiI6IlhMamlROXZ3YlpiVmFHdjZ5alFIY0E9PSIsInZhbHVlIjoiblBvNTRFcjdEMEpJc0cxTmV0MElqUWMvUXRnVWpQOHQyeGlpTURXb0NuS3cwc1RJcWxGUmRIWTd5Z2ZlTXAxREl3a2Vma0lnaHBUTWlPZTZheDQxQ2NaV1dxY01qTG5tVjJYd3BUSW9GZzd4V09GZEpLZ1RYeVV1UFZpa2phdi8iLCJtYWMiOiI1M2U1YzZkNWQyNTJkOTE3MmUyOTE3NzMyZThmOTZmZmFhMTljYjVlZWQxYjcwNWVmOWJhYTgwNzMwOGU0ZGVlIiwidGFnIjoiIn0%3D; expires=Wed, 28 May 2025 12:06:26 GMT; Max-Age=5400; path=/; secure; httponly; samesite=none; partitioned
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=utf-8
cache-control: no-cache, private
date: Wed, 28 May 2025 10:36:26 GMT
location: https://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|
| my.rtmark.net/gid.js | 104.18.41.22 | 200 OK | 65 B |
IP104.18.41.22:443
Requested byhttps://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9 CertificateIssuerGoogle Trust Services Subjectmy.rtmark.net Fingerprint61:93:FB:BF:25:C3:CE:7B:CB:69:5D:87:04:AA:ED:1B:35:8D:44:82 ValidityFri, 02 May 2025 11:10:51 GMT - Thu, 31 Jul 2025 12:10:47 GMT
Hashbf7f6b6caf08fcff3b8ab00463813802 c3249dc7528be5416e8b9a4b513193c75425d10f 25e36a60f1bd626d57ea02563f7515e2b98236d66df30a23e30e0830c7b1325b
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jilliandescribecompany.com
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 28 May 2025 10:36:28 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://jilliandescribecompany.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=0801d7ced21e45afea2b5154b94fb335; expires=Thu, 28 May 2026 10:36:28 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 946d1c786b5e568e-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ptichoolsougn.net/401/9013477 | 139.45.197.107 | 200 OK | 148 kB |
URL GET ptichoolsougn.net/401/9013477 IP139.45.197.107:443
Requested byhttps://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9 CertificateIssuerLet's Encrypt Subjectptichoolsougn.net FingerprintD4:D5:69:CE:D9:AE:9E:84:EC:1E:51:5A:33:BD:1B:0D:6A:E3:C3:9A ValidityMon, 05 May 2025 05:35:02 GMT - Sun, 03 Aug 2025 05:35:01 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size148 kB (147821 bytes) Hash2a4392d5cda817d10459a53b56243716 668cd03e3e95a8153d7877db36f6bbc59f5f7e83 d37f74fdbd74435470ac1abe3f53d04582971c47982cfc84d579ff0c84b170f1
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /401/9013477 HTTP/1.1
Host: ptichoolsougn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 28 May 2025 10:36:28 GMT
content-type: application/javascript
x-trace-id: 6865ce481f73bf1e4b4cfbda2b1a8f2f
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
set-cookie: OAID=0301d736236a4057fdf2793b6804371f; expires=Thu, 28 May 2026 10:36:28 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| theetheks.com/500/8865093?excludes=&oaid=0801d7ced21e45afea2b5154b94fb335&var=&ymid=&tgp=&js_build=8&sw_version=v1.633.2&dmn=theetheks.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fjilliandescribecompany.com%2Faccess%2FeyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 | 139.45.197.119 | 200 OK | 0 B |
URL OPTIONS theetheks.com/500/8865093?excludes=&oaid=0801d7ced21e45afea2b5154b94fb335&var=&ymid=&tgp=&js_build=8&sw_version=v1.633.2&dmn=theetheks.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fjilliandescribecompany.com%2Faccess%2FeyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 IP139.45.197.119:443
Requested byhttps://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9 CertificateIssuerLet's Encrypt Subjecttheetheks.com Fingerprint49:39:94:26:26:3F:1D:88:F9:26:12:60:9C:80:54:07:4F:6D:A5:3B ValidityWed, 23 Apr 2025 05:24:46 GMT - Tue, 22 Jul 2025 05:24:45 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
OPTIONS /500/8865093?excludes=&oaid=0801d7ced21e45afea2b5154b94fb335&var=&ymid=&tgp=&js_build=8&sw_version=v1.633.2&dmn=theetheks.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fjilliandescribecompany.com%2Faccess%2FeyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 HTTP/1.1
Host: theetheks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://jilliandescribecompany.com/
Origin: https://jilliandescribecompany.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 28 May 2025 10:36:29 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://jilliandescribecompany.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-credentials: true
access-control-max-age: 600
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMaxKUBGEe.woff2 | 142.250.178.67 | 200 OK | 20 kB |
URL GET fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMaxKUBGEe.woff2 IP142.250.178.67:443
Requested byhttps://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9 CertificateIssuerGoogle Trust Services Subject*.gstatic.com Fingerprint58:93:D6:74:22:41:22:FC:10:8C:BD:51:81:F5:29:DE:00:91:9B:FD ValidityTue, 29 Apr 2025 19:29:18 GMT - Tue, 22 Jul 2025 19:29:17 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 20408, version 1.0 Hashe8730678d4610fa908d3cba1ef0b4ddf 1efcbee909ce74bf04878d74867f12a1e41ae7a4 e921785496ed2d98c2257c88a6f838afa6acbee05cb8467048501bfe2a301461
GET /s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMaxKUBGEe.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://jilliandescribecompany.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20408
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 May 2025 18:16:11 GMT
expires: Fri, 22 May 2026 18:16:11 GMT
cache-control: public, max-age=31536000
age: 490821
last-modified: Wed, 08 Jan 2025 18:23:12 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| theetheks.com/impression/l3vaCQz5fffAhVFjatPnOiQDpBN1z7C4WJ_-V8cAk9MLoj7MiM1inVxWM5WeXC8W_halPSI8n7hapyReOytXso5P-yP3RmGzYh97KjirC_YZga3DRzyysjNW0yivmMGjL1Fl_eBirM8UC5K11gTatpCC7abuqaVVRGk9zgUcP63_aHQQzYk0HcIqiOnd-cVCko4W23F6lUGHZ-4ZN1rNpvgB4M0M0AQmgQl0cpoePC_Q_r9FEZj-hJqmD4_KEctMs3JmFO5QEDxdw9BzJ5Uc5aaYql_6LYa-qRVDP-HSklgwFvJLSaJW4Dj2bFAroTk0vUjZoeo9gbFm3hp7-Fcr8lt85M2A-ec2AjRyWbvZbPcuxoU90FQnfeSllqFu9l3G-vgyswrlPa_-kRPIdHtJ3tELy7nB6Fn_ZbosJ8-BLjcu-lUPphu_uH44aioIZh5f9rPWLxyZ8e_F0pf-6fpDS0U0A35N81wUHvhlXyFCDfBnwDKBo_xQ9RSXOtxd9teYmWIGBpmbvq_3IXEtt5HOmh001PQ7H8_uDnd_xTEz1mSQjy-YpRa0KKr4LczQfioWmflOWA==?_z=8865093&js_build=8&sw_version=v1.633.2&dmn=theetheks.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Fjilliandescribecompany.com%2Faccess%2FeyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 | 139.45.197.119 | 200 OK | 43 B |
URL GET theetheks.com/impression/l3vaCQz5fffAhVFjatPnOiQDpBN1z7C4WJ_-V8cAk9MLoj7MiM1inVxWM5WeXC8W_halPSI8n7hapyReOytXso5P-yP3RmGzYh97KjirC_YZga3DRzyysjNW0yivmMGjL1Fl_eBirM8UC5K11gTatpCC7abuqaVVRGk9zgUcP63_aHQQzYk0HcIqiOnd-cVCko4W23F6lUGHZ-4ZN1rNpvgB4M0M0AQmgQl0cpoePC_Q_r9FEZj-hJqmD4_KEctMs3JmFO5QEDxdw9BzJ5Uc5aaYql_6LYa-qRVDP-HSklgwFvJLSaJW4Dj2bFAroTk0vUjZoeo9gbFm3hp7-Fcr8lt85M2A-ec2AjRyWbvZbPcuxoU90FQnfeSllqFu9l3G-vgyswrlPa_-kRPIdHtJ3tELy7nB6Fn_ZbosJ8-BLjcu-lUPphu_uH44aioIZh5f9rPWLxyZ8e_F0pf-6fpDS0U0A35N81wUHvhlXyFCDfBnwDKBo_xQ9RSXOtxd9teYmWIGBpmbvq_3IXEtt5HOmh001PQ7H8_uDnd_xTEz1mSQjy-YpRa0KKr4LczQfioWmflOWA==?_z=8865093&js_build=8&sw_version=v1.633.2&dmn=theetheks.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Fjilliandescribecompany.com%2Faccess%2FeyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 IP139.45.197.119:443
Requested byhttps://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9 CertificateIssuerLet's Encrypt Subjecttheetheks.com Fingerprint49:39:94:26:26:3F:1D:88:F9:26:12:60:9C:80:54:07:4F:6D:A5:3B ValidityWed, 23 Apr 2025 05:24:46 GMT - Tue, 22 Jul 2025 05:24:45 GMT
File typeGIF image data, version 89a, 1 x 1 Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /impression/l3vaCQz5fffAhVFjatPnOiQDpBN1z7C4WJ_-V8cAk9MLoj7MiM1inVxWM5WeXC8W_halPSI8n7hapyReOytXso5P-yP3RmGzYh97KjirC_YZga3DRzyysjNW0yivmMGjL1Fl_eBirM8UC5K11gTatpCC7abuqaVVRGk9zgUcP63_aHQQzYk0HcIqiOnd-cVCko4W23F6lUGHZ-4ZN1rNpvgB4M0M0AQmgQl0cpoePC_Q_r9FEZj-hJqmD4_KEctMs3JmFO5QEDxdw9BzJ5Uc5aaYql_6LYa-qRVDP-HSklgwFvJLSaJW4Dj2bFAroTk0vUjZoeo9gbFm3hp7-Fcr8lt85M2A-ec2AjRyWbvZbPcuxoU90FQnfeSllqFu9l3G-vgyswrlPa_-kRPIdHtJ3tELy7nB6Fn_ZbosJ8-BLjcu-lUPphu_uH44aioIZh5f9rPWLxyZ8e_F0pf-6fpDS0U0A35N81wUHvhlXyFCDfBnwDKBo_xQ9RSXOtxd9teYmWIGBpmbvq_3IXEtt5HOmh001PQ7H8_uDnd_xTEz1mSQjy-YpRa0KKr4LczQfioWmflOWA==?_z=8865093&js_build=8&sw_version=v1.633.2&dmn=theetheks.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Fjilliandescribecompany.com%2Faccess%2FeyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 HTTP/1.1
Host: theetheks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/
Cookie: OAID=0801d7ced21e45afea2b5154b94fb335
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 28 May 2025 10:36:39 GMT
content-type: image/gif
content-length: 43
x-trace-id: 52927f2c586e0d0d17fda297d97971b4
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| jilliandescribecompany.com/jwplayer/8.36.6/provider.hlsjs.js | 186.2.163.111 | 200 OK | 461 kB |
URL GET jilliandescribecompany.com/jwplayer/8.36.6/provider.hlsjs.js IP186.2.163.111:443
Requested byhttps://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9 CertificateIssuerLet's Encrypt Subjectjilliandescribecompany.com Fingerprint2A:DB:89:8B:4F:4D:1A:FB:25:6C:69:83:C3:BF:C7:BE:3F:E1:1D:2F ValiditySat, 24 May 2025 00:06:33 GMT - Fri, 22 Aug 2025 00:06:32 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size461 kB (461123 bytes) Hash368c206a1d7773f59f3e0bc33abd667f 1ea49b423a61e884ead7aa6280a7925ce4a7babe 7c0f3ee7233b733cff63d69c75107142c7a619074ec95733ee1fc33f20537f2b
GET /jwplayer/8.36.6/provider.hlsjs.js HTTP/1.1
Host: jilliandescribecompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9
Cookie: __ddg8_=uJTErltvYhdNnuZU; __ddg10_=1748428588; __ddg9_=91.90.42.154; __ddg1_=D09lEBBxolDmYPxGtLms; XSRF-TOKEN=eyJpdiI6IlpsWEhIVi9nY2RyaEppWTFXYnptZUE9PSIsInZhbHVlIjoiWi9mUU9KT1ZUVjcxSE1yVUlSd0s2WDFzSFU0Z2t3TXhPWGo0emJZR2xlMEp4QjVKM2ZUVHN1S2Z2dkxSemxFTVlyeEY1TzlHVURYYUhaODZEbnZhWlhsRVRQbWExS0g3T2NyZzcybUVmR3F6cU9STitUNldqZnVVelV1TFpDYmQiLCJtYWMiOiJiYzE0NTUyOTE0NjllNTk2MjQzZjlkNWNlZjkxMTM5ZTNkNDM4MmEyMTNiNDFjYjA2MjRmYTA3NGM1NGU5NTgxIiwidGFnIjoiIn0%3D; voe_session=eyJpdiI6ImYzSFZ1TFl5ekNGbjZ6S204MFU0dmc9PSIsInZhbHVlIjoiVHMzQzZ4TFZjTmpaY3ZTOHIrS0NDaEszZ1dDSzhHWjd3dFZud2NEY3k4TFB1K255cTgyVlFOVktXY2ZpcUtJL0YxUG5UMFgzTENadEJYYUNmZWIzazR5T3NIc2p5UnZaTnJaMGdFMzJjM0F6NGRSdXlDYktWNzFRR0ZmNUU0VFkiLCJtYWMiOiI1MzJiNTczNzhiNjdhMWFiYzY2OWM2MjY2MDg5ODVkYjY2YTcxM2FlZWRlM2MxZTU4ZjY4MzQxMDc4ZmMxNGE4IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg8_=N5Zhma2IqhB7jcvm; Domain=.jilliandescribecompany.com; Path=/; Expires=Wed, 28-May-2025 10:56:28 GMT
__ddg10_=1748428588; Domain=.jilliandescribecompany.com; Path=/; Expires=Wed, 28-May-2025 10:56:28 GMT
__ddg9_=91.90.42.154; Domain=.jilliandescribecompany.com; Path=/; Expires=Wed, 28-May-2025 10:56:28 GMT
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 24 May 2025 01:08:50 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 05 May 2025 16:07:50 GMT
etag: W/"6818e256-70943"
expires: Mon, 23 Jun 2025 01:08:50 GMT
cache-control: max-age=2592000
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
age: 379658
content-length: 131280
ddg-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| fleraprt.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=5224a333-2d6a-404d-94d4-148dd94bc299 | 139.45.195.252 | 200 OK | 0 B |
URL POST fleraprt.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=5224a333-2d6a-404d-94d4-148dd94bc299 IP139.45.195.252:443
Requested byhttps://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9 CertificateIssuerSectigo Limited Subjectfleraprt.com Fingerprint23:5D:23:03:7B:8D:47:5A:E9:9C:E7:E0:5C:7E:E6:4F:A2:DC:B6:D0 ValidityWed, 11 Dec 2024 00:00:00 GMT - Sun, 11 Jan 2026 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=5224a333-2d6a-404d-94d4-148dd94bc299 HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 802
Origin: https://jilliandescribecompany.com
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.25.5
Date: Wed, 28 May 2025 10:36:30 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://jilliandescribecompany.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
|
|
| jilliandescribecompany.com/s/images/logos/voe-logo.svg?v=2 | 186.2.163.111 | 200 OK | 1.9 kB |
URL GET jilliandescribecompany.com/s/images/logos/voe-logo.svg?v=2 IP186.2.163.111:443
Requested byhttps://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9 CertificateIssuerLet's Encrypt Subjectjilliandescribecompany.com Fingerprint2A:DB:89:8B:4F:4D:1A:FB:25:6C:69:83:C3:BF:C7:BE:3F:E1:1D:2F ValiditySat, 24 May 2025 00:06:33 GMT - Fri, 22 Aug 2025 00:06:32 GMT
File typeSVG Scalable Vector Graphics image Hashbd6af39ad5f6b06bf2f48d4381f7e2d2 446e69b85868537aea68fdca15b5a10694f894ed acf82d320d156d54ca827f03a45c073e0c00103dc78f1750cf011bc61e5216f6
GET /s/images/logos/voe-logo.svg?v=2 HTTP/1.1
Host: jilliandescribecompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9
Cookie: __ddg8_=ai8jiQCOgOXxAtzx; __ddg10_=1748428586; __ddg9_=91.90.42.154; __ddg1_=D09lEBBxolDmYPxGtLms; XSRF-TOKEN=eyJpdiI6IlpsWEhIVi9nY2RyaEppWTFXYnptZUE9PSIsInZhbHVlIjoiWi9mUU9KT1ZUVjcxSE1yVUlSd0s2WDFzSFU0Z2t3TXhPWGo0emJZR2xlMEp4QjVKM2ZUVHN1S2Z2dkxSemxFTVlyeEY1TzlHVURYYUhaODZEbnZhWlhsRVRQbWExS0g3T2NyZzcybUVmR3F6cU9STitUNldqZnVVelV1TFpDYmQiLCJtYWMiOiJiYzE0NTUyOTE0NjllNTk2MjQzZjlkNWNlZjkxMTM5ZTNkNDM4MmEyMTNiNDFjYjA2MjRmYTA3NGM1NGU5NTgxIiwidGFnIjoiIn0%3D; voe_session=eyJpdiI6ImYzSFZ1TFl5ekNGbjZ6S204MFU0dmc9PSIsInZhbHVlIjoiVHMzQzZ4TFZjTmpaY3ZTOHIrS0NDaEszZ1dDSzhHWjd3dFZud2NEY3k4TFB1K255cTgyVlFOVktXY2ZpcUtJL0YxUG5UMFgzTENadEJYYUNmZWIzazR5T3NIc2p5UnZaTnJaMGdFMzJjM0F6NGRSdXlDYktWNzFRR0ZmNUU0VFkiLCJtYWMiOiI1MzJiNTczNzhiNjdhMWFiYzY2OWM2MjY2MDg5ODVkYjY2YTcxM2FlZWRlM2MxZTU4ZjY4MzQxMDc4ZmMxNGE4IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg8_=PfzBR3IdthTcAvdi; Domain=.jilliandescribecompany.com; Path=/; Expires=Wed, 28-May-2025 10:56:27 GMT
__ddg10_=1748428587; Domain=.jilliandescribecompany.com; Path=/; Expires=Wed, 28-May-2025 10:56:27 GMT
__ddg9_=91.90.42.154; Domain=.jilliandescribecompany.com; Path=/; Expires=Wed, 28-May-2025 10:56:27 GMT
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 24 May 2025 01:08:56 GMT
content-type: image/svg+xml
last-modified: Sun, 27 Apr 2025 04:35:04 GMT
vary: Accept-Encoding
etag: W/"680db3f8-74f"
expires: Mon, 23 Jun 2025 01:08:56 GMT
cache-control: max-age=2592000
content-encoding: br
age: 379651
content-length: 958
ddg-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| jilliandescribecompany.com/s/js/site.min.js?ea7bc466cd21d4b756b621241c671b1d | 186.2.163.111 | 200 OK | 103 kB |
URL GET jilliandescribecompany.com/s/js/site.min.js?ea7bc466cd21d4b756b621241c671b1d IP186.2.163.111:443
Requested byhttps://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9 CertificateIssuerLet's Encrypt Subjectjilliandescribecompany.com Fingerprint2A:DB:89:8B:4F:4D:1A:FB:25:6C:69:83:C3:BF:C7:BE:3F:E1:1D:2F ValiditySat, 24 May 2025 00:06:33 GMT - Fri, 22 Aug 2025 00:06:32 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (52179) Size103 kB (102873 bytes) Hash72e89292dad5c7e8a82f6101fc52b71a 11917db2f454df110fedaf803ebf640052f953b8 1058329efc2e4de916dc58c5996ae6620836b878c33d13742b90f20ccddabe61
GET /s/js/site.min.js?ea7bc466cd21d4b756b621241c671b1d HTTP/1.1
Host: jilliandescribecompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9
Cookie: __ddg8_=ai8jiQCOgOXxAtzx; __ddg10_=1748428586; __ddg9_=91.90.42.154; __ddg1_=D09lEBBxolDmYPxGtLms; XSRF-TOKEN=eyJpdiI6IlpsWEhIVi9nY2RyaEppWTFXYnptZUE9PSIsInZhbHVlIjoiWi9mUU9KT1ZUVjcxSE1yVUlSd0s2WDFzSFU0Z2t3TXhPWGo0emJZR2xlMEp4QjVKM2ZUVHN1S2Z2dkxSemxFTVlyeEY1TzlHVURYYUhaODZEbnZhWlhsRVRQbWExS0g3T2NyZzcybUVmR3F6cU9STitUNldqZnVVelV1TFpDYmQiLCJtYWMiOiJiYzE0NTUyOTE0NjllNTk2MjQzZjlkNWNlZjkxMTM5ZTNkNDM4MmEyMTNiNDFjYjA2MjRmYTA3NGM1NGU5NTgxIiwidGFnIjoiIn0%3D; voe_session=eyJpdiI6ImYzSFZ1TFl5ekNGbjZ6S204MFU0dmc9PSIsInZhbHVlIjoiVHMzQzZ4TFZjTmpaY3ZTOHIrS0NDaEszZ1dDSzhHWjd3dFZud2NEY3k4TFB1K255cTgyVlFOVktXY2ZpcUtJL0YxUG5UMFgzTENadEJYYUNmZWIzazR5T3NIc2p5UnZaTnJaMGdFMzJjM0F6NGRSdXlDYktWNzFRR0ZmNUU0VFkiLCJtYWMiOiI1MzJiNTczNzhiNjdhMWFiYzY2OWM2MjY2MDg5ODVkYjY2YTcxM2FlZWRlM2MxZTU4ZjY4MzQxMDc4ZmMxNGE4IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg8_=Ae5DCY2j3EB6WsNC; Domain=.jilliandescribecompany.com; Path=/; Expires=Wed, 28-May-2025 10:56:27 GMT
__ddg10_=1748428587; Domain=.jilliandescribecompany.com; Path=/; Expires=Wed, 28-May-2025 10:56:27 GMT
__ddg9_=91.90.42.154; Domain=.jilliandescribecompany.com; Path=/; Expires=Wed, 28-May-2025 10:56:27 GMT
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 24 May 2025 01:08:49 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 05 May 2025 16:07:50 GMT
etag: W/"6818e256-191d9"
expires: Mon, 23 Jun 2025 01:08:49 GMT
cache-control: max-age=2592000
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
age: 379659
content-length: 23677
ddg-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| ptichoolsougn.net/500/9013477?excludes=&oaid=0801d7ced21e45afea2b5154b94fb335&var=&ymid=&tgp=&js_build=8&sw_version=v1.633.2&dmn=ptichoolsougn.net&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fjilliandescribecompany.com%2Faccess%2FeyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 | 139.45.197.107 | 200 OK | 0 B |
URL OPTIONS ptichoolsougn.net/500/9013477?excludes=&oaid=0801d7ced21e45afea2b5154b94fb335&var=&ymid=&tgp=&js_build=8&sw_version=v1.633.2&dmn=ptichoolsougn.net&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fjilliandescribecompany.com%2Faccess%2FeyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 IP139.45.197.107:443
Requested byhttps://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9 CertificateIssuerLet's Encrypt Subjectptichoolsougn.net FingerprintD4:D5:69:CE:D9:AE:9E:84:EC:1E:51:5A:33:BD:1B:0D:6A:E3:C3:9A ValidityMon, 05 May 2025 05:35:02 GMT - Sun, 03 Aug 2025 05:35:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
OPTIONS /500/9013477?excludes=&oaid=0801d7ced21e45afea2b5154b94fb335&var=&ymid=&tgp=&js_build=8&sw_version=v1.633.2&dmn=ptichoolsougn.net&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fjilliandescribecompany.com%2Faccess%2FeyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 HTTP/1.1
Host: ptichoolsougn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://jilliandescribecompany.com/
Origin: https://jilliandescribecompany.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 28 May 2025 10:36:29 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://jilliandescribecompany.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-credentials: true
access-control-max-age: 600
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=5224a333-2d6a-404d-94d4-148dd94bc299 | 139.45.195.252 | 200 OK | 12 B |
URL POST fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=5224a333-2d6a-404d-94d4-148dd94bc299 IP139.45.195.252:443
Requested byhttps://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9 CertificateIssuerSectigo Limited Subjectfleraprt.com Fingerprint23:5D:23:03:7B:8D:47:5A:E9:9C:E7:E0:5C:7E:E6:4F:A2:DC:B6:D0 ValidityWed, 11 Dec 2024 00:00:00 GMT - Sun, 11 Jan 2026 23:59:59 GMT
Hashadb4650bfc9d2a73d4dd69583b0ceb14 1ce399d6e936232aaf2192cd7903a279c5015f22 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=5224a333-2d6a-404d-94d4-148dd94bc299 HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2085
Origin: https://jilliandescribecompany.com
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.25.5
Date: Wed, 28 May 2025 10:36:30 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://jilliandescribecompany.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
|
|
| theetheks.com/impression/G2gextzg4vq4QcO0ZWXANxW5fT-7ikmPtkQ_3vRpKMMOtCdrh6TcdNv4V3aCRU7b4dAvwxOGBfxbgxPCXOBUdN273hemzdcTvHvKP6SfWRzUrueYs2pg_wtXBGCv1eAx4wX_V6S7PoJhWCwWPkKL_cVpMuAnl-ALdRJ8my3OexSlBodU0nD8dzcybyAxnYJg1A7mxODNPbeF1MDGqL8Ye912HzeWTQa-PwzptkT3aWbsma51W4hmr_rVBIB_VOVL6KduKXcRKVd_yjApJih62foIv5O6Oclw_XBxFytxH8PieNU0sJ1mozYVy4C-PISXEVJc8B2LTyhdJbXpMiCUa8Zt-lrNFLIwtPxgPPoYqyoXAsW5MSlM3lo9hKqvHJcBvCL1_obArFtrN9vbFvVBuJkdfGC3-ucRMR95x_y-xBoCbI_BSeZFY-rpJMuwBOtLTP-79glbaAwNKw6B99M9VSecPx2AlCSTo21eF7oIS53SyHiUFzgPP_7vRDs6jN7-qG1R0kK31m4mjYJJ8opCrHBlLQdCvN_n0jEwq5JR7bAQ6JEDULmHWzb10QOPTlMHJVuIGbnCnZY5bH2J0zIt7rnWOWqUR2do73BXT0nbXfjL1GuARal0uZl-TfNqFxXPJWHgwbuR20LD-gOlMQyB9egzUKF2lz2VUmcqt2ndeQLh-WN58Mk_nw==?_z=8865093&js_build=8&sw_version=v1.633.2&dmn=theetheks.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Fjilliandescribecompany.com%2Faccess%2FeyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 | 139.45.197.119 | 200 OK | 43 B |
URL GET theetheks.com/impression/G2gextzg4vq4QcO0ZWXANxW5fT-7ikmPtkQ_3vRpKMMOtCdrh6TcdNv4V3aCRU7b4dAvwxOGBfxbgxPCXOBUdN273hemzdcTvHvKP6SfWRzUrueYs2pg_wtXBGCv1eAx4wX_V6S7PoJhWCwWPkKL_cVpMuAnl-ALdRJ8my3OexSlBodU0nD8dzcybyAxnYJg1A7mxODNPbeF1MDGqL8Ye912HzeWTQa-PwzptkT3aWbsma51W4hmr_rVBIB_VOVL6KduKXcRKVd_yjApJih62foIv5O6Oclw_XBxFytxH8PieNU0sJ1mozYVy4C-PISXEVJc8B2LTyhdJbXpMiCUa8Zt-lrNFLIwtPxgPPoYqyoXAsW5MSlM3lo9hKqvHJcBvCL1_obArFtrN9vbFvVBuJkdfGC3-ucRMR95x_y-xBoCbI_BSeZFY-rpJMuwBOtLTP-79glbaAwNKw6B99M9VSecPx2AlCSTo21eF7oIS53SyHiUFzgPP_7vRDs6jN7-qG1R0kK31m4mjYJJ8opCrHBlLQdCvN_n0jEwq5JR7bAQ6JEDULmHWzb10QOPTlMHJVuIGbnCnZY5bH2J0zIt7rnWOWqUR2do73BXT0nbXfjL1GuARal0uZl-TfNqFxXPJWHgwbuR20LD-gOlMQyB9egzUKF2lz2VUmcqt2ndeQLh-WN58Mk_nw==?_z=8865093&js_build=8&sw_version=v1.633.2&dmn=theetheks.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Fjilliandescribecompany.com%2Faccess%2FeyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 IP139.45.197.119:443
Requested byhttps://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9 CertificateIssuerLet's Encrypt Subjecttheetheks.com Fingerprint49:39:94:26:26:3F:1D:88:F9:26:12:60:9C:80:54:07:4F:6D:A5:3B ValidityWed, 23 Apr 2025 05:24:46 GMT - Tue, 22 Jul 2025 05:24:45 GMT
File typeGIF image data, version 89a, 1 x 1 Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /impression/G2gextzg4vq4QcO0ZWXANxW5fT-7ikmPtkQ_3vRpKMMOtCdrh6TcdNv4V3aCRU7b4dAvwxOGBfxbgxPCXOBUdN273hemzdcTvHvKP6SfWRzUrueYs2pg_wtXBGCv1eAx4wX_V6S7PoJhWCwWPkKL_cVpMuAnl-ALdRJ8my3OexSlBodU0nD8dzcybyAxnYJg1A7mxODNPbeF1MDGqL8Ye912HzeWTQa-PwzptkT3aWbsma51W4hmr_rVBIB_VOVL6KduKXcRKVd_yjApJih62foIv5O6Oclw_XBxFytxH8PieNU0sJ1mozYVy4C-PISXEVJc8B2LTyhdJbXpMiCUa8Zt-lrNFLIwtPxgPPoYqyoXAsW5MSlM3lo9hKqvHJcBvCL1_obArFtrN9vbFvVBuJkdfGC3-ucRMR95x_y-xBoCbI_BSeZFY-rpJMuwBOtLTP-79glbaAwNKw6B99M9VSecPx2AlCSTo21eF7oIS53SyHiUFzgPP_7vRDs6jN7-qG1R0kK31m4mjYJJ8opCrHBlLQdCvN_n0jEwq5JR7bAQ6JEDULmHWzb10QOPTlMHJVuIGbnCnZY5bH2J0zIt7rnWOWqUR2do73BXT0nbXfjL1GuARal0uZl-TfNqFxXPJWHgwbuR20LD-gOlMQyB9egzUKF2lz2VUmcqt2ndeQLh-WN58Mk_nw==?_z=8865093&js_build=8&sw_version=v1.633.2&dmn=theetheks.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Fjilliandescribecompany.com%2Faccess%2FeyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 HTTP/1.1
Host: theetheks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/
Cookie: OAID=0801d7ced21e45afea2b5154b94fb335
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 28 May 2025 10:36:36 GMT
content-type: image/gif
content-length: 43
x-trace-id: 6b53bf59d28a491b203caa6f67049d71
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| imasdk.googleapis.com/js/sdkloader/ima3.js | 142.250.74.42 | 200 OK | 460 kB |
URL GET imasdk.googleapis.com/js/sdkloader/ima3.js IP142.250.74.42:443
Requested byhttps://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9 CertificateIssuerGoogle Trust Services Subjectupload.video.google.com FingerprintE8:3A:D1:2C:16:97:56:94:8B:01:F8:ED:EB:81:17:F8:D7:6C:B2:41 ValidityTue, 29 Apr 2025 19:29:18 GMT - Tue, 22 Jul 2025 19:29:17 GMT
File typeJavaScript source, ASCII text, with very long lines (3426) Size460 kB (459947 bytes) Hash0471228bf942ba3b89393ae956bee8b4 810b0ff6ad340c491ce22c877df3bdd3266bbd42 513a086ae567c3c2025008fba5e7244462709b9be90bb9d83cb7080a279d53f0
GET /js/sdkloader/ima3.js HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 28 May 2025 10:36:27 GMT
expires: Wed, 28 May 2025 10:36:27 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 15947430983674566499
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 145157
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| theetheks.com/400/8865093 | 139.45.197.119 | 200 OK | 140 kB |
URL GET theetheks.com/400/8865093 IP139.45.197.119:443
Requested byhttps://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9 CertificateIssuerLet's Encrypt Subjecttheetheks.com Fingerprint49:39:94:26:26:3F:1D:88:F9:26:12:60:9C:80:54:07:4F:6D:A5:3B ValidityWed, 23 Apr 2025 05:24:46 GMT - Tue, 22 Jul 2025 05:24:45 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size140 kB (139822 bytes) Hash1eb551910f75159f31acd80d638abeb7 3d0d677e65d6d0c0f56d91eff042acfe37d8974d 70db7caaed872aaf1c5754620fc828a3c6b7be3288f71b2acdbd57aa9172d2ec
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /400/8865093 HTTP/1.1
Host: theetheks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 28 May 2025 10:36:28 GMT
content-type: application/javascript
x-trace-id: 91d695839b8959771de4b3f9b4f77f65
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
set-cookie: OAID=0301d73a5dac4e0de07b0b7414399eab; expires=Thu, 28 May 2026 10:36:28 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| jilliandescribecompany.com/cache/uwnvrxpjvfhq_storyboard_L2.jpg | 186.2.163.111 | 200 OK | 178 kB |
URL GET jilliandescribecompany.com/cache/uwnvrxpjvfhq_storyboard_L2.jpg IP186.2.163.111:443
Requested byhttps://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9 CertificateIssuerLet's Encrypt Subjectjilliandescribecompany.com Fingerprint2A:DB:89:8B:4F:4D:1A:FB:25:6C:69:83:C3:BF:C7:BE:3F:E1:1D:2F ValiditySat, 24 May 2025 00:06:33 GMT - Fri, 22 Aug 2025 00:06:32 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1279x719, components 3 Size178 kB (177574 bytes) Hash0f4a91530962c01c7cc7705e6cba9e45 04e6bdcbc85bbcca4c9555734e0948a639999cac 809e46db39699d3f673bc469d1e23c73588abeda48e39a95aea873dfdf8859c8
GET /cache/uwnvrxpjvfhq_storyboard_L2.jpg HTTP/1.1
Host: jilliandescribecompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9
Cookie: __ddg8_=9vtBZTXryl1JvSyd; __ddg10_=1748428588; __ddg9_=91.90.42.154; __ddg1_=D09lEBBxolDmYPxGtLms; XSRF-TOKEN=eyJpdiI6IlpsWEhIVi9nY2RyaEppWTFXYnptZUE9PSIsInZhbHVlIjoiWi9mUU9KT1ZUVjcxSE1yVUlSd0s2WDFzSFU0Z2t3TXhPWGo0emJZR2xlMEp4QjVKM2ZUVHN1S2Z2dkxSemxFTVlyeEY1TzlHVURYYUhaODZEbnZhWlhsRVRQbWExS0g3T2NyZzcybUVmR3F6cU9STitUNldqZnVVelV1TFpDYmQiLCJtYWMiOiJiYzE0NTUyOTE0NjllNTk2MjQzZjlkNWNlZjkxMTM5ZTNkNDM4MmEyMTNiNDFjYjA2MjRmYTA3NGM1NGU5NTgxIiwidGFnIjoiIn0%3D; voe_session=eyJpdiI6ImYzSFZ1TFl5ekNGbjZ6S204MFU0dmc9PSIsInZhbHVlIjoiVHMzQzZ4TFZjTmpaY3ZTOHIrS0NDaEszZ1dDSzhHWjd3dFZud2NEY3k4TFB1K255cTgyVlFOVktXY2ZpcUtJL0YxUG5UMFgzTENadEJYYUNmZWIzazR5T3NIc2p5UnZaTnJaMGdFMzJjM0F6NGRSdXlDYktWNzFRR0ZmNUU0VFkiLCJtYWMiOiI1MzJiNTczNzhiNjdhMWFiYzY2OWM2MjY2MDg5ODVkYjY2YTcxM2FlZWRlM2MxZTU4ZjY4MzQxMDc4ZmMxNGE4IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg8_=XyMiEKTAU0fJ0Gal; Domain=.jilliandescribecompany.com; Path=/; Expires=Wed, 28-May-2025 10:56:28 GMT
__ddg10_=1748428588; Domain=.jilliandescribecompany.com; Path=/; Expires=Wed, 28-May-2025 10:56:28 GMT
__ddg9_=91.90.42.154; Domain=.jilliandescribecompany.com; Path=/; Expires=Wed, 28-May-2025 10:56:28 GMT
XSRF-TOKEN=eyJpdiI6ImJYQ1F0NnhINTRvVVdNWHFCZ3BkcWc9PSIsInZhbHVlIjoialJMTHFQL1BwNTg2UnNjUisrdlBHbmFoVTFhaE9DcXRYVDZpK3NxZWlzcVhvME9pWEJ4bC82TW9uMFQvZGdseHBzL3YrK0F1OEZ6YTA2bjREbzZHV2x3Q3RCNW5qenZnUG1mTUkwak9WNFg5MkNuK3dESUIrdHppMHUvVTRTV1oiLCJtYWMiOiIyMDU4OTVmNjUxOWYwNmJiODJiN2ZjZDMxNjExMGJiOGYyMTI2YWM5YjFjNmEyZTI3NWFiNGI0OGYzYWE0NjBlIiwidGFnIjoiIn0%3D; expires=Wed, 28 May 2025 12:06:28 GMT; Max-Age=5400; path=/; secure; samesite=none; partitioned
voe_session=eyJpdiI6IjdQU0h1blcyNGUzdm9Bb3NsOEl2TEE9PSIsInZhbHVlIjoiUm5KRlNyM2JEUk5PSGMwUGZtTnRyU25MV3lmY3B4Z2lxRHlFcUFsRU5BdTF5Y2t6L2RuTEZUU3BNWlpTRXFnMHJ4cSs1ejZMYTc0NDQ2ajJhUHBlVkd4L3UreHZDbngzNGJ5WjVndzJOdUVuOVQwNmZPeU0zMFhURmFFMzVWUmgiLCJtYWMiOiJjNGQ4ODU3OWQ1NWJhZTdlNjEzM2JmMzgxMWZmY2U0ZmQwNjFjMzIyYzc4MzY5ZDBiOWYzYzAwYzk1MWMxYjY5IiwidGFnIjoiIn0%3D; expires=Wed, 28 May 2025 12:06:28 GMT; Max-Age=5400; path=/; secure; httponly; samesite=none; partitioned
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Wed, 28 May 2025 10:36:28 GMT
content-type: image/jpeg; charset=UTF-8
content-length: 177574
cache-control: max-age=2592000
expires: Fri, 27 Jun 2025 10:36:28 GMT
last-modified: Fri, 14 Mar 2025 23:33:39 GMT
etag: "67d4bcd3-2b5a6"
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: cache-control, content-range, accept, origin, session-id, content-disposition, x-requested-with, content-type, content-description, referer, user-agent
x-cache-status: MISS
age: 0
ddg-cache-status: MISS
X-Firefox-Spdy: h2
|
|
| jilliandescribecompany.com/jwplayer/8.36.6/jwplayer.js | 186.2.163.111 | 200 OK | 154 kB |
URL GET jilliandescribecompany.com/jwplayer/8.36.6/jwplayer.js IP186.2.163.111:443
Requested byhttps://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9 CertificateIssuerLet's Encrypt Subjectjilliandescribecompany.com Fingerprint2A:DB:89:8B:4F:4D:1A:FB:25:6C:69:83:C3:BF:C7:BE:3F:E1:1D:2F ValiditySat, 24 May 2025 00:06:33 GMT - Fri, 22 Aug 2025 00:06:32 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65535), with no line terminators Size154 kB (153815 bytes) Hashd06133f0e579d584066b7c5813c1f1a3 ca12bf94e6045100716b4ae059af2dee719dedd2 4e557ea7304bbb798328b1d5a74462393ea879a0288e513a371708bba3932bc4
GET /jwplayer/8.36.6/jwplayer.js HTTP/1.1
Host: jilliandescribecompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9
Cookie: __ddg8_=ai8jiQCOgOXxAtzx; __ddg10_=1748428586; __ddg9_=91.90.42.154; __ddg1_=D09lEBBxolDmYPxGtLms; XSRF-TOKEN=eyJpdiI6IlpsWEhIVi9nY2RyaEppWTFXYnptZUE9PSIsInZhbHVlIjoiWi9mUU9KT1ZUVjcxSE1yVUlSd0s2WDFzSFU0Z2t3TXhPWGo0emJZR2xlMEp4QjVKM2ZUVHN1S2Z2dkxSemxFTVlyeEY1TzlHVURYYUhaODZEbnZhWlhsRVRQbWExS0g3T2NyZzcybUVmR3F6cU9STitUNldqZnVVelV1TFpDYmQiLCJtYWMiOiJiYzE0NTUyOTE0NjllNTk2MjQzZjlkNWNlZjkxMTM5ZTNkNDM4MmEyMTNiNDFjYjA2MjRmYTA3NGM1NGU5NTgxIiwidGFnIjoiIn0%3D; voe_session=eyJpdiI6ImYzSFZ1TFl5ekNGbjZ6S204MFU0dmc9PSIsInZhbHVlIjoiVHMzQzZ4TFZjTmpaY3ZTOHIrS0NDaEszZ1dDSzhHWjd3dFZud2NEY3k4TFB1K255cTgyVlFOVktXY2ZpcUtJL0YxUG5UMFgzTENadEJYYUNmZWIzazR5T3NIc2p5UnZaTnJaMGdFMzJjM0F6NGRSdXlDYktWNzFRR0ZmNUU0VFkiLCJtYWMiOiI1MzJiNTczNzhiNjdhMWFiYzY2OWM2MjY2MDg5ODVkYjY2YTcxM2FlZWRlM2MxZTU4ZjY4MzQxMDc4ZmMxNGE4IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg8_=XeISnHOEzsg3KKuq; Domain=.jilliandescribecompany.com; Path=/; Expires=Wed, 28-May-2025 10:56:27 GMT
__ddg10_=1748428587; Domain=.jilliandescribecompany.com; Path=/; Expires=Wed, 28-May-2025 10:56:27 GMT
__ddg9_=91.90.42.154; Domain=.jilliandescribecompany.com; Path=/; Expires=Wed, 28-May-2025 10:56:27 GMT
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 24 May 2025 01:08:49 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 05 May 2025 16:07:50 GMT
etag: W/"6818e256-258d7"
expires: Mon, 23 Jun 2025 01:08:49 GMT
cache-control: max-age=2592000
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
age: 379659
content-length: 52252
ddg-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| jilliandescribecompany.com/s/images/logos/voe-logo-2.svg | 186.2.163.111 | 200 OK | 403 B |
URL GET jilliandescribecompany.com/s/images/logos/voe-logo-2.svg IP186.2.163.111:443
Requested byhttps://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9 CertificateIssuerLet's Encrypt Subjectjilliandescribecompany.com Fingerprint2A:DB:89:8B:4F:4D:1A:FB:25:6C:69:83:C3:BF:C7:BE:3F:E1:1D:2F ValiditySat, 24 May 2025 00:06:33 GMT - Fri, 22 Aug 2025 00:06:32 GMT
File typeSVG Scalable Vector Graphics image Hasha638d0dfa6feb7ce4b90e7c91c5b0df4 7a0a86f47b51781f48bb9f232f05193936490027 38b49bc67e053e96441e62f8423a9ed0e907ef768a0ffbba4370128760f814dc
GET /s/images/logos/voe-logo-2.svg HTTP/1.1
Host: jilliandescribecompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9
Cookie: __ddg8_=uJTErltvYhdNnuZU; __ddg10_=1748428588; __ddg9_=91.90.42.154; __ddg1_=D09lEBBxolDmYPxGtLms; XSRF-TOKEN=eyJpdiI6IlpsWEhIVi9nY2RyaEppWTFXYnptZUE9PSIsInZhbHVlIjoiWi9mUU9KT1ZUVjcxSE1yVUlSd0s2WDFzSFU0Z2t3TXhPWGo0emJZR2xlMEp4QjVKM2ZUVHN1S2Z2dkxSemxFTVlyeEY1TzlHVURYYUhaODZEbnZhWlhsRVRQbWExS0g3T2NyZzcybUVmR3F6cU9STitUNldqZnVVelV1TFpDYmQiLCJtYWMiOiJiYzE0NTUyOTE0NjllNTk2MjQzZjlkNWNlZjkxMTM5ZTNkNDM4MmEyMTNiNDFjYjA2MjRmYTA3NGM1NGU5NTgxIiwidGFnIjoiIn0%3D; voe_session=eyJpdiI6ImYzSFZ1TFl5ekNGbjZ6S204MFU0dmc9PSIsInZhbHVlIjoiVHMzQzZ4TFZjTmpaY3ZTOHIrS0NDaEszZ1dDSzhHWjd3dFZud2NEY3k4TFB1K255cTgyVlFOVktXY2ZpcUtJL0YxUG5UMFgzTENadEJYYUNmZWIzazR5T3NIc2p5UnZaTnJaMGdFMzJjM0F6NGRSdXlDYktWNzFRR0ZmNUU0VFkiLCJtYWMiOiI1MzJiNTczNzhiNjdhMWFiYzY2OWM2MjY2MDg5ODVkYjY2YTcxM2FlZWRlM2MxZTU4ZjY4MzQxMDc4ZmMxNGE4IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg8_=BkxepV4GrsbLf0kv; Domain=.jilliandescribecompany.com; Path=/; Expires=Wed, 28-May-2025 10:56:28 GMT
__ddg10_=1748428588; Domain=.jilliandescribecompany.com; Path=/; Expires=Wed, 28-May-2025 10:56:28 GMT
__ddg9_=91.90.42.154; Domain=.jilliandescribecompany.com; Path=/; Expires=Wed, 28-May-2025 10:56:28 GMT
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 24 May 2025 01:08:50 GMT
content-type: image/svg+xml
last-modified: Mon, 05 May 2025 16:07:51 GMT
etag: W/"6818e257-193"
expires: Mon, 23 Jun 2025 01:08:50 GMT
cache-control: max-age=2592000
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
age: 379658
content-length: 221
ddg-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| ptichoolsougn.net/impression/D1pIjjS-YNXxV0aUJZd-CyT3oCtsp-ao906a-NdotUneNZll10ODE1u2pGNXMrrcRgnf81H1cAPrWruq-FphsN45yU1CAD1Wyky7yRkykP7LpCOSX5w38MsuQyKe4XpzCpo1xo5SYRYPE1xh1DIVp5htcYsStLBo09FYrarP9IsMG6xiMtAP3D78zZ87tybl6yd8_B1p-JBrxoXljKkT6MDXw3cTmWfCXYhRDPf1Sp4UNp3Olb2napGIibI8CwHkuIc9UsAUjAqVRKZDp4M6LSmyDu9Wo9gPrTK3rVW0BN3rf4cpER6Io3CXAXfvuFhszLOZEUsBFP8bQa1iMUUDGy6MbC_LymvejTrGd0FvMAY3BVMSuouYV23hFkVHFYU4YOLZ6E0kTmdYiRYvlSSEVYwR5jNlpo0JkTG41ezuHisaAhNLqTIS5HnSn7qGm1pT6q2ciCv5t0dPS9_T95Wp4zbz9HMirtMgqkHlSnxkmolozKzuL9XdUVVuyZkuVxiCvKg2T0yxapMxS1z3cWPNcUqjdhObw1PyZQ88_SvNHsByCkpuEexrcvktL87JNNuEDh7Vel1QKfI=?_z=9013477&js_build=8&sw_version=v1.633.2&dmn=ptichoolsougn.net&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fjilliandescribecompany.com%2Faccess%2FeyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 | 139.45.197.107 | 200 OK | 43 B |
URL GET ptichoolsougn.net/impression/D1pIjjS-YNXxV0aUJZd-CyT3oCtsp-ao906a-NdotUneNZll10ODE1u2pGNXMrrcRgnf81H1cAPrWruq-FphsN45yU1CAD1Wyky7yRkykP7LpCOSX5w38MsuQyKe4XpzCpo1xo5SYRYPE1xh1DIVp5htcYsStLBo09FYrarP9IsMG6xiMtAP3D78zZ87tybl6yd8_B1p-JBrxoXljKkT6MDXw3cTmWfCXYhRDPf1Sp4UNp3Olb2napGIibI8CwHkuIc9UsAUjAqVRKZDp4M6LSmyDu9Wo9gPrTK3rVW0BN3rf4cpER6Io3CXAXfvuFhszLOZEUsBFP8bQa1iMUUDGy6MbC_LymvejTrGd0FvMAY3BVMSuouYV23hFkVHFYU4YOLZ6E0kTmdYiRYvlSSEVYwR5jNlpo0JkTG41ezuHisaAhNLqTIS5HnSn7qGm1pT6q2ciCv5t0dPS9_T95Wp4zbz9HMirtMgqkHlSnxkmolozKzuL9XdUVVuyZkuVxiCvKg2T0yxapMxS1z3cWPNcUqjdhObw1PyZQ88_SvNHsByCkpuEexrcvktL87JNNuEDh7Vel1QKfI=?_z=9013477&js_build=8&sw_version=v1.633.2&dmn=ptichoolsougn.net&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fjilliandescribecompany.com%2Faccess%2FeyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 IP139.45.197.107:443
Requested byhttps://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9 CertificateIssuerLet's Encrypt Subjectptichoolsougn.net FingerprintD4:D5:69:CE:D9:AE:9E:84:EC:1E:51:5A:33:BD:1B:0D:6A:E3:C3:9A ValidityMon, 05 May 2025 05:35:02 GMT - Sun, 03 Aug 2025 05:35:01 GMT
File typeGIF image data, version 89a, 1 x 1 Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /impression/D1pIjjS-YNXxV0aUJZd-CyT3oCtsp-ao906a-NdotUneNZll10ODE1u2pGNXMrrcRgnf81H1cAPrWruq-FphsN45yU1CAD1Wyky7yRkykP7LpCOSX5w38MsuQyKe4XpzCpo1xo5SYRYPE1xh1DIVp5htcYsStLBo09FYrarP9IsMG6xiMtAP3D78zZ87tybl6yd8_B1p-JBrxoXljKkT6MDXw3cTmWfCXYhRDPf1Sp4UNp3Olb2napGIibI8CwHkuIc9UsAUjAqVRKZDp4M6LSmyDu9Wo9gPrTK3rVW0BN3rf4cpER6Io3CXAXfvuFhszLOZEUsBFP8bQa1iMUUDGy6MbC_LymvejTrGd0FvMAY3BVMSuouYV23hFkVHFYU4YOLZ6E0kTmdYiRYvlSSEVYwR5jNlpo0JkTG41ezuHisaAhNLqTIS5HnSn7qGm1pT6q2ciCv5t0dPS9_T95Wp4zbz9HMirtMgqkHlSnxkmolozKzuL9XdUVVuyZkuVxiCvKg2T0yxapMxS1z3cWPNcUqjdhObw1PyZQ88_SvNHsByCkpuEexrcvktL87JNNuEDh7Vel1QKfI=?_z=9013477&js_build=8&sw_version=v1.633.2&dmn=ptichoolsougn.net&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fjilliandescribecompany.com%2Faccess%2FeyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 HTTP/1.1
Host: ptichoolsougn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/
Cookie: OAID=0801d7ced21e45afea2b5154b94fb335
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 28 May 2025 10:36:31 GMT
content-type: image/gif
content-length: 43
x-trace-id: d95755f172334dce069e02c5deadd7ec
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 | 142.250.178.67 | 200 OK | 40 kB |
URL GET fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 IP142.250.178.67:443
Requested byhttps://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9 CertificateIssuerGoogle Trust Services Subject*.gstatic.com Fingerprint58:93:D6:74:22:41:22:FC:10:8C:BD:51:81:F5:29:DE:00:91:9B:FD ValidityTue, 29 Apr 2025 19:29:18 GMT - Tue, 22 Jul 2025 19:29:17 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 40128, version 1.0 Hash9a01b69183a9604ab3a439e388b30501 8ed1d59003d0dbe6360481017b44665153665fbe 20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2
GET /s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://jilliandescribecompany.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 May 2025 18:15:43 GMT
expires: Fri, 22 May 2026 18:15:43 GMT
cache-control: public, max-age=31536000
age: 490849
last-modified: Wed, 08 Jan 2025 18:23:10 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| jilliandescribecompany.com/build/assets/BuCTy3rc.js | 186.2.163.111 | 200 OK | 2.1 kB |
URL GET jilliandescribecompany.com/build/assets/BuCTy3rc.js IP186.2.163.111:443
Requested byhttps://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9 CertificateIssuerLet's Encrypt Subjectjilliandescribecompany.com Fingerprint2A:DB:89:8B:4F:4D:1A:FB:25:6C:69:83:C3:BF:C7:BE:3F:E1:1D:2F ValiditySat, 24 May 2025 00:06:33 GMT - Fri, 22 Aug 2025 00:06:32 GMT
File typeASCII text, with very long lines (2147) Hash31d05ed9547c617f50ac559069a1b8d6 a4d310246e556bb7d4fef195fa2ea915702eef98 78437ccdd5b15c77a2d3c837e79f3e7b3ea77dda4608a475601b25a2607f67ba
GET /build/assets/BuCTy3rc.js HTTP/1.1
Host: jilliandescribecompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9
Cookie: __ddg8_=ai8jiQCOgOXxAtzx; __ddg10_=1748428586; __ddg9_=91.90.42.154; __ddg1_=D09lEBBxolDmYPxGtLms; XSRF-TOKEN=eyJpdiI6IlpsWEhIVi9nY2RyaEppWTFXYnptZUE9PSIsInZhbHVlIjoiWi9mUU9KT1ZUVjcxSE1yVUlSd0s2WDFzSFU0Z2t3TXhPWGo0emJZR2xlMEp4QjVKM2ZUVHN1S2Z2dkxSemxFTVlyeEY1TzlHVURYYUhaODZEbnZhWlhsRVRQbWExS0g3T2NyZzcybUVmR3F6cU9STitUNldqZnVVelV1TFpDYmQiLCJtYWMiOiJiYzE0NTUyOTE0NjllNTk2MjQzZjlkNWNlZjkxMTM5ZTNkNDM4MmEyMTNiNDFjYjA2MjRmYTA3NGM1NGU5NTgxIiwidGFnIjoiIn0%3D; voe_session=eyJpdiI6ImYzSFZ1TFl5ekNGbjZ6S204MFU0dmc9PSIsInZhbHVlIjoiVHMzQzZ4TFZjTmpaY3ZTOHIrS0NDaEszZ1dDSzhHWjd3dFZud2NEY3k4TFB1K255cTgyVlFOVktXY2ZpcUtJL0YxUG5UMFgzTENadEJYYUNmZWIzazR5T3NIc2p5UnZaTnJaMGdFMzJjM0F6NGRSdXlDYktWNzFRR0ZmNUU0VFkiLCJtYWMiOiI1MzJiNTczNzhiNjdhMWFiYzY2OWM2MjY2MDg5ODVkYjY2YTcxM2FlZWRlM2MxZTU4ZjY4MzQxMDc4ZmMxNGE4IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg8_=sTsnT8D2dbmkeoFD; Domain=.jilliandescribecompany.com; Path=/; Expires=Wed, 28-May-2025 10:56:27 GMT
__ddg10_=1748428587; Domain=.jilliandescribecompany.com; Path=/; Expires=Wed, 28-May-2025 10:56:27 GMT
__ddg9_=91.90.42.154; Domain=.jilliandescribecompany.com; Path=/; Expires=Wed, 28-May-2025 10:56:27 GMT
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 24 May 2025 01:09:02 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 20 Apr 2025 22:33:04 GMT
etag: W/"68057620-864"
expires: Mon, 23 Jun 2025 01:09:02 GMT
cache-control: max-age=2592000
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
age: 379645
content-length: 847
ddg-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/figtree/v8/_Xms-HUzqDCFdgfMm4S9DQ.woff2 | 142.250.178.67 | 200 OK | 20 kB |
URL GET fonts.gstatic.com/s/figtree/v8/_Xms-HUzqDCFdgfMm4S9DQ.woff2 IP142.250.178.67:443
Requested byhttps://jilliandescribecompany.com/access/eyJpdiI6Ii9TQTlRK1Z1ek15VVdkbTY1M0lORnc9PSIsInZhbHVlIjoiUTE0UUZncWdtdi92aDEyVFZ4cDRXb1QwdlM3M0hvVDNlSmtrK21MdENkVUtPQ0Q3emhqczFRUjQvazRhdzUzZUdNWHNhcDJrNE91QXdqb0V4MnhnUkdzS2piYzY3dlVtSEpjb2JYT001WUU9IiwibWFjIjoiNzRiNzRmY2EwZWY3Y2VhZjQzZjY0ZGE3ZjUzNTA5ZjZhZTAyYmMxZGYxZGFiYjI0YzExOGE1Yzg4YjE0NzZmMiIsInRhZyI6IiJ9 CertificateIssuerGoogle Trust Services Subject*.gstatic.com Fingerprint58:93:D6:74:22:41:22:FC:10:8C:BD:51:81:F5:29:DE:00:91:9B:FD ValidityTue, 29 Apr 2025 19:29:18 GMT - Tue, 22 Jul 2025 19:29:17 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 20156, version 1.0 Hash202cfb54d4e66d1702404ade49339ceb 57fd1acf8d9651d9c38c0d4af7b78bc399be0652 4ba7d3d096695818fe0686be4f1e82c6b05134e18a22260336130335027462dd
GET /s/figtree/v8/_Xms-HUzqDCFdgfMm4S9DQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://jilliandescribecompany.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20156
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 27 May 2025 16:37:14 GMT
expires: Wed, 27 May 2026 16:37:14 GMT
cache-control: public, max-age=31536000
age: 64754
last-modified: Mon, 12 May 2025 21:45:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|