| aljazirah.com.sa/media/jui/js/jquery-noconflict.js?e16786992c3461f707206d214f4e43c5 |  172.67.195.121 | | 21 B |
URL aljazirah.com.sa/media/jui/js/jquery-noconflict.js?e16786992c3461f707206d214f4e43c5 IP172.67.195.121:0
Hashe2060c4e5e5955c824723b13a212d3ec 18420ce484978f8ba3d7371febf1638828bb7a67 5b6cf4e6eda02f7c90b60b3c32413c0851915f8f80a268a913b92929085132a6
GET /media/jui/js/jquery-noconflict.js?e16786992c3461f707206d214f4e43c5 HTTP/1.1
Host: aljazirah.com.sa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aljazirah.com.sa/
Cookie: PHPSESSID=1cf9a62cf23b0313758d2b67fd4bb92c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 16:20:10 GMT
content-type: application/javascript
content-length: 21
last-modified: Sat, 08 Jul 2023 21:23:20 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2844
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5at4gvBQgKH0jZkoB9%2FbUPphAxq5jHMF0jXOFeASZj%2BKB2xET%2F7SPlkBIlEoPmAbePxQk9dHrlOSAy2reQH%2BqrQLR%2BSdDslFHecUT%2F%2F3JRMTX%2BZyMiik6ELkG3SyCAlkQxg3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87976b507e3f0b61-OSL
alt-svc: h3=":443"; ma=86400
|
|
| code.jquery.com/jquery-3.3.1.min.js | 151.101.2.137 | | 30 kB |
URL code.jquery.com/jquery-3.3.1.min.js IP151.101.2.137:0
File typeJavaScript source, ASCII text, with very long lines (65451) Hasha09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
GET /jquery-3.3.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aljazirah.com.sa/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-1538f"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 24 Apr 2024 16:20:10 GMT
age: 19175007
x-served-by: cache-lga13622-LGA, cache-hel1410020-HEL
x-cache: HIT, HIT
x-cache-hits: 36, 246870
x-timer: S1713975611.989436,VS0,VE0
vary: Accept-Encoding
content-length: 30288
X-Firefox-Spdy: h2
|
|
| aljazirah.com.sa/media/mod_languages/images/ar_aa.gif | 172.67.195.121 | | 1.0 kB |
URL aljazirah.com.sa/media/mod_languages/images/ar_aa.gif IP172.67.195.121:0
File typeGIF image data, version 87a, 18 x 12 Hash7ee1ac86f7e5832a6d9de2041967b3cf 08c3326b7a29724d197fbcf80e6fcfd107b1eb26 39911b00af07fd9e89208ec4537e1dca2efbef92b4a8e9567022f73f647fe0e7
GET /media/mod_languages/images/ar_aa.gif HTTP/1.1
Host: aljazirah.com.sa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aljazirah.com.sa/
Cookie: PHPSESSID=1cf9a62cf23b0313758d2b67fd4bb92c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 16:20:11 GMT
content-type: image/gif
content-length: 1001
last-modified: Sat, 08 Jul 2023 21:23:20 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2845
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I3jStK1yGalQ8IQO6r6IQmOr%2Bmr8u06S6GbvQjqInvp3JHxAP2Gp%2FyjMyHQbrnZSOL0NMaPQ56raGJa6nGYKnbVAVcnLCBatAkEaaS2AUdmI3K2u4BTBDTrJu7POoSQcipey"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87976b50ce770b61-OSL
alt-svc: h3=":443"; ma=86400
|
|
| aljazirah.com.sa/media/mod_languages/images/en_gb.gif | 172.67.195.121 | | 1.0 kB |
URL aljazirah.com.sa/media/mod_languages/images/en_gb.gif IP172.67.195.121:0
File typeGIF image data, version 87a, 18 x 12 Hashdc27490e740f62c372205d04e5b0400e cad81078b95b980801485ac2d69b10a45b8ff3f6 5d14e1355f6dc3fae99dda64bd1b376867196c66c2eb3dd07ffb18f8dd0d242b
GET /media/mod_languages/images/en_gb.gif HTTP/1.1
Host: aljazirah.com.sa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aljazirah.com.sa/
Cookie: PHPSESSID=1cf9a62cf23b0313758d2b67fd4bb92c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 16:20:11 GMT
content-type: image/gif
content-length: 1027
last-modified: Sat, 08 Jul 2023 21:23:20 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2845
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BIPDh%2F2Q5UV6S%2F%2F6%2BNbC4RyACwVw61CQ%2Fe82eu%2B%2Fix2%2Btbcq6q9g2uPPyd%2FDFAJmbjX3Nhz1WtnIUCKksvYxGrhkLU5r%2BaM7C1OOCAre8rQSHz81Qg0zcEPF5Ocj7tyRlxtG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87976b50ce7e0b61-OSL
alt-svc: h3=":443"; ma=86400
|
|
| aljazirah.com.sa/images/2022/02/22/photo4.jpg | 172.67.195.121 | | 100 kB |
URL aljazirah.com.sa/images/2022/02/22/photo4.jpg IP172.67.195.121:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1102x626, components 3 Hashe33c93d225af4ea7c094ee04057494e3 65683ec362429d8094d436c7b6476cf74cf982d6 9849cb98d43bc588d3264b838b0678d16b1e48cb51c7b3c5f725954eabc6367a
GET /images/2022/02/22/photo4.jpg HTTP/1.1
Host: aljazirah.com.sa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aljazirah.com.sa/
Cookie: PHPSESSID=1cf9a62cf23b0313758d2b67fd4bb92c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 16:20:11 GMT
content-type: image/jpeg
content-length: 99984
last-modified: Tue, 22 Feb 2022 18:27:19 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2845
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h0xUqNoVRi39yxviSWJx0aK2%2F9ImzavYufsVcMP0JReUZx93J1RDs4gqqdKxKT8huw8eg80%2BJaLCoWqc1EYnUoql54iHQp59pVHgA6BkNcSFO7dw8Wjtt90uxx29qRvn8fQY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87976b50de840b61-OSL
alt-svc: h3=":443"; ma=86400
|
|
| aljazirah.com.sa/images/al-jazira-clinic-final-logo-1.png | 172.67.195.121 | | 165 kB |
URL aljazirah.com.sa/images/al-jazira-clinic-final-logo-1.png IP172.67.195.121:0
File typePNG image data, 1053 x 817, 8-bit/color RGBA, non-interlaced Size165 kB (164894 bytes) Hash862e97261c42b3aa4e753204cbd11987 3585ab0a981f8b508ce5691f53b6a9ffcb8244e3 5ac37bd99d00ee3050b07c86b6a11be898e397117113e9012555ccff2abaf7c7
GET /images/al-jazira-clinic-final-logo-1.png HTTP/1.1
Host: aljazirah.com.sa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aljazirah.com.sa/
Cookie: PHPSESSID=1cf9a62cf23b0313758d2b67fd4bb92c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 16:20:11 GMT
content-type: image/png
content-length: 164894
last-modified: Tue, 13 Oct 2020 08:37:43 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2845
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=87B7zHJUwc0hio5U0KmGMcTbJ1AX%2F7%2BaOhQ3IUfuL99PQdlArYhpe6osJG4j0kTn3JL5mYEnwOPGkuWdVHEseam86FaJrD5XBWr0BbUGe0OhxeQPpKf77k63bkRC6681XTIr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87976b50de820b61-OSL
alt-svc: h3=":443"; ma=86400
|
|
| aljazirah.com.sa/images/2022/02/22/Dent.jpg | 172.67.195.121 | | 116 kB |
URL aljazirah.com.sa/images/2022/02/22/Dent.jpg IP172.67.195.121:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1102x626, components 3 Size116 kB (115666 bytes) Hashea02bd6c0a7179880ad4b1ee0e4ecd69 8920f4dca9357acaebdda0575bf727ad54901142 de270bb3ec322e23a9dd31685a79d4940456fc6145069a20f457e3350fd1d950
GET /images/2022/02/22/Dent.jpg HTTP/1.1
Host: aljazirah.com.sa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aljazirah.com.sa/
Cookie: PHPSESSID=1cf9a62cf23b0313758d2b67fd4bb92c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 16:20:11 GMT
content-type: image/jpeg
content-length: 115666
last-modified: Tue, 22 Feb 2022 18:27:19 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2845
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pld%2Bc2QVngTMbEMjGSc9EB8mHX1CxfnAVicBe1ovz5hYph4bpGECZD3Xx5Ohrs0ncHjVx1LZ735cBCzmx%2BgbvahNsZ6aeBUFgKmRg8eT%2FT49tpHsEDROopVAkZ1Sf5XC3iLj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87976b50de850b61-OSL
alt-svc: h3=":443"; ma=86400
|
|
| aljazirah.com.sa/images/2022/02/22/photo6.jpg | 172.67.195.121 | | 94 kB |
URL aljazirah.com.sa/images/2022/02/22/photo6.jpg IP172.67.195.121:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1102x626, components 3 Hash385f5c9c2bfbbb67862ee8d4efe75e21 d2114cf06844aaa0ced029d5ec1b5cbfd178d654 ef2ed1233f5762b2c010dd6625025ecbb62200b6ff87f8571c945ec9c2e025fd
GET /images/2022/02/22/photo6.jpg HTTP/1.1
Host: aljazirah.com.sa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aljazirah.com.sa/
Cookie: PHPSESSID=1cf9a62cf23b0313758d2b67fd4bb92c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 16:20:11 GMT
content-type: image/jpeg
content-length: 94253
last-modified: Tue, 22 Feb 2022 18:27:19 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2845
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fm5ENcHhuTOB7KJMdW%2FJRYIezg0aIJWfPFKY0F30SccVtX%2Bgx%2FG2ZqdeeNo0Xvax8oyZc61WgFjxGCgWLfq71RKwwH5pCenfleFOz%2BXo8jijn8w3Y%2BT4SMEeyi3be7RrFrLX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87976b50de860b61-OSL
alt-svc: h3=":443"; ma=86400
|
|
| aljazirah.com.sa/images/2022/02/22/photo8.jpg | 172.67.195.121 | | 131 kB |
URL aljazirah.com.sa/images/2022/02/22/photo8.jpg IP172.67.195.121:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1102x626, components 3 Size131 kB (131047 bytes) Hash683f675d715ad6e9dfbf6705200ce00c 6069bec099e09c442fb9ccc12dd73eaa58aa1f87 34531124c07ec29f2293f7c046b6a65eaa8836e2254f6ebe715a53d909543db4
GET /images/2022/02/22/photo8.jpg HTTP/1.1
Host: aljazirah.com.sa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aljazirah.com.sa/
Cookie: PHPSESSID=1cf9a62cf23b0313758d2b67fd4bb92c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 16:20:11 GMT
content-type: image/jpeg
content-length: 131047
last-modified: Tue, 22 Feb 2022 18:27:19 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2845
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KMQY%2B1wU%2FciNS8PCTveFO17lqPwj6I0YzBDE49Pu4ymZBlBXdRFMo%2BjjsoCwrOMRZLsf%2B2%2FB%2Bws%2FN1gVQd4kBStclJox5f874Fm7lcKqa%2F1rdS1iMGUDX1QBw3TxcxF5JPq%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87976b50de890b61-OSL
alt-svc: h3=":443"; ma=86400
|
|
| aljazirah.com.sa/images/2022/02/22/kindpng_1863928_1.png | 172.67.195.121 | | 25 kB |
URL aljazirah.com.sa/images/2022/02/22/kindpng_1863928_1.png IP172.67.195.121:0
File typePNG image data, 1508 x 525, 8-bit colormap, non-interlaced Hash2fbe75b1522cd60044668093cc953b9b bd1b1128718266b39fe994889c2fcda35c8683fc 499c9926ccfd970a69dd5bba63bf45934281992523fe54b807702ba4875cc6b9
GET /images/2022/02/22/kindpng_1863928_1.png HTTP/1.1
Host: aljazirah.com.sa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aljazirah.com.sa/
Cookie: PHPSESSID=1cf9a62cf23b0313758d2b67fd4bb92c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 16:20:11 GMT
content-type: image/png
content-length: 25128
last-modified: Tue, 22 Feb 2022 18:27:19 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2845
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2aIuXlWN18%2BzyA%2BHVVb9lS5VBAxlgDTfywnBLKnnbj0Vp88tMWlG0kEQVxHUDeXGzQFFbPKdAqlOe7xPjuZTpsS4aE7c9vKWTSnQ8wNS8BbQlfodp8gb9zNEv4vAOHtJHtW9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87976b50fe9a0b61-OSL
alt-svc: h3=":443"; ma=86400
|
|
| aljazirah.com.sa/images/2022/02/22/1_v9-opwpaugei-jmp05rc_a.png | 172.67.195.121 | | 19 kB |
URL aljazirah.com.sa/images/2022/02/22/1_v9-opwpaugei-jmp05rc_a.png IP172.67.195.121:0
File typePNG image data, 1200 x 414, 8-bit colormap, non-interlaced Hashf4bc2ed6300a99bbac3ec71b459fcc25 6bd2634e8ff7add0f4b2b1e1f5afcfcfd488b843 f421c8fec6434de9515fa7b53e9db88f83576cdc980af49140e1730cd82fbc03
GET /images/2022/02/22/1_v9-opwpaugei-jmp05rc_a.png HTTP/1.1
Host: aljazirah.com.sa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aljazirah.com.sa/
Cookie: PHPSESSID=1cf9a62cf23b0313758d2b67fd4bb92c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 16:20:11 GMT
content-type: image/png
content-length: 19041
last-modified: Tue, 22 Feb 2022 18:27:19 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2845
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p7SYJhmLgazewJ4QhXdaEdiHPrdKY6W50e1HfdOo8n6mRzoIU%2Bzrae2JjFO9TVHafcFoEf6xZ106ghD1nKhDgABjDaBxbWAxlFxub9lC6Sk3c5qQ1Y82VFb9LKScXqz%2FHYLC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87976b50fe9b0b61-OSL
alt-svc: h3=":443"; ma=86400
|
|
| maps.googleapis.com/maps/api/js?key=AIzaSyDrDxkQCQWoNHl6H54RcEG-R2yBbNIq5Rk | 142.250.74.138 | | 66 kB |
URL maps.googleapis.com/maps/api/js?key=AIzaSyDrDxkQCQWoNHl6H54RcEG-R2yBbNIq5Rk IP142.250.74.138:0
File typeJavaScript source, ASCII text, with very long lines (10151) Hash41ffcdce23d1f7ab1fb3965692b30797 bf2b6738183490d7e6ca86c55e4acd51d2365978 113556de6edbe6e47cec9833f7cca50205f51b1ea193480d414fd02196988766
GET /maps/api/js?key=AIzaSyDrDxkQCQWoNHl6H54RcEG-R2yBbNIq5Rk HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aljazirah.com.sa/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
timing-allow-origin: *
cache-control: public, max-age=1800
vary: Accept-Language, Origin, X-Origin, Referer
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
date: Wed, 24 Apr 2024 16:20:11 GMT
server: scaffolding on HTTPServer2
content-length: 65925
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| aljazirah.com.sa/images/atiatallah_mohammed.jpg | 172.67.195.121 | | 41 kB |
URL aljazirah.com.sa/images/atiatallah_mohammed.jpg IP172.67.195.121:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2020:05:10 11:44:35], baseline, precision 8, 263x357, components 3 Hash9d37cfcb3bd6c9d55b1738a1ba9e5da6 ad5c8d3c14d33592851bb57137c83a0a98b681ed ac44bfb6d2fc26749bedfd30df5bc05242e13788fa30fa2d0c51abc6c0d0836e
GET /images/atiatallah_mohammed.jpg HTTP/1.1
Host: aljazirah.com.sa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aljazirah.com.sa/
Cookie: PHPSESSID=1cf9a62cf23b0313758d2b67fd4bb92c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 16:20:11 GMT
content-type: image/jpeg
content-length: 41323
last-modified: Mon, 07 Feb 2022 21:35:48 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2845
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wRTdeceTAcc%2F0HpbQsea%2FmauZxiYezpxNU8pP54uCIf4KZzbJZCV8sbhLE0HdZCf3gou7owiqQYrBVMvUDXIpc%2FAgNHAYzXA7PNe%2FpjA8d9CssYCobkcjYD1PmFAU%2F6jWhaO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87976b50fe9c0b61-OSL
alt-svc: h3=":443"; ma=86400
|
|
| aljazirah.com.sa/images/2022/02/07/muneer_bushi.jpg | 172.67.195.121 | | 44 kB |
URL aljazirah.com.sa/images/2022/02/07/muneer_bushi.jpg IP172.67.195.121:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2020:05:10 02:24:12], baseline, precision 8, 263x357, components 3 Hash2c9c4d81eaf6b70157f8f866bd329881 7fe99b962e4c3efee8b9cced30f780bb8c3907c5 a460821078fc6c19006f3c8c8818bcb4d361a46e58bb32c024fa063c56b8d026
GET /images/2022/02/07/muneer_bushi.jpg HTTP/1.1
Host: aljazirah.com.sa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aljazirah.com.sa/
Cookie: PHPSESSID=1cf9a62cf23b0313758d2b67fd4bb92c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 16:20:11 GMT
content-type: image/jpeg
content-length: 44261
last-modified: Mon, 07 Feb 2022 21:44:00 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2845
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DlfMOXqikuu6alaYM6640p91CQlP0duYNThg0cWR6%2BwDUbUINiXX8KarunMtK%2BxwhjcFOvJRCDdaQVbkrPGEryAluNEgCCvvi7MGw%2B3f3DtYbLijaGgS7q7vl9r6p%2BNRgEBW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87976b50fe9e0b61-OSL
alt-svc: h3=":443"; ma=86400
|
|
| aljazirah.com.sa/images/2022/02/07/mustafa_khafji.jpg | 172.67.195.121 | | 35 kB |
URL aljazirah.com.sa/images/2022/02/07/mustafa_khafji.jpg IP172.67.195.121:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2020:05:10 02:10:55], baseline, precision 8, 263x357, components 3 Hasha67451a1a052b05576fa29fc77ad395d eb72ca5595052a53fc2fba25248db40208434a4d 3bf98cd8813fbed9dfa6c70408aed8a431d44b69659deb655f32965f1e4b098f
GET /images/2022/02/07/mustafa_khafji.jpg HTTP/1.1
Host: aljazirah.com.sa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aljazirah.com.sa/
Cookie: PHPSESSID=1cf9a62cf23b0313758d2b67fd4bb92c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 16:20:11 GMT
content-type: image/jpeg
content-length: 34672
last-modified: Mon, 07 Feb 2022 21:44:30 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2845
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rcO0MOpnXCfBBmKniGxA8RU3nchThd9YZgxT9W5ou%2B86fDvEows8g3c%2FpXISU3q497UdF%2BV6vgMBN60rSeCAEfJDZQ168rMjg3hxEvUnY1vq6kZM8zQcapRd0Or5ydbb1djN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87976b50fe9f0b61-OSL
alt-svc: h3=":443"; ma=86400
|
|
| aljazirah.com.sa/images/2022/02/07/wadhah_alabdulrazaq.jpg | 172.67.195.121 | | 52 kB |
URL aljazirah.com.sa/images/2022/02/07/wadhah_alabdulrazaq.jpg IP172.67.195.121:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2020:05:10 02:13:33], baseline, precision 8, 263x357, components 3 Hash14d8cad6a091bbd7a4113397661f0ec7 a97c32f888fe42985b69e0daa89b21048827c4d3 1cda748c6c210ec76aa0c13909ef2c5fb135b830de81edb9af3b4a4d5dde931f
GET /images/2022/02/07/wadhah_alabdulrazaq.jpg HTTP/1.1
Host: aljazirah.com.sa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aljazirah.com.sa/
Cookie: PHPSESSID=1cf9a62cf23b0313758d2b67fd4bb92c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 16:20:11 GMT
content-type: image/jpeg
content-length: 51497
last-modified: Mon, 07 Feb 2022 21:44:16 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2845
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PIW5FnGwaOSdGBaX0G5ygHjE97o6%2FbNBC0oZga%2FLGd%2F7DnG8j5W8elPGJ4H9apBY0VBN0AnxMr7GVfSy1yYiH0d9OLD3oVvWTB1izdenMcG%2FVxOMiOnbnRbBh6W1a8ewvObU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87976b50fea00b61-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.googletagmanager.com/gtag/js?id=UA-179588185-1 | 142.250.74.168 | | 69 kB |
URL www.googletagmanager.com/gtag/js?id=UA-179588185-1 IP142.250.74.168:0
File typeJavaScript source, ASCII text, with very long lines (2165) Hash8ffa011a457d29b9879246a6f039f7b9 eb553a2ddec50068fc2654a980c0927498975efb abfb27b8378059c52758e12210985f837cfde3ec5aabe97eec4ce91ca357399b
GET /gtag/js?id=UA-179588185-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aljazirah.com.sa/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 24 Apr 2024 16:20:11 GMT
expires: Wed, 24 Apr 2024 16:20:11 GMT
cache-control: private, max-age=900
last-modified: Wed, 24 Apr 2024 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 69180
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-BZNBG6DWHN | 142.250.74.168 | | 93 kB |
URL www.googletagmanager.com/gtag/js?id=G-BZNBG6DWHN IP142.250.74.168:0
File typeJavaScript source, ASCII text, with very long lines (3034) Hash3357fefca9550e1657b1decfa489931d d4315e5b18ad3cfda0b39da04b64fc6b2116d596 08708672bdfb75ded9e9410d2e20cd22dacabee20cd22e8cb2f4c6eca3fd6280
GET /gtag/js?id=G-BZNBG6DWHN HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aljazirah.com.sa/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 24 Apr 2024 16:20:11 GMT
expires: Wed, 24 Apr 2024 16:20:11 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 92998
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| aljazirah.com.sa/templates/shaper_medico/fonts/fa-brands-400.woff2 | 172.67.195.121 | | 78 kB |
URL aljazirah.com.sa/templates/shaper_medico/fonts/fa-brands-400.woff2 IP172.67.195.121:0
File typeWeb Open Font Format (Version 2), TrueType, length 78472, version 331.-31327 Hash0c9f225e8f69c622f681cf1ed973cc3d 9e355abda14ee62a7987b2ba7e2e887d33337e25 529d0a7b3944929222155bca3272ba1a87acc2faa09b2ed26a713872b7ff8794
GET /templates/shaper_medico/fonts/fa-brands-400.woff2 HTTP/1.1
Host: aljazirah.com.sa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://aljazirah.com.sa/templates/shaper_medico/css/font-awesome.min.css
Cookie: PHPSESSID=1cf9a62cf23b0313758d2b67fd4bb92c
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 16:20:11 GMT
content-type: font/woff2
content-length: 78472
last-modified: Tue, 19 Sep 2023 11:12:17 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1438
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Exxj%2FSkz83bYsU7sJ3ms2%2FU3d2sm3Bjqt3yYkEyrnFdQP5fEFT0pLPg2fmya2lbk6EN0v07fDLQ%2F%2Fqo33XEeUgO0AU6nYMAf4yEcp4hfkz04sseVucdg7%2FI8A27SGsZ7Uvgd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87976b54398f0b61-OSL
alt-svc: h3=":443"; ma=86400
|
|
| aljazirah.com.sa/templates/shaper_medico/fonts/fa-solid-900.woff2 | 172.67.195.121 | | 80 kB |
URL aljazirah.com.sa/templates/shaper_medico/fonts/fa-solid-900.woff2 IP172.67.195.121:0
File typeWeb Open Font Format (Version 2), TrueType, length 80252, version 331.-31327 Hash9ae050d1876ac1763eb6afe4264e6d5a 72344eab2e7431eec313caa21f266cbfda7caf60 6c916669cf923b4f1b2db5c5107c83b6ca205e7ad0dcd840b251e63f0c8d28a2
GET /templates/shaper_medico/fonts/fa-solid-900.woff2 HTTP/1.1
Host: aljazirah.com.sa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://aljazirah.com.sa/templates/shaper_medico/css/font-awesome.min.css
Cookie: PHPSESSID=1cf9a62cf23b0313758d2b67fd4bb92c
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 16:20:11 GMT
content-type: font/woff2
content-length: 80252
last-modified: Tue, 19 Sep 2023 11:12:17 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1438
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zHfK9pv7ouUE4Y3V6TUGnLQQWaQ90BzfTm28d%2FeFCZJZLuCxZsvAyO4FeBKcU3K2yJx013s6x45VXPVKfzLH98x%2BCRiYCMbyd8V5KZtOpDhwLCWNGR%2FOtgNkxwCHppooMWuT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87976b5439900b61-OSL
alt-svc: h3=":443"; ma=86400
|
|
| aljazirah.com.sa/images/2022/02/22/webp.net-compress-image-44.jpg | 172.67.195.121 | | 72 kB |
URL aljazirah.com.sa/images/2022/02/22/webp.net-compress-image-44.jpg IP172.67.195.121:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1500x1052, components 3 Hash506a59ade9a4286062b61185de851333 f86b3d344425c55882db1ab35965eb38edaec700 1a8605129d0faf33d95c539c37c6c6d74f82cc835ce11a05d3e19a858693aabe
GET /images/2022/02/22/webp.net-compress-image-44.jpg HTTP/1.1
Host: aljazirah.com.sa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aljazirah.com.sa/
Cookie: PHPSESSID=1cf9a62cf23b0313758d2b67fd4bb92c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 16:20:11 GMT
content-type: image/jpeg
content-length: 71916
last-modified: Tue, 22 Feb 2022 18:16:37 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2845
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=THTVzm76yOnObfg8NUq3gl1onfV042lYftrEEgCmptZi84cPDViAtjr%2BtuscjA97VEVdnMWWPGeUiaQ0bAxDjC43BUVA6uiYN9PNBovzg%2Fq7N94JiWc%2FTiqY0JDvIwHxol5I"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87976b5489b80b61-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.googletagmanager.com/gtag/js?id=G-BZNBG6DWHN&l=dataLayer&cx=c | 142.250.74.168 | | 93 kB |
URL www.googletagmanager.com/gtag/js?id=G-BZNBG6DWHN&l=dataLayer&cx=c IP142.250.74.168:0
File typeJavaScript source, ASCII text, with very long lines (3034) Hash18c386d486d50cc130bbeb071760aaaa 4b7140f542214803eabe721e530058d0502030f9 0678bc5ecd53b932b2f902220e6826350a7eac6974763843995711f34b3202e9
GET /gtag/js?id=G-BZNBG6DWHN&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aljazirah.com.sa/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 24 Apr 2024 16:20:11 GMT
expires: Wed, 24 Apr 2024 16:20:11 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 92939
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| aljazirah.com.sa/images/2022/02/22/variation-clinic-slider-01.jpg | 172.67.195.121 | | 116 kB |
URL aljazirah.com.sa/images/2022/02/22/variation-clinic-slider-01.jpg IP172.67.195.121:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x903, components 3 Size116 kB (116406 bytes) Hash1162dd9dc032a148162584bb1b58434c 91da1829ae130ec8a57b5783bdd457112169a7d0 0011e17b569afb350363b0e8e1af97489439f4d2e0a5d6a38a8a3a16e7183880
GET /images/2022/02/22/variation-clinic-slider-01.jpg HTTP/1.1
Host: aljazirah.com.sa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aljazirah.com.sa/
Cookie: PHPSESSID=1cf9a62cf23b0313758d2b67fd4bb92c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 16:20:11 GMT
content-type: image/jpeg
content-length: 116406
last-modified: Tue, 22 Feb 2022 18:11:12 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2844
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HE1ba1nO9kUxxhdsQKkvHdJkz6uQ75VtWmDuGSk1QnhXIUqR%2B%2FANgcX8mmZa3lpGbIU1RYoGjOx8YJX2BEqP4f3KZf010OlO%2BQDA6LZt5I1KlY70IjTv4dm32iFPaY9xOxni"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87976b55da680b61-OSL
alt-svc: h3=":443"; ma=86400
|
|
| aljazirah.com.sa/images/2022/01/02/price-tag_1.png | 172.67.195.121 | | 45 kB |
URL aljazirah.com.sa/images/2022/01/02/price-tag_1.png IP172.67.195.121:0
File typePNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced Hash7f815566cf333d3cd6e57c13ab67b0ce 383e406db0f5c8dbf0e75437681005d7038faff3 28aa1361c3352e490243a977ccc3af9db159f247e2d1069b171471053e0f9a89
GET /images/2022/01/02/price-tag_1.png HTTP/1.1
Host: aljazirah.com.sa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aljazirah.com.sa/
Cookie: PHPSESSID=1cf9a62cf23b0313758d2b67fd4bb92c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 16:20:11 GMT
content-type: image/png
content-length: 45225
last-modified: Mon, 03 Jan 2022 19:12:55 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2844
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ud48CDBzghgFN9Y1I2i5WQ2%2FG5%2Bcq99m9%2BerQmA0soJgrZWFzoSPJ058%2FLnTPKLl6MEsLz8LQFCD3hYdc83qwImzpa6FytnCAZzX59EB1p3gymyXgVxdNjWCGThu2LtzA2Ug"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87976b561a9c0b61-OSL
alt-svc: h3=":443"; ma=86400
|
|
| aljazirah.com.sa/templates/shaper_medico/js/main.js | 172.67.195.121 | | 21 kB |
URL aljazirah.com.sa/templates/shaper_medico/js/main.js IP172.67.195.121:0
File typeJavaScript source, ASCII text Hash7382264687c8757930ff17bbc0e6d86e 83d3b35616c437813d106f7216c35c6630c30d40 de3b1be529a8ca97d03c355e005a522dabb4d30f1be467b8f8786e87a2742ae9
GET /templates/shaper_medico/js/main.js HTTP/1.1
Host: aljazirah.com.sa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aljazirah.com.sa/
Cookie: PHPSESSID=1cf9a62cf23b0313758d2b67fd4bb92c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 16:20:10 GMT
content-type: application/javascript
last-modified: Tue, 19 Sep 2023 11:12:17 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2844
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gLL%2BECSupMDx1R5UTEB%2BElERCb%2Bm87J%2FL7OoKsJh2deBQstWbDsNask5dVtCmz5WqFK32NrAIZscyTNco6qtaVd07ijtyiJPwU2WF2VtDmJQzoWIgqJgf1T60VsssBr%2FdlbI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87976b50be6c0b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| aljazirah.com.sa/components/com_sppagebuilder/assets/js/jquery.magnific-popup.min.js | 172.67.195.121 | | 8.0 kB |
URL aljazirah.com.sa/components/com_sppagebuilder/assets/js/jquery.magnific-popup.min.js IP172.67.195.121:0
File typeJavaScript source, ASCII text, with very long lines (20090) Hash4f2d6a1c55076612823b27988f44f5c4 517ccc357670e3550e9d3db45390db4b02ff7829 2f7a4ead4f2d60a4826fbb8c2541e76298028f3a1a12c4aa9745a6875d964650
GET /components/com_sppagebuilder/assets/js/jquery.magnific-popup.min.js HTTP/1.1
Host: aljazirah.com.sa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aljazirah.com.sa/
Cookie: PHPSESSID=1cf9a62cf23b0313758d2b67fd4bb92c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 16:20:10 GMT
content-type: application/javascript
last-modified: Tue, 19 Sep 2023 10:52:38 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2844
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hAY%2BGpL4g48vm7E8dkogRT0puYZYCm62wyeP6Sm1BPHiQjM%2F0P8WElSRluU5Gz1uu8ZXis1pkoSZhSw6vt9MqcPrCh16Knr226v9QLb3CH4Zb2uscJSTGoOF%2FxoXokU%2B6AE%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87976b509e650b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| aljazirah.com.sa/components/com_spmedical/assets/js/jquery-ui.js | 172.67.195.121 | | 73 kB |
URL aljazirah.com.sa/components/com_spmedical/assets/js/jquery-ui.js IP172.67.195.121:0
File typeJavaScript source, ASCII text, with very long lines (24586) Hashe18034e5fc5927e867177d6cf167a700 9b70a504a8c2ec65b9b7cdfe5493d6dbd8f63517 6ee9036f91de285171a162981a60ef0067b63e9636e825c5adfd539572211e7a
GET /components/com_spmedical/assets/js/jquery-ui.js HTTP/1.1
Host: aljazirah.com.sa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aljazirah.com.sa/
Cookie: PHPSESSID=1cf9a62cf23b0313758d2b67fd4bb92c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 16:20:10 GMT
content-type: application/javascript
last-modified: Tue, 19 Sep 2023 10:30:12 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2844
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3NnrN%2FamgPh0WYM3ivaVz0UFn2WvGCIeFw4qywh1lImmy5K76VVTm81%2FpTLoGuBBWrXMOQfw%2B%2BdnoO1W3jQ5fSQneUeg8pxoxr18RC9%2F08879BlyxokZYE0gaKzAWejH6H6r"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87976b508e590b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| aljazirah.com.sa//templates/shaper_medico/js/owl.carousel.min.js | 172.67.195.121 | | 18 kB |
URL aljazirah.com.sa//templates/shaper_medico/js/owl.carousel.min.js IP172.67.195.121:0
File typeJavaScript source, ASCII text, with very long lines (32068) Hashffaa3c82ad2c6e216e68aca44746e1be 2fa7c468110fa68f1f3df6718daf971871623ee9 83553d22ccd56e5576d544f6ba93475c712b3c02d312893eea2acc16de5fcf91
GET //templates/shaper_medico/js/owl.carousel.min.js HTTP/1.1
Host: aljazirah.com.sa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aljazirah.com.sa/
Cookie: PHPSESSID=1cf9a62cf23b0313758d2b67fd4bb92c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 16:20:10 GMT
content-type: application/javascript
last-modified: Tue, 19 Sep 2023 11:12:17 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2844
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qkt2wryU5WWAi2b9ZlwHFU1x0GaobIZu0yV%2Fot2%2BNSCbhrajsHgxJEK0uhLVqS8my6czKSaqk9Qsb8%2FdR2shE6ZMSbglg6AiJ4OP5ahTKH1yYYoO7eHHuC4FqqGCd6wmeUYv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87976b508e510b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| aljazirah.com.sa/media/system/js/core.js?e16786992c3461f707206d214f4e43c5 | 172.67.195.121 | | 12 kB |
URL aljazirah.com.sa/media/system/js/core.js?e16786992c3461f707206d214f4e43c5 IP172.67.195.121:0
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (8729) Hashe01099c2824b8fc4a435611089253cf7 ac8338f1566be54e957c123c863a97ca8d6f3ada 98333312a99b4c67911a1c1d4bddda30653715ffa23ea460fe385fa1987b39ba
GET /media/system/js/core.js?e16786992c3461f707206d214f4e43c5 HTTP/1.1
Host: aljazirah.com.sa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aljazirah.com.sa/
Cookie: PHPSESSID=1cf9a62cf23b0313758d2b67fd4bb92c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 16:20:11 GMT
content-type: application/javascript
last-modified: Sat, 08 Jul 2023 21:23:20 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2845
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yViLB88XgFWQb6yDHyq5edRX5Yf0i51gSvoaTUjrL4C6pIT6PZUVdHjM8GfaUJNrkftHC5JD1RK3K2a%2FYN1E%2FsmgBXik1VDdWAw8yAtbUrDfMwgmhUD6K4XCqbac79zgsXxh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87976b50be740b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 | 216.58.207.227 | | 128 kB |
URL fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 IP216.58.207.227:0
File typeWeb Open Font Format (Version 2), TrueType, length 128352, version 1.0 Size128 kB (128352 bytes) Hash53436aca8627a49f4deaaa44dc9e3c05 0bc0c675480d94ec7e8609dda6227f88c5d08d2c 8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
GET /s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://aljazirah.com.sa
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 128352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 20 Apr 2024 06:44:19 GMT
expires: Sun, 20 Apr 2025 06:44:19 GMT
cache-control: public, max-age=31536000
age: 380153
last-modified: Mon, 08 Apr 2024 19:04:47 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| snackfunp.com/g8RPfMmD?ref_id=paneljs02JM&scr_id=js02&base_id=all&campin_id=185&se_referrer=&default_keyword=& |  31.41.44.109 | | 31 kB |
URL snackfunp.com/g8RPfMmD?ref_id=paneljs02JM&scr_id=js02&base_id=all&campin_id=185&se_referrer=&default_keyword=& IP31.41.44.109:0
File typeJavaScript source, ASCII text, with very long lines (65451) Hashc6f613f4fa176d1b0f0b00f0adcc2555 de3cdceb600db28112a1bc87ca0d4638ffeed45b 875951d4bbd46472af84da4bfa1835ebf4698247f48979ee1bc7f1cefdac4f61
| Analyzer | Verdict | Alert |
|---|
| mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /g8RPfMmD?ref_id=paneljs02JM&scr_id=js02&base_id=all&campin_id=185&se_referrer=&default_keyword=& HTTP/1.1
Host: snackfunp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aljazirah.com.sa/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 Apr 2024 16:20:12 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Expires: Wed, 24 Apr 2024 16:20:12 GMT
Set-Cookie: _subid=376l60jldollu; expires=Sat, 25 May 2024 16:20:12 GMT; path=/
7e4fc=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjQ3MDhcIjoxNzEzOTc1NjEyLFwiNDY4NlwiOjE3MTM5NzU2MTIsXCI0OTI1XCI6MTcxMzk3NTYxMn0sXCJjYW1wYWlnbnNcIjp7XCIxODVcIjoxNzEzOTc1NjEyLFwiMjI5XCI6MTcxMzk3NTYxMixcIjIyOFwiOjE3MTM5NzU2MTJ9LFwidGltZVwiOjE3MTM5NzU2MTJ9In0.KIweY-3kXqOPsJCQgBxwo9mCvYIu_ZwvdcnfPZTaT8Y; expires=Sat, 20 Aug 2078 08:40:24 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| aljazirah.com.sa/images/al-jazira-clinic-final-logo-1.png | 172.67.195.121 | | 165 kB |
URL aljazirah.com.sa/images/al-jazira-clinic-final-logo-1.png IP172.67.195.121:0
File typePNG image data, 1053 x 817, 8-bit/color RGBA, non-interlaced Size165 kB (164894 bytes) Hash862e97261c42b3aa4e753204cbd11987 3585ab0a981f8b508ce5691f53b6a9ffcb8244e3 5ac37bd99d00ee3050b07c86b6a11be898e397117113e9012555ccff2abaf7c7
GET /images/al-jazira-clinic-final-logo-1.png HTTP/1.1
Host: aljazirah.com.sa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aljazirah.com.sa/
Cookie: PHPSESSID=1cf9a62cf23b0313758d2b67fd4bb92c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 16:20:12 GMT
content-type: image/png
content-length: 164894
last-modified: Tue, 13 Oct 2020 08:37:43 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2846
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WH9zFhKTDTI3JfRLAVIjKlUqjD5nOig0U3V%2FgNJDNxJv027pxAqXxtXHqRzQhoMgIh%2Bar6DLY5Hw2Lmnmtyx8PSOC7Oe7NJyKomY95gccHgaQu0IxaV98J%2BoYTEbJADlCXty"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87976b580be60b61-OSL
alt-svc: h3=":443"; ma=86400
|
|
| maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true | 142.250.74.138 | | 23 B |
URL maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true IP142.250.74.138:0
Hash8a80554c91d9fca8acb82f023de02f11 5f36b2ea290645ee34d943220a14b54ee5ea5be5 ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
GET /maps/api/mapsjs/gen_204?csp_test=true HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://aljazirah.com.sa
DNT: 1
Connection: keep-alive
Referer: https://aljazirah.com.sa/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 24 Apr 2024 16:20:12 GMT
server: scaffolding on HTTPServer2
cache-control: private
content-length: 23
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://aljazirah.com.sa
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| lzfok.canopusacrux.com/?pl=QJ-sTsVJyEi0vYPMT7ARIQ&click_id=376l60jldollu&sub_id=228_taco_ms |  188.114.97.1 | | 0 B |
URL lzfok.canopusacrux.com/?pl=QJ-sTsVJyEi0vYPMT7ARIQ&click_id=376l60jldollu&sub_id=228_taco_ms IP188.114.97.1:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?pl=QJ-sTsVJyEi0vYPMT7ARIQ&click_id=376l60jldollu&sub_id=228_taco_ms HTTP/1.1
Host: lzfok.canopusacrux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aljazirah.com.sa/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Wed, 24 Apr 2024 16:20:12 GMT
content-length: 0
location: https://lzfok.check-tl-ver-54-3.com/space-robot/?pl=QJ-sTsVJyEi0vYPMT7ARIQ&sm=space-robot&click_id=376l60jldollu&sub_id=228_taco_ms&nrid=4d4b0322cb264552939d00333c8615c9&hash=_gdolA3PhZCq6ZtFfe30Zg&exp=1713975912
set-cookie: QJ-sTsVJyEi0vYPMT7ARIQ=1; max-age=345600; path=/; samesite=lax
__pl=55467343-ef92-4a30-bdc1-7abe2d420dd9; expires=Fri, 24 Apr 2026 16:20:12 GMT; path=/; samesite=lax
__cap=1; max-age=3600; path=/; samesite=lax
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=61fwxl8GOp7gtg6V%2F8r9FvlTi3B389Y0bbTEgG%2F5rUvktonU5MIW%2BHf9WazdS25a%2F5p5FhQS%2B0CUv4I%2Brf8K9SdK1Ck%2F7ekE%2BAez2Y6uGZJLBk2aUL8gJflv7K0fOKkg7vh8p6zhLgBl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87976b59dcd5568f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| aljazirah.com.sa//templates/shaper_medico/css/owl.carousel.css | 172.67.195.121 | | 1.4 kB |
URL aljazirah.com.sa//templates/shaper_medico/css/owl.carousel.css IP172.67.195.121:0
Hashb51416af9e8adbe3d16f5f2526aba221 097c8d67412f44534449ed4cadc6dd22b025801d dd7b97c7ad9d7b3eb79bdc728bcbc6a7ab8e3d5db0421fb0dd16d34f3dc88277
GET //templates/shaper_medico/css/owl.carousel.css HTTP/1.1
Host: aljazirah.com.sa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aljazirah.com.sa/
Cookie: PHPSESSID=1cf9a62cf23b0313758d2b67fd4bb92c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 16:20:10 GMT
content-type: text/css
last-modified: Tue, 19 Sep 2023 11:12:17 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2844
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B7Yau%2BJ6p5tfVdE3i1vPdDlcPC7pkY2AJzJTYiPutN%2B0ErULmpxErCw558x0FeFV6VZSzfauGjP7SFoTl9r4VhN8wnejxQH15w669ILPlbGY3SSlM2r5hJUUhlDD4OcXSfWi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87976b502de10b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lzfok.check-tl-ver-54-3.com/space-robot/assets/trls.js | 188.114.96.1 | | 20 kB |
URL lzfok.check-tl-ver-54-3.com/space-robot/assets/trls.js IP188.114.96.1:0
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (357), with CRLF line terminators Hash7f5c725b2c23b9687fa08d162a17427a 94973f1227871750d2ef13a367ce691f1a062527 c9611ce748d6c7c99d3f374a0b687db2e2428fc5ec9c4e7ae71b2e4305ac60e3
GET /space-robot/assets/trls.js HTTP/1.1
Host: lzfok.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lzfok.check-tl-ver-54-3.com/space-robot/?pl=QJ-sTsVJyEi0vYPMT7ARIQ&sm=space-robot&click_id=376l60jldollu&sub_id=228_taco_ms&nrid=4d4b0322cb264552939d00333c8615c9&hash=_gdolA3PhZCq6ZtFfe30Zg&exp=1713975912
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 16:20:12 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: W/"6627c958-2f4d"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3201
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4JemZ44BWkacSu4Bdj8ILWHstdHvt%2FcxYufcCDp68A2ZYbIbHrzOX7nADkRQrNo%2B3aZFDpVweFriAJpBXgTJNjWY%2FiaIIFUjgCnGHIAKnjZHTcNJpK6rQ6MVA%2B4ZKrFKwaU%2BX5x8WxJtIy731pc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87976b5bcb780afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| aljazirah.com.sa//templates/shaper_medico/css/owl.transitions.css | 172.67.195.121 | | 1.9 kB |
URL aljazirah.com.sa//templates/shaper_medico/css/owl.transitions.css IP172.67.195.121:0
Hashb1bdaeac4065bf67a7d7a06213192964 737bc8e18a55d93ee2d76c8d3cc0fd284f1ee5c0 711bc5b0b8c40e39b2560e65797d175e72a89b49ebbc266a7c7b581c4bec4b21
GET //templates/shaper_medico/css/owl.transitions.css HTTP/1.1
Host: aljazirah.com.sa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aljazirah.com.sa/
Cookie: PHPSESSID=1cf9a62cf23b0313758d2b67fd4bb92c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 16:20:10 GMT
content-type: text/css
last-modified: Tue, 19 Sep 2023 11:12:17 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2844
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bCF70Wds8imt0zPgKZZlxWZCXU%2FAREaRBL5wVJDsaeCSdD7BSADB4RAA8oMrRbVxllOnx0egh7Dgz%2BAeQQCiKlgiN5a3J3l6dco5yvVv74mFlHSGLv9asA%2FBZ1%2Fa9qznlVem"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87976b503dee0b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdnstatic.check-tl-ver-54-3.com/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=QJ-sTsVJyEi0vYPMT7ARIQ&sm=space-robot&click_id=376l60jldollu&sub_id=228_taco_ms&appspot=&d=https%3A%2F%2Fcdnstatic.check-tl-ver-54-3.com&timeout=30&tb=true&nrid=4d4b0322cb264552939d00333c8615c9 | 188.114.96.1 | | 37 kB |
URL cdnstatic.check-tl-ver-54-3.com/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=QJ-sTsVJyEi0vYPMT7ARIQ&sm=space-robot&click_id=376l60jldollu&sub_id=228_taco_ms&appspot=&d=https%3A%2F%2Fcdnstatic.check-tl-ver-54-3.com&timeout=30&tb=true&nrid=4d4b0322cb264552939d00333c8615c9 IP188.114.96.1:0
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (33132), with no line terminators Hash2450eb91fc9b3e12aba70d0e79af3c5e c7675db1486b34afabca727408deb2247243a052 6705b404296891d05d4d9e825f8339f5213da46e04787fbd076ef93dbb69173d
GET /ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=QJ-sTsVJyEi0vYPMT7ARIQ&sm=space-robot&click_id=376l60jldollu&sub_id=228_taco_ms&appspot=&d=https%3A%2F%2Fcdnstatic.check-tl-ver-54-3.com&timeout=30&tb=true&nrid=4d4b0322cb264552939d00333c8615c9 HTTP/1.1
Host: cdnstatic.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lzfok.check-tl-ver-54-3.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 16:20:12 GMT
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cf-cache-status: BYPASS
set-cookie: __psu=4acf94b2-5b80-4897-bc25-cc91f24c1eec; expires=Fri, 24 Apr 2026 16:20:12 GMT; path=/; secure; samesite=none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HJjT0qT7jJ%2FIKPlQSMBRR5lATQLfrubdSBF1Hk7d65LGwzeRHmwSYL1qEE1eKNvixVWavqfjlnVSUr0GJqf6U6bo1HqmmqUjYFlYws4Gs5XtChLKJLoSoMcADs9dECKNkjZkCHQfPIixfBQBf%2BMTCaC%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87976b5c6be50afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdnstatic.check-tl-ver-54-3.com/ps/config.js?id=QJ-sTsVJyEi0vYPMT7ARIQ | 188.114.96.1 | | 9.5 kB |
URL cdnstatic.check-tl-ver-54-3.com/ps/config.js?id=QJ-sTsVJyEi0vYPMT7ARIQ IP188.114.96.1:0
File typeASCII text, with CRLF line terminators Hashdc65a2fbfc4c76147b8b778b759c8d91 b8374137f0fe797e6a7e58c0c6ef14aa7a6b9855 7e85c285fd983223d07a014d1a96804ba1c8f65fb43238a4fad204350e896958
GET /ps/config.js?id=QJ-sTsVJyEi0vYPMT7ARIQ HTTP/1.1
Host: cdnstatic.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lzfok.check-tl-ver-54-3.com/
Cookie: __psu=4acf94b2-5b80-4897-bc25-cc91f24c1eec
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 16:20:13 GMT
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ui9F5vlXX856fXWQGlx%2F4ybrD8hA%2FdtTAa4x3Gq%2Bf7QU9x54bvn9fn7JpOagqdbBHcOcIBOXzuE96%2FD49fHs87WoqOrR2Owkj%2FdfO5eOqRceRMvjD%2FSkHxzlFqnhVjeNha6%2BVEAZh7qlkFugtdgB%2FJp5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87976b5cfc770afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| aljazirah.com.sa//templates/shaper_medico/css/slide-animate.css | 172.67.195.121 | | 14 kB |
URL aljazirah.com.sa//templates/shaper_medico/css/slide-animate.css IP172.67.195.121:0
Hash56848eb884e1ac347f711ae327419110 f30e0ef1cfb0e9f680c8cb4ccc9a632c2ab43f3e 0f3ffa7f0b928b893a75953b1b233b2bf8dc84f94851a6d24225a59d862c270b
GET //templates/shaper_medico/css/slide-animate.css HTTP/1.1
Host: aljazirah.com.sa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aljazirah.com.sa/
Cookie: PHPSESSID=1cf9a62cf23b0313758d2b67fd4bb92c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 16:20:10 GMT
content-type: text/css
last-modified: Tue, 19 Sep 2023 11:12:17 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2844
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WMmynZoeRUY9j1x4vpj%2FQzb2TJG99ng%2FqbF6DYayZJM0bnnRzJ2qm%2BbEiQf7EwvbeEcAiOQGCS9rd9NdGp%2FfikRhBQ%2BNlMmtx6V7%2BzWawph7UAkoEOjFXoQMq03Mj6RxSGtT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87976b503df10b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gainscoreprize.life/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu |  185.155.184.32 | 200 OK | 63 kB |
URL User Request GET HTTP/1.1gainscoreprize.life/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu IP185.155.184.32:443
CertificateIssuerLet's Encrypt Subjectgainscoreprize.life FingerprintD7:09:53:E2:0E:98:A1:06:57:AF:33:F1:68:82:73:7A:6B:25:36:92 ValidityMon, 22 Apr 2024 12:31:22 GMT - Sun, 21 Jul 2024 12:31:21 GMT
File typeHTML document, ASCII text, with very long lines (47858), with CRLF line terminators Hash985aa2f322ab1863fcea7e0d1be4df0f cd14cc55d5a46660f552f364c1ccd28f29b9bd6c e72326f62127a290638d7e2cd22346170b73bf97fe1448448e6573be1ed175f2
GET /?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu HTTP/1.1
Host: gainscoreprize.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 Apr 2024 16:20:13 GMT
Content-Type: text/html
Content-Length: 62694
Connection: keep-alive
set-cookie: sid=t2~52aeq2vn5ctnorbkk5nuojdr; path=/
sid=t2~52aeq2vn5ctnorbkk5nuojdr; path=/
p1=https://makejugash.live/vgwtivdj/; path=/
s1=270l4vjszlyh55xa; path=/
cache-control: private, no-transform
|
|
| gainscoreprize.life/favicon.ico | 185.155.184.32 | | 0 B |
URL gainscoreprize.life/favicon.ico IP185.155.184.32:0
CertificateIssuerLet's Encrypt Subjectgainscoreprize.life FingerprintD7:09:53:E2:0E:98:A1:06:57:AF:33:F1:68:82:73:7A:6B:25:36:92 ValidityMon, 22 Apr 2024 12:31:22 GMT - Sun, 21 Jul 2024 12:31:21 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: gainscoreprize.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gainscoreprize.life/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu
Cookie: sid=t2~52aeq2vn5ctnorbkk5nuojdr; p1=https://makejugash.live/vgwtivdj/; s1=270l4vjszlyh55xa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: nginx
Date: Wed, 24 Apr 2024 16:20:13 GMT
Connection: keep-alive
Cache-Control: no-transform
|
|
| weapkd4.makejugash.live/vgwtivdj/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu&f=1&sid=t2~52aeq2vn5ctnorbkk5nuojdr&fp=skPMDb1PPGNqGHuY8FgquQ%3D%3D | 185.155.184.55 | 200 OK | 17 kB |
URL User Request GET HTTP/1.1weapkd4.makejugash.live/vgwtivdj/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu&f=1&sid=t2~52aeq2vn5ctnorbkk5nuojdr&fp=skPMDb1PPGNqGHuY8FgquQ%3D%3D IP185.155.184.55:443
CertificateIssuerLet's Encrypt Subjectmakejugash.live Fingerprint04:6F:7E:13:B4:BE:B3:6C:8B:4A:23:D3:95:C5:7D:AD:D8:0E:BC:80 ValidityTue, 23 Apr 2024 13:04:22 GMT - Mon, 22 Jul 2024 13:04:21 GMT
File typeHTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (562) Hash27780133fdf1ddc99f107d5d892aa73a 25ba7aad98543cafb95928d625f9e43e86db364b 9557f9e22d5921cc5ed64f21dff9cf11bb9aa83f0d170fbf02eb28c116ebbc39
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /vgwtivdj/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu&f=1&sid=t2~52aeq2vn5ctnorbkk5nuojdr&fp=skPMDb1PPGNqGHuY8FgquQ%3D%3D HTTP/1.1
Host: weapkd4.makejugash.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gainscoreprize.life/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 24 Apr 2024 16:20:14 GMT
Content-Type: text/html
Content-Length: 16903
Connection: keep-alive
cache-control: private
|
|
| weapkd4.makejugash.live/media/mainstream/all/mb/bootstrap-mini.css | 185.155.184.55 | 200 OK | 10 kB |
URL GET HTTP/1.1weapkd4.makejugash.live/media/mainstream/all/mb/bootstrap-mini.css IP185.155.184.55:443
Requested byhttps://weapkd4.makejugash.live/vgwtivdj/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu&f=1&sid=t2~52aeq2vn5ctnorbkk5nuojdr&fp=skPMDb1PPGNqGHuY8FgquQ%3D%3D CertificateIssuerLet's Encrypt Subjectmakejugash.live Fingerprint04:6F:7E:13:B4:BE:B3:6C:8B:4A:23:D3:95:C5:7D:AD:D8:0E:BC:80 ValidityTue, 23 Apr 2024 13:04:22 GMT - Mon, 22 Jul 2024 13:04:21 GMT
File typeASCII text, with very long lines (571), with CRLF line terminators Hashf0a842b8b8a52bb05e6c729828fbb40e f1fe8a76db92bc9bd3f9d70f3867f03d51ebbae5 eb9fe798331b592bd8fc54d5ede3ac19e961b5aa7c2dffb3dbb17ce5fcb88e01
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /media/mainstream/all/mb/bootstrap-mini.css HTTP/1.1
Host: weapkd4.makejugash.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weapkd4.makejugash.live/vgwtivdj/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu&f=1&sid=t2~52aeq2vn5ctnorbkk5nuojdr&fp=skPMDb1PPGNqGHuY8FgquQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 24 Apr 2024 16:20:14 GMT
Content-Type: text/css
Content-Length: 10214
Connection: keep-alive
ETag: "f0a842b8b8a52bb05e6c729828fbb40e"
Last-Modified: Wed, 20 Sep 2023 15:23:24 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17C94383D3DD9E9D
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1693134509#292024605/gid:0/gname:root/mode:33279/mtime:1653412343#213095000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-05-24T17:12:23.213095Z
Expires: Thu, 24 Apr 2025 16:20:14 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
|
|
| weapkd4.makejugash.live/media/mainstream/all/mb/font-awesome-mini.css | 185.155.184.55 | 200 OK | 1.9 kB |
URL GET HTTP/1.1weapkd4.makejugash.live/media/mainstream/all/mb/font-awesome-mini.css IP185.155.184.55:443
Requested byhttps://weapkd4.makejugash.live/vgwtivdj/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu&f=1&sid=t2~52aeq2vn5ctnorbkk5nuojdr&fp=skPMDb1PPGNqGHuY8FgquQ%3D%3D CertificateIssuerLet's Encrypt Subjectmakejugash.live Fingerprint04:6F:7E:13:B4:BE:B3:6C:8B:4A:23:D3:95:C5:7D:AD:D8:0E:BC:80 ValidityTue, 23 Apr 2024 13:04:22 GMT - Mon, 22 Jul 2024 13:04:21 GMT
File typeASCII text, with very long lines (1857), with no line terminators Hash8b2fe9dcd9e31f21056ebc3d6667123c 49e6a844f0085d9f653faab8a451742be82ecdf7 e7eb3ba41e31f5d9710bb64a87a5e9e7664143a95f68d0f357fe0d4252bb58d5
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /media/mainstream/all/mb/font-awesome-mini.css HTTP/1.1
Host: weapkd4.makejugash.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weapkd4.makejugash.live/vgwtivdj/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu&f=1&sid=t2~52aeq2vn5ctnorbkk5nuojdr&fp=skPMDb1PPGNqGHuY8FgquQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 24 Apr 2024 16:20:14 GMT
Content-Type: text/css
Content-Length: 1857
Connection: keep-alive
ETag: "8b2fe9dcd9e31f21056ebc3d6667123c"
Last-Modified: Wed, 20 Sep 2023 15:23:24 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17C94383C1A3A235
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1693134509#300024630/gid:0/gname:root/mode:33279/mtime:1653412350#393111000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-05-24T17:12:30.393111Z
Expires: Thu, 24 Apr 2025 16:20:14 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
|
|
| weapkd4.makejugash.live/media/mainstream/all/mb/2.js | 185.155.184.55 | 200 OK | 15 kB |
URL GET HTTP/1.1weapkd4.makejugash.live/media/mainstream/all/mb/2.js IP185.155.184.55:443
Requested byhttps://weapkd4.makejugash.live/vgwtivdj/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu&f=1&sid=t2~52aeq2vn5ctnorbkk5nuojdr&fp=skPMDb1PPGNqGHuY8FgquQ%3D%3D CertificateIssuerLet's Encrypt Subjectmakejugash.live Fingerprint04:6F:7E:13:B4:BE:B3:6C:8B:4A:23:D3:95:C5:7D:AD:D8:0E:BC:80 ValidityTue, 23 Apr 2024 13:04:22 GMT - Mon, 22 Jul 2024 13:04:21 GMT
File typeJavaScript source, ASCII text, with very long lines (15146), with no line terminators Hash0bddd3bcca2df107ca5b8187b8e2a3f8 8bb441d73dfd233f8db6bbaffc2b0227a329a0f7 03764aa86cdd3dde4d2441b90a813d055e9f8af852d849ff18bc148b9554549b
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /media/mainstream/all/mb/2.js HTTP/1.1
Host: weapkd4.makejugash.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weapkd4.makejugash.live/vgwtivdj/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu&f=1&sid=t2~52aeq2vn5ctnorbkk5nuojdr&fp=skPMDb1PPGNqGHuY8FgquQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 24 Apr 2024 16:20:14 GMT
Content-Type: text/javascript
Content-Length: 15146
Connection: keep-alive
ETag: "0bddd3bcca2df107ca5b8187b8e2a3f8"
Last-Modified: Sat, 24 Feb 2024 21:14:50 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17C94383D0D2362A
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1708806892#746902194/gid:0/gname:root/mode:33188/mtime:1708809290#939090444/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2024-02-24T21:14:50.967Z
Expires: Thu, 24 Apr 2025 16:20:14 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
|
|
| weapkd4.makejugash.live/media/mainstream/all/mb/3.js | 185.155.184.55 | 200 OK | 15 kB |
URL GET HTTP/1.1weapkd4.makejugash.live/media/mainstream/all/mb/3.js IP185.155.184.55:443
Requested byhttps://weapkd4.makejugash.live/vgwtivdj/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu&f=1&sid=t2~52aeq2vn5ctnorbkk5nuojdr&fp=skPMDb1PPGNqGHuY8FgquQ%3D%3D CertificateIssuerLet's Encrypt Subjectmakejugash.live Fingerprint04:6F:7E:13:B4:BE:B3:6C:8B:4A:23:D3:95:C5:7D:AD:D8:0E:BC:80 ValidityTue, 23 Apr 2024 13:04:22 GMT - Mon, 22 Jul 2024 13:04:21 GMT
File typeJavaScript source, ASCII text, with very long lines (14971), with no line terminators Hash55bab18cf6adc22fc3d91e30c20ce0e6 0f18ff18d3db09841c930241460d61bc136e5a34 b31317c3e7816470c11e8c1060d770b0c79f84c65f800512a83062d69f80caed
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /media/mainstream/all/mb/3.js HTTP/1.1
Host: weapkd4.makejugash.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weapkd4.makejugash.live/vgwtivdj/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu&f=1&sid=t2~52aeq2vn5ctnorbkk5nuojdr&fp=skPMDb1PPGNqGHuY8FgquQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 24 Apr 2024 16:20:14 GMT
Content-Type: text/javascript
Content-Length: 14971
Connection: keep-alive
ETag: "55bab18cf6adc22fc3d91e30c20ce0e6"
Last-Modified: Sat, 24 Feb 2024 21:14:51 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17C94383D3EC7601
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1708806893#30902711/gid:0/gname:root/mode:33188/mtime:1708809291#171090831/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2024-02-24T21:14:51.198Z
Expires: Thu, 24 Apr 2025 16:20:14 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
|
|
| weapkd4.makejugash.live/media/mainstream/all/mb/main-like.css | 185.155.186.25 | 200 OK | 7.2 kB |
URL GET HTTP/1.1weapkd4.makejugash.live/media/mainstream/all/mb/main-like.css IP185.155.186.25:443
Requested byhttps://weapkd4.makejugash.live/vgwtivdj/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu&f=1&sid=t2~52aeq2vn5ctnorbkk5nuojdr&fp=skPMDb1PPGNqGHuY8FgquQ%3D%3D CertificateIssuerLet's Encrypt Subjectmakejugash.live Fingerprint04:6F:7E:13:B4:BE:B3:6C:8B:4A:23:D3:95:C5:7D:AD:D8:0E:BC:80 ValidityTue, 23 Apr 2024 13:04:22 GMT - Mon, 22 Jul 2024 13:04:21 GMT
File typeASCII text, with very long lines (7181), with no line terminators Hash30d4bbfa0a8fa6727a9edb23be989598 39bc311daad791b9c7377e11fbb6f9b24c6b3d46 f2ead250f003ad44fad41af0a1554922e31ab930fa86d90a8f2df62c048c2843
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /media/mainstream/all/mb/main-like.css HTTP/1.1
Host: weapkd4.makejugash.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weapkd4.makejugash.live/vgwtivdj/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu&f=1&sid=t2~52aeq2vn5ctnorbkk5nuojdr&fp=skPMDb1PPGNqGHuY8FgquQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 24 Apr 2024 16:20:14 GMT
Content-Type: text/css
Content-Length: 7181
Connection: keep-alive
ETag: "30d4bbfa0a8fa6727a9edb23be989598"
Last-Modified: Tue, 21 Nov 2023 12:30:07 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17C9439BCF951C5B
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1695223406#63752192/gid:0/gname:root/mode:33279/mtime:1653412366#569146000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-05-24T17:12:46.569146Z
Expires: Thu, 24 Apr 2025 16:20:14 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
|
|
| weapkd4.makejugash.live/media/mainstream/all/mb/1.js | 185.155.186.25 | 200 OK | 12 kB |
URL GET HTTP/1.1weapkd4.makejugash.live/media/mainstream/all/mb/1.js IP185.155.186.25:443
Requested byhttps://weapkd4.makejugash.live/vgwtivdj/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu&f=1&sid=t2~52aeq2vn5ctnorbkk5nuojdr&fp=skPMDb1PPGNqGHuY8FgquQ%3D%3D CertificateIssuerLet's Encrypt Subjectmakejugash.live Fingerprint04:6F:7E:13:B4:BE:B3:6C:8B:4A:23:D3:95:C5:7D:AD:D8:0E:BC:80 ValidityTue, 23 Apr 2024 13:04:22 GMT - Mon, 22 Jul 2024 13:04:21 GMT
File typeJavaScript source, ASCII text, with very long lines (12181), with no line terminators Hash4c0b32d32b0b7317afb94deba5cabeac ee478251de9e6c4046a72ae0dff93ba1ac06c85a b2134512608af652a98e1fa0528865c9ed7bfbc0776865fbbbf3ea552260ff46
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /media/mainstream/all/mb/1.js HTTP/1.1
Host: weapkd4.makejugash.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weapkd4.makejugash.live/vgwtivdj/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu&f=1&sid=t2~52aeq2vn5ctnorbkk5nuojdr&fp=skPMDb1PPGNqGHuY8FgquQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 24 Apr 2024 16:20:14 GMT
Content-Type: text/javascript
Content-Length: 12181
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "4c0b32d32b0b7317afb94deba5cabeac"
Last-Modified: Sat, 24 Feb 2024 21:14:50 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 17C9439BD2B83F69
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1708806892#370901510/gid:0/gname:root/mode:33279/mtime:1708809290#731090096/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2024-02-24T21:14:50.756Z
Expires: Thu, 24 Apr 2025 16:20:14 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
|
|
| weapkd4.makejugash.live/media/mainstream/all/mb/no/8.js | 185.155.186.25 | 200 OK | 1.2 kB |
URL GET HTTP/1.1weapkd4.makejugash.live/media/mainstream/all/mb/no/8.js IP185.155.186.25:443
Requested byhttps://weapkd4.makejugash.live/vgwtivdj/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu&f=1&sid=t2~52aeq2vn5ctnorbkk5nuojdr&fp=skPMDb1PPGNqGHuY8FgquQ%3D%3D CertificateIssuerLet's Encrypt Subjectmakejugash.live Fingerprint04:6F:7E:13:B4:BE:B3:6C:8B:4A:23:D3:95:C5:7D:AD:D8:0E:BC:80 ValidityTue, 23 Apr 2024 13:04:22 GMT - Mon, 22 Jul 2024 13:04:21 GMT
Hashdbdb981f8658c845968ec8226f81d1d8 d679b7bf47f71cd55b6c307cf96146a95660d667 5c9b1b4991000ba0178363dd1c57556fe2d6b433f6d4eef927c2cd15d55660fa
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /media/mainstream/all/mb/no/8.js HTTP/1.1
Host: weapkd4.makejugash.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weapkd4.makejugash.live/vgwtivdj/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu&f=1&sid=t2~52aeq2vn5ctnorbkk5nuojdr&fp=skPMDb1PPGNqGHuY8FgquQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 24 Apr 2024 16:20:14 GMT
Content-Type: application/javascript
Content-Length: 1242
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "dbdb981f8658c845968ec8226f81d1d8"
Last-Modified: Mon, 20 Feb 2023 09:33:06 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 17C94373C45268E9
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1676843277#895577398/gid:0/gname:root/mode:33279/mtime:1653412375#277166000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-05-24T17:12:55.277166Z
Expires: Thu, 24 Apr 2025 16:20:14 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
|
|
| weapkd4.makejugash.live/media/mainstream/all/mb/4.js | 185.155.184.55 | 200 OK | 5.8 kB |
URL GET HTTP/1.1weapkd4.makejugash.live/media/mainstream/all/mb/4.js IP185.155.184.55:443
Requested byhttps://weapkd4.makejugash.live/vgwtivdj/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu&f=1&sid=t2~52aeq2vn5ctnorbkk5nuojdr&fp=skPMDb1PPGNqGHuY8FgquQ%3D%3D CertificateIssuerLet's Encrypt Subjectmakejugash.live Fingerprint04:6F:7E:13:B4:BE:B3:6C:8B:4A:23:D3:95:C5:7D:AD:D8:0E:BC:80 ValidityTue, 23 Apr 2024 13:04:22 GMT - Mon, 22 Jul 2024 13:04:21 GMT
File typeJavaScript source, ASCII text, with very long lines (5828), with no line terminators Hash8c7a2e36533feed8cd5fbca8b8f91114 854cdef22953f1eab3d94eb6b421c433ad34f4c7 f39e5853927b10c6ac0a6c7533160a90a7f08bb2a8c59eb83d7b412f525eeed6
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /media/mainstream/all/mb/4.js HTTP/1.1
Host: weapkd4.makejugash.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weapkd4.makejugash.live/vgwtivdj/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu&f=1&sid=t2~52aeq2vn5ctnorbkk5nuojdr&fp=skPMDb1PPGNqGHuY8FgquQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 24 Apr 2024 16:20:14 GMT
Content-Type: application/javascript
Content-Length: 5828
Connection: keep-alive
ETag: "8c7a2e36533feed8cd5fbca8b8f91114"
Last-Modified: Wed, 20 Sep 2023 15:23:24 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17C94383E7BC3BFC
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1693134509#292024605/gid:0/gname:root/mode:33279/mtime:1653412338#153083000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-05-24T17:12:18.153083Z
Expires: Thu, 24 Apr 2025 16:20:14 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
|
|
| weapkd4.makejugash.live/media/mainstream/all/mb/5.js | 185.155.186.25 | 200 OK | 12 kB |
URL GET HTTP/1.1weapkd4.makejugash.live/media/mainstream/all/mb/5.js IP185.155.186.25:443
Requested byhttps://weapkd4.makejugash.live/vgwtivdj/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu&f=1&sid=t2~52aeq2vn5ctnorbkk5nuojdr&fp=skPMDb1PPGNqGHuY8FgquQ%3D%3D CertificateIssuerLet's Encrypt Subjectmakejugash.live Fingerprint04:6F:7E:13:B4:BE:B3:6C:8B:4A:23:D3:95:C5:7D:AD:D8:0E:BC:80 ValidityTue, 23 Apr 2024 13:04:22 GMT - Mon, 22 Jul 2024 13:04:21 GMT
File typeJavaScript source, ASCII text, with very long lines (11920), with no line terminators Hashde362f15f5232df7747f7e741f587fcd 6353ff9bb0db73da818f1bc7250866f3d56bc8f8 e157b45ed9a28fe95914f413692e496fc0a04a4191f22492ff3a8296fbaeda47
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /media/mainstream/all/mb/5.js HTTP/1.1
Host: weapkd4.makejugash.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weapkd4.makejugash.live/vgwtivdj/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu&f=1&sid=t2~52aeq2vn5ctnorbkk5nuojdr&fp=skPMDb1PPGNqGHuY8FgquQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 24 Apr 2024 16:20:14 GMT
Content-Type: text/javascript
Content-Length: 11920
Connection: keep-alive
ETag: "de362f15f5232df7747f7e741f587fcd"
Last-Modified: Sat, 24 Feb 2024 21:14:51 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17C9439BD36DA75B
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1708806893#798904105/gid:0/gname:root/mode:33279/mtime:1708809291#359091145/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2024-02-24T21:14:51.387Z
Expires: Thu, 24 Apr 2025 16:20:14 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
|
|
| weapkd4.makejugash.live/media/mainstream/all/mb/7.js | 185.155.186.25 | 200 OK | 7.9 kB |
URL GET HTTP/1.1weapkd4.makejugash.live/media/mainstream/all/mb/7.js IP185.155.186.25:443
Requested byhttps://weapkd4.makejugash.live/vgwtivdj/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu&f=1&sid=t2~52aeq2vn5ctnorbkk5nuojdr&fp=skPMDb1PPGNqGHuY8FgquQ%3D%3D CertificateIssuerLet's Encrypt Subjectmakejugash.live Fingerprint04:6F:7E:13:B4:BE:B3:6C:8B:4A:23:D3:95:C5:7D:AD:D8:0E:BC:80 ValidityTue, 23 Apr 2024 13:04:22 GMT - Mon, 22 Jul 2024 13:04:21 GMT
File typeJavaScript source, ASCII text, with very long lines (7936), with no line terminators Hash114f0be35fbff35e205c5f0bc146d864 dad256468614b8bb885233a71b31751edc222c5d 7a94681a57ec6c39e857fcaa26418de63c5e93b827f0fa1e44d3da3b7d3c2a7d
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /media/mainstream/all/mb/7.js HTTP/1.1
Host: weapkd4.makejugash.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weapkd4.makejugash.live/vgwtivdj/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu&f=1&sid=t2~52aeq2vn5ctnorbkk5nuojdr&fp=skPMDb1PPGNqGHuY8FgquQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 24 Apr 2024 16:20:14 GMT
Content-Type: text/javascript
Content-Length: 7936
Connection: keep-alive
ETag: "114f0be35fbff35e205c5f0bc146d864"
Last-Modified: Sat, 24 Feb 2024 21:14:51 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17C9439BD43DB0AD
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1708806894#614905586/gid:0/gname:root/mode:33279/mtime:1708809291#543091452/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2024-02-24T21:14:51.568Z
Expires: Thu, 24 Apr 2025 16:20:14 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
|
|
| weapkd4.makejugash.live/media/mainstream/u.js | 185.155.186.25 | 200 OK | 24 kB |
URL GET HTTP/1.1weapkd4.makejugash.live/media/mainstream/u.js IP185.155.186.25:443
Requested byhttps://weapkd4.makejugash.live/vgwtivdj/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu&f=1&sid=t2~52aeq2vn5ctnorbkk5nuojdr&fp=skPMDb1PPGNqGHuY8FgquQ%3D%3D CertificateIssuerLet's Encrypt Subjectmakejugash.live Fingerprint04:6F:7E:13:B4:BE:B3:6C:8B:4A:23:D3:95:C5:7D:AD:D8:0E:BC:80 ValidityTue, 23 Apr 2024 13:04:22 GMT - Mon, 22 Jul 2024 13:04:21 GMT
File typeJavaScript source, ASCII text, with very long lines (24389), with no line terminators Hash89ed4b592ab506a6fca18e95657dfc4f 179998ad5741d669e75521fb943850a808917924 4ef3a6a1fd10bcf96549fd9a09bde836daea3343523644d1830367edc1f9031b
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /media/mainstream/u.js HTTP/1.1
Host: weapkd4.makejugash.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weapkd4.makejugash.live/vgwtivdj/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu&f=1&sid=t2~52aeq2vn5ctnorbkk5nuojdr&fp=skPMDb1PPGNqGHuY8FgquQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 24 Apr 2024 16:20:14 GMT
Content-Type: text/javascript
Content-Length: 24389
Connection: keep-alive
ETag: "89ed4b592ab506a6fca18e95657dfc4f"
Last-Modified: Sun, 25 Feb 2024 11:59:29 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17C9437FD8152AE9
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1708809189#0/gid:0/gname:root/mode:33188/mtime:1708862369#235249424/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2024-02-25T11:59:29.279Z
Expires: Thu, 24 Apr 2025 16:20:14 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
|
|
| weapkd4.makejugash.live/media/mainstream/all/mb/jquery.min.js | 185.155.186.25 | 200 OK | 87 kB |
URL GET HTTP/1.1weapkd4.makejugash.live/media/mainstream/all/mb/jquery.min.js IP185.155.186.25:443
Requested byhttps://weapkd4.makejugash.live/vgwtivdj/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu&f=1&sid=t2~52aeq2vn5ctnorbkk5nuojdr&fp=skPMDb1PPGNqGHuY8FgquQ%3D%3D CertificateIssuerLet's Encrypt Subjectmakejugash.live Fingerprint04:6F:7E:13:B4:BE:B3:6C:8B:4A:23:D3:95:C5:7D:AD:D8:0E:BC:80 ValidityTue, 23 Apr 2024 13:04:22 GMT - Mon, 22 Jul 2024 13:04:21 GMT
File typeJavaScript source, ASCII text, with very long lines (32058) Hashc9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /media/mainstream/all/mb/jquery.min.js HTTP/1.1
Host: weapkd4.makejugash.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weapkd4.makejugash.live/vgwtivdj/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu&f=1&sid=t2~52aeq2vn5ctnorbkk5nuojdr&fp=skPMDb1PPGNqGHuY8FgquQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 24 Apr 2024 16:20:14 GMT
Content-Type: application/javascript
Content-Length: 86659
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "c9f5aeeca3ad37bf2aa006139b935f0a"
Last-Modified: Mon, 20 Feb 2023 09:33:06 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 17C9439BD266184B
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1676843277#915577428/gid:0/gname:root/mode:33279/mtime:1653412360#809134000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-05-24T17:12:40.809134Z
Expires: Thu, 24 Apr 2025 16:20:14 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
|
|
| weapkd4.makejugash.live/media/mainstream/all/mb/6.js | 185.155.186.25 | 200 OK | 29 kB |
URL GET HTTP/1.1weapkd4.makejugash.live/media/mainstream/all/mb/6.js IP185.155.186.25:443
Requested byhttps://weapkd4.makejugash.live/vgwtivdj/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu&f=1&sid=t2~52aeq2vn5ctnorbkk5nuojdr&fp=skPMDb1PPGNqGHuY8FgquQ%3D%3D CertificateIssuerLet's Encrypt Subjectmakejugash.live Fingerprint04:6F:7E:13:B4:BE:B3:6C:8B:4A:23:D3:95:C5:7D:AD:D8:0E:BC:80 ValidityTue, 23 Apr 2024 13:04:22 GMT - Mon, 22 Jul 2024 13:04:21 GMT
File typeJavaScript source, ASCII text, with very long lines (28941) Hashba847811448ef90d98d272aeccef2a95 5814e91bb6276f4de8b7951c965f2f190a03978d 898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /media/mainstream/all/mb/6.js HTTP/1.1
Host: weapkd4.makejugash.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weapkd4.makejugash.live/vgwtivdj/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu&f=1&sid=t2~52aeq2vn5ctnorbkk5nuojdr&fp=skPMDb1PPGNqGHuY8FgquQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 24 Apr 2024 16:20:14 GMT
Content-Type: text/javascript
Content-Length: 29110
Connection: keep-alive
ETag: "ba847811448ef90d98d272aeccef2a95"
Last-Modified: Tue, 21 Nov 2023 12:30:06 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17C9439BD3F799A7
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1695223404#223748054/gid:0/gname:root/mode:33279/mtime:1653412338#597084000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-05-24T17:12:18.597084Z
Expires: Thu, 24 Apr 2025 16:20:14 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
|
|
| weapkd4.makejugash.live/media/mainstream/all/mb/img1.jpg | 185.155.184.55 | 200 OK | 1.3 kB |
URL GET HTTP/1.1weapkd4.makejugash.live/media/mainstream/all/mb/img1.jpg IP185.155.184.55:443
Requested byhttps://weapkd4.makejugash.live/vgwtivdj/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu&f=1&sid=t2~52aeq2vn5ctnorbkk5nuojdr&fp=skPMDb1PPGNqGHuY8FgquQ%3D%3D CertificateIssuerLet's Encrypt Subjectmakejugash.live Fingerprint04:6F:7E:13:B4:BE:B3:6C:8B:4A:23:D3:95:C5:7D:AD:D8:0E:BC:80 ValidityTue, 23 Apr 2024 13:04:22 GMT - Mon, 22 Jul 2024 13:04:21 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x50, components 3 Hashc3c59916d3b4977017c89125dc42b664 c8e5a97a6e9fbf41558c09c65b2ca6df9ba8723a aa05de326a8afd2a7b16c253d8c10fc41857b474f23a814ffa7684d4ef17c1a9
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /media/mainstream/all/mb/img1.jpg HTTP/1.1
Host: weapkd4.makejugash.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weapkd4.makejugash.live/vgwtivdj/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu&f=1&sid=t2~52aeq2vn5ctnorbkk5nuojdr&fp=skPMDb1PPGNqGHuY8FgquQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 24 Apr 2024 16:20:14 GMT
Content-Type: image/jpeg
Content-Length: 1315
Connection: keep-alive
ETag: "c3c59916d3b4977017c89125dc42b664"
Last-Modified: Wed, 20 Sep 2023 15:23:25 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17C9438439094E0A
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1693134509#304024643/gid:0/gname:root/mode:33279/mtime:1653412354#865120000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-05-24T17:12:34.86512Z
Expires: Thu, 24 Apr 2025 16:20:14 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
|
|
| weapkd4.makejugash.live/media/mainstream/all/mb/img2.jpg | 185.155.186.25 | 200 OK | 1.3 kB |
URL GET HTTP/1.1weapkd4.makejugash.live/media/mainstream/all/mb/img2.jpg IP185.155.186.25:443
Requested byhttps://weapkd4.makejugash.live/vgwtivdj/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu&f=1&sid=t2~52aeq2vn5ctnorbkk5nuojdr&fp=skPMDb1PPGNqGHuY8FgquQ%3D%3D CertificateIssuerLet's Encrypt Subjectmakejugash.live Fingerprint04:6F:7E:13:B4:BE:B3:6C:8B:4A:23:D3:95:C5:7D:AD:D8:0E:BC:80 ValidityTue, 23 Apr 2024 13:04:22 GMT - Mon, 22 Jul 2024 13:04:21 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x50, components 3 Hash92b944714cea3e478a8e50dea1a80b26 f12fc267be0ab02e2f3585b42df5b8c10d3cd3a5 fa07d78345204bf48b255523990b544e1b28f9a7810aaf2b8a5a356d05575205
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /media/mainstream/all/mb/img2.jpg HTTP/1.1
Host: weapkd4.makejugash.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weapkd4.makejugash.live/vgwtivdj/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu&f=1&sid=t2~52aeq2vn5ctnorbkk5nuojdr&fp=skPMDb1PPGNqGHuY8FgquQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 24 Apr 2024 16:20:14 GMT
Content-Type: image/jpeg
Content-Length: 1297
Connection: keep-alive
ETag: "92b944714cea3e478a8e50dea1a80b26"
Last-Modified: Wed, 20 Sep 2023 15:23:25 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17C9439BE169335F
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1693134509#304024643/gid:0/gname:root/mode:33279/mtime:1653412355#53121000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-05-24T17:12:35.053121Z
Expires: Thu, 24 Apr 2025 16:20:14 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
|
|
| weapkd4.makejugash.live/media/mainstream/all/mb/img3.jpg | 185.155.186.25 | 200 OK | 2.3 kB |
URL GET HTTP/1.1weapkd4.makejugash.live/media/mainstream/all/mb/img3.jpg IP185.155.186.25:443
Requested byhttps://weapkd4.makejugash.live/vgwtivdj/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu&f=1&sid=t2~52aeq2vn5ctnorbkk5nuojdr&fp=skPMDb1PPGNqGHuY8FgquQ%3D%3D CertificateIssuerLet's Encrypt Subjectmakejugash.live Fingerprint04:6F:7E:13:B4:BE:B3:6C:8B:4A:23:D3:95:C5:7D:AD:D8:0E:BC:80 ValidityTue, 23 Apr 2024 13:04:22 GMT - Mon, 22 Jul 2024 13:04:21 GMT
File typeJPEG image data, baseline, precision 8, 50x50, components 3 Hash5edf4db493423ac10c72a27ad5c4a618 5c535d00eaeaa725b39e3e1167a12de5bd66a1f2 a7c86ca5470f7d68b4c5f1c87f29f7daf816d1bd95353091bba8753341bb6f5f
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /media/mainstream/all/mb/img3.jpg HTTP/1.1
Host: weapkd4.makejugash.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weapkd4.makejugash.live/vgwtivdj/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu&f=1&sid=t2~52aeq2vn5ctnorbkk5nuojdr&fp=skPMDb1PPGNqGHuY8FgquQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 24 Apr 2024 16:20:14 GMT
Content-Type: image/jpeg
Content-Length: 2336
Connection: keep-alive
ETag: "5edf4db493423ac10c72a27ad5c4a618"
Last-Modified: Tue, 21 Nov 2023 12:30:07 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17C9439BE1ED3A32
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1695223405#363750618/gid:0/gname:root/mode:33279/mtime:1653412355#109121000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-05-24T17:12:35.109121Z
Expires: Thu, 24 Apr 2025 16:20:14 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
|
|
| weapkd4.makejugash.live/media/mainstream/all/mb/img4.jpg | 185.155.186.25 | 200 OK | 1.2 kB |
URL GET HTTP/1.1weapkd4.makejugash.live/media/mainstream/all/mb/img4.jpg IP185.155.186.25:443
Requested byhttps://weapkd4.makejugash.live/vgwtivdj/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu&f=1&sid=t2~52aeq2vn5ctnorbkk5nuojdr&fp=skPMDb1PPGNqGHuY8FgquQ%3D%3D CertificateIssuerLet's Encrypt Subjectmakejugash.live Fingerprint04:6F:7E:13:B4:BE:B3:6C:8B:4A:23:D3:95:C5:7D:AD:D8:0E:BC:80 ValidityTue, 23 Apr 2024 13:04:22 GMT - Mon, 22 Jul 2024 13:04:21 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x50, components 3 Hasha848711320a9df61e6457f65b0dfa9fb 68a62a84d89f4f9e1e831a6cef920797c7f2e7d5 aea3443ffa2df4454daac365b37a61f9b9b1ba24dc0899ff3afca9f770765ce0
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /media/mainstream/all/mb/img4.jpg HTTP/1.1
Host: weapkd4.makejugash.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weapkd4.makejugash.live/vgwtivdj/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu&f=1&sid=t2~52aeq2vn5ctnorbkk5nuojdr&fp=skPMDb1PPGNqGHuY8FgquQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 24 Apr 2024 16:20:14 GMT
Content-Type: image/jpeg
Content-Length: 1169
Connection: keep-alive
ETag: "a848711320a9df61e6457f65b0dfa9fb"
Last-Modified: Wed, 20 Sep 2023 15:23:25 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17C9439BE4A86A4D
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1693134509#304024643/gid:0/gname:root/mode:33279/mtime:1653412355#181121000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-05-24T17:12:35.181121Z
Expires: Thu, 24 Apr 2025 16:20:14 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
|
|
| weapkd4.makejugash.live/media/mainstream/all/mb/img6.jpg | 185.155.186.25 | 200 OK | 2.1 kB |
URL GET HTTP/1.1weapkd4.makejugash.live/media/mainstream/all/mb/img6.jpg IP185.155.186.25:443
Requested byhttps://weapkd4.makejugash.live/vgwtivdj/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu&f=1&sid=t2~52aeq2vn5ctnorbkk5nuojdr&fp=skPMDb1PPGNqGHuY8FgquQ%3D%3D CertificateIssuerLet's Encrypt Subjectmakejugash.live Fingerprint04:6F:7E:13:B4:BE:B3:6C:8B:4A:23:D3:95:C5:7D:AD:D8:0E:BC:80 ValidityTue, 23 Apr 2024 13:04:22 GMT - Mon, 22 Jul 2024 13:04:21 GMT
File typeJPEG image data, baseline, precision 8, 50x50, components 3 Hashf48aa7778890400e3be6131e64cd4236 9341d039b9f7de4eac9070c36fecac2772cc1ba0 388e1eb0cb648490ea1c4913f4ea3128f3fbfbda0608bf85e471d947db905302
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /media/mainstream/all/mb/img6.jpg HTTP/1.1
Host: weapkd4.makejugash.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weapkd4.makejugash.live/vgwtivdj/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu&f=1&sid=t2~52aeq2vn5ctnorbkk5nuojdr&fp=skPMDb1PPGNqGHuY8FgquQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 24 Apr 2024 16:20:14 GMT
Content-Type: image/jpeg
Content-Length: 2143
Connection: keep-alive
ETag: "f48aa7778890400e3be6131e64cd4236"
Last-Modified: Wed, 20 Sep 2023 15:23:25 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17C9439BE85C9A5B
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1693134509#304024643/gid:0/gname:root/mode:33279/mtime:1653412355#293121000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-05-24T17:12:35.293121Z
Expires: Thu, 24 Apr 2025 16:20:14 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
|
|
| weapkd4.makejugash.live/media/mainstream/all/mb/img5.jpg | 185.155.184.55 | 200 OK | 2.0 kB |
URL GET HTTP/1.1weapkd4.makejugash.live/media/mainstream/all/mb/img5.jpg IP185.155.184.55:443
Requested byhttps://weapkd4.makejugash.live/vgwtivdj/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu&f=1&sid=t2~52aeq2vn5ctnorbkk5nuojdr&fp=skPMDb1PPGNqGHuY8FgquQ%3D%3D CertificateIssuerLet's Encrypt Subjectmakejugash.live Fingerprint04:6F:7E:13:B4:BE:B3:6C:8B:4A:23:D3:95:C5:7D:AD:D8:0E:BC:80 ValidityTue, 23 Apr 2024 13:04:22 GMT - Mon, 22 Jul 2024 13:04:21 GMT
File typeJPEG image data, baseline, precision 8, 50x50, components 3 Hash6d02d5cf49120718501b9a6629290c48 a7bfde16cd37f6a331e8f17fbfc2f1772a5929a1 84d7f0648aeba8d80bb0f47e781cba8955b8fa7425748d9830c7a8c9bc35e5e9
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /media/mainstream/all/mb/img5.jpg HTTP/1.1
Host: weapkd4.makejugash.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weapkd4.makejugash.live/vgwtivdj/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu&f=1&sid=t2~52aeq2vn5ctnorbkk5nuojdr&fp=skPMDb1PPGNqGHuY8FgquQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 24 Apr 2024 16:20:14 GMT
Content-Type: image/jpeg
Content-Length: 2037
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "6d02d5cf49120718501b9a6629290c48"
Last-Modified: Mon, 20 Feb 2023 09:33:05 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 17C94397CB944444
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1676843277#915577428/gid:0/gname:root/mode:33279/mtime:1653412355#241121000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-05-24T17:12:35.241121Z
Expires: Thu, 24 Apr 2025 16:20:14 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
|
|
| weapkd4.makejugash.live/media/mainstream/all/mb/iphone15pro.png | 185.155.186.25 | 200 OK | 46 kB |
URL GET HTTP/1.1weapkd4.makejugash.live/media/mainstream/all/mb/iphone15pro.png IP185.155.186.25:443
Requested byhttps://weapkd4.makejugash.live/vgwtivdj/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu&f=1&sid=t2~52aeq2vn5ctnorbkk5nuojdr&fp=skPMDb1PPGNqGHuY8FgquQ%3D%3D CertificateIssuerLet's Encrypt Subjectmakejugash.live Fingerprint04:6F:7E:13:B4:BE:B3:6C:8B:4A:23:D3:95:C5:7D:AD:D8:0E:BC:80 ValidityTue, 23 Apr 2024 13:04:22 GMT - Mon, 22 Jul 2024 13:04:21 GMT
File typePNG image data, 300 x 351, 8-bit colormap, non-interlaced Hash901fdfedb54cf1297edd1de54a893cf8 c9cd3908f28908392b45e1a54e7b350993eee53c f30ac8920f3a3ab6621abad202e015353d46b61233549dfabe927234a9a5b3c5
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /media/mainstream/all/mb/iphone15pro.png HTTP/1.1
Host: weapkd4.makejugash.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weapkd4.makejugash.live/vgwtivdj/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu&f=1&sid=t2~52aeq2vn5ctnorbkk5nuojdr&fp=skPMDb1PPGNqGHuY8FgquQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 24 Apr 2024 16:20:14 GMT
Content-Type: image/png
Content-Length: 46124
Connection: keep-alive
ETag: "901fdfedb54cf1297edd1de54a893cf8"
Last-Modified: Tue, 21 Nov 2023 12:30:07 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17C9439F4C5732D6
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1697145024#950103503/gid:0/gname:root/mode:33188/mtime:1697144761#0/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2023-10-12T21:06:01Z
Expires: Thu, 24 Apr 2025 16:20:14 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
|
|
| weapkd4.makejugash.live/media/mainstream/all/mb/img9.jpg | 185.155.186.25 | 200 OK | 1.4 kB |
URL GET HTTP/1.1weapkd4.makejugash.live/media/mainstream/all/mb/img9.jpg IP185.155.186.25:443
Requested byhttps://weapkd4.makejugash.live/vgwtivdj/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu&f=1&sid=t2~52aeq2vn5ctnorbkk5nuojdr&fp=skPMDb1PPGNqGHuY8FgquQ%3D%3D CertificateIssuerLet's Encrypt Subjectmakejugash.live Fingerprint04:6F:7E:13:B4:BE:B3:6C:8B:4A:23:D3:95:C5:7D:AD:D8:0E:BC:80 ValidityTue, 23 Apr 2024 13:04:22 GMT - Mon, 22 Jul 2024 13:04:21 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3 Hasha2dbd5c25807fbad37aceb676e90cd66 6972c6df94b50dd66111d5a555bdf2907b6f3e7e 6592c5497d79980109ee577663beac8d709726a63329f893775f89083cc8858e
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /media/mainstream/all/mb/img9.jpg HTTP/1.1
Host: weapkd4.makejugash.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weapkd4.makejugash.live/vgwtivdj/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu&f=1&sid=t2~52aeq2vn5ctnorbkk5nuojdr&fp=skPMDb1PPGNqGHuY8FgquQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 24 Apr 2024 16:20:14 GMT
Content-Type: image/jpeg
Content-Length: 1374
Connection: keep-alive
ETag: "a2dbd5c25807fbad37aceb676e90cd66"
Last-Modified: Wed, 20 Sep 2023 15:23:25 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17C9439BECBFA97C
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1693134509#304024643/gid:0/gname:root/mode:33279/mtime:1653412355#461122000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-05-24T17:12:35.461122Z
Expires: Thu, 24 Apr 2025 16:20:14 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
|
|
| weapkd4.makejugash.live/media/mainstream/all/mb/img8.jpg | 185.155.186.25 | 200 OK | 1.6 kB |
URL GET HTTP/1.1weapkd4.makejugash.live/media/mainstream/all/mb/img8.jpg IP185.155.186.25:443
Requested byhttps://weapkd4.makejugash.live/vgwtivdj/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu&f=1&sid=t2~52aeq2vn5ctnorbkk5nuojdr&fp=skPMDb1PPGNqGHuY8FgquQ%3D%3D CertificateIssuerLet's Encrypt Subjectmakejugash.live Fingerprint04:6F:7E:13:B4:BE:B3:6C:8B:4A:23:D3:95:C5:7D:AD:D8:0E:BC:80 ValidityTue, 23 Apr 2024 13:04:22 GMT - Mon, 22 Jul 2024 13:04:21 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x50, components 3 Hash5da3831556c780010e0e5c5b967e43ce 574623afde349258b91d44849ef16d483b61e223 45f901bd7a281c73db028f014eb9196ad0297d6eaede94151bf2832946eb8f07
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /media/mainstream/all/mb/img8.jpg HTTP/1.1
Host: weapkd4.makejugash.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weapkd4.makejugash.live/vgwtivdj/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu&f=1&sid=t2~52aeq2vn5ctnorbkk5nuojdr&fp=skPMDb1PPGNqGHuY8FgquQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 24 Apr 2024 16:20:14 GMT
Content-Type: image/jpeg
Content-Length: 1608
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "5da3831556c780010e0e5c5b967e43ce"
Last-Modified: Mon, 20 Feb 2023 09:33:05 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 17C9439BEE3D1641
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1676843277#915577428/gid:0/gname:root/mode:33279/mtime:1653412355#405122000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-05-24T17:12:35.405122Z
Expires: Thu, 24 Apr 2025 16:20:14 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
|
|
| weapkd4.makejugash.live/media/mainstream/all/mb/img7.jpg | 185.155.186.25 | 200 OK | 2.3 kB |
URL GET HTTP/1.1weapkd4.makejugash.live/media/mainstream/all/mb/img7.jpg IP185.155.186.25:443
Requested byhttps://weapkd4.makejugash.live/vgwtivdj/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu&f=1&sid=t2~52aeq2vn5ctnorbkk5nuojdr&fp=skPMDb1PPGNqGHuY8FgquQ%3D%3D CertificateIssuerLet's Encrypt Subjectmakejugash.live Fingerprint04:6F:7E:13:B4:BE:B3:6C:8B:4A:23:D3:95:C5:7D:AD:D8:0E:BC:80 ValidityTue, 23 Apr 2024 13:04:22 GMT - Mon, 22 Jul 2024 13:04:21 GMT
File typeJPEG image data, baseline, precision 8, 50x50, components 3 Hash7364bf39dcf0941d3a1760e46a562710 a358405162193128cceae8551e14648798bd4254 ba858c8ecc8f498253509a9251e5070ce3b3ad9950b704a22a9a1fb1efc62541
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /media/mainstream/all/mb/img7.jpg HTTP/1.1
Host: weapkd4.makejugash.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weapkd4.makejugash.live/vgwtivdj/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu&f=1&sid=t2~52aeq2vn5ctnorbkk5nuojdr&fp=skPMDb1PPGNqGHuY8FgquQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 24 Apr 2024 16:20:14 GMT
Content-Type: image/jpeg
Content-Length: 2264
Connection: keep-alive
ETag: "7364bf39dcf0941d3a1760e46a562710"
Last-Modified: Tue, 21 Nov 2023 12:30:07 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17C9439BE94CFCC7
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1695223405#391750681/gid:0/gname:root/mode:33279/mtime:1653412355#349122000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-05-24T17:12:35.349122Z
Expires: Thu, 24 Apr 2025 16:20:14 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
|
|
| weapkd4.makejugash.live/media/mainstream/all/mb/logo_f01.png | 185.155.186.25 | 200 OK | 6.8 kB |
URL GET HTTP/1.1weapkd4.makejugash.live/media/mainstream/all/mb/logo_f01.png IP185.155.186.25:443
Requested byhttps://weapkd4.makejugash.live/vgwtivdj/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu&f=1&sid=t2~52aeq2vn5ctnorbkk5nuojdr&fp=skPMDb1PPGNqGHuY8FgquQ%3D%3D CertificateIssuerLet's Encrypt Subjectmakejugash.live Fingerprint04:6F:7E:13:B4:BE:B3:6C:8B:4A:23:D3:95:C5:7D:AD:D8:0E:BC:80 ValidityTue, 23 Apr 2024 13:04:22 GMT - Mon, 22 Jul 2024 13:04:21 GMT
File typePNG image data, 130 x 126, 8-bit colormap, non-interlaced Hash192b810ba6ed4b80611aef274d85948d 2835cc503efcd77d03613293dbc33c4cc7b6b5b9 91e5c1968eee9298437a097fd47978a077d667e086593ab0fd7988ef60d2ddf4
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /media/mainstream/all/mb/logo_f01.png HTTP/1.1
Host: weapkd4.makejugash.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weapkd4.makejugash.live/vgwtivdj/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu&f=1&sid=t2~52aeq2vn5ctnorbkk5nuojdr&fp=skPMDb1PPGNqGHuY8FgquQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 24 Apr 2024 16:20:14 GMT
Content-Type: image/png
Content-Length: 6763
Connection: keep-alive
ETag: "192b810ba6ed4b80611aef274d85948d"
Last-Modified: Tue, 21 Nov 2023 12:30:07 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17C94381FBC0A426
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1695223406#15752084/gid:0/gname:root/mode:33279/mtime:1653412365#157143000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-05-24T17:12:45.157143Z
Expires: Thu, 24 Apr 2025 16:20:14 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
|
|
| aljazirah.com.sa/modules/mod_spmedical_services/assets/css/style.css | 172.67.195.121 | | 2.0 kB |
URL aljazirah.com.sa/modules/mod_spmedical_services/assets/css/style.css IP172.67.195.121:0
Hash715be1ede76c5dde0114e0317f9fcf93 befa821ffb6abd621e9d080cd18554acbe2e972d 3e20ac256148c90154e391c19a19c7f6b59f73f59a7148dae0f1e3c859d761a6
GET /modules/mod_spmedical_services/assets/css/style.css HTTP/1.1
Host: aljazirah.com.sa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aljazirah.com.sa/
Cookie: PHPSESSID=1cf9a62cf23b0313758d2b67fd4bb92c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 16:20:10 GMT
content-type: text/css
last-modified: Tue, 19 Sep 2023 10:30:15 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2844
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7ke%2B5jqYrfaO%2FfZxANvx%2BJXL1LfkYx4xcI44g%2B3v55K8kZOA45%2Be0MnSrImeZZzV4s6EC1RtwjlRdCgUGu08EYoZu4eHVxthhxxBJzFEu5AjnbatD52x6xNW6RgLLmSZN%2B8U"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87976b504e1a0b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| weapkd4.makejugash.live/media/mainstream/all/mb/img10.jpg | 185.155.186.25 | 200 OK | 1.5 kB |
URL GET HTTP/1.1weapkd4.makejugash.live/media/mainstream/all/mb/img10.jpg IP185.155.186.25:443
Requested byhttps://weapkd4.makejugash.live/vgwtivdj/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu&f=1&sid=t2~52aeq2vn5ctnorbkk5nuojdr&fp=skPMDb1PPGNqGHuY8FgquQ%3D%3D CertificateIssuerLet's Encrypt Subjectmakejugash.live Fingerprint04:6F:7E:13:B4:BE:B3:6C:8B:4A:23:D3:95:C5:7D:AD:D8:0E:BC:80 ValidityTue, 23 Apr 2024 13:04:22 GMT - Mon, 22 Jul 2024 13:04:21 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 48x48, components 3 Hash0d0f29abfcedc7dfffe3811a5100a6cd 19567e85aab4fd05d752cfa86f88087465042b0a e3da7d20be42da6e260d3085d2a3f3965a549065345ee2d139e28625104e2393
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /media/mainstream/all/mb/img10.jpg HTTP/1.1
Host: weapkd4.makejugash.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weapkd4.makejugash.live/vgwtivdj/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu&f=1&sid=t2~52aeq2vn5ctnorbkk5nuojdr&fp=skPMDb1PPGNqGHuY8FgquQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 24 Apr 2024 16:20:14 GMT
Content-Type: image/jpeg
Content-Length: 1506
Connection: keep-alive
ETag: "0d0f29abfcedc7dfffe3811a5100a6cd"
Last-Modified: Tue, 21 Nov 2023 12:30:07 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17C9439BF01093EE
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1695223405#347750582/gid:0/gname:root/mode:33279/mtime:1653412354#925121000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-05-24T17:12:34.925121Z
Expires: Thu, 24 Apr 2025 16:20:14 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
|
|
| weapkd4.makejugash.live/media/mainstream/us/wap/mobsurvey/ff.png | 185.155.186.25 | 200 OK | 11 kB |
URL GET HTTP/1.1weapkd4.makejugash.live/media/mainstream/us/wap/mobsurvey/ff.png IP185.155.186.25:443
Requested byhttps://weapkd4.makejugash.live/vgwtivdj/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu&f=1&sid=t2~52aeq2vn5ctnorbkk5nuojdr&fp=skPMDb1PPGNqGHuY8FgquQ%3D%3D CertificateIssuerLet's Encrypt Subjectmakejugash.live Fingerprint04:6F:7E:13:B4:BE:B3:6C:8B:4A:23:D3:95:C5:7D:AD:D8:0E:BC:80 ValidityTue, 23 Apr 2024 13:04:22 GMT - Mon, 22 Jul 2024 13:04:21 GMT
File typePNG image data, 245 x 253, 8-bit colormap, non-interlaced Hash2f5710ee40aba475e1d0cd9c9c953407 93ac36daaed5f1b86a2f301faddca673393996aa 38450abe3fe9fdc0c5c281fa3bc6532f9ffcd7632d6924f154444fba265a39f2
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /media/mainstream/us/wap/mobsurvey/ff.png HTTP/1.1
Host: weapkd4.makejugash.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weapkd4.makejugash.live/vgwtivdj/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu&f=1&sid=t2~52aeq2vn5ctnorbkk5nuojdr&fp=skPMDb1PPGNqGHuY8FgquQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 24 Apr 2024 16:20:15 GMT
Content-Type: image/png
Content-Length: 10691
Connection: keep-alive
ETag: "2f5710ee40aba475e1d0cd9c9c953407"
Last-Modified: Wed, 20 Sep 2023 15:25:32 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17C942726B47C903
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1693134509#568025469/gid:0/gname:root/mode:33279/mtime:1655387479#482644706/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:51:19.482644706Z
Expires: Thu, 24 Apr 2025 16:20:15 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
|
|
| weapkd4.makejugash.live/favicon.ico | 185.155.186.25 | 204 No Content | 0 B |
URL GET HTTP/1.1weapkd4.makejugash.live/favicon.ico IP185.155.186.25:443
Requested byhttps://weapkd4.makejugash.live/vgwtivdj/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu&f=1&sid=t2~52aeq2vn5ctnorbkk5nuojdr&fp=skPMDb1PPGNqGHuY8FgquQ%3D%3D CertificateIssuerLet's Encrypt Subjectmakejugash.live Fingerprint04:6F:7E:13:B4:BE:B3:6C:8B:4A:23:D3:95:C5:7D:AD:D8:0E:BC:80 ValidityTue, 23 Apr 2024 13:04:22 GMT - Mon, 22 Jul 2024 13:04:21 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: weapkd4.makejugash.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weapkd4.makejugash.live/vgwtivdj/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu&f=1&sid=t2~52aeq2vn5ctnorbkk5nuojdr&fp=skPMDb1PPGNqGHuY8FgquQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: openresty
Date: Wed, 24 Apr 2024 16:20:15 GMT
Connection: keep-alive
|
|
| weapkd4.makejugash.live/media/mainstream/alert.mp3 | 185.155.186.25 | 200 OK | 8.8 kB |
URL GET HTTP/1.1weapkd4.makejugash.live/media/mainstream/alert.mp3 IP185.155.186.25:443
Requested byhttps://weapkd4.makejugash.live/vgwtivdj/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu&f=1&sid=t2~52aeq2vn5ctnorbkk5nuojdr&fp=skPMDb1PPGNqGHuY8FgquQ%3D%3D CertificateIssuerLet's Encrypt Subjectmakejugash.live Fingerprint04:6F:7E:13:B4:BE:B3:6C:8B:4A:23:D3:95:C5:7D:AD:D8:0E:BC:80 ValidityTue, 23 Apr 2024 13:04:22 GMT - Mon, 22 Jul 2024 13:04:21 GMT
File typeAudio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Monaural Hash6d2d3da2ea28ace816fa4a138829dc18 606e0ec3d7fb05c69f16233cfe1ff0a0ee760505 d79bc81189750262716692ade6cc4d6fb6c4fbc4aa01c2b9d0aa67e5788821fc
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /media/mainstream/alert.mp3 HTTP/1.1
Host: weapkd4.makejugash.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weapkd4.makejugash.live/vgwtivdj/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu&f=1&sid=t2~52aeq2vn5ctnorbkk5nuojdr&fp=skPMDb1PPGNqGHuY8FgquQ%3D%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 24 Apr 2024 16:20:15 GMT
Content-Type: audio/mpeg
Content-Length: 8802
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "6d2d3da2ea28ace816fa4a138829dc18"
Last-Modified: Mon, 20 Feb 2023 09:33:01 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 17C94380053C148A
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1676843338#351669788/gid:0/gname:root/mode:33279/mtime:1655387452#802583242/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:50:52.802583242Z
Expires: Thu, 24 Apr 2025 16:20:15 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
|
|
| aljazirah.com.sa/templates/shaper_medico/js/bootstrap.bundle.min.js | 172.67.195.121 | | 32 kB |
URL aljazirah.com.sa/templates/shaper_medico/js/bootstrap.bundle.min.js IP172.67.195.121:0
File typeJavaScript source, ASCII text, with very long lines (65299) Hashf87169113dc46f1e4766c0123766af14 96d7fc968d63accf4573a5a64f89fd6f6d123e49 3e5bcbef6de2733340d0a5a46e17adefa2f86fa89f5275c05c63831b011b88cc
GET /templates/shaper_medico/js/bootstrap.bundle.min.js HTTP/1.1
Host: aljazirah.com.sa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aljazirah.com.sa/
Cookie: PHPSESSID=1cf9a62cf23b0313758d2b67fd4bb92c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 16:20:10 GMT
content-type: application/javascript
last-modified: Tue, 19 Sep 2023 11:12:17 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2844
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B19Gf5j8h2lWg0UKD1URR4p1E54K2iuDNfymkh3DC9WDKFuSPv3XLnuJEt0kryZoGlLnAX6w2It4Dbd0%2Bis8QmmHKgVKe3siXQVoDUcPOGvoKVGbFCB2QT1gmpHiZIgcj3oz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87976b50ae6b0b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdnstatic.check-tl-ver-54-3.com/ps/tb?id=QJ-sTsVJyEi0vYPMT7ARIQ&sm=space-robot&sub_id=228_taco_ms&click_id=376l60jldollu&nrid=6701c411e28252286b86723345f92d65&reason=tb_exit&attempt=1 | 188.114.96.1 | | 87 kB |
URL cdnstatic.check-tl-ver-54-3.com/ps/tb?id=QJ-sTsVJyEi0vYPMT7ARIQ&sm=space-robot&sub_id=228_taco_ms&click_id=376l60jldollu&nrid=6701c411e28252286b86723345f92d65&reason=tb_exit&attempt=1 IP188.114.96.1:0
File typeHTML document, ASCII text, with CRLF line terminators Hash0b9dcb5c7a67a4266e0cd76e55870e57 140dc995b2fe23cabcc267789fcd3fe21e57a741 e3e49179df155ec96202f05dc51704309e0532f8dff56273f16ef74a4b1a0d8e
GET /ps/tb?id=QJ-sTsVJyEi0vYPMT7ARIQ&sm=space-robot&sub_id=228_taco_ms&click_id=376l60jldollu&nrid=6701c411e28252286b86723345f92d65&reason=tb_exit&attempt=1 HTTP/1.1
Host: cdnstatic.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lzfok.check-tl-ver-54-3.com/
Cookie: __psu=4acf94b2-5b80-4897-bc25-cc91f24c1eec
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 16:20:13 GMT
content-type: text/html
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lE3eSQbqGi%2Fd3WGuT0J5LSjlJESLUXfXhX16DQXKgg%2BBxEWNMOovS1Hk5AO4FwYw6dpuwPBHHtS%2FptU9kG7f8F75%2BSdYwggUlzTT8q%2Bfj0A2H3M6b8H3AMyyP8lCvdeqPV1aF8JXoZ%2FwVhIQvzROlys7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87976b5e2d3b0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| jsontdsexit2.com/ExtService.svc/getextparams |  136.243.216.235 | 200 OK | 537 B |
URL GET HTTP/2jsontdsexit2.com/ExtService.svc/getextparams IP136.243.216.235:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://weapkd4.makejugash.live/vgwtivdj/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu&f=1&sid=t2~52aeq2vn5ctnorbkk5nuojdr&fp=skPMDb1PPGNqGHuY8FgquQ%3D%3D CertificateIssuerLet's Encrypt Subjectjsontdsexit2.com Fingerprint48:31:DD:61:15:18:42:C5:25:8C:3D:8D:29:32:35:54:12:C1:59:1C ValidityTue, 19 Mar 2024 13:03:39 GMT - Mon, 17 Jun 2024 13:03:38 GMT
File typetroff or preprocessor input, Unicode text, UTF-8 text, with very long lines (628), with no line terminators Hashf0ff9519ad22b8b518b843ffb173ccc7 2a756d59ca73ebca175cfe427486b7c2b7c18b2f bfc8dedb9d5109a40b1efa76f59438c1e54993399d2a8a01aff0c1a46d7574a5
GET /ExtService.svc/getextparams HTTP/1.1
Host: jsontdsexit2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://weapkd4.makejugash.live
DNT: 1
Connection: keep-alive
Referer: https://weapkd4.makejugash.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 16:20:14 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| weapkd4.makejugash.live/media/mainstream/all/mb/img11.jpg | 185.155.184.55 | 200 OK | 1.6 kB |
URL GET HTTP/1.1weapkd4.makejugash.live/media/mainstream/all/mb/img11.jpg IP185.155.184.55:443
Requested byhttps://weapkd4.makejugash.live/vgwtivdj/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu&f=1&sid=t2~52aeq2vn5ctnorbkk5nuojdr&fp=skPMDb1PPGNqGHuY8FgquQ%3D%3D CertificateIssuerLet's Encrypt Subjectmakejugash.live Fingerprint04:6F:7E:13:B4:BE:B3:6C:8B:4A:23:D3:95:C5:7D:AD:D8:0E:BC:80 ValidityTue, 23 Apr 2024 13:04:22 GMT - Mon, 22 Jul 2024 13:04:21 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3 Hash14ca7a7e1bb1db7a31af7c44a0ae9062 7293947d75065f3def42439f32138127d605bc8f d8d2b0e0baad97e943838712911352a8c9dd0d5bf2114e78c3d1649bcc0d634a
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /media/mainstream/all/mb/img11.jpg HTTP/1.1
Host: weapkd4.makejugash.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weapkd4.makejugash.live/vgwtivdj/?u=4dkpaew&o=81yk607&t=228_taco_ms&cid=376l60jldollu&f=1&sid=t2~52aeq2vn5ctnorbkk5nuojdr&fp=skPMDb1PPGNqGHuY8FgquQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 24 Apr 2024 16:20:14 GMT
Content-Type: image/jpeg
Content-Length: 1610
Connection: keep-alive
ETag: "14ca7a7e1bb1db7a31af7c44a0ae9062"
Last-Modified: Tue, 21 Nov 2023 12:30:07 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17C94397F8B3C8D8
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1695223405#351750591/gid:0/gname:root/mode:33279/mtime:1653412354#997121000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-05-24T17:12:34.997121Z
Expires: Thu, 24 Apr 2025 16:20:14 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
|
|
104.21.76.128