| ad.adsrvr.me/372f24f9-b324-4dc1-b93e-758bed1f5a2d?campaign=ss_es_117_mb169&banner={banner}&site={siteId}&pub={SubId1}&subsource={%25utm_term|url|%25}&ts=117 | 18.156.93.177 | 302 Found | 0 B |
URL User Request GET HTTP/2ad.adsrvr.me/372f24f9-b324-4dc1-b93e-758bed1f5a2d?campaign=ss_es_117_mb169&banner={banner}&site={siteId}&pub={SubId1}&subsource={%25utm_term|url|%25}&ts=117 IP18.156.93.177:443
CertificateIssuerSectigo Limited Subjectad.adsrvr.me FingerprintC1:E1:AE:21:E0:F4:EF:03:70:13:EB:17:90:F5:5B:49:C1:DE:8B:1E ValidityFri, 02 Jun 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /372f24f9-b324-4dc1-b93e-758bed1f5a2d?campaign=ss_es_117_mb169&banner={banner}&site={siteId}&pub={SubId1}&subsource={%25utm_term|url|%25}&ts=117 HTTP/1.1
Host: ad.adsrvr.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Fri, 26 Apr 2024 18:17:35 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://picknfuck.com/27-623673-es/?cep=lz-Uh0jT6UMLISH4mfVS8TpHG-etPB8xaBmqXsUBqweT1jl5YFaOII-3If_-wHZEGkWh087IKh0tqG6167SGiF0bLrOOIjrOJEOpLUalVeZwrovB3dyRHogpO5OdhevsiIk3wlRfOUj65VZhVhTdqFktgcKx59OIaJxMopuXbbHkK0DwwcC5kpFTsVrzNjE6BJxgkBrA7OdLBX0TuLWUcojAq3EAUUlhuo5FrKyO2Zgv4ijDRvHrN6oxdXo-iw1FkDx5rAdr1cK-y45UCw4xe6Sq7O6qFi_90yqSM7V_DIBJkZL94e7AoPowuK8BdU9W60ZoOVBK2EZzCTeabRn02U0htZ291ESEnnzyZhghLyk3vEhMyz9DEFpreCrkpWwN3FntvsFWDA9xOrgt2OjO5XhGaBI_P0uBuz7dvKJufP2_YvhFv9Dsr7Jra_Ee9F3bVzDkEuCzNV3kfqxbBdHoq_MVEX3Fqh0UQ4ifBFp1MLI&lptoken=17eb147e15b972c755c4&campaign=ss_es_117_mb169&banner=%7Bbanner%7D&site=%7BsiteId%7D&pub=%7BSubId1%7D&subsource=%7B%25utm_term%7Curl%7C%25%7D&ts=117
pragma: no-cache
set-cookie: 372f24f9-b324-4dc1-b93e-758bed1f5a2d-v4=geWKpoG0jXotKGCInD27zGlfm5FPlrx54AaKnmlNHtk; Max-Age=86400; Expires=Sat, 27-Apr-2024 18:17:35 GMT; Domain=ad.adsrvr.me; Path=/; Secure; HttpOnly;SameSite=None
cep-v4=eYqr7rcCHsDvvHclWWbH_2lhJMjXRs0yDBpzsJTWQb6kGx78aUygB3Io9-lBAeN0gtQJMY1ccf-bo-0At5FoKSCYbZ2nhzV39HMOQqfbpHI0vRgrlY0_u4x8kpkzmgh6RE_7kTgQnDYyG9X8RgYL5EC8_qd-rfZ7ShruCw632RxZnLqOGRB89rQiscuoVFQM_8ByrLAruoyXvGTYG8hnA6ZhKU5QQbkW3zEmX0thL3V24s-en40e44cX6_hyFhiR_MHHEuhhHCQsX1ZlCIANdevkp9erHTSnJ0G2macvIsum8eMdhZvynGjPxPCtGQdT0CwQN2ZNrhKzqoCLMCxZ92a8cue_AlUHymaWFdsdTFCy8Wa0IeHJ82II9UmKjNbpilqk1a1ivgnwPvjZdlsDae7rZrh4dV4LfLIplWK4e3SxAGSQVpjF8yn2un0dvqFdBT8Tm6VpQhmyn7fMOuiC7v1W793gcT0UXphRYnv0DyE; Max-Age=86400; Expires=Sat, 27-Apr-2024 18:17:35 GMT; Domain=ad.adsrvr.me; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Source+Sans+Pro:400,700,400italic,700italic,900italic&subset=latin,latin-ext | 216.58.207.234 | 200 OK | 6.6 MB |
URL GET HTTP/2fonts.googleapis.com/css?family=Source+Sans+Pro:400,700,400italic,700italic,900italic&subset=latin,latin-ext IP216.58.207.234:443
Requested byhttps://picknfuck.com/27-623673-es/?cep=lz-Uh0jT6UMLISH4mfVS8TpHG-etPB8xaBmqXsUBqweT1jl5YFaOII-3If_-wHZEGkWh087IKh0tqG6167SGiF0bLrOOIjrOJEOpLUalVeZwrovB3dyRHogpO5OdhevsiIk3wlRfOUj65VZhVhTdqFktgcKx59OIaJxMopuXbbHkK0DwwcC5kpFTsVrzNjE6BJxgkBrA7OdLBX0TuLWUcojAq3EAUUlhuo5FrKyO2Zgv4ijDRvHrN6oxdXo-iw1FkDx5rAdr1cK-y45UCw4xe6Sq7O6qFi_90yqSM7V_DIBJkZL94e7AoPowuK8BdU9W60ZoOVBK2EZzCTeabRn02U0htZ291ESEnnzyZhghLyk3vEhMyz9DEFpreCrkpWwN3FntvsFWDA9xOrgt2OjO5XhGaBI_P0uBuz7dvKJufP2_YvhFv9Dsr7Jra_Ee9F3bVzDkEuCzNV3kfqxbBdHoq_MVEX3Fqh0UQ4ifBFp1MLI&lptoken=17eb147e15b972c755c4&campaign=ss_es_117_mb169&banner=%7Bbanner%7D&site=%7BsiteId%7D&pub=%7BSubId1%7D&subsource=%7B%25utm_term%7Curl%7C%25%7D&ts=117 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50 ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT
File typegzip compressed data, max compression Size6.6 MB (6597475 bytes) Hash4f66e3bd66fff00ac990d410a02c2a4e 8ab223bf6891f72f4ccdf72e2bd6a124bbbe18f7 2c527f8e65fac4b6c5cf36b6469b210d7377a619bacb8d28320cbbe7477666c1
GET /css?family=Source+Sans+Pro:400,700,400italic,700italic,900italic&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://picknfuck.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 18:17:36 GMT
date: Fri, 26 Apr 2024 18:17:36 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| alexatracker.com/jscode/JAIA.js?sub1=picknfuck.com&sub2=&sub3=&sub4=&sub5=&prid= | 104.21.85.99 | 200 OK | 0 B |
URL GET HTTP/2alexatracker.com/jscode/JAIA.js?sub1=picknfuck.com&sub2=&sub3=&sub4=&sub5=&prid= IP104.21.85.99:443
Requested byhttps://picknfuck.com/27-623673-es/?cep=lz-Uh0jT6UMLISH4mfVS8TpHG-etPB8xaBmqXsUBqweT1jl5YFaOII-3If_-wHZEGkWh087IKh0tqG6167SGiF0bLrOOIjrOJEOpLUalVeZwrovB3dyRHogpO5OdhevsiIk3wlRfOUj65VZhVhTdqFktgcKx59OIaJxMopuXbbHkK0DwwcC5kpFTsVrzNjE6BJxgkBrA7OdLBX0TuLWUcojAq3EAUUlhuo5FrKyO2Zgv4ijDRvHrN6oxdXo-iw1FkDx5rAdr1cK-y45UCw4xe6Sq7O6qFi_90yqSM7V_DIBJkZL94e7AoPowuK8BdU9W60ZoOVBK2EZzCTeabRn02U0htZ291ESEnnzyZhghLyk3vEhMyz9DEFpreCrkpWwN3FntvsFWDA9xOrgt2OjO5XhGaBI_P0uBuz7dvKJufP2_YvhFv9Dsr7Jra_Ee9F3bVzDkEuCzNV3kfqxbBdHoq_MVEX3Fqh0UQ4ifBFp1MLI&lptoken=17eb147e15b972c755c4&campaign=ss_es_117_mb169&banner=%7Bbanner%7D&site=%7BsiteId%7D&pub=%7BSubId1%7D&subsource=%7B%25utm_term%7Curl%7C%25%7D&ts=117 CertificateIssuerGoogle Trust Services LLC Subjectalexatracker.com Fingerprint74:C4:C5:AB:F0:96:19:8D:55:C1:FC:49:6D:EF:28:5C:C0:A3:FD:48 ValidityThu, 21 Mar 2024 13:35:40 GMT - Wed, 19 Jun 2024 13:35:39 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /jscode/JAIA.js?sub1=picknfuck.com&sub2=&sub3=&sub4=&sub5=&prid= HTTP/1.1
Host: alexatracker.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://picknfuck.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 18:17:37 GMT
content-type: application/json; charset=UTF-8
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
cf-cache-status: BYPASS
set-cookie: trbarid=cb1dacbc1eaf55d47ab35829730a97ca7cf352364de60f220ebb9e40dc2a0e75a%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22trbarid%22%3Bi%3A1%3Bi%3A2766923474028720065%3B%7D; expires=Fri, 01 May 2026 18:17:37 GMT; Max-Age=63504000; path=/; secure; HttpOnly; SameSite=None
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eWgP%2FiSiZsIZqTFX9od8Gl5G%2BCHfs4TFAestfiYefxTD7BrGhdI2NL4ocaoxkn1%2FcxKld5D3ggvccQcNKcdEU2AXs6fQHXRfiGr%2Bb%2Br5D5wOO4aMshUOlhEbkyUzA%2B5BNVtd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a89215c95e0b4d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| zeniocloud.com/JAIA.js?sub1=picknfuck.com | 188.114.96.1 | 200 OK | 1.0 kB |
URL GET HTTP/2zeniocloud.com/JAIA.js?sub1=picknfuck.com IP188.114.96.1:443
Requested byhttps://picknfuck.com/27-623673-es/?cep=lz-Uh0jT6UMLISH4mfVS8TpHG-etPB8xaBmqXsUBqweT1jl5YFaOII-3If_-wHZEGkWh087IKh0tqG6167SGiF0bLrOOIjrOJEOpLUalVeZwrovB3dyRHogpO5OdhevsiIk3wlRfOUj65VZhVhTdqFktgcKx59OIaJxMopuXbbHkK0DwwcC5kpFTsVrzNjE6BJxgkBrA7OdLBX0TuLWUcojAq3EAUUlhuo5FrKyO2Zgv4ijDRvHrN6oxdXo-iw1FkDx5rAdr1cK-y45UCw4xe6Sq7O6qFi_90yqSM7V_DIBJkZL94e7AoPowuK8BdU9W60ZoOVBK2EZzCTeabRn02U0htZ291ESEnnzyZhghLyk3vEhMyz9DEFpreCrkpWwN3FntvsFWDA9xOrgt2OjO5XhGaBI_P0uBuz7dvKJufP2_YvhFv9Dsr7Jra_Ee9F3bVzDkEuCzNV3kfqxbBdHoq_MVEX3Fqh0UQ4ifBFp1MLI&lptoken=17eb147e15b972c755c4&campaign=ss_es_117_mb169&banner=%7Bbanner%7D&site=%7BsiteId%7D&pub=%7BSubId1%7D&subsource=%7B%25utm_term%7Curl%7C%25%7D&ts=117 CertificateIssuerGoogle Trust Services LLC Subjectzeniocloud.com FingerprintFD:31:E5:23:F0:E6:E0:B5:7F:67:26:F7:34:69:A7:B3:CA:39:1C:37 ValidityMon, 11 Mar 2024 16:41:24 GMT - Sun, 09 Jun 2024 16:41:23 GMT
Hashe9414592334fafe3fe5318d2cfdba4dc 53666ac06ed64d404f31d3458b40327be74b3b18 a9eea4076be67034edf423daefb7ca62bd74d141000534aed38cc752041e7df1
GET /JAIA.js?sub1=picknfuck.com HTTP/1.1
Host: zeniocloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://picknfuck.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 18:17:36 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Thu, 25 Apr 2024 03:15:55 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zf9jsdLWV5NBLGrcCLG%2BgsN8MPEzp0RCRnxjY2pG%2BE5BewyeY8duEfQfxlNwLgE04EtIgThtXWl6k%2By1ql3hHJcQSRz5lW%2B8Qs2MMxHeeTgxaJeLwURSFGGXW4dcBrOImg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a892121ec1b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| picknfuck.com/27-623673-es/images/android-chrome-192x192.png | 104.21.51.242 | 200 OK | 4.6 kB |
URL GET HTTP/3picknfuck.com/27-623673-es/images/android-chrome-192x192.png IP104.21.51.242:443
Requested byhttps://picknfuck.com/27-623673-es/?cep=lz-Uh0jT6UMLISH4mfVS8TpHG-etPB8xaBmqXsUBqweT1jl5YFaOII-3If_-wHZEGkWh087IKh0tqG6167SGiF0bLrOOIjrOJEOpLUalVeZwrovB3dyRHogpO5OdhevsiIk3wlRfOUj65VZhVhTdqFktgcKx59OIaJxMopuXbbHkK0DwwcC5kpFTsVrzNjE6BJxgkBrA7OdLBX0TuLWUcojAq3EAUUlhuo5FrKyO2Zgv4ijDRvHrN6oxdXo-iw1FkDx5rAdr1cK-y45UCw4xe6Sq7O6qFi_90yqSM7V_DIBJkZL94e7AoPowuK8BdU9W60ZoOVBK2EZzCTeabRn02U0htZ291ESEnnzyZhghLyk3vEhMyz9DEFpreCrkpWwN3FntvsFWDA9xOrgt2OjO5XhGaBI_P0uBuz7dvKJufP2_YvhFv9Dsr7Jra_Ee9F3bVzDkEuCzNV3kfqxbBdHoq_MVEX3Fqh0UQ4ifBFp1MLI&lptoken=17eb147e15b972c755c4&campaign=ss_es_117_mb169&banner=%7Bbanner%7D&site=%7BsiteId%7D&pub=%7BSubId1%7D&subsource=%7B%25utm_term%7Curl%7C%25%7D&ts=117 CertificateIssuerLet's Encrypt Subjectpicknfuck.com FingerprintC4:BE:77:B5:14:39:D1:B9:5C:D5:AF:6D:95:97:60:F4:74:C6:C8:AD ValidityWed, 20 Mar 2024 14:19:15 GMT - Tue, 18 Jun 2024 14:19:14 GMT
File typePNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced Hash778e66e7fde13f01ee89c9123b329d87 4cd8141fd8726576c3bebb90341cab147c2b030d 890d3daf02c38dcb64b0505231458a17597bf4f2bc5cd9820ebbc16fc52e8ba1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /27-623673-es/images/android-chrome-192x192.png HTTP/1.1
Host: picknfuck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://picknfuck.com/27-623673-es/?cep=lz-Uh0jT6UMLISH4mfVS8TpHG-etPB8xaBmqXsUBqweT1jl5YFaOII-3If_-wHZEGkWh087IKh0tqG6167SGiF0bLrOOIjrOJEOpLUalVeZwrovB3dyRHogpO5OdhevsiIk3wlRfOUj65VZhVhTdqFktgcKx59OIaJxMopuXbbHkK0DwwcC5kpFTsVrzNjE6BJxgkBrA7OdLBX0TuLWUcojAq3EAUUlhuo5FrKyO2Zgv4ijDRvHrN6oxdXo-iw1FkDx5rAdr1cK-y45UCw4xe6Sq7O6qFi_90yqSM7V_DIBJkZL94e7AoPowuK8BdU9W60ZoOVBK2EZzCTeabRn02U0htZ291ESEnnzyZhghLyk3vEhMyz9DEFpreCrkpWwN3FntvsFWDA9xOrgt2OjO5XhGaBI_P0uBuz7dvKJufP2_YvhFv9Dsr7Jra_Ee9F3bVzDkEuCzNV3kfqxbBdHoq_MVEX3Fqh0UQ4ifBFp1MLI&lptoken=17eb147e15b972c755c4&campaign=ss_es_117_mb169&banner=%7Bbanner%7D&site=%7BsiteId%7D&pub=%7BSubId1%7D&subsource=%7B%25utm_term%7Curl%7C%25%7D&ts=117
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 18:17:37 GMT
content-type: image/png
content-length: 4586
last-modified: Thu, 14 Nov 2019 13:35:18 GMT
cache-control: public, max-age=31536000
expires: Sat, 26 Apr 2025 18:17:37 GMT
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f%2B%2FIrcjRZ3ePWAJQMrmCcO0YOgHueLxjhxO5txblWZmBDBBrKytsngcWdKgoPaKgZO3rR7Zby8eCKJ4xAuiYOl20%2Boa6%2BTe764sxFEanj54LJPTLHdDV777wy48%2BxVQS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a89219d87b569d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| picknfuck.com/27-623673-es/css/normalize.css | 104.21.51.242 | 200 OK | 9.0 kB |
URL GET HTTP/3picknfuck.com/27-623673-es/css/normalize.css IP104.21.51.242:443
Requested byhttps://picknfuck.com/27-623673-es/?cep=lz-Uh0jT6UMLISH4mfVS8TpHG-etPB8xaBmqXsUBqweT1jl5YFaOII-3If_-wHZEGkWh087IKh0tqG6167SGiF0bLrOOIjrOJEOpLUalVeZwrovB3dyRHogpO5OdhevsiIk3wlRfOUj65VZhVhTdqFktgcKx59OIaJxMopuXbbHkK0DwwcC5kpFTsVrzNjE6BJxgkBrA7OdLBX0TuLWUcojAq3EAUUlhuo5FrKyO2Zgv4ijDRvHrN6oxdXo-iw1FkDx5rAdr1cK-y45UCw4xe6Sq7O6qFi_90yqSM7V_DIBJkZL94e7AoPowuK8BdU9W60ZoOVBK2EZzCTeabRn02U0htZ291ESEnnzyZhghLyk3vEhMyz9DEFpreCrkpWwN3FntvsFWDA9xOrgt2OjO5XhGaBI_P0uBuz7dvKJufP2_YvhFv9Dsr7Jra_Ee9F3bVzDkEuCzNV3kfqxbBdHoq_MVEX3Fqh0UQ4ifBFp1MLI&lptoken=17eb147e15b972c755c4&campaign=ss_es_117_mb169&banner=%7Bbanner%7D&site=%7BsiteId%7D&pub=%7BSubId1%7D&subsource=%7B%25utm_term%7Curl%7C%25%7D&ts=117 CertificateIssuerLet's Encrypt Subjectpicknfuck.com FingerprintC4:BE:77:B5:14:39:D1:B9:5C:D5:AF:6D:95:97:60:F4:74:C6:C8:AD ValidityWed, 20 Mar 2024 14:19:15 GMT - Tue, 18 Jun 2024 14:19:14 GMT
Hashcf25d32bf7efb5e09dd6cf0810835e8b bcc5ac6ec15e3e05c4e0162d3a6a5ada9f68cf9c 840b24a805bda861d1adddfe9dc2a6289bd857ae86689d68ecd7a2d69e8e0916
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /27-623673-es/css/normalize.css HTTP/1.1
Host: picknfuck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://picknfuck.com/27-623673-es/?cep=lz-Uh0jT6UMLISH4mfVS8TpHG-etPB8xaBmqXsUBqweT1jl5YFaOII-3If_-wHZEGkWh087IKh0tqG6167SGiF0bLrOOIjrOJEOpLUalVeZwrovB3dyRHogpO5OdhevsiIk3wlRfOUj65VZhVhTdqFktgcKx59OIaJxMopuXbbHkK0DwwcC5kpFTsVrzNjE6BJxgkBrA7OdLBX0TuLWUcojAq3EAUUlhuo5FrKyO2Zgv4ijDRvHrN6oxdXo-iw1FkDx5rAdr1cK-y45UCw4xe6Sq7O6qFi_90yqSM7V_DIBJkZL94e7AoPowuK8BdU9W60ZoOVBK2EZzCTeabRn02U0htZ291ESEnnzyZhghLyk3vEhMyz9DEFpreCrkpWwN3FntvsFWDA9xOrgt2OjO5XhGaBI_P0uBuz7dvKJufP2_YvhFv9Dsr7Jra_Ee9F3bVzDkEuCzNV3kfqxbBdHoq_MVEX3Fqh0UQ4ifBFp1MLI&lptoken=17eb147e15b972c755c4&campaign=ss_es_117_mb169&banner=%7Bbanner%7D&site=%7BsiteId%7D&pub=%7BSubId1%7D&subsource=%7B%25utm_term%7Curl%7C%25%7D&ts=117
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 18:17:36 GMT
content-type: text/css
last-modified: Thu, 14 Nov 2019 13:35:17 GMT
cache-control: public, max-age=2592000
expires: Sun, 26 May 2024 18:17:36 GMT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4TzZn3cPMHz0YIPc%2FvrNj2yRMYQ%2FGzpTzrbst0uKEjzmsX%2FwEZ3%2BIQZ9PAmBgBwmYxvxk3iulU7CTO3JcNAhO0kkP2RBLY8aggKnNEhwjBiG6VswFZgXvg8TQ2mAxm2r"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a89211aaee569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| static.production.push-sender.com/mng/subs_window.css?ver=1673340492 | 143.204.55.26 | 200 OK | 7.1 kB |
URL GET HTTP/2static.production.push-sender.com/mng/subs_window.css?ver=1673340492 IP143.204.55.26:443
Requested byhttps://picknfuck.com/27-623673-es/?cep=lz-Uh0jT6UMLISH4mfVS8TpHG-etPB8xaBmqXsUBqweT1jl5YFaOII-3If_-wHZEGkWh087IKh0tqG6167SGiF0bLrOOIjrOJEOpLUalVeZwrovB3dyRHogpO5OdhevsiIk3wlRfOUj65VZhVhTdqFktgcKx59OIaJxMopuXbbHkK0DwwcC5kpFTsVrzNjE6BJxgkBrA7OdLBX0TuLWUcojAq3EAUUlhuo5FrKyO2Zgv4ijDRvHrN6oxdXo-iw1FkDx5rAdr1cK-y45UCw4xe6Sq7O6qFi_90yqSM7V_DIBJkZL94e7AoPowuK8BdU9W60ZoOVBK2EZzCTeabRn02U0htZ291ESEnnzyZhghLyk3vEhMyz9DEFpreCrkpWwN3FntvsFWDA9xOrgt2OjO5XhGaBI_P0uBuz7dvKJufP2_YvhFv9Dsr7Jra_Ee9F3bVzDkEuCzNV3kfqxbBdHoq_MVEX3Fqh0UQ4ifBFp1MLI&lptoken=17eb147e15b972c755c4&campaign=ss_es_117_mb169&banner=%7Bbanner%7D&site=%7BsiteId%7D&pub=%7BSubId1%7D&subsource=%7B%25utm_term%7Curl%7C%25%7D&ts=117 CertificateIssuerAmazon Subjectproduction.push-sender.com FingerprintFF:F5:0A:96:D0:0D:81:D4:34:60:CB:E8:B6:BA:85:5B:40:30:38:AE ValidityMon, 18 Mar 2024 00:00:00 GMT - Thu, 17 Apr 2025 23:59:59 GMT
File typeUnicode text, UTF-8 text, with very long lines (7434), with no line terminators Hash7edfc18d48d2641549d953ad7b35769d b57f256b8a85278ce3459c2aac1b517b40889f94 460354d6acce1e481e3f0a6436a6484f25f9a58e1c8540eaa61047573e72d968
GET /mng/subs_window.css?ver=1673340492 HTTP/1.1
Host: static.production.push-sender.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://picknfuck.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 08 Feb 2024 14:25:55 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Fri, 26 Apr 2024 04:57:36 GMT
etag: W/"adb85744f96b502ad68d63ede0adcd4e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: z51f40Vmev4CNltW3S9yXwInzGycLnF7PDfKPjrnusPh1CwYiuBFUA==
age: 56255
X-Firefox-Spdy: h2
|
|
| static.production.push-sender.com/mng/channels/init.min.js?ver=1673340492 | 143.204.55.26 | 200 OK | 28 kB |
URL GET HTTP/2static.production.push-sender.com/mng/channels/init.min.js?ver=1673340492 IP143.204.55.26:443
Requested byhttps://picknfuck.com/27-623673-es/?cep=lz-Uh0jT6UMLISH4mfVS8TpHG-etPB8xaBmqXsUBqweT1jl5YFaOII-3If_-wHZEGkWh087IKh0tqG6167SGiF0bLrOOIjrOJEOpLUalVeZwrovB3dyRHogpO5OdhevsiIk3wlRfOUj65VZhVhTdqFktgcKx59OIaJxMopuXbbHkK0DwwcC5kpFTsVrzNjE6BJxgkBrA7OdLBX0TuLWUcojAq3EAUUlhuo5FrKyO2Zgv4ijDRvHrN6oxdXo-iw1FkDx5rAdr1cK-y45UCw4xe6Sq7O6qFi_90yqSM7V_DIBJkZL94e7AoPowuK8BdU9W60ZoOVBK2EZzCTeabRn02U0htZ291ESEnnzyZhghLyk3vEhMyz9DEFpreCrkpWwN3FntvsFWDA9xOrgt2OjO5XhGaBI_P0uBuz7dvKJufP2_YvhFv9Dsr7Jra_Ee9F3bVzDkEuCzNV3kfqxbBdHoq_MVEX3Fqh0UQ4ifBFp1MLI&lptoken=17eb147e15b972c755c4&campaign=ss_es_117_mb169&banner=%7Bbanner%7D&site=%7BsiteId%7D&pub=%7BSubId1%7D&subsource=%7B%25utm_term%7Curl%7C%25%7D&ts=117 CertificateIssuerAmazon Subjectproduction.push-sender.com FingerprintFF:F5:0A:96:D0:0D:81:D4:34:60:CB:E8:B6:BA:85:5B:40:30:38:AE ValidityMon, 18 Mar 2024 00:00:00 GMT - Thu, 17 Apr 2025 23:59:59 GMT
File typeJavaScript source, ASCII text Hash8853549c3d94b135cff7696e087dc08f 92ff4b057e92c46752e87b593677e960f80afb09 09c57ca60b3ff9fc47a5cf1b9c5eb52017bb130a3347af01be1d05ab1f7f91a0
GET /mng/channels/init.min.js?ver=1673340492 HTTP/1.1
Host: static.production.push-sender.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://picknfuck.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 08 Feb 2024 14:25:55 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Fri, 26 Apr 2024 07:00:54 GMT
etag: W/"8853549c3d94b135cff7696e087dc08f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rVwOaUvNrugZsQJ3TA1GutP4AY3uU69j-9mlFS3Phnwnq-88OXxVDw==
age: 40738
X-Firefox-Spdy: h2
|
|
| picknfuck.com/27-623673-es/css/CenturyGothic.woff | 104.21.51.242 | 404 Not Found | 315 B |
URL GET HTTP/3picknfuck.com/27-623673-es/css/CenturyGothic.woff IP104.21.51.242:443
Requested byhttps://picknfuck.com/27-623673-es/?cep=lz-Uh0jT6UMLISH4mfVS8TpHG-etPB8xaBmqXsUBqweT1jl5YFaOII-3If_-wHZEGkWh087IKh0tqG6167SGiF0bLrOOIjrOJEOpLUalVeZwrovB3dyRHogpO5OdhevsiIk3wlRfOUj65VZhVhTdqFktgcKx59OIaJxMopuXbbHkK0DwwcC5kpFTsVrzNjE6BJxgkBrA7OdLBX0TuLWUcojAq3EAUUlhuo5FrKyO2Zgv4ijDRvHrN6oxdXo-iw1FkDx5rAdr1cK-y45UCw4xe6Sq7O6qFi_90yqSM7V_DIBJkZL94e7AoPowuK8BdU9W60ZoOVBK2EZzCTeabRn02U0htZ291ESEnnzyZhghLyk3vEhMyz9DEFpreCrkpWwN3FntvsFWDA9xOrgt2OjO5XhGaBI_P0uBuz7dvKJufP2_YvhFv9Dsr7Jra_Ee9F3bVzDkEuCzNV3kfqxbBdHoq_MVEX3Fqh0UQ4ifBFp1MLI&lptoken=17eb147e15b972c755c4&campaign=ss_es_117_mb169&banner=%7Bbanner%7D&site=%7BsiteId%7D&pub=%7BSubId1%7D&subsource=%7B%25utm_term%7Curl%7C%25%7D&ts=117 CertificateIssuerLet's Encrypt Subjectpicknfuck.com FingerprintC4:BE:77:B5:14:39:D1:B9:5C:D5:AF:6D:95:97:60:F4:74:C6:C8:AD ValidityWed, 20 Mar 2024 14:19:15 GMT - Tue, 18 Jun 2024 14:19:14 GMT
File typeHTML document, ASCII text, with very long lines (326), with no line terminators Hash97ef40509b73c101d6815511c3adf98d a4242322497ea630ea72e26ba297a95a2bbe5ccd 322c1f60d9d454c801f7cff3173ef16b61cf9963a64e09a4d9e21d36218b56be
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /27-623673-es/css/CenturyGothic.woff HTTP/1.1
Host: picknfuck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://picknfuck.com/27-623673-es/css/style.css?v=2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Fri, 26 Apr 2024 18:17:37 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MDgDKeqjskz7jiaJbuJcjGmBOmEBwG6%2BamXi2KVI4Io93Sp1dps4Zydbxzm5uU%2Fy1NjcBcfYZcsjhY9RR7e14IvyRoWixj7BE1mNcgVh4A3ddYyCXnDt4eWKBmbmJcic"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a89215ca16569d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| picknfuck.com/27-623673-es/css/CenturyGothic.ttf | 104.21.51.242 | 404 Not Found | 315 B |
URL GET HTTP/3picknfuck.com/27-623673-es/css/CenturyGothic.ttf IP104.21.51.242:443
Requested byhttps://picknfuck.com/27-623673-es/?cep=lz-Uh0jT6UMLISH4mfVS8TpHG-etPB8xaBmqXsUBqweT1jl5YFaOII-3If_-wHZEGkWh087IKh0tqG6167SGiF0bLrOOIjrOJEOpLUalVeZwrovB3dyRHogpO5OdhevsiIk3wlRfOUj65VZhVhTdqFktgcKx59OIaJxMopuXbbHkK0DwwcC5kpFTsVrzNjE6BJxgkBrA7OdLBX0TuLWUcojAq3EAUUlhuo5FrKyO2Zgv4ijDRvHrN6oxdXo-iw1FkDx5rAdr1cK-y45UCw4xe6Sq7O6qFi_90yqSM7V_DIBJkZL94e7AoPowuK8BdU9W60ZoOVBK2EZzCTeabRn02U0htZ291ESEnnzyZhghLyk3vEhMyz9DEFpreCrkpWwN3FntvsFWDA9xOrgt2OjO5XhGaBI_P0uBuz7dvKJufP2_YvhFv9Dsr7Jra_Ee9F3bVzDkEuCzNV3kfqxbBdHoq_MVEX3Fqh0UQ4ifBFp1MLI&lptoken=17eb147e15b972c755c4&campaign=ss_es_117_mb169&banner=%7Bbanner%7D&site=%7BsiteId%7D&pub=%7BSubId1%7D&subsource=%7B%25utm_term%7Curl%7C%25%7D&ts=117 CertificateIssuerLet's Encrypt Subjectpicknfuck.com FingerprintC4:BE:77:B5:14:39:D1:B9:5C:D5:AF:6D:95:97:60:F4:74:C6:C8:AD ValidityWed, 20 Mar 2024 14:19:15 GMT - Tue, 18 Jun 2024 14:19:14 GMT
File typeHTML document, ASCII text, with very long lines (326), with no line terminators Hash97ef40509b73c101d6815511c3adf98d a4242322497ea630ea72e26ba297a95a2bbe5ccd 322c1f60d9d454c801f7cff3173ef16b61cf9963a64e09a4d9e21d36218b56be
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /27-623673-es/css/CenturyGothic.ttf HTTP/1.1
Host: picknfuck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://picknfuck.com/27-623673-es/css/style.css?v=2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Fri, 26 Apr 2024 18:17:37 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mUAPSnax4AzHovIu0aZRBsLgbIOyrPpF1Ty0cQwppIpjUc9Hb7cuPAZPK0WzAcP0oyKCnAjtCywX3GIB5JF62Txm4PRLIPN1pVvfzJrhqRZ3ctBCGJM79UPeASKeTUrL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a89217acfa569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| picknfuck.com/27-623673-es/css/style.css?v=2 | 104.21.51.242 | 200 OK | 6.6 kB |
URL GET HTTP/3picknfuck.com/27-623673-es/css/style.css?v=2 IP104.21.51.242:443
Requested byhttps://picknfuck.com/27-623673-es/?cep=lz-Uh0jT6UMLISH4mfVS8TpHG-etPB8xaBmqXsUBqweT1jl5YFaOII-3If_-wHZEGkWh087IKh0tqG6167SGiF0bLrOOIjrOJEOpLUalVeZwrovB3dyRHogpO5OdhevsiIk3wlRfOUj65VZhVhTdqFktgcKx59OIaJxMopuXbbHkK0DwwcC5kpFTsVrzNjE6BJxgkBrA7OdLBX0TuLWUcojAq3EAUUlhuo5FrKyO2Zgv4ijDRvHrN6oxdXo-iw1FkDx5rAdr1cK-y45UCw4xe6Sq7O6qFi_90yqSM7V_DIBJkZL94e7AoPowuK8BdU9W60ZoOVBK2EZzCTeabRn02U0htZ291ESEnnzyZhghLyk3vEhMyz9DEFpreCrkpWwN3FntvsFWDA9xOrgt2OjO5XhGaBI_P0uBuz7dvKJufP2_YvhFv9Dsr7Jra_Ee9F3bVzDkEuCzNV3kfqxbBdHoq_MVEX3Fqh0UQ4ifBFp1MLI&lptoken=17eb147e15b972c755c4&campaign=ss_es_117_mb169&banner=%7Bbanner%7D&site=%7BsiteId%7D&pub=%7BSubId1%7D&subsource=%7B%25utm_term%7Curl%7C%25%7D&ts=117 CertificateIssuerLet's Encrypt Subjectpicknfuck.com FingerprintC4:BE:77:B5:14:39:D1:B9:5C:D5:AF:6D:95:97:60:F4:74:C6:C8:AD ValidityWed, 20 Mar 2024 14:19:15 GMT - Tue, 18 Jun 2024 14:19:14 GMT
File typeASCII text, with very long lines (7174), with no line terminators Hash63757c95f6a7dc9bbc42c3378cd94c0a 4349f76f890931f0ebd60f94f3fe575970ae1ebc 3d3e04afe83d9999f3fa67704db3b8d07b9d99be92971f0ae93f054ccf2730ac
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /27-623673-es/css/style.css?v=2 HTTP/1.1
Host: picknfuck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://picknfuck.com/27-623673-es/?cep=lz-Uh0jT6UMLISH4mfVS8TpHG-etPB8xaBmqXsUBqweT1jl5YFaOII-3If_-wHZEGkWh087IKh0tqG6167SGiF0bLrOOIjrOJEOpLUalVeZwrovB3dyRHogpO5OdhevsiIk3wlRfOUj65VZhVhTdqFktgcKx59OIaJxMopuXbbHkK0DwwcC5kpFTsVrzNjE6BJxgkBrA7OdLBX0TuLWUcojAq3EAUUlhuo5FrKyO2Zgv4ijDRvHrN6oxdXo-iw1FkDx5rAdr1cK-y45UCw4xe6Sq7O6qFi_90yqSM7V_DIBJkZL94e7AoPowuK8BdU9W60ZoOVBK2EZzCTeabRn02U0htZ291ESEnnzyZhghLyk3vEhMyz9DEFpreCrkpWwN3FntvsFWDA9xOrgt2OjO5XhGaBI_P0uBuz7dvKJufP2_YvhFv9Dsr7Jra_Ee9F3bVzDkEuCzNV3kfqxbBdHoq_MVEX3Fqh0UQ4ifBFp1MLI&lptoken=17eb147e15b972c755c4&campaign=ss_es_117_mb169&banner=%7Bbanner%7D&site=%7BsiteId%7D&pub=%7BSubId1%7D&subsource=%7B%25utm_term%7Curl%7C%25%7D&ts=117
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 18:17:36 GMT
content-type: text/css
last-modified: Thu, 14 Nov 2019 13:35:17 GMT
cache-control: public, max-age=2592000
expires: Sun, 26 May 2024 18:17:36 GMT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xEz%2Be1uAs8g%2Fb%2BVoYA18g6Xs7pY7Y4QknZbJOoaFD5qYNL5LmFE9mrpTWbFMmzXlkOyoTO%2FncItp3lFkABR%2Fdir9qtTH4flEokpvGgA92dbN4iveQ7Zs%2BAcebwdyfBjr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a89211aaf2569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| picknfuck.com/27-623673-es/js/jquery.min.js | 104.21.51.242 | 200 OK | 96 kB |
URL GET HTTP/3picknfuck.com/27-623673-es/js/jquery.min.js IP104.21.51.242:443
Requested byhttps://picknfuck.com/27-623673-es/?cep=lz-Uh0jT6UMLISH4mfVS8TpHG-etPB8xaBmqXsUBqweT1jl5YFaOII-3If_-wHZEGkWh087IKh0tqG6167SGiF0bLrOOIjrOJEOpLUalVeZwrovB3dyRHogpO5OdhevsiIk3wlRfOUj65VZhVhTdqFktgcKx59OIaJxMopuXbbHkK0DwwcC5kpFTsVrzNjE6BJxgkBrA7OdLBX0TuLWUcojAq3EAUUlhuo5FrKyO2Zgv4ijDRvHrN6oxdXo-iw1FkDx5rAdr1cK-y45UCw4xe6Sq7O6qFi_90yqSM7V_DIBJkZL94e7AoPowuK8BdU9W60ZoOVBK2EZzCTeabRn02U0htZ291ESEnnzyZhghLyk3vEhMyz9DEFpreCrkpWwN3FntvsFWDA9xOrgt2OjO5XhGaBI_P0uBuz7dvKJufP2_YvhFv9Dsr7Jra_Ee9F3bVzDkEuCzNV3kfqxbBdHoq_MVEX3Fqh0UQ4ifBFp1MLI&lptoken=17eb147e15b972c755c4&campaign=ss_es_117_mb169&banner=%7Bbanner%7D&site=%7BsiteId%7D&pub=%7BSubId1%7D&subsource=%7B%25utm_term%7Curl%7C%25%7D&ts=117 CertificateIssuerLet's Encrypt Subjectpicknfuck.com FingerprintC4:BE:77:B5:14:39:D1:B9:5C:D5:AF:6D:95:97:60:F4:74:C6:C8:AD ValidityWed, 20 Mar 2024 14:19:15 GMT - Tue, 18 Jun 2024 14:19:14 GMT
File typeJavaScript source, ASCII text, with very long lines (32047) Hash5790ead7ad3ba27397aedfa3d263b867 8130544c215fe5d1ec081d83461bf4a711e74882 2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /27-623673-es/js/jquery.min.js HTTP/1.1
Host: picknfuck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://picknfuck.com/27-623673-es/?cep=lz-Uh0jT6UMLISH4mfVS8TpHG-etPB8xaBmqXsUBqweT1jl5YFaOII-3If_-wHZEGkWh087IKh0tqG6167SGiF0bLrOOIjrOJEOpLUalVeZwrovB3dyRHogpO5OdhevsiIk3wlRfOUj65VZhVhTdqFktgcKx59OIaJxMopuXbbHkK0DwwcC5kpFTsVrzNjE6BJxgkBrA7OdLBX0TuLWUcojAq3EAUUlhuo5FrKyO2Zgv4ijDRvHrN6oxdXo-iw1FkDx5rAdr1cK-y45UCw4xe6Sq7O6qFi_90yqSM7V_DIBJkZL94e7AoPowuK8BdU9W60ZoOVBK2EZzCTeabRn02U0htZ291ESEnnzyZhghLyk3vEhMyz9DEFpreCrkpWwN3FntvsFWDA9xOrgt2OjO5XhGaBI_P0uBuz7dvKJufP2_YvhFv9Dsr7Jra_Ee9F3bVzDkEuCzNV3kfqxbBdHoq_MVEX3Fqh0UQ4ifBFp1MLI&lptoken=17eb147e15b972c755c4&campaign=ss_es_117_mb169&banner=%7Bbanner%7D&site=%7BsiteId%7D&pub=%7BSubId1%7D&subsource=%7B%25utm_term%7Curl%7C%25%7D&ts=117
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 18:17:36 GMT
content-type: text/javascript
last-modified: Thu, 14 Nov 2019 13:35:21 GMT
cache-control: max-age=2592000, private
expires: Sun, 26 May 2024 18:17:36 GMT
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tuL00P%2BH8VxMAYBDxS%2BfSELoV%2Fgq5joM9ce2ZPOnyuMxt5xSxNeOtl3YQvqE3fG8PZwfmihGAPF67ZhiUlOg%2BYN6suIapo2w8065z2hAcRycImfB9KLtIsw1fKXkooTg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a89211aafc569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| picknfuck.com/27-623673-es/css/CenturyGothic-Bold.woff | 104.21.51.242 | 404 Not Found | 315 B |
URL GET HTTP/3picknfuck.com/27-623673-es/css/CenturyGothic-Bold.woff IP104.21.51.242:443
Requested byhttps://picknfuck.com/27-623673-es/?cep=lz-Uh0jT6UMLISH4mfVS8TpHG-etPB8xaBmqXsUBqweT1jl5YFaOII-3If_-wHZEGkWh087IKh0tqG6167SGiF0bLrOOIjrOJEOpLUalVeZwrovB3dyRHogpO5OdhevsiIk3wlRfOUj65VZhVhTdqFktgcKx59OIaJxMopuXbbHkK0DwwcC5kpFTsVrzNjE6BJxgkBrA7OdLBX0TuLWUcojAq3EAUUlhuo5FrKyO2Zgv4ijDRvHrN6oxdXo-iw1FkDx5rAdr1cK-y45UCw4xe6Sq7O6qFi_90yqSM7V_DIBJkZL94e7AoPowuK8BdU9W60ZoOVBK2EZzCTeabRn02U0htZ291ESEnnzyZhghLyk3vEhMyz9DEFpreCrkpWwN3FntvsFWDA9xOrgt2OjO5XhGaBI_P0uBuz7dvKJufP2_YvhFv9Dsr7Jra_Ee9F3bVzDkEuCzNV3kfqxbBdHoq_MVEX3Fqh0UQ4ifBFp1MLI&lptoken=17eb147e15b972c755c4&campaign=ss_es_117_mb169&banner=%7Bbanner%7D&site=%7BsiteId%7D&pub=%7BSubId1%7D&subsource=%7B%25utm_term%7Curl%7C%25%7D&ts=117 CertificateIssuerLet's Encrypt Subjectpicknfuck.com FingerprintC4:BE:77:B5:14:39:D1:B9:5C:D5:AF:6D:95:97:60:F4:74:C6:C8:AD ValidityWed, 20 Mar 2024 14:19:15 GMT - Tue, 18 Jun 2024 14:19:14 GMT
File typeHTML document, ASCII text, with very long lines (326), with no line terminators Hash97ef40509b73c101d6815511c3adf98d a4242322497ea630ea72e26ba297a95a2bbe5ccd 322c1f60d9d454c801f7cff3173ef16b61cf9963a64e09a4d9e21d36218b56be
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /27-623673-es/css/CenturyGothic-Bold.woff HTTP/1.1
Host: picknfuck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://picknfuck.com/27-623673-es/css/style.css?v=2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Fri, 26 Apr 2024 18:17:36 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BVUfZs8GagcpswmIfJ5c1t23BbkWbbik5fOdjC6E3VBXgO0gp4b%2BQ9yS%2Fztw%2FeaPlTl8HA%2FS9azeRGxRK0OtL3SpR8BNYPYI%2FLfyLSy9UjkIpVup506cUzkArtsKTDPg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a89215da23569d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| static.production.push-sender.com/mng/subs_window.js?ver=1673340492 | 143.204.55.26 | 200 OK | 20 kB |
URL GET HTTP/2static.production.push-sender.com/mng/subs_window.js?ver=1673340492 IP143.204.55.26:443
Requested byhttps://picknfuck.com/27-623673-es/?cep=lz-Uh0jT6UMLISH4mfVS8TpHG-etPB8xaBmqXsUBqweT1jl5YFaOII-3If_-wHZEGkWh087IKh0tqG6167SGiF0bLrOOIjrOJEOpLUalVeZwrovB3dyRHogpO5OdhevsiIk3wlRfOUj65VZhVhTdqFktgcKx59OIaJxMopuXbbHkK0DwwcC5kpFTsVrzNjE6BJxgkBrA7OdLBX0TuLWUcojAq3EAUUlhuo5FrKyO2Zgv4ijDRvHrN6oxdXo-iw1FkDx5rAdr1cK-y45UCw4xe6Sq7O6qFi_90yqSM7V_DIBJkZL94e7AoPowuK8BdU9W60ZoOVBK2EZzCTeabRn02U0htZ291ESEnnzyZhghLyk3vEhMyz9DEFpreCrkpWwN3FntvsFWDA9xOrgt2OjO5XhGaBI_P0uBuz7dvKJufP2_YvhFv9Dsr7Jra_Ee9F3bVzDkEuCzNV3kfqxbBdHoq_MVEX3Fqh0UQ4ifBFp1MLI&lptoken=17eb147e15b972c755c4&campaign=ss_es_117_mb169&banner=%7Bbanner%7D&site=%7BsiteId%7D&pub=%7BSubId1%7D&subsource=%7B%25utm_term%7Curl%7C%25%7D&ts=117 CertificateIssuerAmazon Subjectproduction.push-sender.com FingerprintFF:F5:0A:96:D0:0D:81:D4:34:60:CB:E8:B6:BA:85:5B:40:30:38:AE ValidityMon, 18 Mar 2024 00:00:00 GMT - Thu, 17 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /mng/subs_window.js?ver=1673340492 HTTP/1.1
Host: static.production.push-sender.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://picknfuck.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 08 Feb 2024 14:25:55 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Fri, 26 Apr 2024 05:24:30 GMT
etag: W/"2b3010e6d2440c83b9cfff48def5f0c1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 7vmpYhO_FS0-9RgoOWCSFYw27zK4BR5klOZLGu6xI1vS_WpQGqZW-Q==
age: 46408
X-Firefox-Spdy: h2
|
|
| picknfuck.com/27-623673-es/js/backoffer.js | 104.21.51.242 | 200 OK | 430 B |
URL GET HTTP/3picknfuck.com/27-623673-es/js/backoffer.js IP104.21.51.242:443
Requested byhttps://picknfuck.com/27-623673-es/?cep=lz-Uh0jT6UMLISH4mfVS8TpHG-etPB8xaBmqXsUBqweT1jl5YFaOII-3If_-wHZEGkWh087IKh0tqG6167SGiF0bLrOOIjrOJEOpLUalVeZwrovB3dyRHogpO5OdhevsiIk3wlRfOUj65VZhVhTdqFktgcKx59OIaJxMopuXbbHkK0DwwcC5kpFTsVrzNjE6BJxgkBrA7OdLBX0TuLWUcojAq3EAUUlhuo5FrKyO2Zgv4ijDRvHrN6oxdXo-iw1FkDx5rAdr1cK-y45UCw4xe6Sq7O6qFi_90yqSM7V_DIBJkZL94e7AoPowuK8BdU9W60ZoOVBK2EZzCTeabRn02U0htZ291ESEnnzyZhghLyk3vEhMyz9DEFpreCrkpWwN3FntvsFWDA9xOrgt2OjO5XhGaBI_P0uBuz7dvKJufP2_YvhFv9Dsr7Jra_Ee9F3bVzDkEuCzNV3kfqxbBdHoq_MVEX3Fqh0UQ4ifBFp1MLI&lptoken=17eb147e15b972c755c4&campaign=ss_es_117_mb169&banner=%7Bbanner%7D&site=%7BsiteId%7D&pub=%7BSubId1%7D&subsource=%7B%25utm_term%7Curl%7C%25%7D&ts=117 CertificateIssuerLet's Encrypt Subjectpicknfuck.com FingerprintC4:BE:77:B5:14:39:D1:B9:5C:D5:AF:6D:95:97:60:F4:74:C6:C8:AD ValidityWed, 20 Mar 2024 14:19:15 GMT - Tue, 18 Jun 2024 14:19:14 GMT
File typeJavaScript source, ASCII text, with very long lines (430), with no line terminators Hash6d5aa83d23ce0b9f72d3b87d000d8fae 034fb8768eb58ffc0b5849e2c162989741a6cbec 89266112a6c823b9c03dd5a32d8f1c5e9f4cbf4cf876b56c825781ea389d0800
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /27-623673-es/js/backoffer.js HTTP/1.1
Host: picknfuck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://picknfuck.com/27-623673-es/?cep=lz-Uh0jT6UMLISH4mfVS8TpHG-etPB8xaBmqXsUBqweT1jl5YFaOII-3If_-wHZEGkWh087IKh0tqG6167SGiF0bLrOOIjrOJEOpLUalVeZwrovB3dyRHogpO5OdhevsiIk3wlRfOUj65VZhVhTdqFktgcKx59OIaJxMopuXbbHkK0DwwcC5kpFTsVrzNjE6BJxgkBrA7OdLBX0TuLWUcojAq3EAUUlhuo5FrKyO2Zgv4ijDRvHrN6oxdXo-iw1FkDx5rAdr1cK-y45UCw4xe6Sq7O6qFi_90yqSM7V_DIBJkZL94e7AoPowuK8BdU9W60ZoOVBK2EZzCTeabRn02U0htZ291ESEnnzyZhghLyk3vEhMyz9DEFpreCrkpWwN3FntvsFWDA9xOrgt2OjO5XhGaBI_P0uBuz7dvKJufP2_YvhFv9Dsr7Jra_Ee9F3bVzDkEuCzNV3kfqxbBdHoq_MVEX3Fqh0UQ4ifBFp1MLI&lptoken=17eb147e15b972c755c4&campaign=ss_es_117_mb169&banner=%7Bbanner%7D&site=%7BsiteId%7D&pub=%7BSubId1%7D&subsource=%7B%25utm_term%7Curl%7C%25%7D&ts=117
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 18:17:36 GMT
content-type: text/javascript
last-modified: Thu, 14 Nov 2019 13:35:21 GMT
cache-control: max-age=2592000, private
expires: Sun, 26 May 2024 18:17:36 GMT
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oFw%2FFN3yhpjrr4wPySnxUGStzSZheSV34HtS3w9ObwsIhwU7f7y9xGjN0dcK39KppQETSTLpd47qY8VyBJoxxguAz3l8IVi13YLdU27J2dMJRuUqoy1HkPANMXyMsjb5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a89211bb12569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| picknfuck.com/27-623673-es/images/19.gif | 104.21.51.242 | 200 OK | 6.6 MB |
URL GET HTTP/3picknfuck.com/27-623673-es/images/19.gif IP104.21.51.242:443
Requested byhttps://picknfuck.com/27-623673-es/?cep=lz-Uh0jT6UMLISH4mfVS8TpHG-etPB8xaBmqXsUBqweT1jl5YFaOII-3If_-wHZEGkWh087IKh0tqG6167SGiF0bLrOOIjrOJEOpLUalVeZwrovB3dyRHogpO5OdhevsiIk3wlRfOUj65VZhVhTdqFktgcKx59OIaJxMopuXbbHkK0DwwcC5kpFTsVrzNjE6BJxgkBrA7OdLBX0TuLWUcojAq3EAUUlhuo5FrKyO2Zgv4ijDRvHrN6oxdXo-iw1FkDx5rAdr1cK-y45UCw4xe6Sq7O6qFi_90yqSM7V_DIBJkZL94e7AoPowuK8BdU9W60ZoOVBK2EZzCTeabRn02U0htZ291ESEnnzyZhghLyk3vEhMyz9DEFpreCrkpWwN3FntvsFWDA9xOrgt2OjO5XhGaBI_P0uBuz7dvKJufP2_YvhFv9Dsr7Jra_Ee9F3bVzDkEuCzNV3kfqxbBdHoq_MVEX3Fqh0UQ4ifBFp1MLI&lptoken=17eb147e15b972c755c4&campaign=ss_es_117_mb169&banner=%7Bbanner%7D&site=%7BsiteId%7D&pub=%7BSubId1%7D&subsource=%7B%25utm_term%7Curl%7C%25%7D&ts=117 CertificateIssuerLet's Encrypt Subjectpicknfuck.com FingerprintC4:BE:77:B5:14:39:D1:B9:5C:D5:AF:6D:95:97:60:F4:74:C6:C8:AD ValidityWed, 20 Mar 2024 14:19:15 GMT - Tue, 18 Jun 2024 14:19:14 GMT
Size6.6 MB (6596597 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /27-623673-es/images/19.gif HTTP/1.1
Host: picknfuck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://picknfuck.com/27-623673-es/css/style.css?v=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 18:17:37 GMT
content-type: image/gif
content-length: 6596597
last-modified: Thu, 14 Nov 2019 13:35:19 GMT
cache-control: public, max-age=31536000
expires: Sat, 26 Apr 2025 18:17:36 GMT
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4EHbpVuU2%2Bp%2B7f7LkzBJ4EcwwEgCgH0uTaRBr4N1YxPhKMyOaJCOupa7%2FZxgBoj0zB6zEv%2BoDjOHpgZg15x11ZZ9rdSxbNOfdk4F7ZwbOmm4jdBFTAfZ1xZwwQGEPg7f"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a89215998d569d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| picknfuck.com/27-623673-es/images/favicon-16x16.png | 104.21.51.242 | 200 OK | 748 B |
URL GET HTTP/3picknfuck.com/27-623673-es/images/favicon-16x16.png IP104.21.51.242:443
Requested byhttps://picknfuck.com/27-623673-es/?cep=lz-Uh0jT6UMLISH4mfVS8TpHG-etPB8xaBmqXsUBqweT1jl5YFaOII-3If_-wHZEGkWh087IKh0tqG6167SGiF0bLrOOIjrOJEOpLUalVeZwrovB3dyRHogpO5OdhevsiIk3wlRfOUj65VZhVhTdqFktgcKx59OIaJxMopuXbbHkK0DwwcC5kpFTsVrzNjE6BJxgkBrA7OdLBX0TuLWUcojAq3EAUUlhuo5FrKyO2Zgv4ijDRvHrN6oxdXo-iw1FkDx5rAdr1cK-y45UCw4xe6Sq7O6qFi_90yqSM7V_DIBJkZL94e7AoPowuK8BdU9W60ZoOVBK2EZzCTeabRn02U0htZ291ESEnnzyZhghLyk3vEhMyz9DEFpreCrkpWwN3FntvsFWDA9xOrgt2OjO5XhGaBI_P0uBuz7dvKJufP2_YvhFv9Dsr7Jra_Ee9F3bVzDkEuCzNV3kfqxbBdHoq_MVEX3Fqh0UQ4ifBFp1MLI&lptoken=17eb147e15b972c755c4&campaign=ss_es_117_mb169&banner=%7Bbanner%7D&site=%7BsiteId%7D&pub=%7BSubId1%7D&subsource=%7B%25utm_term%7Curl%7C%25%7D&ts=117 CertificateIssuerLet's Encrypt Subjectpicknfuck.com FingerprintC4:BE:77:B5:14:39:D1:B9:5C:D5:AF:6D:95:97:60:F4:74:C6:C8:AD ValidityWed, 20 Mar 2024 14:19:15 GMT - Tue, 18 Jun 2024 14:19:14 GMT
File typePNG image data, 16 x 16, 8-bit colormap, non-interlaced Hash2073755dce5f376126918f9088bfa40c 02152e71e873e4bc54dc043d11beeda57509b911 56735e3f974ead2524241c4d837bd6982bb10300d04fb2d1c5ce81f68b32afa3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /27-623673-es/images/favicon-16x16.png HTTP/1.1
Host: picknfuck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://picknfuck.com/27-623673-es/?cep=lz-Uh0jT6UMLISH4mfVS8TpHG-etPB8xaBmqXsUBqweT1jl5YFaOII-3If_-wHZEGkWh087IKh0tqG6167SGiF0bLrOOIjrOJEOpLUalVeZwrovB3dyRHogpO5OdhevsiIk3wlRfOUj65VZhVhTdqFktgcKx59OIaJxMopuXbbHkK0DwwcC5kpFTsVrzNjE6BJxgkBrA7OdLBX0TuLWUcojAq3EAUUlhuo5FrKyO2Zgv4ijDRvHrN6oxdXo-iw1FkDx5rAdr1cK-y45UCw4xe6Sq7O6qFi_90yqSM7V_DIBJkZL94e7AoPowuK8BdU9W60ZoOVBK2EZzCTeabRn02U0htZ291ESEnnzyZhghLyk3vEhMyz9DEFpreCrkpWwN3FntvsFWDA9xOrgt2OjO5XhGaBI_P0uBuz7dvKJufP2_YvhFv9Dsr7Jra_Ee9F3bVzDkEuCzNV3kfqxbBdHoq_MVEX3Fqh0UQ4ifBFp1MLI&lptoken=17eb147e15b972c755c4&campaign=ss_es_117_mb169&banner=%7Bbanner%7D&site=%7BsiteId%7D&pub=%7BSubId1%7D&subsource=%7B%25utm_term%7Curl%7C%25%7D&ts=117
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 18:17:37 GMT
content-type: image/png
content-length: 748
last-modified: Thu, 14 Nov 2019 13:35:18 GMT
cache-control: public, max-age=31536000
expires: Sat, 26 Apr 2025 18:17:37 GMT
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iHO5mQckXvFXmJ117l4A5IdjCj1lJxxMS7vI5nmBfafZDtzt6F9wZlYRW8%2F63ItWt1ZTW34gE%2FkF4r1RPip3%2B%2FFJrF1g75novHPtIzZFsSQsZSL2%2BNjopkvZtUW%2Bu1qX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a89219d87f569d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| picknfuck.com/27-623673-es/?cep=lz-Uh0jT6UMLISH4mfVS8TpHG-etPB8xaBmqXsUBqweT1jl5YFaOII-3If_-wHZEGkWh087IKh0tqG6167SGiF0bLrOOIjrOJEOpLUalVeZwrovB3dyRHogpO5OdhevsiIk3wlRfOUj65VZhVhTdqFktgcKx59OIaJxMopuXbbHkK0DwwcC5kpFTsVrzNjE6BJxgkBrA7OdLBX0TuLWUcojAq3EAUUlhuo5FrKyO2Zgv4ijDRvHrN6oxdXo-iw1FkDx5rAdr1cK-y45UCw4xe6Sq7O6qFi_90yqSM7V_DIBJkZL94e7AoPowuK8BdU9W60ZoOVBK2EZzCTeabRn02U0htZ291ESEnnzyZhghLyk3vEhMyz9DEFpreCrkpWwN3FntvsFWDA9xOrgt2OjO5XhGaBI_P0uBuz7dvKJufP2_YvhFv9Dsr7Jra_Ee9F3bVzDkEuCzNV3kfqxbBdHoq_MVEX3Fqh0UQ4ifBFp1MLI&lptoken=17eb147e15b972c755c4&campaign=ss_es_117_mb169&banner=%7Bbanner%7D&site=%7BsiteId%7D&pub=%7BSubId1%7D&subsource=%7B%25utm_term%7Curl%7C%25%7D&ts=117 | 104.21.51.242 | 200 OK | 4.4 kB |
URL User Request GET HTTP/2picknfuck.com/27-623673-es/?cep=lz-Uh0jT6UMLISH4mfVS8TpHG-etPB8xaBmqXsUBqweT1jl5YFaOII-3If_-wHZEGkWh087IKh0tqG6167SGiF0bLrOOIjrOJEOpLUalVeZwrovB3dyRHogpO5OdhevsiIk3wlRfOUj65VZhVhTdqFktgcKx59OIaJxMopuXbbHkK0DwwcC5kpFTsVrzNjE6BJxgkBrA7OdLBX0TuLWUcojAq3EAUUlhuo5FrKyO2Zgv4ijDRvHrN6oxdXo-iw1FkDx5rAdr1cK-y45UCw4xe6Sq7O6qFi_90yqSM7V_DIBJkZL94e7AoPowuK8BdU9W60ZoOVBK2EZzCTeabRn02U0htZ291ESEnnzyZhghLyk3vEhMyz9DEFpreCrkpWwN3FntvsFWDA9xOrgt2OjO5XhGaBI_P0uBuz7dvKJufP2_YvhFv9Dsr7Jra_Ee9F3bVzDkEuCzNV3kfqxbBdHoq_MVEX3Fqh0UQ4ifBFp1MLI&lptoken=17eb147e15b972c755c4&campaign=ss_es_117_mb169&banner=%7Bbanner%7D&site=%7BsiteId%7D&pub=%7BSubId1%7D&subsource=%7B%25utm_term%7Curl%7C%25%7D&ts=117 IP104.21.51.242:443
CertificateIssuerLet's Encrypt Subjectpicknfuck.com FingerprintC4:BE:77:B5:14:39:D1:B9:5C:D5:AF:6D:95:97:60:F4:74:C6:C8:AD ValidityWed, 20 Mar 2024 14:19:15 GMT - Tue, 18 Jun 2024 14:19:14 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (4738), with no line terminators Hash63f1caaa5d39736c123a7ebc24c28a5e f098077756288d5b0d462357b25839ac5d848524 4cc6b04d3bf7a0726b57ee20569c93f72bf57b347aa69c2b8a1b3b2770eb9890
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /27-623673-es/?cep=lz-Uh0jT6UMLISH4mfVS8TpHG-etPB8xaBmqXsUBqweT1jl5YFaOII-3If_-wHZEGkWh087IKh0tqG6167SGiF0bLrOOIjrOJEOpLUalVeZwrovB3dyRHogpO5OdhevsiIk3wlRfOUj65VZhVhTdqFktgcKx59OIaJxMopuXbbHkK0DwwcC5kpFTsVrzNjE6BJxgkBrA7OdLBX0TuLWUcojAq3EAUUlhuo5FrKyO2Zgv4ijDRvHrN6oxdXo-iw1FkDx5rAdr1cK-y45UCw4xe6Sq7O6qFi_90yqSM7V_DIBJkZL94e7AoPowuK8BdU9W60ZoOVBK2EZzCTeabRn02U0htZ291ESEnnzyZhghLyk3vEhMyz9DEFpreCrkpWwN3FntvsFWDA9xOrgt2OjO5XhGaBI_P0uBuz7dvKJufP2_YvhFv9Dsr7Jra_Ee9F3bVzDkEuCzNV3kfqxbBdHoq_MVEX3Fqh0UQ4ifBFp1MLI&lptoken=17eb147e15b972c755c4&campaign=ss_es_117_mb169&banner=%7Bbanner%7D&site=%7BsiteId%7D&pub=%7BSubId1%7D&subsource=%7B%25utm_term%7Curl%7C%25%7D&ts=117 HTTP/1.1
Host: picknfuck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 18:17:35 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a6d1%2FOgIP0dmd1RcZDaGHvK8xiTtQDyVBnblXX9pk5xhwXNn5s4kwziU5ohVfd0n4AHfAXy%2FpBk5mrEawM8ksNZDiY%2FCwpzsapEXkNvvWeUr6Bis6dKCbXgSkgYajJFX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a8920a9a1bb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| picknfuck.com/27-623673-es/js/inline_video.js | 104.21.51.242 | 200 OK | 3.0 kB |
URL GET HTTP/3picknfuck.com/27-623673-es/js/inline_video.js IP104.21.51.242:443
Requested byhttps://picknfuck.com/27-623673-es/?cep=lz-Uh0jT6UMLISH4mfVS8TpHG-etPB8xaBmqXsUBqweT1jl5YFaOII-3If_-wHZEGkWh087IKh0tqG6167SGiF0bLrOOIjrOJEOpLUalVeZwrovB3dyRHogpO5OdhevsiIk3wlRfOUj65VZhVhTdqFktgcKx59OIaJxMopuXbbHkK0DwwcC5kpFTsVrzNjE6BJxgkBrA7OdLBX0TuLWUcojAq3EAUUlhuo5FrKyO2Zgv4ijDRvHrN6oxdXo-iw1FkDx5rAdr1cK-y45UCw4xe6Sq7O6qFi_90yqSM7V_DIBJkZL94e7AoPowuK8BdU9W60ZoOVBK2EZzCTeabRn02U0htZ291ESEnnzyZhghLyk3vEhMyz9DEFpreCrkpWwN3FntvsFWDA9xOrgt2OjO5XhGaBI_P0uBuz7dvKJufP2_YvhFv9Dsr7Jra_Ee9F3bVzDkEuCzNV3kfqxbBdHoq_MVEX3Fqh0UQ4ifBFp1MLI&lptoken=17eb147e15b972c755c4&campaign=ss_es_117_mb169&banner=%7Bbanner%7D&site=%7BsiteId%7D&pub=%7BSubId1%7D&subsource=%7B%25utm_term%7Curl%7C%25%7D&ts=117 CertificateIssuerLet's Encrypt Subjectpicknfuck.com FingerprintC4:BE:77:B5:14:39:D1:B9:5C:D5:AF:6D:95:97:60:F4:74:C6:C8:AD ValidityWed, 20 Mar 2024 14:19:15 GMT - Tue, 18 Jun 2024 14:19:14 GMT
File typeJavaScript source, ASCII text, with very long lines (3065), with no line terminators Hashe175bdfcc4b171365efc49e1ea0dfb7d 24d2ffb1437bfae00f7c45a15a356f3a5e35429a e5962ae0ff8087856fce6a84548a742c61496e2bb37011dca33ab004eabeb5c7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /27-623673-es/js/inline_video.js HTTP/1.1
Host: picknfuck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://picknfuck.com/27-623673-es/?cep=lz-Uh0jT6UMLISH4mfVS8TpHG-etPB8xaBmqXsUBqweT1jl5YFaOII-3If_-wHZEGkWh087IKh0tqG6167SGiF0bLrOOIjrOJEOpLUalVeZwrovB3dyRHogpO5OdhevsiIk3wlRfOUj65VZhVhTdqFktgcKx59OIaJxMopuXbbHkK0DwwcC5kpFTsVrzNjE6BJxgkBrA7OdLBX0TuLWUcojAq3EAUUlhuo5FrKyO2Zgv4ijDRvHrN6oxdXo-iw1FkDx5rAdr1cK-y45UCw4xe6Sq7O6qFi_90yqSM7V_DIBJkZL94e7AoPowuK8BdU9W60ZoOVBK2EZzCTeabRn02U0htZ291ESEnnzyZhghLyk3vEhMyz9DEFpreCrkpWwN3FntvsFWDA9xOrgt2OjO5XhGaBI_P0uBuz7dvKJufP2_YvhFv9Dsr7Jra_Ee9F3bVzDkEuCzNV3kfqxbBdHoq_MVEX3Fqh0UQ4ifBFp1MLI&lptoken=17eb147e15b972c755c4&campaign=ss_es_117_mb169&banner=%7Bbanner%7D&site=%7BsiteId%7D&pub=%7BSubId1%7D&subsource=%7B%25utm_term%7Curl%7C%25%7D&ts=117
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 18:17:36 GMT
content-type: text/javascript
last-modified: Thu, 14 Nov 2019 13:35:21 GMT
cache-control: max-age=2592000, private
expires: Sun, 26 May 2024 18:17:36 GMT
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gbnab8z7Q6iY9O8PkXNmp9mVMOmXkj5HiWLtYlK0edilSyoEZAkg7NsrwMutQ1HbOaCtTBjuafXhLd0CKlPscIBlQERu%2BQUgTR8hcTfOTycTr9UtVR9bVjfHMUwLmgJf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a89211bb11569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| picknfuck.com/27-623673-es/css/CenturyGothic-Bold.ttf | 104.21.51.242 | 404 Not Found | 315 B |
URL GET HTTP/3picknfuck.com/27-623673-es/css/CenturyGothic-Bold.ttf IP104.21.51.242:443
Requested byhttps://picknfuck.com/27-623673-es/?cep=lz-Uh0jT6UMLISH4mfVS8TpHG-etPB8xaBmqXsUBqweT1jl5YFaOII-3If_-wHZEGkWh087IKh0tqG6167SGiF0bLrOOIjrOJEOpLUalVeZwrovB3dyRHogpO5OdhevsiIk3wlRfOUj65VZhVhTdqFktgcKx59OIaJxMopuXbbHkK0DwwcC5kpFTsVrzNjE6BJxgkBrA7OdLBX0TuLWUcojAq3EAUUlhuo5FrKyO2Zgv4ijDRvHrN6oxdXo-iw1FkDx5rAdr1cK-y45UCw4xe6Sq7O6qFi_90yqSM7V_DIBJkZL94e7AoPowuK8BdU9W60ZoOVBK2EZzCTeabRn02U0htZ291ESEnnzyZhghLyk3vEhMyz9DEFpreCrkpWwN3FntvsFWDA9xOrgt2OjO5XhGaBI_P0uBuz7dvKJufP2_YvhFv9Dsr7Jra_Ee9F3bVzDkEuCzNV3kfqxbBdHoq_MVEX3Fqh0UQ4ifBFp1MLI&lptoken=17eb147e15b972c755c4&campaign=ss_es_117_mb169&banner=%7Bbanner%7D&site=%7BsiteId%7D&pub=%7BSubId1%7D&subsource=%7B%25utm_term%7Curl%7C%25%7D&ts=117 CertificateIssuerLet's Encrypt Subjectpicknfuck.com FingerprintC4:BE:77:B5:14:39:D1:B9:5C:D5:AF:6D:95:97:60:F4:74:C6:C8:AD ValidityWed, 20 Mar 2024 14:19:15 GMT - Tue, 18 Jun 2024 14:19:14 GMT
File typeHTML document, ASCII text, with very long lines (326), with no line terminators Hash97ef40509b73c101d6815511c3adf98d a4242322497ea630ea72e26ba297a95a2bbe5ccd 322c1f60d9d454c801f7cff3173ef16b61cf9963a64e09a4d9e21d36218b56be
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /27-623673-es/css/CenturyGothic-Bold.ttf HTTP/1.1
Host: picknfuck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://picknfuck.com/27-623673-es/css/style.css?v=2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Fri, 26 Apr 2024 18:17:37 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YlVX7N54WP82Aej1V9jpKdT4V%2BWzPLZDQIRCp%2FfDWwKTJ5NydQgxvLot8BAWCCjUJ2FKOnn8fCA0JTy809bbehoogWhAhGFxXV2HjWGfSKHrqgiauyzLn2eFUUYf7YUA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a892164ac4569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|