Report - jameeltips.us/blog/JEydW

Report Overview

Submitted URL
jameeltips.us/blog/JEydW
IP
172.67.157.116
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-26 06:46:14
Access
public
Website Title
Jameeltips – On this blog you will read about health and fitness.
Final URL
jameeltips.us/blog/JEydW
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
12

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
onetag-sys.com	1840	2015-04-05	2015-04-08	2024-04-25	2.8 kB	1.7 kB	51.89.9.251
ad-delivery.net	1341	2017-05-03	2017-06-22	2024-04-25	1.3 kB	3.9 kB	172.67.69.19
proftrafficcounter.com	unknown	2023-11-16	2023-11-21	2024-04-25	427 B	420 B	35.158.46.84
tmzr.themoneytizer.fr	unknown	2013-10-29	2024-04-02	2024-04-25	450 B	145 kB	172.67.174.127
ib.adnxs.com	241	2008-05-27	2012-05-20	2024-04-25	472 B	813 B	37.252.172.123
www.gstatic.com	unknown	2008-02-11	2016-07-26	2024-04-25	476 B	207 kB	142.250.74.35
cdn.cloudimagesb.com	23099	2020-10-06	2021-02-12	2024-04-24	896 B	39 kB	45.133.44.10
jameeltips.us	318735	2018-10-28	2018-11-04	2023-07-11	6.0 kB	470 kB	172.67.157.116
null.holid.io	unknown	unknown	No data	No data	647 B	2.7 kB	104.21.83.199
cashurl.win	49872	2017-07-12	2017-07-15	2023-07-02	426 B	632 B	172.67.159.79
elb.the-ozone-project.com	9949	2018-04-11	2018-06-11	2024-04-20	6.1 kB	27 kB	104.18.43.178
static.cloudflareinsights.com	1294	2019-08-30	2019-09-24	2024-04-25	1.0 kB	39 kB	104.16.79.73
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-04-26	422 B	70 kB	142.250.74.168
p.cpx.to	10368	unknown	2015-01-23	2024-04-25	394 B	4.8 kB	18.203.226.119
adtrack.adleadevent.com	30718	2010-09-20	2015-02-02	2024-04-25	456 B	814 B	52.48.122.2
planetgrimace.com	unknown	unknown	No data	No data	3.1 kB	38 kB	192.243.61.227
likescenesfocused.com	unknown	unknown	No data	No data	2.7 kB	5.7 kB	192.243.61.225
crackcity.pw	unknown	2021-02-23	2018-12-11	2023-06-27	449 B	336 B	69.162.95.5
ads.holid.io	396031	2016-11-20	2019-12-17	2024-02-26	821 B	476 kB	104.21.83.199
btloader.com	169057	2020-10-06	2020-10-22	2024-04-25	852 B	103 kB	104.22.75.216
api.adinplay.com	12970	2012-12-04	2015-05-15	2024-03-22	871 B	712 kB	104.26.2.232
stats.adinplay.com	unknown	2012-12-04	2018-08-22	2024-04-17	990 B	1.3 kB	93.119.15.97
c.delivery.consentmanager.net	123755	2018-05-02	2021-07-25	2024-04-21	1.7 kB	3.6 kB	87.230.98.76
i.clean.gg	1411	2018-04-01	2018-05-24	2024-04-22	979 B	997 B	34.95.69.49
suckfaintlybooking.com	unknown	unknown	No data	No data	487 B	467 B	192.243.59.20
unseenreport.com	unknown	2022-03-30	2022-03-30	2024-04-24	732 B	423 B	192.243.61.225
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2024-04-25	986 B	3.1 kB	151.101.1.229
script.4dex.io	2135	2018-04-02	2018-07-23	2024-04-24	832 B	24 kB	104.26.9.169
helloworld.holid.io	unknown	2016-11-20	2023-01-17	2024-02-09	963 B	2.6 kB	104.21.83.199
code.jquery.com	634	2005-12-10	2012-05-21	2024-04-25	404 B	285 kB	151.101.194.137
cadmus.script.ac	unknown	2020-03-18	2023-03-09	2024-04-24	839 B	74 kB	104.18.22.145
api.btloader.com	1320	2020-10-06	2020-10-14	2024-04-25	2.0 kB	978 B	130.211.23.194
cdn.consentmanager.net	29447	2018-05-02	2021-02-08	2024-04-25	1.8 kB	494 kB	185.76.9.21
cookies.nextmillmedia.com	unknown	2021-03-02	2022-05-19	2024-04-23	642 B	334 B	54.226.126.247
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-25	438 B	6.0 kB	142.250.74.106
country.adinplay-venatus.workers.dev	unknown	2019-02-08	2023-10-26	2024-03-21	436 B	729 B	172.67.173.227
mattersdeviceconsignment.com	unknown	2022-08-31	2022-08-31	2023-06-28	886 B	25 kB	192.243.59.12
tag.leadplace.fr	28142	2010-08-20	2015-07-08	2024-04-25	399 B	4.2 kB	145.239.192.166
ip.holid.io	unknown	2016-11-20	2024-02-08	2024-02-26	411 B	1.1 kB	104.21.83.199
js-sec.indexww.com	663	2013-03-28	2015-05-13	2024-04-24	521 B	3.4 kB	104.18.38.76
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-26	512 B	24 kB	216.58.207.227
ads.servenobid.com	1764	2019-04-26	2019-05-19	2024-04-18	721 B	800 B	34.250.231.235
www.recaptcha.net	2060	2007-01-06	2012-07-11	2024-04-25	455 B	1.4 kB	142.250.74.131
downstairsnegotiatebarren.com	unknown	2024-03-04	2024-03-04	2024-04-25	410 B	87 kB	172.67.180.87
ads.themoneytizer.com	28463	2013-10-29	2014-05-26	2024-04-25	2.5 kB	6.6 kB	104.22.63.227

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-25	medium	planetgrimace.com	Sinkholed
2024-04-25	medium	planetgrimace.com	Sinkholed
2024-04-25	medium	planetgrimace.com	Sinkholed
2024-04-26	medium	likescenesfocused.com	Sinkholed
2024-04-26	medium	likescenesfocused.com	Sinkholed
2024-04-25	medium	unseenreport.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (63)

	URL	Size	First Seen	Last Seen
	null.holid.io/sync.html?bidders=%5B%22adform%22%2C%22improvedigital%22%2C%22openrtb%22%2C%22rubicon%22%5D&gdpr=0&gdpr_consent=undefined&usp_consent=&type=iframe	0 B	2023-03-07	2024-05-06
Pretty URL null.holid.io/sync.html?bidders=%5B%22adform%22%2C%22improvedigital%22%2C%22openrtb%22%2C%22rubicon%22%5D&gdpr=0&gdpr_consent=undefined&usp_consent=&type=iframe IP 104.21.83.199 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-06 20:07:07 Times Seen37383443 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	jameeltips.us/blog/JEydW	0 B	2023-03-07	2024-05-06
Pretty URL jameeltips.us/blog/JEydW IP 172.67.157.116 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-06 20:07:07 Times Seen37383443 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793	19 kB	2024-04-17	2024-05-03
Pretty URL static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793 IP 104.16.79.73 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-17 04:05:01 Last Seen2024-05-03 04:44:29 Times Seen1486 Hash 3be93fd15d2f7dee2fc0c8981c6fa5c6 8cd88c36fad3e96641dbc4d781f5ddbe5123312f 17106bf803d42bcf2f2bdf778ece084d3f91c68e7ea41dae7bff61fefa573dee Loading...

	tag.leadplace.fr/libJsLP.js	3.9 kB	2023-12-01	2024-05-04
Pretty URL tag.leadplace.fr/libJsLP.js IP 145.239.192.166 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-01 14:18:38 Last Seen2024-05-04 08:52:51 Times Seen8246 Hash 9da2703e284a68f7cf5eac9182b5c455 55b751e55972b7228303a5e5011882515f81db25 97c32278e8275102822dd3f18f9de62b7ff1f796bb43cf04c0845114ec912d16 Loading...

	jameeltips.us/blog/JEydW	0 B	2023-03-07	2024-05-06
Pretty URL jameeltips.us/blog/JEydW IP 172.67.157.116 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-06 20:07:07 Times Seen37383443 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	securepubads.g.doubleclick.net/tag/js/gpt.js	13 kB	2023-04-05	2024-05-06
Pretty URL securepubads.g.doubleclick.net/tag/js/gpt.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 04:46:03 Last Seen2024-05-06 19:19:40 Times Seen31187 Hash 0c9ed134ae3d5ffe972da2a3e59dc428 620df222551395592e46e4c5f425cf23dcdad891 5f9efa604bfe2aee8c1a90376125a098306ba390530a6f9b2ecb0a67cdac178d Loading...

	mattersdeviceconsignment.com/f3a74d2936747962c922d42fe50d22c9/invoke.js	31 kB	2024-04-26	2024-04-26
Pretty URL mattersdeviceconsignment.com/f3a74d2936747962c922d42fe50d22c9/invoke.js IP 192.243.59.12 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 08:46:23 Last Seen2024-04-26 08:46:25 Times Seen2 Hash fad67431aee2ba2a397894243ae62486 000a430a0950f22f9bfd5a80db4afc519879b536 bdfa70f452402ea670cbe235a3d6cc824a6868be37775383a47c7dacc6b186da Loading...

	jameeltips.us/blog/sandbox%20eval%20code	136 B	2023-04-11	2024-05-06
Pretty URL jameeltips.us/blog/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:23:25 Last Seen2024-05-06 19:19:40 Times Seen31755 Hash fb4eb094524daea58bf7f82331598541 f5ca39eb98fa1685f8647514a627d3d7f216f7ef 7cbf1e77bb9277bac7030ded2087246adf5c59564a5a1f28ce8c09be6ef48683 Loading...

	p.cpx.to/p/12775/px.js	4.6 kB	2024-04-26	2024-04-26
Pretty URL p.cpx.to/p/12775/px.js IP 18.203.226.119 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 08:46:23 Last Seen2024-04-26 08:46:25 Times Seen2 Hash 2d4c2c65114160bb82e8a3c90e6a8271 e021d02a2c1858f5211f75ed5c5e18bc862ebd5c ab9b62b7c27681c6cbfa2e080222683c6019686ad7f4b5474ebbca501f0df828 Loading...

	unknown	145 B	2023-07-11	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-11 13:54:54 Last Seen2024-04-26 08:46:23 Times Seen3 Hash f7f37c6606e12c96e899731d4b2a98be 39385b843849f8d97ed72236e6f209818f42333c cee6e600adb4f84f972180182651b9dcbc85698502544c3237534ee4e67a3950 Loading...

	connect.facebook.net/en_US/sdk.js#xfbml=1&version=v4.0&appId=175395926340766&autoLogAppEvents=1	17 kB	2023-05-05	2024-05-06
Pretty URL connect.facebook.net/en_US/sdk.js#xfbml=1&version=v4.0&appId=175395926340766&autoLogAppEvents=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-05 22:33:37 Last Seen2024-05-06 19:19:40 Times Seen44955 Hash b938e0b835c600209bdaae9d8ccda6d7 d5ee79d277057e05f002a18381722b5eb75d3883 d1b95aeb57c3285042e1e24c00cc56a8560d16daf7ee5cdfd5c75296b21ac91b Loading...

	mattersdeviceconsignment.com/90eb2b1fe17aa736705b962b44d6f229/invoke.js	31 kB	2024-04-26	2024-04-26
Pretty URL mattersdeviceconsignment.com/90eb2b1fe17aa736705b962b44d6f229/invoke.js IP 192.243.59.12 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 08:46:23 Last Seen2024-04-26 08:46:25 Times Seen2 Hash 138d7812492b5ee2140e0cfb64bf39aa ec343af95a6665926ce761fc7f2faf79d983b67d 665a5e3a4cd88f20a50866cd8b02845cc5a8edafa643a3b03679ebcc2ea5b0c6 Loading...

	jameeltips.us/blog/cloud_theme/build/js/script.min.js?ver=6.6.1	223 kB	2023-03-29	2024-04-26
Pretty URL jameeltips.us/blog/cloud_theme/build/js/script.min.js?ver=6.6.1 IP 172.67.157.116 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:49:35 Last Seen2024-04-26 08:46:23 Times Seen23 Hash f2d31054c8b639fc7b5b033e76df3df5 e98bab77f3022154a375feeb73862efc2fc92f32 4be0d0c1c0ff40f22a136d1518fbafb5cd248072bfa3ebbc6a89e390d7bffc00 Loading...

	elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1714113947519&bidder=ozone	11 kB	2024-04-12	2024-04-26
Pretty URL elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1714113947519&bidder=ozone IP 104.18.43.178 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-12 20:36:07 Last Seen2024-04-26 08:46:23 Times Seen4 Hash 5cf6dc4acb1e1ff2e803c766535db333 db09808ef9e73c19e1e3f255e8d24e74ec40d304 0867606845a9a520b97bdf054d537ddfeaf8a757be50fc4192c0bbcca7e32788 Loading...

	api.adinplay.com/libs/aiptag/pub/JML/jameeltips.us/tag.min.js	710 kB	2024-04-26	2024-04-26
Pretty URL api.adinplay.com/libs/aiptag/pub/JML/jameeltips.us/tag.min.js IP 104.26.2.232 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 08:46:23 Last Seen2024-04-26 08:46:26 Times Seen2 Hash b07b4546195a9c8e92c780f8a3a1c1b4 5960ee4eaef7564970b92649366b5b567edfd405 fe5722b119c0aed7feb39823bbce8af298ece6dd9f95ed7db47eac361a4b1234 Loading...

	script.4dex.io/localstore.js	1.4 kB	2024-04-16	2024-05-05
Pretty URL script.4dex.io/localstore.js IP 104.26.9.169 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 22:06:44 Last Seen2024-05-05 20:29:50 Times Seen329 Hash 00a8e13a83b2bbab51af8e55f52be363 57340eb5c07e50d96f4a04bd4c220f0f24cec649 3aec57ffa5c31e185202ddaa3b5b9d9872d4504f4546ab4eea1298baaf3c7cc7 Loading...

	planetgrimace.com/06/3b/ad/063bad003b4be020bb82147fa0656322.js	84 kB	2024-04-26	2024-04-26
Pretty URL planetgrimace.com/06/3b/ad/063bad003b4be020bb82147fa0656322.js IP 192.243.61.227 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 08:46:23 Last Seen2024-04-26 08:46:25 Times Seen2 Hash 5ee24f82843520050859f58df49ad3b9 35850aafa5f73dde5773837930a4a063dbe347cd 0641e089a987fd26e1060fe1549b511acb31b85f4b685ec35d065c2471a70112 Loading...

	cdn.consentmanager.net/delivery/customdata/bV8xLndfMTM1NjYucl9HRFBSLmxfZW4uZF81MzI0LnhfMjIudi5wLnRfNTMyNC54dF8yMg.js	193 kB	2024-04-21	2024-04-26
Pretty URL cdn.consentmanager.net/delivery/customdata/bV8xLndfMTM1NjYucl9HRFBSLmxfZW4uZF81MzI0LnhfMjIudi5wLnRfNTMyNC54dF8yMg.js IP 185.76.9.21 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-21 17:43:28 Last Seen2024-04-26 08:46:23 Times Seen3 Hash 1e2cea1cbd91af5e3a4ad39a890b311a 3c2d7d80367b0f2e9e8da269b0d865d4cf9663b3 0e15c5393128c42dd47c057fe9324f0ec84786e3d1ab5310ad6e3195efc8f5da Loading...

	jameeltips.us/blog/sandbox%20eval%20code	147 B	2023-04-11	2024-05-06
Pretty URL jameeltips.us/blog/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-06 19:48:23 Times Seen345174 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	ads.themoneytizer.com/lib_adagio.js	1.8 kB	2024-04-19	2024-05-04
Pretty URL ads.themoneytizer.com/lib_adagio.js IP 104.22.63.227 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-19 19:10:42 Last Seen2024-05-04 08:52:51 Times Seen54 Hash f2ae4810b618b8843df5265f6320f1a4 9f7877c38a4984d932d6065b574e6d226fc5196c e1a3214e6ad4fe4355c5b99490b2e66ed2331ae65f8d7bdb8a864552c4532dfb Loading...

	moz-extension://374908d2-0475-4f5d-b9f6-d1abf756a6ed/lib/shim_messaging_helper.js	1.7 kB	2023-05-05	2024-05-06
Pretty URL moz-extension://374908d2-0475-4f5d-b9f6-d1abf756a6ed/lib/shim_messaging_helper.js IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-05-05 22:33:37 Last Seen2024-05-06 19:19:40 Times Seen45500 Hash 865f01cbb34eb505834e826380d7dc2e c239ccc37191f1be78dfaa6bb3f1da5d314fdf9e 30ed6392b8de4590bd974a4a797ee0b12b382f2141738115bfd2d692cfa6ec17 Loading...

	ads.holid.io/auto/jameeltips.us/holid.js	44 kB	2024-04-26	2024-04-26
Pretty URL ads.holid.io/auto/jameeltips.us/holid.js IP 104.21.83.199 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 08:46:23 Last Seen2024-04-26 08:46:25 Times Seen2 Hash 5289569bfeb1219391d068ea8dbfeb79 59fee65665abd76f7669a9219ab40e6bdd88f1c6 9081c148df281677c5ee4bd617c0cb3632338b4512062daad739c5085cdf7859 Loading...

	cdn.consentmanager.net/delivery/js/cmp_en.min.js	430 kB	2024-04-24	2024-05-06
Pretty URL cdn.consentmanager.net/delivery/js/cmp_en.min.js IP 185.76.9.21 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 20:35:11 Last Seen2024-05-06 14:04:30 Times Seen330 Hash e826e2568f3153d2e146bf66286bd521 b47610e60026f3db1e80bcf0026b53dbb089007b b601830d2f9a081099ea148ed53a859bf410ca3460f0029030fb663fef728c99 Loading...

	downstairsnegotiatebarren.com/sfp.js	86 kB	2024-03-29	2024-05-06
Pretty URL downstairsnegotiatebarren.com/sfp.js IP 172.67.180.87 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-29 13:13:34 Last Seen2024-05-06 20:00:41 Times Seen2318 Hash f4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716 Loading...

	tmzr.themoneytizer.fr/v8.38.0u2.0.8/6f305142017ee81ed1d58e50bf386aae/prebid.js	458 kB	2024-04-26	2024-04-26
Pretty URL tmzr.themoneytizer.fr/v8.38.0u2.0.8/6f305142017ee81ed1d58e50bf386aae/prebid.js IP 172.67.174.127 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 08:46:24 Last Seen2024-04-26 08:46:25 Times Seen2 Hash d84d1eee5078b8fb5b07e347eddf18d1 ca19ef4e3d32c03d97f25552d81c7bf6a5c31756 bd73a7d41647e62802287ab295deb669a172abb7dbc7360b110ebdc488ace03a Loading...

	unknown	3.3 kB	2024-04-26	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 08:46:24 Last Seen2024-04-26 08:46:24 Times Seen1 Hash 737483e81481af64fabcdde4743c1aea 6d541086803f7e9b79fbbcb1abe8ad6952e3cea7 cfa1a51937d2658689e5bdd5de4affc0cdeede1cffd6090c9688b3821d1abd6b Loading...

	about:srcdoc#224	139 kB	2024-04-26	2024-04-26
Pretty URL about:srcdoc#224 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 08:46:24 Last Seen2024-04-26 08:46:24 Times Seen1 Hash bb6f19defb96c1237be4c93ac2092c6b ebecb4ae7a94f15525e74200f47c165013aade8e 84da3e95631c77dd0b00c3c6e58871ce3cb570088c7c488bf5c36f471d7e6dcb Loading...

	jameeltips.us/blog/JEydW	603 B	2023-06-07	2024-04-26
Pretty URL jameeltips.us/blog/JEydW IP 172.67.157.116 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-07 01:41:34 Last Seen2024-04-26 08:46:24 Times Seen4 Hash 696fe4e9477c666a3c7a8c1c1f628cba 0a416938321599074ba2f8b312a091702a362929 805dc43aec902f0e08efee221ecb98966428e9741c163d2975b033ae08fe9d8e Loading...

	cadmus.script.ac/d1r100yi8pmbig/script.js	138 kB	2024-04-26	2024-04-26
Pretty URL cadmus.script.ac/d1r100yi8pmbig/script.js IP 104.18.22.145 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 08:46:24 Last Seen2024-04-26 08:46:24 Times Seen1 Hash e63effbaae1c4f0d5983954c7cadb120 3f607ab26ab2cf53c382616c4c53a11c7ee6a3e4 90c28f92d964f65c74c44bf89b865e83275ac40541e4f6d15df8870915bd8caa Loading...

	jameeltips.us/blog/JEydW	0 B	2023-03-07	2024-05-06
Pretty URL jameeltips.us/blog/JEydW IP 172.67.157.116 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-06 20:07:07 Times Seen37383443 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	btloader.com/tag?o=5130683165442048&upapi=true	83 kB	2024-04-26	2024-04-26
Pretty URL btloader.com/tag?o=5130683165442048&upapi=true IP 104.22.75.216 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 08:46:24 Last Seen2024-04-26 08:46:25 Times Seen2 Hash 830ce2088cb33285d698804c5ce939b0 ad3af48e1c0dc9d14bdc9a6c1ce3d432d020b23e 432d96e3ffd7bdcb74f654e5fa147b2e29e983faa718b02a52300b6d3fd943b9 Loading...

	jameeltips.us/blog/JEydW	0 B	2023-03-07	2024-05-06
Pretty URL jameeltips.us/blog/JEydW IP 172.67.157.116 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-06 20:07:07 Times Seen37383443 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	ads.themoneytizer.com/s/requestform.js?siteId=85298&formatId=6	244 kB	2024-04-26	2024-04-26
Pretty URL ads.themoneytizer.com/s/requestform.js?siteId=85298&formatId=6 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 08:46:24 Last Seen2024-04-26 08:46:24 Times Seen1 Hash a01a0348981f4b052dd3d778cd61f740 fdcad5c79fbd441ff55255175bf1ff3e3ec1d2ed a129ba032c7e4fc3dd4c3dee2f6756eaff76a8ae1aff8eb859d6ed8d0a1a6ea7 Loading...

	ads.themoneytizer.com/lib_fs_close.js	669 B	2024-03-18	2024-05-04
Pretty URL ads.themoneytizer.com/lib_fs_close.js IP 104.22.63.227 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-18 04:55:42 Last Seen2024-05-04 08:52:51 Times Seen36 Hash f89d0e6522595e21fce019c5366e441d 81fe8463adbd7d98ad3344738dd9dd7626bbaa3a 6e149b82e9bde8226e779d50fcdcfd9c7b942abfc49cda2890af41dbd04153f6 Loading...

	jameeltips.us/blog/JEydW	0 B	2023-03-07	2024-05-06
Pretty URL jameeltips.us/blog/JEydW IP 172.67.157.116 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-06 20:07:07 Times Seen37383443 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	api.adinplay.com/libs/aiptag/assets/adsbygoogle.js	16 B	2023-03-11	2024-04-26
Pretty URL api.adinplay.com/libs/aiptag/assets/adsbygoogle.js IP 104.26.2.232 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:12:07 Last Seen2024-04-26 08:46:25 Times Seen93 Hash 93844b4d3e0e6911938edb18cb64d33b ef4787d90c01f1b3003bbae4562764bd58b7313d 351b4bae56595d6878b3ffd7940ac231a0a85427f4cb1e5adb1952b71998f35a Loading...

	btloader.com/tag?o=5076638294867968&upapi=true	58 kB	2024-04-26	2024-04-26
Pretty URL btloader.com/tag?o=5076638294867968&upapi=true IP 104.22.75.216 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 08:46:24 Last Seen2024-04-26 08:46:25 Times Seen2 Hash 437da1f9b9d26e973102044c7b41450c d71a97a31a71e7e70cfd754b4a8ba77b117f5223 083289b0d6ebaf2541d5e68ff0978d27f4bdfb191bd7d09dcb8d8f6f9d6058bc Loading...

	js-sec.indexww.com/um/ixmatch.html	3.0 kB	2023-04-05	2024-05-05
Pretty URL js-sec.indexww.com/um/ixmatch.html IP 104.18.38.76 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 05:34:47 Last Seen2024-05-05 20:29:49 Times Seen1589 Hash c5c8f05c21a868a7c2d901026d3b2533 dd38ffaa64d95b3e45f889f642d795b4c906ae5b aefaf83097081196c381e0db5f03ca29585c753eb481a7d9eef6aea2983e6c93 Loading...

	www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit	921 B	2024-04-24	2024-05-06
Pretty URL www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit IP 142.250.74.131 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 19:48:15 Last Seen2024-05-06 02:58:07 Times Seen101 Hash b832740e618479615e7f4ec2d6d18e95 39e2c70fbc1164d6748e0314c36691c42245c53a 66b51ffa06c4662b57b6b492d53318ac5e672cd53f52ce08e2699325eb796414 Loading...

	ads.themoneytizer.com/s/gen.js?type=2	4.1 kB	2024-02-06	2024-05-04
Pretty URL ads.themoneytizer.com/s/gen.js?type=2 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-06 04:42:55 Last Seen2024-05-04 08:52:51 Times Seen748 Hash 70c8b5c7cae4a3000337167d404a1e93 7e6d8feb6e899c081626319d537489e7f495281b aa08ed3725920fefd909f8763945e103af21df309cc27a821dc9b3b5b6dd8773 Loading...

	unknown	145 B	2023-07-11	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-11 13:54:54 Last Seen2024-04-26 08:46:24 Times Seen3 Hash c5b3848031f4d68684582cdd6dcdee06 5ebdabe6ad9b310493f5e480e2683377bfd0e218 b351a7b9acf3b5e20aa4e227ca5e56d1c8071553bc050c7d05ee39dd7eec428b Loading...

	c.delivery.consentmanager.net/delivery/cmp.php?id=13566cdid=abbb821549a1&h=https%3A%2F%2Fjameeltips.us%2Fblog%2FJEydW&&__cmpfcc=1&l=en&o=1714113947454	5.2 kB	2024-04-26	2024-04-26
Pretty URL c.delivery.consentmanager.net/delivery/cmp.php?id=13566cdid=abbb821549a1&h=https%3A%2F%2Fjameeltips.us%2Fblog%2FJEydW&&__cmpfcc=1&l=en&o=1714113947454 IP 87.230.98.76 ASN #61157 PlusServer GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 08:46:24 Last Seen2024-04-26 08:46:25 Times Seen2 Hash 13be0e160dcaf034f41ed56b7a8edb54 a2b0423c3c70d07bbaff454fe992db180289e76a f330341775ad2943816ade69bda19434af2aa5df20825fa51c0378f7aebf1a01 Loading...

	unknown	71 kB	2024-04-18	2024-05-05
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-04-18 11:14:35 Last Seen2024-05-05 20:29:49 Times Seen145 Hash b001d81f223cd04be4d1b490f5465bc0 941e1a75eff15ffe80d1e5d0fb83ab538722de4f fc961af592b368e377694d8c508be561dc0969fd7da7b3e743f6d00311988089 Loading...

	www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js	518 kB	2024-04-24	2024-05-06
Pretty URL www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 09:18:30 Last Seen2024-05-06 19:41:12 Times Seen7477 Hash e2e79d6b927169d9e0e57e3baecc0993 1299473950b2999ba0b7f39bd5e4a60eafd1819d 231336ed913a5ebd4445b85486e053caf2b81cab91318241375f3f7a245b6c6b Loading...

	cadmus.script.ac/dahhc4ozyvjm6/script.js	3 B	2023-03-07	2024-05-05
Pretty URL cadmus.script.ac/dahhc4ozyvjm6/script.js IP 104.18.22.145 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:38 Last Seen2024-05-05 20:29:50 Times Seen2008 Hash b519d08ef66fd54910edbedba6181ec2 8d06436c33a3086259f2f1ccaf03425707eeff17 101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860 Loading...

	about:srcdoc#212	139 kB	2024-04-26	2024-04-26
Pretty URL about:srcdoc#212 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 08:46:24 Last Seen2024-04-26 08:46:24 Times Seen1 Hash 18cebdf38b26bb63c17b7921bf5331d2 74dfdcd9a3a82256550ff5202959a5c7fb65f717 a47fceb4f13cc07a38e600c7d3df04c832b7fab81a03ddd08e2599f9d316b209 Loading...

	code.jquery.com/jquery-1.11.3.js	284 kB	2023-03-07	2024-04-27
Pretty URL code.jquery.com/jquery-1.11.3.js IP 151.101.194.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:15 Last Seen2024-04-27 20:35:39 Times Seen438 Hash 7f38dcbfb11aff050652ff3b754adb63 96c73f3774471cc8378c77a64ecf09b7f625d8b7 2065aecca0fb9b0567358d352ed5f1ab72fce139bf449b4d09805f5d9c3725ed Loading...

	www.googletagmanager.com/gtag/js?id=UA-127135268-1	190 kB	2024-04-26	2024-04-26
Pretty URL www.googletagmanager.com/gtag/js?id=UA-127135268-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 08:46:24 Last Seen2024-04-26 08:46:25 Times Seen2 Hash 93a45d1508248246041f5973e5f669ff e530a57717aaf9247ef87cf06ebf36a8b9b7ed91 d75fbda750e563ebd81247a51eb38f00bbbe71a4096601315441e9c7c1d13928 Loading...

	ads.holid.io/prebid8.31.0-gdpr.js	431 kB	2024-04-26	2024-04-26
Pretty URL ads.holid.io/prebid8.31.0-gdpr.js IP 104.21.83.199 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 08:46:24 Last Seen2024-04-26 08:46:26 Times Seen2 Hash 8c68e1555ba2c0768e0bf7737527a589 4350c0d099e03e672fba174b9243513f67154570 ae39dd5b071afce65108b5ff9f24ca9719659dcf8c99170e742c6809c95f1c7c Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-05-06
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-06 19:48:24 Times Seen344667 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	jameeltips.us/blog/js/ads.js?ver=6.6.1	190 B	2023-03-07	2024-04-26
Pretty URL jameeltips.us/blog/js/ads.js?ver=6.6.1 IP 172.67.157.116 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:08 Last Seen2024-04-26 08:46:26 Times Seen616 Hash 0dfa4a5fbdff661e852f55aeb6cc152f 74a8e52d698c2c2db136db646188b8d2a62d3e99 9d807c16e2160c2660ffd43bf8b8bc54eb39ecd044e823209c0ade70db965d5a Loading...

	ads.themoneytizer.com/s/requestform.js?siteId=85298&formatId=2	243 kB	2024-04-26	2024-04-26
Pretty URL ads.themoneytizer.com/s/requestform.js?siteId=85298&formatId=2 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 08:46:25 Last Seen2024-04-26 08:46:25 Times Seen1 Hash 91a8e0a838402a367cdc4af43438418d b900fa7dde215dc3e698fa3c0ae4325ec5ecde38 e092b90ab501f02dd5749c2af5a6f567edb3bbfeb3eac931906e845d9d085807 Loading...

	adtrack.adleadevent.com/mailNotification.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7	0 B	2023-03-07	2024-05-06
Pretty URL adtrack.adleadevent.com/mailNotification.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7 IP 52.48.122.2 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-06 20:07:07 Times Seen37383443 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	about:srcdoc#216	139 kB	2024-04-26	2024-04-26
Pretty URL about:srcdoc#216 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 08:46:25 Last Seen2024-04-26 08:46:25 Times Seen1 Hash 744132c75a1ee2f021eca1c5e38498dc ef91303c85feb5869350939ac256fee1eb9f1ee6 f45ffb19f3b933d1bf487f11a37fc50e11a13662b955c70dc7d1ce16d8bb22ed Loading...

	unknown	3.3 kB	2024-04-26	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 08:46:25 Last Seen2024-04-26 08:46:25 Times Seen1 Hash fa7df87a11e5b092c0a9c7682c17985c 4946f7e855f230aefca436ac12b4a0e6dc4abf5d 5945964c4db5a02ca2704740bd6e0e99608677ff93a16c8e80e04a80f62cfd88 Loading...

		Size	First Seen	Last Seen
	#1 Eval - c1079fe445f44f6b189aa240fb3028a0	2.1 kB	2024-04-26	2024-04-26
Pretty Observations First Seen2024-04-26 08:46:25 Last Seen2024-04-26 08:46:25 Times Seen1 Hash c1079fe445f44f6b189aa240fb3028a0 7bc0194944fbecfa653b010432a72666421be3ca 49d947d2b718bb90becdd8e34a7fda6cae16d2d8d872083b50825da7e417f86a Loading...

	#2 Eval - 1383540e32fd9152d2a663e374d6d80d	2.1 kB	2024-04-26	2024-04-26
Pretty Observations First Seen2024-04-26 08:46:25 Last Seen2024-04-26 08:46:25 Times Seen1 Hash 1383540e32fd9152d2a663e374d6d80d 512962b415106bc9d4a08a6f8e2f4bf358803df5 9c5ed6f80f782e978aab4de650ae66330dcda2d18e82db2d14c3a41eb2a3d0c5 Loading...

	#3 Eval - 4d1da2d4c387f5247975ea36a29e5454	4 B	2023-03-07	2024-05-05
Pretty Observations First Seen2023-03-07 01:17:50 Last Seen2024-05-05 19:16:27 Times Seen4395 Hash 4d1da2d4c387f5247975ea36a29e5454 76918da9607a16c1ce97e44b61ec6655ad175050 3fdd6b0834c6e74e1310a68d72e3336505d70d531530850b8a84ff1c8677db2c Loading...

	#4 Eval - db1a7cb27a9d64159bf87b8825403820	108 kB	2024-04-18	2024-04-26
Pretty Observations First Seen2024-04-18 18:21:10 Last Seen2024-04-26 08:46:25 Times Seen3 Hash db1a7cb27a9d64159bf87b8825403820 93ef3ed198fa1d4f22cfaedcd2105e3881410cd6 ed15a8cfdcf0aaa4a107972bb08ac939d562913bfee24a63b7146c763f10677a Loading...

		Size	First Seen	Last Seen
	#1 Write - eb0bcbcdb74525553cfbbc8132b80644	126 B	2023-06-07	2024-04-26
Pretty Observations First Seen2023-06-07 01:41:34 Last Seen2024-04-26 08:46:25 Times Seen4 Hash eb0bcbcdb74525553cfbbc8132b80644 5caa1dc2c041ba577741dc2c14fa8ed86670bdb0 6b6ee6617bc96e6e84aaccb5ac12c25b1a38a6a5158dc7be96355cdd207c5222 Loading...

	#2 Write - aecdd7f18d3e9464e8b35c06ddb0b914	126 B	2023-06-07	2024-04-26
Pretty Observations First Seen2023-06-07 01:41:34 Last Seen2024-04-26 08:46:25 Times Seen4 Hash aecdd7f18d3e9464e8b35c06ddb0b914 0a840777057b21efb23133c0f4aec7d74b43a190 608522a74c4c43ac838b749d6fd7027cb93e3c2552db91fe3fda43b18b3b8c7b Loading...

	#3 Write - f315f5f2c187a05af1ace62d5f6aa477	54 B	2023-03-07	2024-05-06
Pretty Observations First Seen2023-03-07 01:02:50 Last Seen2024-05-06 13:56:13 Times Seen3965 Hash f315f5f2c187a05af1ace62d5f6aa477 47d77a2a1665cb6202028ecd89b50920287d9148 166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da Loading...

	#4 Write - b4d042eedd51932e0674f5162f1b05e2	122 B	2023-11-21	2024-04-26
Pretty Observations First Seen2023-11-21 18:08:17 Last Seen2024-04-26 08:46:25 Times Seen2 Hash b4d042eedd51932e0674f5162f1b05e2 f7b5cb7d4d11ef85775298c5e1a927ebc52d6717 5299531f347d82d6dbadfb2a8aabd29f8afd274cb5379ca366d22e3b1fc54984 Loading...

HTTP Transactions (93)

URL IP Response Size

www.googletagmanager.com/gtag/js?id=UA-127135268-1

142.250.74.168

200 OK

69 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-127135268-1
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB
ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT

File type
JavaScript source, ASCII text, with very long lines (1763)
Size
69 kB (69257 bytes)
Hash
93a45d1508248246041f5973e5f669ff
e530a57717aaf9247ef87cf06ebf36a8b9b7ed91
d75fbda750e563ebd81247a51eb38f00bbbe71a4096601315441e9c7c1d13928

HTTP Headers

GET /gtag/js?id=UA-127135268-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jameeltips.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 06:45:44 GMT
expires: Fri, 26 Apr 2024 06:45:44 GMT
cache-control: private, max-age=900
last-modified: Fri, 26 Apr 2024 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 69257
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

code.jquery.com/jquery-1.11.3.js

151.101.194.137

200 OK

284 kB

URL GET HTTP/2
code.jquery.com/jquery-1.11.3.js
IP
151.101.194.137:443
ASN
#54113 FASTLY

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text
Size
284 kB (284394 bytes)
Hash
7f38dcbfb11aff050652ff3b754adb63
96c73f3774471cc8378c77a64ecf09b7f625d8b7
2065aecca0fb9b0567358d352ed5f1ab72fce139bf449b4d09805f5d9c3725ed

HTTP Headers

GET /jquery-1.11.3.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jameeltips.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: "28feccc0-456ea"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 26 Apr 2024 06:45:44 GMT
age: 846973
x-served-by: cache-lga21938-LGA, cache-hel1410025-HEL
x-cache: HIT, HIT
x-cache-hits: 83, 521
x-timer: S1714113945.989421,VS0,VE0
vary: Accept-Encoding
content-length: 284394
X-Firefox-Spdy: h2

jameeltips.us/

172.67.157.116

200 OK

24 kB

URL GET HTTP/3
jameeltips.us/
IP
172.67.157.116:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerGoogle Trust Services LLC
Subjectjameeltips.us
Fingerprint12:8B:5C:10:4B:7F:53:81:0A:B1:2E:A4:9B:1F:D2:17:E3:C4:99:89
ValidityMon, 15 Apr 2024 06:28:05 GMT - Sun, 14 Jul 2024 06:28:04 GMT

File type
HTML document, ASCII text, with very long lines (9462), with CRLF, LF line terminators
Size
24 kB (23781 bytes)
Hash
5794fb807299d09c1ca2c27d1c2deae7
561b3920bf1f4a28392c2f291e98841eede1b5e3
e26dd7d88cca6a172418ec39852e8b402b2a605777f301f3df83c1b8d0f8fda2

HTTP Headers

GET / HTTP/1.1
Host: jameeltips.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jameeltips.us/blog/JEydW
DNT: 1
Connection: keep-alive
Cookie: lang=en_US; refJEydW=MTBlMzk3NTJjMGEyMmVjOTIzOGIxMTBjNjM3ZmNjMTRjOTk1ZGJhODY1NThjYjk3Zjg5NTkxODg1NmI4OGZjNYkzSg%2Fajoc0SfHemipRilD4EvmxRik7lz6pc1YxCpH2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 06:45:46 GMT
content-type: text/html; charset=UTF-8
link: <https://jameeltips.us/wp-json/>; rel="https://api.w.org/", <https://jameeltips.us/wp-json/wp/v2/pages/1842>; rel="alternate"; type="application/json", <https://jameeltips.us/>; rel=shortlink
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M2OPoAGl13aInnuR%2BYKp1FvqkLal8KgAFrfJJuUXCoYVT2vw8TcEZeRZitmYx6CuDH2es3vglmpwQ%2BwfizyRyx%2BgqdyXDJjcS5wXx7WbfcJKSL0lJH3VjTSQC3haFLk5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a49c9e296cb517-OSL
content-encoding: br

jameeltips.us/scripts/snippet-javascript-console.min.js?v=1

172.67.157.116

301 Moved Permanently

6.0 kB

URL GET HTTP/3
jameeltips.us/scripts/snippet-javascript-console.min.js?v=1
IP
172.67.157.116:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerGoogle Trust Services LLC
Subjectjameeltips.us
Fingerprint12:8B:5C:10:4B:7F:53:81:0A:B1:2E:A4:9B:1F:D2:17:E3:C4:99:89
ValidityMon, 15 Apr 2024 06:28:05 GMT - Sun, 14 Jul 2024 06:28:04 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3
Size
6.0 kB (5994 bytes)
Hash
6c453b099312bd127631f8b8851d0b9f
56d8df6010e358880056d703c2954729a059dc2d
8bf917c6ff983de9ecc3f3b35f67de28a374823db5116a9f2f758315cae9c3c1

HTTP Headers

GET /scripts/snippet-javascript-console.min.js?v=1 HTTP/1.1
Host: jameeltips.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jameeltips.us/blog/JEydW
Cookie: lang=en_US; refJEydW=MTBlMzk3NTJjMGEyMmVjOTIzOGIxMTBjNjM3ZmNjMTRjOTk1ZGJhODY1NThjYjk3Zjg5NTkxODg1NmI4OGZjNYkzSg%2Fajoc0SfHemipRilD4EvmxRik7lz6pc1YxCpH2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 301 Moved Permanently
date: Fri, 26 Apr 2024 06:45:45 GMT
content-type: text/html; charset=UTF-8
location: https://jameeltips.us
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: max-age=120, must-revalidate
link: <https://jameeltips.us/wp-json/>; rel="https://api.w.org/"
alt-svc: h3=":443"; ma=86400
cf-cache-status: EXPIRED
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rZQGaF7F6lhtbtXQrGgIbUfMAppHl3W%2BpRzWF7%2FhvcUUQdxCYsRACnFrrQYgQ4uiTnlnGUKzGyjZbrrzrkzxEKuQP3pY8%2Fls3PMMQU%2FP4Vzd6r2M3RrHst63Bs2adFjg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a49c9b5f01b517-OSL

fonts.googleapis.com/css?family=Lato:300,400,700,900

142.250.74.106

200 OK

5.4 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Lato:300,400,700,900
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2
ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT

File type
gzip compressed data, max compression
Size
5.4 kB (5359 bytes)
Hash
44d1581a98a0e4aaef782657ff308dc2
b83d50e386179813262b57a3a59916cef6f2358a
8b0e2c9b77253cdb43fb6963dd0eef33a7ea6186734b285a9e40272ef2d024c9

HTTP Headers

GET /css?family=Lato:300,400,700,900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jameeltips.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 06:45:44 GMT
date: Fri, 26 Apr 2024 06:45:44 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

216.58.207.227

200 OK

24 kB

URL GET HTTP/2
fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 23580, version 1.0
Size
24 kB (23580 bytes)
Hash
e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

HTTP Headers

GET /s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://jameeltips.us
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 15:44:03 GMT
expires: Fri, 25 Apr 2025 15:44:03 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
age: 54104
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

country.adinplay-venatus.workers.dev/

172.67.173.227

200 OK

2 B

URL GET HTTP/2
country.adinplay-venatus.workers.dev/
IP
172.67.173.227:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerGoogle Trust Services LLC
Subjectadinplay-venatus.workers.dev
Fingerprint6A:DB:E2:59:21:0C:D6:03:FE:5E:1C:5F:F5:59:D4:33:A7:95:4D:07
ValiditySat, 20 Apr 2024 20:13:20 GMT - Fri, 19 Jul 2024 20:13:19 GMT

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
c2f3f489a00553e7a01d369c103c7251
a0509b7780628bd9d9abc7eb8a2163477341053a
23794d91c53ae875c8e247d72561e35d9d06ee07c70c9e0dbcc977a6d161504a

HTTP Headers

GET / HTTP/1.1
Host: country.adinplay-venatus.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jameeltips.us
DNT: 1
Connection: keep-alive
Referer: https://jameeltips.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 06:45:47 GMT
content-type: text/plain;charset=UTF-8
content-length: 2
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, POST, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qz5i5GrVin%2FL958v1ss4w4zQ6afD8VVFhkp0dJAPsHA6wQVV1RzIbgRvbfMTEi6l7U8ltwdY%2F8jR%2BxLdbm1jhwpFmrceojcU4%2BWh0A6MWFmmkqqvc92ak6b%2BwUNZxl0W35QqE%2F9absCsQxhhu7k%2BmM1FIIqsCJ0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a49caada355693-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

script.4dex.io/localstore.js

104.26.9.169

200 OK

580 B

URL GET HTTP/1.1
script.4dex.io/localstore.js
IP
104.26.9.169:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerCloudflare, Inc.
Subjectscript.4dex.io
FingerprintAB:9B:A2:70:ED:27:23:EF:84:14:22:FF:67:9F:5D:50:06:2D:04:28
ValidityMon, 23 Oct 2023 00:00:00 GMT - Tue, 22 Oct 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (1371)
Size
580 B (580 bytes)
Hash
00a8e13a83b2bbab51af8e55f52be363
57340eb5c07e50d96f4a04bd4c220f0f24cec649
3aec57ffa5c31e185202ddaa3b5b9d9872d4504f4546ab4eea1298baaf3c7cc7

HTTP Headers

GET /localstore.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jameeltips.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 06:45:47 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=1800
ETag: W/"00a8e13a83b2bbab51af8e55f52be363"
Last-Modified: Thu, 18 Apr 2024 08:50:22 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 683330
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9e2WbyFHdJBlgkuk9QEUSN5g2Ar81PemL0AyW1C%2FOya75BiFY9MQ%2BiSJ3LKI2YVZfRGzmcC3UxeiGkEw8iEeu1El2M5mq1i9n6vputOIcWIBS%2FEOnAvxvSxOfv5UWMjX"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87a49caad89db505-OSL
Content-Encoding: br

cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20240426

151.101.1.229

200 OK

792 B

URL GET HTTP/2
cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20240426
IP
151.101.1.229:443
ASN
#54113 FASTLY

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
JSON text data
Size
792 B (792 bytes)
Hash
0269f589a94e82c40ec95e39860af1d7
2bb442a5c6302fe3c2a221247a25229a903e0caa
9c9ae1dc88c6eb09f32174337beb806bfe7165dc4c11d0e1fd7e7fbceb859366

HTTP Headers

GET /gh/prebid/currency-file@1/latest.json?date=20240426 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jameeltips.us/
content-type: text/plain
Origin: https://jameeltips.us
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json; charset=utf-8
x-jsd-version: 1.0.2037
x-jsd-version-type: version
etag: W/"63f-K7RCpcYwL+PCoiEkeiUimpA+DKo"
content-encoding: br
accept-ranges: bytes
date: Fri, 26 Apr 2024 06:45:47 GMT
age: 9894
x-served-by: cache-fra-eddf8230103-FRA, cache-hel1410031-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 792
X-Firefox-Spdy: h2

onetag-sys.com/prebid-request

51.89.9.251

200 OK

41 B

URL POST HTTP/2
onetag-sys.com/prebid-request
IP
51.89.9.251:443
ASN
#16276 OVH SAS

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerDigiCert Inc
Subject*.onetag-sys.com
Fingerprint9D:25:F4:C3:B5:6A:40:DB:23:4A:02:98:48:44:09:DB:7C:07:BF:90
ValidityTue, 23 Jan 2024 00:00:00 GMT - Wed, 29 Jan 2025 23:59:59 GMT

File type
JSON text data
Size
41 B (41 bytes)
Hash
c6a1847e6d7bb4295ecdae2664affb5d
b332217021c4a707f950ebc9294cda83cb2eb77f
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

HTTP Headers

POST /prebid-request HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jameeltips.us/
content-type: text/plain
Content-Length: 1374
Origin: https://jameeltips.us
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: https://jameeltips.us
access-control-allow-headers: content-type, origin, referer, user-agent
access-control-allow-credentials: true
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
content-type: application/json
content-encoding: gzip
content-length: 41
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
X-Firefox-Spdy: h2

api.adinplay.com/libs/aiptag/assets/adsbygoogle.js

104.26.2.232

200 OK

16 B

URL GET HTTP/2
api.adinplay.com/libs/aiptag/assets/adsbygoogle.js
IP
104.26.2.232:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerGoogle Trust Services LLC
Subjectadinplay.com
Fingerprint13:C0:EE:BC:9F:76:6C:85:78:CB:97:C2:D1:F0:18:AF:3F:DA:11:15
ValiditySat, 13 Apr 2024 18:47:28 GMT - Fri, 12 Jul 2024 19:39:42 GMT

File type
ASCII text, with no line terminators
Size
16 B (16 bytes)
Hash
93844b4d3e0e6911938edb18cb64d33b
ef4787d90c01f1b3003bbae4562764bd58b7313d
351b4bae56595d6878b3ffd7940ac231a0a85427f4cb1e5adb1952b71998f35a

HTTP Headers

GET /libs/aiptag/assets/adsbygoogle.js HTTP/1.1
Host: api.adinplay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jameeltips.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 06:45:47 GMT
content-type: application/javascript
content-length: 16
access-control-allow-credentials: true
access-control-allow-origin: *
etag: "5ac4f9a5-10"
last-modified: Wed, 04 Apr 2018 16:13:25 GMT
x-host: adinplay-1
cache-control: max-age=1800
cf-cache-status: HIT
age: 85646
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H%2Foyxmz08AspouY1MYXnqDTFDFleIYkXu%2FmJknFJ%2BD5UAspOws9OzvOHqBf9sQ3SVrtbHOlOTn3PkhDm2ivvrJBfphtmM%2BAJBPQ7fuRfXCLz%2BoeDDZe4NXbakt24tITZGnQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a49cac094256c7-OSL
X-Firefox-Spdy: h2

cadmus.script.ac/dahhc4ozyvjm6/script.js

104.18.22.145

200 OK

3 B

URL GET HTTP/2
cadmus.script.ac/dahhc4ozyvjm6/script.js
IP
104.18.22.145:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerLet's Encrypt
Subjectscript.ac
Fingerprint3B:9E:A5:3A:A2:11:FD:79:D4:8E:1D:8D:B0:CB:89:51:98:DD:B4:EF
ValidityThu, 25 Apr 2024 16:57:40 GMT - Wed, 24 Jul 2024 16:57:39 GMT

File type
ASCII text
Size
3 B (3 bytes)
Hash
b519d08ef66fd54910edbedba6181ec2
8d06436c33a3086259f2f1ccaf03425707eeff17
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860

HTTP Headers

GET /dahhc4ozyvjm6/script.js HTTP/1.1
Host: cadmus.script.ac
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jameeltips.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 06:45:47 GMT
content-type: application/javascript
content-length: 3
age: 0
cache-control: public,max-age=259200,stale-while-revalidate=86400,stale-if-error=259200
etag: W/"601055f6a0c6408859f97b5f0a84bdb88441a80e"
last-modified: Mon, 01 Jan 2018 00:00:00 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a49cac8acd568a-OSL
X-Firefox-Spdy: h2

cadmus.script.ac/d1r100yi8pmbig/script.js

104.18.22.145

200 OK

73 kB

URL GET HTTP/2
cadmus.script.ac/d1r100yi8pmbig/script.js
IP
104.18.22.145:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerLet's Encrypt
Subjectscript.ac
Fingerprint3B:9E:A5:3A:A2:11:FD:79:D4:8E:1D:8D:B0:CB:89:51:98:DD:B4:EF
ValidityThu, 25 Apr 2024 16:57:40 GMT - Wed, 24 Jul 2024 16:57:39 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
73 kB (72837 bytes)
Hash
6aaa91da40872d99fce673530f80995a
c9ede461d80e334f07799787f3c422c59c351c40
e8050eb679845fae457890f517cddb0b24eb1717f0488147ba2afe57ba4ccf8a

HTTP Headers

GET /d1r100yi8pmbig/script.js HTTP/1.1
Host: cadmus.script.ac
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jameeltips.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 06:45:47 GMT
content-type: application/javascript
age: 0
cache-control: public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
etag: W/"85150312877b10da1edf757365918b67704d2374"
last-modified: Thu, 25 Apr 2024 18:57:31 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a49caad999568a-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

stats.adinplay.com/collect

93.119.15.97

200 OK

0 B

URL POST HTTP/1.1
stats.adinplay.com/collect
IP
93.119.15.97:443
ASN
#20857 Signet B.V.

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerLet's Encrypt
Subjectstats.adinplay.com
Fingerprint64:F0:F8:18:F9:90:5A:B4:9B:B6:D4:5A:40:7B:40:CE:7F:0D:4D:92
ValiditySun, 31 Mar 2024 13:48:55 GMT - Sat, 29 Jun 2024 13:48:54 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /collect HTTP/1.1
Host: stats.adinplay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://jameeltips.us/
Origin: https://jameeltips.us
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 26 Apr 2024 06:45:47 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, cache-control, Accept, Authorization, Credentials

ad-delivery.net/px.gif?ch=2

172.67.69.19

200 OK

43 B

URL GET HTTP/2
ad-delivery.net/px.gif?ch=2
IP
172.67.69.19:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerGoogle Trust Services LLC
Subjectad-delivery.net
Fingerprint03:56:A5:CD:68:65:E1:00:BD:87:3E:45:0C:B1:3B:C2:2C:8C:4E:18
ValidityTue, 19 Mar 2024 04:48:01 GMT - Mon, 17 Jun 2024 04:48:00 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /px.gif?ch=2 HTTP/1.1
Host: ad-delivery.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jameeltips.us/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 06:45:47 GMT
content-type: image/gif
content-length: 43
x-guploader-uploadid: ABPtcPoR4JXLqkfpf-u09lS0JRH4wHiZk5pp3DpGwPYXSZHMyeJV_4xQVHswRg5LBcY1bjGFi2uKubkW3g
x-goog-generation: 1620242732037093
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Sat, 13 Apr 2024 07:11:32 GMT
cache-control: public, max-age=86400
age: 1125255
last-modified: Wed, 05 May 2021 19:25:32 GMT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lv%2B4TZcRa3NPUo4tGJ6OznvBPpB7mmSjDg9tLxd%2FMdyMg7EazOu90DpqkJtxNPH%2FJXhPwcMIuCDhTj9wEsJRCC5YC5SLeV4iNrCaK4CmxdmN%2B0E9WUemqlto4U%2BZYMJ%2BXg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a49cad1cc60b41-OSL
X-Firefox-Spdy: h2

stats.adinplay.com/collect

93.119.15.97

200 OK

0 B

URL POST HTTP/1.1
stats.adinplay.com/collect
IP
93.119.15.97:443
ASN
#20857 Signet B.V.

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerLet's Encrypt
Subjectstats.adinplay.com
Fingerprint64:F0:F8:18:F9:90:5A:B4:9B:B6:D4:5A:40:7B:40:CE:7F:0D:4D:92
ValiditySun, 31 Mar 2024 13:48:55 GMT - Sat, 29 Jun 2024 13:48:54 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /collect HTTP/1.1
Host: stats.adinplay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 74
Origin: https://jameeltips.us
DNT: 1
Connection: keep-alive
Referer: https://jameeltips.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 26 Apr 2024 06:45:47 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Security-Policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
X-DNS-Prefetch-Control: off
Expect-CT: max-age=0
X-Frame-Options: DENY
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
Origin-Agent-Cluster: ?1
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: no-referrer
X-XSS-Protection: 0

c.delivery.consentmanager.net/delivery/cmp.php?id=13566cdid=abbb821549a1&h=https%3A%2F%2Fjameeltips.us%2Fblog%2FJEydW&&__cmpfcc=1&l=en&o=1714113947454

87.230.98.76

200 OK

2.3 kB

URL GET HTTP/1.1
c.delivery.consentmanager.net/delivery/cmp.php?id=13566cdid=abbb821549a1&h=https%3A%2F%2Fjameeltips.us%2Fblog%2FJEydW&&__cmpfcc=1&l=en&o=1714113947454
IP
87.230.98.76:443
ASN
#61157 PlusServer GmbH

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerLet's Encrypt
Subjectc.delivery.consentmanager.net
Fingerprint1D:34:3B:3F:F8:A4:47:50:61:59:64:4B:4C:3D:54:A4:02:A6:49:D0
ValiditySat, 13 Apr 2024 23:34:43 GMT - Fri, 12 Jul 2024 23:34:42 GMT

File type
ASCII text, with very long lines (5121), with CRLF, LF line terminators
Size
2.3 kB (2319 bytes)
Hash
13be0e160dcaf034f41ed56b7a8edb54
a2b0423c3c70d07bbaff454fe992db180289e76a
f330341775ad2943816ade69bda19434af2aa5df20825fa51c0378f7aebf1a01

HTTP Headers

GET /delivery/cmp.php?id=13566cdid=abbb821549a1&h=https%3A%2F%2Fjameeltips.us%2Fblog%2FJEydW&&__cmpfcc=1&l=en&o=1714113947454 HTTP/1.1
Host: c.delivery.consentmanager.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jameeltips.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
date: Fri, 26 Apr 2024 06:45:47 GMT
cache-control: no-store, no-cache, must-revalidate
edge-control: no-store, no-cache, must-revalidate
expires: Thu, 01 Dec 1994 16:00:00 GMT
pragma: no-cache
access-control-allow-origin: *
x-xss-protection: 0
last-modified: Fri, 26 Apr 2024 06:45:47 GMT
transfer-encoding: chunked
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
content-encoding: gzip

ad-delivery.net/px.gif?ch=1&e=0.83989108068012

172.67.69.19

200 OK

43 B

URL GET HTTP/2
ad-delivery.net/px.gif?ch=1&e=0.83989108068012
IP
172.67.69.19:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerGoogle Trust Services LLC
Subjectad-delivery.net
Fingerprint03:56:A5:CD:68:65:E1:00:BD:87:3E:45:0C:B1:3B:C2:2C:8C:4E:18
ValidityTue, 19 Mar 2024 04:48:01 GMT - Mon, 17 Jun 2024 04:48:00 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /px.gif?ch=1&e=0.83989108068012 HTTP/1.1
Host: ad-delivery.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jameeltips.us/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 06:45:47 GMT
content-type: image/gif
content-length: 43
x-guploader-uploadid: ABPtcPoR4JXLqkfpf-u09lS0JRH4wHiZk5pp3DpGwPYXSZHMyeJV_4xQVHswRg5LBcY1bjGFi2uKubkW3g
x-goog-generation: 1620242732037093
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Sat, 13 Apr 2024 07:11:32 GMT
cache-control: public, max-age=86400
age: 1125255
last-modified: Wed, 05 May 2021 19:25:32 GMT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XXp%2Fmr%2FmJB%2FUwwsvxruoSIJDPbtZWrkH4otOqqsF5v3V%2BpUPT8qCp108oVcwW8J6WBVYEGNuhXxQXqTKpW8ynbvhKPtAQIhxqoF%2F3pLq%2BfSXGT55GfP%2BT%2BpYcft8Q5Nnfw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a49cad2cd00b41-OSL
X-Firefox-Spdy: h2

script.4dex.io/a/latest/adagio.js

104.26.9.169

200 OK

22 kB

URL GET HTTP/1.1
script.4dex.io/a/latest/adagio.js
IP
104.26.9.169:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerCloudflare, Inc.
Subjectscript.4dex.io
FingerprintAB:9B:A2:70:ED:27:23:EF:84:14:22:FF:67:9F:5D:50:06:2D:04:28
ValidityMon, 23 Oct 2023 00:00:00 GMT - Tue, 22 Oct 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65354)
Size
22 kB (21496 bytes)
Hash
2cea63505a74309263526b320f034c82
130ca3583955d4785e871e9950c05775975d81e9
c3c9508e905060bb9518439718aef255b2e29968eb9a33422b28426d96ff5946

HTTP Headers

GET /a/latest/adagio.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jameeltips.us/
Origin: https://jameeltips.us
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 06:45:47 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
ETag: W/"2cea63505a74309263526b320f034c82"
Last-Modified: Thu, 18 Apr 2024 08:50:17 GMT
Vary: Origin, Accept-Encoding
Access-Control-Expose-Headers: 
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CAmWAs3FXcD%2BeFsXVH5Zp%2BiEbd8JQhCBffLCBV%2BmMg6pmJdYLtzDt6%2Fhu9MWVgD3zxkYDBRu7uBNAHlogA3dni9bWk0mQhLxQsaEZ79trdEoNoR2vkHZP8UFk8fcc6Gy"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87a49cacadb05696-OSL
Content-Encoding: br

i.clean.gg/1a

34.95.69.49

200 OK

0 B

URL POST HTTP/2
i.clean.gg/1a
IP
34.95.69.49:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerGoogle Trust Services LLC
Subjecti.clean.gg
Fingerprint2A:B0:45:E6:61:BF:AD:1C:8F:56:39:11:8A:44:B4:BB:6A:40:75:A5
ValiditySat, 09 Mar 2024 14:16:31 GMT - Fri, 07 Jun 2024 15:11:05 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /1a HTTP/1.1
Host: i.clean.gg
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://jameeltips.us/
Origin: https://jameeltips.us
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
server: nginx/1.21.6
date: Fri, 26 Apr 2024 06:45:47 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-max-age: 1728000
content-type: text/plain; charset=utf-8
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

api.btloader.com/mw/state?bt_env=prod

130.211.23.194

204 No Content

0 B

URL GET HTTP/2
api.btloader.com/mw/state?bt_env=prod
IP
130.211.23.194:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerGoogle Trust Services LLC
Subjectapi.btloader.com
Fingerprint91:D7:31:40:CA:23:84:1D:EC:B3:E5:18:FA:A1:67:B2:7E:BF:4D:3F
ValidityFri, 05 Apr 2024 16:07:23 GMT - Thu, 04 Jul 2024 17:00:56 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /mw/state?bt_env=prod HTTP/1.1
Host: api.btloader.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jameeltips.us/
Origin: https://jameeltips.us
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
access-control-allow-origin: *
vary: Origin
date: Fri, 26 Apr 2024 06:45:47 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

i.clean.gg/1a

34.95.69.49

200 OK

0 B

URL POST HTTP/2
i.clean.gg/1a
IP
34.95.69.49:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerGoogle Trust Services LLC
Subjecti.clean.gg
Fingerprint2A:B0:45:E6:61:BF:AD:1C:8F:56:39:11:8A:44:B4:BB:6A:40:75:A5
ValiditySat, 09 Mar 2024 14:16:31 GMT - Fri, 07 Jun 2024 15:11:05 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /1a HTTP/1.1
Host: i.clean.gg
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 493
Origin: https://jameeltips.us
DNT: 1
Connection: keep-alive
Referer: https://jameeltips.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.21.6
date: Fri, 26 Apr 2024 06:45:47 GMT
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-expose-headers: Content-Length,Content-Range
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.consentmanager.net/delivery/customdata/bV8xLndfMTM1NjYucl9HRFBSLmxfZW4uZF81MzI0LnhfMjIudi5wLnRfNTMyNC54dF8yMg.js

185.76.9.21

200 OK

32 kB

URL GET HTTP/2
cdn.consentmanager.net/delivery/customdata/bV8xLndfMTM1NjYucl9HRFBSLmxfZW4uZF81MzI0LnhfMjIudi5wLnRfNTMyNC54dF8yMg.js
IP
185.76.9.21:443
ASN
#60068 Datacamp Limited

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerLet's Encrypt
Subject1376624012.rsc.cdn77.org
FingerprintAF:BA:C5:36:2A:F9:83:4F:32:1A:8F:95:51:86:52:81:8F:51:7D:B8
ValiditySun, 14 Apr 2024 19:25:23 GMT - Sat, 13 Jul 2024 19:25:22 GMT

File type
gzip compressed data, from Unix
Size
32 kB (31868 bytes)
Hash
1bd6dd16a55453286bcb3709b6c17317
219911cbd4598f3058302fd25c6a51d6022786df
e9655ee40816df664ae8ca6d066702c6c9006ec21aa1c228d9f81901b59af6fe

HTTP Headers

GET /delivery/customdata/bV8xLndfMTM1NjYucl9HRFBSLmxfZW4uZF81MzI0LnhfMjIudi5wLnRfNTMyNC54dF8yMg.js HTTP/1.1
Host: cdn.consentmanager.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jameeltips.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 06:45:47 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
x-xss-protection: 0
expires: Fri, 26 Apr 2024 06:55:06 GMT
cache-control: public, max-age=1800
edge-control: public, max-age=1800
last-modified: Fri, 26 Apr 2024 06:25:06 GMT
x-77-nzt: EwwBuUwJFAH3tQQAAAwBuUwKEwH3IgAAAAwBnJIhHwH3AgAAAA
x-77-nzt-ray: af585630e210e8929b4d2b6614438333
x-accel-expires: @1714114506
x-accel-date: 1714112742
x-77-cache: HIT
x-77-age: 1205
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 1205
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

mattersdeviceconsignment.com/90eb2b1fe17aa736705b962b44d6f229/invoke.js

192.243.59.12

200 OK

12 kB

URL GET HTTP/1.1
mattersdeviceconsignment.com/90eb2b1fe17aa736705b962b44d6f229/invoke.js
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerLet's Encrypt
Subjectmattersdeviceconsignment.com
Fingerprint92:7C:BE:FE:31:B1:22:DC:C9:8F:32:19:0E:43:E2:8C:3B:F0:08:21
ValidityWed, 24 Apr 2024 07:09:56 GMT - Tue, 23 Jul 2024 07:09:55 GMT

File type
JavaScript source, ASCII text, with very long lines (31323), with no line terminators
Size
12 kB (11863 bytes)
Hash
138d7812492b5ee2140e0cfb64bf39aa
ec343af95a6665926ce761fc7f2faf79d983b67d
665a5e3a4cd88f20a50866cd8b02845cc5a8edafa643a3b03679ebcc2ea5b0c6

HTTP Headers

GET /90eb2b1fe17aa736705b962b44d6f229/invoke.js HTTP/1.1
Host: mattersdeviceconsignment.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jameeltips.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 26 Apr 2024 06:45:47 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f82f96af9be870a4b797a509a03868bf
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

cdn.consentmanager.net/delivery/img/logo1592405744x390.gif

185.76.9.21

200 OK

29 kB

URL GET HTTP/2
cdn.consentmanager.net/delivery/img/logo1592405744x390.gif
IP
185.76.9.21:443
ASN
#60068 Datacamp Limited

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerLet's Encrypt
Subject1376624012.rsc.cdn77.org
FingerprintAF:BA:C5:36:2A:F9:83:4F:32:1A:8F:95:51:86:52:81:8F:51:7D:B8
ValiditySun, 14 Apr 2024 19:25:23 GMT - Sat, 13 Jul 2024 19:25:22 GMT

File type
PNG image data, 146 x 50, 8-bit/color RGBA, non-interlaced
Size
29 kB (29354 bytes)
Hash
8123bd75d120f6ddd2e2373b41e7891c
81cdd1d2f2ae4115e1a2d25c597aa0e34fd9ff9f
73e80796df0f325249f01776635aecedb926aaa6df8404c66aedb6941f95d918

HTTP Headers

GET /delivery/img/logo1592405744x390.gif HTTP/1.1
Host: cdn.consentmanager.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jameeltips.us/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 06:45:47 GMT
content-type: image/gif
content-length: 29354
last-modified: Tue, 08 Feb 2022 14:38:47 GMT
etag: "72aa-5d782acc0f8e6"
cache-control: max-age=31536000
expires: Sat, 15 Feb 2025 13:39:55 GMT
edge-control: max-age=2592000
x-77-nzt: EwwBuUwJFAH3YudbAAwBuUwKAQH3iwAAAAwBJRPCLgH3AwAAAA
x-77-nzt-ray: af585630e210e8929b4d2b665862413a
x-accel-expires: @1739626795
x-accel-date: 1708090937
x-77-cache: HIT
x-77-age: 6023010
server: CDN77-Turbo
x-cache: HIT
x-age: 6023010
x-77-pop: stockholmSE
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.consentmanager.net/delivery/flags/en.gif

185.76.9.21

200 OK

384 B

URL GET HTTP/2
cdn.consentmanager.net/delivery/flags/en.gif
IP
185.76.9.21:443
ASN
#60068 Datacamp Limited

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerLet's Encrypt
Subject1376624012.rsc.cdn77.org
FingerprintAF:BA:C5:36:2A:F9:83:4F:32:1A:8F:95:51:86:52:81:8F:51:7D:B8
ValiditySun, 14 Apr 2024 19:25:23 GMT - Sat, 13 Jul 2024 19:25:22 GMT

File type
GIF image data, version 89a, 16 x 11
Size
384 B (384 bytes)
Hash
64584f6cea5d8db0b272e15d939dabcc
5ae721fb2caa25179b715e082fbb476e9bd88181
eee4cf12a666b414c57a7f3ad86679b3f8d3baeb0914c5f2ec68243d9375d881

HTTP Headers

GET /delivery/flags/en.gif HTTP/1.1
Host: cdn.consentmanager.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jameeltips.us/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 06:45:47 GMT
content-type: image/gif
content-length: 384
last-modified: Mon, 14 Jun 2021 21:37:37 GMT
etag: "180-5c4c0aa828a40"
cache-control: max-age=31536000
expires: Sat, 15 Feb 2025 13:39:55 GMT
edge-control: max-age=2592000
x-77-nzt: EwwBuUwJFAH3yedbAAwBuUwKDAH3JQAAAAwB1GY4EQH3AgAAAA
x-77-nzt-ray: af585630e210e8929b4d2b66fe94593a
x-accel-expires: @1739626795
x-accel-date: 1708090834
x-77-cache: HIT
x-77-age: 6023113
server: CDN77-Turbo
x-cache: HIT
x-age: 6023113
x-77-pop: stockholmSE
accept-ranges: bytes
X-Firefox-Spdy: h2

c.delivery.consentmanager.net/delivery/info/?id=13566&did=1&cfdid=1&t=cv&h=https%3A%2F%2Fjameeltips.us%2Fblog%2FJEydW&o=1714113947950&l=EN&lv=0&d=1&ct=14&e=&e2=&e3=&i=&sv=32&dv=22&

87.230.98.76

200 OK

43 B

URL GET HTTP/1.1
c.delivery.consentmanager.net/delivery/info/?id=13566&did=1&cfdid=1&t=cv&h=https%3A%2F%2Fjameeltips.us%2Fblog%2FJEydW&o=1714113947950&l=EN&lv=0&d=1&ct=14&e=&e2=&e3=&i=&sv=32&dv=22&
IP
87.230.98.76:443
ASN
#61157 PlusServer GmbH

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerLet's Encrypt
Subjectc.delivery.consentmanager.net
Fingerprint1D:34:3B:3F:F8:A4:47:50:61:59:64:4B:4C:3D:54:A4:02:A6:49:D0
ValiditySat, 13 Apr 2024 23:34:43 GMT - Fri, 12 Jul 2024 23:34:42 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
6f81c41597d3f5a336f458822cc0c32a
8cd77a54b38f1fb376b45af2eaab8f5982523b8d
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

HTTP Headers

GET /delivery/info/?id=13566&did=1&cfdid=1&t=cv&h=https%3A%2F%2Fjameeltips.us%2Fblog%2FJEydW&o=1714113947950&l=EN&lv=0&d=1&ct=14&e=&e2=&e3=&i=&sv=32&dv=22& HTTP/1.1
Host: c.delivery.consentmanager.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jameeltips.us/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
date: Fri, 26 Apr 2024 06:45:47 GMT
cache-control: no-store, no-cache, must-revalidate
edge-control: no-store, no-cache, must-revalidate
expires: Thu, 01 Dec 1994 16:00:00 GMT
pragma: no-cache
access-control-allow-origin: *
x-xss-protection: 0
last-modified: Fri, 26 Apr 2024 06:45:47 GMT
content-length: 43
content-type: image/gif

onetag-sys.com/prebid-request

51.89.9.251

200 OK

41 B

URL POST HTTP/2
onetag-sys.com/prebid-request
IP
51.89.9.251:443
ASN
#16276 OVH SAS

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerDigiCert Inc
Subject*.onetag-sys.com
Fingerprint9D:25:F4:C3:B5:6A:40:DB:23:4A:02:98:48:44:09:DB:7C:07:BF:90
ValidityTue, 23 Jan 2024 00:00:00 GMT - Wed, 29 Jan 2025 23:59:59 GMT

File type
JSON text data
Size
41 B (41 bytes)
Hash
c6a1847e6d7bb4295ecdae2664affb5d
b332217021c4a707f950ebc9294cda83cb2eb77f
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

HTTP Headers

POST /prebid-request HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jameeltips.us/
content-type: text/plain
Content-Length: 1507
Origin: https://jameeltips.us
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: https://jameeltips.us
access-control-allow-headers: content-type, origin, referer, user-agent
access-control-allow-credentials: true
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
content-type: application/json
content-encoding: gzip
content-length: 41
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
X-Firefox-Spdy: h2

proftrafficcounter.com/stats

35.158.46.84

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
35.158.46.84:443
ASN
#16509 AMAZON-02

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
7fa45e226216ffae1cb57f3f2a367c28
bda0efc4e768628756dc57e75ed52e49f175bbbb
40c552692cbaeec57a0f21f270f7fce437c6b4c4aa08bb93a263471a48b207e3

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jameeltips.us
DNT: 1
Connection: keep-alive
Referer: https://jameeltips.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 06:45:48 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://jameeltips.us
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=82d47425-6a15-4b4c-81a4-45f7bafabe25:3:1; expires=Mon, 24 Apr 2034 06:45:48 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

mattersdeviceconsignment.com/f3a74d2936747962c922d42fe50d22c9/invoke.js

192.243.59.12

200 OK

12 kB

URL GET HTTP/1.1
mattersdeviceconsignment.com/f3a74d2936747962c922d42fe50d22c9/invoke.js
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerLet's Encrypt
Subjectmattersdeviceconsignment.com
Fingerprint92:7C:BE:FE:31:B1:22:DC:C9:8F:32:19:0E:43:E2:8C:3B:F0:08:21
ValidityWed, 24 Apr 2024 07:09:56 GMT - Tue, 23 Jul 2024 07:09:55 GMT

File type
JavaScript source, ASCII text, with very long lines (31304), with no line terminators
Size
12 kB (11846 bytes)
Hash
fad67431aee2ba2a397894243ae62486
000a430a0950f22f9bfd5a80db4afc519879b536
bdfa70f452402ea670cbe235a3d6cc824a6868be37775383a47c7dacc6b186da

HTTP Headers

GET /f3a74d2936747962c922d42fe50d22c9/invoke.js HTTP/1.1
Host: mattersdeviceconsignment.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jameeltips.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 26 Apr 2024 06:45:48 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1ce94b42a1a82d7e1dc2488031ccb726
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

ads.themoneytizer.com/s/gen.js?type=6

104.22.63.227

2.0 kB

URL GET
ads.themoneytizer.com/s/gen.js?type=6
IP
104.22.63.227:0
ASN
#13335 CLOUDFLARENET

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerGoogle Trust Services LLC
Subjectads.themoneytizer.com
Fingerprint42:B1:B3:BC:2F:4E:51:3F:AF:C5:35:38:10:81:1D:2C:CD:E1:DA:13
ValidityTue, 12 Mar 2024 13:17:27 GMT - Mon, 10 Jun 2024 13:17:26 GMT

File type
JavaScript source, ASCII text, with very long lines (2659)
Size
2.0 kB (2005 bytes)
Hash
70c8b5c7cae4a3000337167d404a1e93
7e6d8feb6e899c081626319d537489e7f495281b
aa08ed3725920fefd909f8763945e103af21df309cc27a821dc9b3b5b6dd8773

HTTP Headers

GET /s/gen.js?type=6 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jameeltips.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 06:45:44 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
cf-cache-status: HIT
age: 9923
last-modified: Fri, 26 Apr 2024 04:00:21 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a49c9c1de256c1-OSL
content-encoding: br
X-Firefox-Spdy: h2

ads.themoneytizer.com/lib_adagio.js

104.22.63.227

200 OK

1.8 kB

URL GET HTTP/2
ads.themoneytizer.com/lib_adagio.js
IP
104.22.63.227:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerGoogle Trust Services LLC
Subjectads.themoneytizer.com
Fingerprint42:B1:B3:BC:2F:4E:51:3F:AF:C5:35:38:10:81:1D:2C:CD:E1:DA:13
ValidityTue, 12 Mar 2024 13:17:27 GMT - Mon, 10 Jun 2024 13:17:26 GMT

File type
ASCII text
Size
1.8 kB (1839 bytes)
Hash
f2ae4810b618b8843df5265f6320f1a4
9f7877c38a4984d932d6065b574e6d226fc5196c
e1a3214e6ad4fe4355c5b99490b2e66ed2331ae65f8d7bdb8a864552c4532dfb

HTTP Headers

GET /lib_adagio.js HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jameeltips.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 06:45:48 GMT
content-type: application/javascript
content-length: 1839
last-modified: Fri, 19 Apr 2024 15:28:59 GMT
expires: Sat, 27 Apr 2024 04:00:22 GMT
cache-control: public, max-age=259200, no-transform
pragma: public
cf-cache-status: HIT
age: 9926
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a49cb0a85f56c1-OSL
X-Firefox-Spdy: h2

onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1714113948255

51.89.9.251

204 No Content

0 B

URL GET HTTP/2
onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1714113948255
IP
51.89.9.251:443
ASN
#16276 OVH SAS

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerDigiCert Inc
Subject*.onetag-sys.com
Fingerprint9D:25:F4:C3:B5:6A:40:DB:23:4A:02:98:48:44:09:DB:7C:07:BF:90
ValidityTue, 23 Jan 2024 00:00:00 GMT - Wed, 29 Jan 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /usync/?pubId=2a897e3f18e6769&cb=1714113948255 HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jameeltips.us/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
X-Firefox-Spdy: h2

ads.themoneytizer.com/lib_fs_close.js

104.22.63.227

200 OK

669 B

URL GET HTTP/2
ads.themoneytizer.com/lib_fs_close.js
IP
104.22.63.227:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerGoogle Trust Services LLC
Subjectads.themoneytizer.com
Fingerprint42:B1:B3:BC:2F:4E:51:3F:AF:C5:35:38:10:81:1D:2C:CD:E1:DA:13
ValidityTue, 12 Mar 2024 13:17:27 GMT - Mon, 10 Jun 2024 13:17:26 GMT

File type
ASCII text, with CRLF line terminators
Size
669 B (669 bytes)
Hash
f89d0e6522595e21fce019c5366e441d
81fe8463adbd7d98ad3344738dd9dd7626bbaa3a
6e149b82e9bde8226e779d50fcdcfd9c7b942abfc49cda2890af41dbd04153f6

HTTP Headers

GET /lib_fs_close.js HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jameeltips.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 06:45:48 GMT
content-type: application/javascript
content-length: 669
last-modified: Thu, 14 Mar 2024 13:32:32 GMT
expires: Sat, 27 Apr 2024 04:00:21 GMT
cache-control: public, max-age=259200, no-transform
pragma: public
cf-cache-status: HIT
age: 9927
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a49cb0d88456c1-OSL
X-Firefox-Spdy: h2

btloader.com/tag?o=5076638294867968&upapi=true

104.22.75.216

200 OK

19 kB

URL GET HTTP/2
btloader.com/tag?o=5076638294867968&upapi=true
IP
104.22.75.216:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerGoogle Trust Services LLC
Subjectbtloader.com
Fingerprint70:F7:F9:F7:42:5B:08:2E:94:58:BB:71:DF:F9:4D:8C:F5:09:57:DA
ValiditySun, 14 Apr 2024 06:05:01 GMT - Sat, 13 Jul 2024 06:05:00 GMT

File type
JavaScript source, ASCII text, with very long lines (57744)
Size
19 kB (19221 bytes)
Hash
437da1f9b9d26e973102044c7b41450c
d71a97a31a71e7e70cfd754b4a8ba77b117f5223
083289b0d6ebaf2541d5e68ff0978d27f4bdfb191bd7d09dcb8d8f6f9d6058bc

HTTP Headers

GET /tag?o=5076638294867968&upapi=true HTTP/1.1
Host: btloader.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jameeltips.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 06:45:48 GMT
content-type: application/javascript
content-length: 19221
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
content-encoding: gzip
etag: "f646a3105d2ef6477e40f4a0362271de"
last-modified: Fri, 26 Apr 2024 06:21:25 GMT
vary: Origin, Accept-Encoding
via: 1.1 google
cf-cache-status: HIT
age: 1456
accept-ranges: bytes
server: cloudflare
cf-ray: 87a49cb108f1abcc-CPH
X-Firefox-Spdy: h2

tag.leadplace.fr/libJsLP.js

145.239.192.166

200 OK

3.9 kB

URL GET HTTP/1.1
tag.leadplace.fr/libJsLP.js
IP
145.239.192.166:443
ASN
#16276 OVH SAS

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerGandi
Subject*.leadplace.fr
Fingerprint5C:78:58:74:BB:61:C7:82:08:64:6F:D1:59:33:27:DA:B1:93:E4:92
ValidityWed, 30 Aug 2023 00:00:00 GMT - Wed, 11 Sep 2024 23:59:59 GMT

File type
JavaScript source, ASCII text
Size
3.9 kB (3894 bytes)
Hash
9da2703e284a68f7cf5eac9182b5c455
55b751e55972b7228303a5e5011882515f81db25
97c32278e8275102822dd3f18f9de62b7ff1f796bb43cf04c0845114ec912d16

HTTP Headers

GET /libJsLP.js HTTP/1.1
Host: tag.leadplace.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jameeltips.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
server: nginx/1.20.1
date: Fri, 26 Apr 2024 06:45:48 GMT
content-type: application/javascript
content-length: 3894
last-modified: Wed, 06 Dec 2023 10:36:32 GMT
etag: "65704eb0-f36"
accept-ranges: bytes
x-iplb-request-id: 5B5A2A9A:0891_91EFC0A6:01BB_662B4D9C_91071B5:10B0
x-iplb-instance: 54208

ad-delivery.net/px.gif?ch=1&e=0.7753173023088208

172.67.69.19

200 OK

43 B

URL GET HTTP/2
ad-delivery.net/px.gif?ch=1&e=0.7753173023088208
IP
172.67.69.19:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerGoogle Trust Services LLC
Subjectad-delivery.net
Fingerprint03:56:A5:CD:68:65:E1:00:BD:87:3E:45:0C:B1:3B:C2:2C:8C:4E:18
ValidityTue, 19 Mar 2024 04:48:01 GMT - Mon, 17 Jun 2024 04:48:00 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /px.gif?ch=1&e=0.7753173023088208 HTTP/1.1
Host: ad-delivery.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jameeltips.us/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 06:45:48 GMT
content-type: image/gif
content-length: 43
x-guploader-uploadid: ABPtcPoR4JXLqkfpf-u09lS0JRH4wHiZk5pp3DpGwPYXSZHMyeJV_4xQVHswRg5LBcY1bjGFi2uKubkW3g
x-goog-generation: 1620242732037093
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Sat, 13 Apr 2024 07:11:32 GMT
cache-control: public, max-age=86400
age: 1125256
last-modified: Wed, 05 May 2021 19:25:32 GMT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UEBDpU1DD%2F1zvy%2FChGYxCzxOhdzw451zzBrA4CdRlSFu0oM1lA4XnV4stPpaPB4uFnbSZJV7xZMfaEXevBlg6DzbDZJ%2F923OfgjeqihVKAPGP%2B0gbBWS6%2BTjKhZ94WQZcg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a49cb1afae0b41-OSL
X-Firefox-Spdy: h2

ip.holid.io/

104.21.83.199

200 OK

477 B

URL GET HTTP/2
ip.holid.io/
IP
104.21.83.199:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerGoogle Trust Services LLC
Subjectholid.io
Fingerprint68:BA:BD:49:62:2A:5E:86:EE:01:84:42:70:11:F3:07:70:10:23:19
ValiditySat, 30 Mar 2024 14:28:59 GMT - Fri, 28 Jun 2024 14:28:58 GMT

File type
ASCII text, with no line terminators
Size
477 B (477 bytes)
Hash
c2f3f489a00553e7a01d369c103c7251
a0509b7780628bd9d9abc7eb8a2163477341053a
23794d91c53ae875c8e247d72561e35d9d06ee07c70c9e0dbcc977a6d161504a

HTTP Headers

GET / HTTP/1.1
Host: ip.holid.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jameeltips.us/
Origin: https://jameeltips.us
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 06:45:48 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OT0%2FUhvVQpPX95P5Ztom100ccpR%2Buh1iOTJMheAJvXfhD2tjlvx4XauiNYIpkfGvTKiymSQxcjBmR12%2BoQkAevMZeri3zVat5XGy6DD5h7zpbI2oYYITLj1BSalevA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a49cb12adb5687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

p.cpx.to/p/12775/px.js

18.203.226.119

200 OK

4.6 kB

URL GET HTTP/2
p.cpx.to/p/12775/px.js
IP
18.203.226.119:443
ASN
#16509 AMAZON-02

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerAmazon
Subjectp.cpx.to
Fingerprint16:39:CA:06:AB:D6:ED:BA:34:68:8B:84:07:06:C3:0C:7D:04:36:9E
ValidityWed, 24 Apr 2024 00:00:00 GMT - Fri, 23 May 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (4611), with no line terminators
Size
4.6 kB (4611 bytes)
Hash
2d4c2c65114160bb82e8a3c90e6a8271
e021d02a2c1858f5211f75ed5c5e18bc862ebd5c
ab9b62b7c27681c6cbfa2e080222683c6019686ad7f4b5474ebbca501f0df828

HTTP Headers

GET /p/12775/px.js HTTP/1.1
Host: p.cpx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jameeltips.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 06:45:48 GMT
content-type: application/javascript; charset=UTF-8
content-length: 4611
cache-control: public, max-age=604800
X-Firefox-Spdy: h2

adtrack.adleadevent.com/mailNotification.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7

52.48.122.2

200 OK

20 B

URL GET HTTP/1.1
adtrack.adleadevent.com/mailNotification.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
IP
52.48.122.2:443
ASN
#16509 AMAZON-02

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerAmazon
Subject*.adleadevent.com
Fingerprint13:4D:C9:57:31:B9:B4:82:98:03:BC:83:15:34:26:58:49:07:07:1E
ValidityTue, 27 Jun 2023 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
20 B (20 bytes)
Hash
7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2

HTTP Headers

GET /mailNotification.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7 HTTP/1.1
Host: adtrack.adleadevent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jameeltips.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0, no-cache="set-cookie"
Content-Encoding: gzip
Content-Type: application/x-javascript
Date: Fri, 26 Apr 2024 06:45:48 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Last-Modified: Fri, 26 Apr 2024 06:45:48 GMT
Pragma: no-cache
Server: Apache
Set-Cookie: AWSELB=9FC54D150466C174912E5199B1F8E822A79961F459222A4796B3BC5A624746187924E5A9D85256CD101C7B5617B87EC222DB6810D5FA7F2601127727C3997A195B0D3022C0;PATH=/
AWSELBCORS=9FC54D150466C174912E5199B1F8E822A79961F459222A4796B3BC5A624746187924E5A9D85256CD101C7B5617B87EC222DB6810D5FA7F2601127727C3997A195B0D3022C0;PATH=/;SECURE;SAMESITE=None
Vary: Accept-Encoding
Content-Length: 20
Connection: keep-alive

api.btloader.com/mw/state?bt_env=prod

130.211.23.194

204 No Content

0 B

URL GET HTTP/2
api.btloader.com/mw/state?bt_env=prod
IP
130.211.23.194:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerGoogle Trust Services LLC
Subjectapi.btloader.com
Fingerprint91:D7:31:40:CA:23:84:1D:EC:B3:E5:18:FA:A1:67:B2:7E:BF:4D:3F
ValidityFri, 05 Apr 2024 16:07:23 GMT - Thu, 04 Jul 2024 17:00:56 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /mw/state?bt_env=prod HTTP/1.1
Host: api.btloader.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jameeltips.us/
Origin: https://jameeltips.us
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
access-control-allow-origin: *
vary: Origin
date: Fri, 26 Apr 2024 06:45:48 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

planetgrimace.com/06/3b/ad/063bad003b4be020bb82147fa0656322.js

192.243.61.227

200 OK

31 kB

URL GET HTTP/1.1
planetgrimace.com/06/3b/ad/063bad003b4be020bb82147fa0656322.js
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerLet's Encrypt
Subjectplanetgrimace.com
FingerprintBF:93:3B:5A:BA:21:09:F6:06:64:E1:01:9C:D3:6E:E4:DA:13:80:7F
ValidityWed, 24 Apr 2024 14:57:56 GMT - Tue, 23 Jul 2024 14:57:55 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
31 kB (31064 bytes)
Hash
5ee24f82843520050859f58df49ad3b9
35850aafa5f73dde5773837930a4a063dbe347cd
0641e089a987fd26e1060fe1549b511acb31b85f4b685ec35d065c2471a70112

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /06/3b/ad/063bad003b4be020bb82147fa0656322.js HTTP/1.1
Host: planetgrimace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jameeltips.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 06:45:48 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d21a1bce582e932499036bdf97232c4e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

api.btloader.com/country?o=5130683165442048

130.211.23.194

200 OK

37 B

URL GET HTTP/3
api.btloader.com/country?o=5130683165442048
IP
130.211.23.194:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerGoogle Trust Services LLC
Subjectapi.btloader.com
Fingerprint91:D7:31:40:CA:23:84:1D:EC:B3:E5:18:FA:A1:67:B2:7E:BF:4D:3F
ValidityFri, 05 Apr 2024 16:07:23 GMT - Thu, 04 Jul 2024 17:00:56 GMT

File type
JSON text data
Size
37 B (37 bytes)
Hash
bdfe458835550c34f45fc9fdfeebb12a
0f08aa02e7bcbf4c5e991a5defb2fdbd03a86f3d
ad26ec64cc613fbfbd47faaf39f9921c2b19769bde1d3c5c2857a671e7863cf9

HTTP Headers

GET /country?o=5130683165442048 HTTP/1.1
Host: api.btloader.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jameeltips.us/
Origin: https://jameeltips.us
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
content-type: application/json
vary: Origin
date: Fri, 26 Apr 2024 06:45:48 GMT
content-length: 37
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

api.btloader.com/pv?tid=P26jOEBN&w=6238759036649472&o=5130683165442048&cv=2.1.43&widget=false&r=false&vr=1280x1024&pageURL=https%3A%2F%2Fjameeltips.us%2Fblog%2FJEydW&sid=woIJL38WPb&pm=true&upapi=true

130.211.23.194

204 No Content

0 B

URL GET HTTP/3
api.btloader.com/pv?tid=P26jOEBN&w=6238759036649472&o=5130683165442048&cv=2.1.43&widget=false&r=false&vr=1280x1024&pageURL=https%3A%2F%2Fjameeltips.us%2Fblog%2FJEydW&sid=woIJL38WPb&pm=true&upapi=true
IP
130.211.23.194:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerGoogle Trust Services LLC
Subjectapi.btloader.com
Fingerprint91:D7:31:40:CA:23:84:1D:EC:B3:E5:18:FA:A1:67:B2:7E:BF:4D:3F
ValidityFri, 05 Apr 2024 16:07:23 GMT - Thu, 04 Jul 2024 17:00:56 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pv?tid=P26jOEBN&w=6238759036649472&o=5130683165442048&cv=2.1.43&widget=false&r=false&vr=1280x1024&pageURL=https%3A%2F%2Fjameeltips.us%2Fblog%2FJEydW&sid=woIJL38WPb&pm=true&upapi=true HTTP/1.1
Host: api.btloader.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jameeltips.us
DNT: 1
Connection: keep-alive
Referer: https://jameeltips.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
vary: Origin
date: Fri, 26 Apr 2024 06:45:48 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json

151.101.1.229

200 OK

792 B

URL GET HTTP/2
cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json
IP
151.101.1.229:443
ASN
#54113 FASTLY

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
JSON text data
Size
792 B (792 bytes)
Hash
0269f589a94e82c40ec95e39860af1d7
2bb442a5c6302fe3c2a221247a25229a903e0caa
9c9ae1dc88c6eb09f32174337beb806bfe7165dc4c11d0e1fd7e7fbceb859366

HTTP Headers

GET /gh/prebid/currency-file@1/latest.json HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jameeltips.us/
content-type: text/plain
Origin: https://jameeltips.us
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json; charset=utf-8
x-jsd-version: 1.0.2037
x-jsd-version-type: version
etag: W/"63f-K7RCpcYwL+PCoiEkeiUimpA+DKo"
content-encoding: br
accept-ranges: bytes
date: Fri, 26 Apr 2024 06:45:48 GMT
age: 9896
x-served-by: cache-fra-eddf8230103-FRA, cache-hel1410031-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 792
X-Firefox-Spdy: h2

planetgrimace.com/watch.1664078528982.js?key=90eb2b1fe17aa736705b962b44d6f229&kw=%5B%22jameeltips%22%2C%22%E2%80%93%22%2C%22on%22%2C%22this%22%2C%22blog%22%2C%22you%22%2C%22will%22%2C%22read%22%2C%22about%22%2C%22health%22%2C%22and%22%2C%22fitness%22%5D&refer=https%3A%2F%2Fjameeltips.us%2Fblog%2FJEydW&tz=0&dev=e&res=14.2071&uuid=82d47425-6a15-4b4c-81a4-45f7bafabe25%3A3%3A1

192.243.61.227

307 Temporary Redirect

0 B

URL GET HTTP/1.1
planetgrimace.com/watch.1664078528982.js?key=90eb2b1fe17aa736705b962b44d6f229&kw=%5B%22jameeltips%22%2C%22%E2%80%93%22%2C%22on%22%2C%22this%22%2C%22blog%22%2C%22you%22%2C%22will%22%2C%22read%22%2C%22about%22%2C%22health%22%2C%22and%22%2C%22fitness%22%5D&refer=https%3A%2F%2Fjameeltips.us%2Fblog%2FJEydW&tz=0&dev=e&res=14.2071&uuid=82d47425-6a15-4b4c-81a4-45f7bafabe25%3A3%3A1
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerLet's Encrypt
Subjectplanetgrimace.com
FingerprintBF:93:3B:5A:BA:21:09:F6:06:64:E1:01:9C:D3:6E:E4:DA:13:80:7F
ValidityWed, 24 Apr 2024 14:57:56 GMT - Tue, 23 Jul 2024 14:57:55 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.1664078528982.js?key=90eb2b1fe17aa736705b962b44d6f229&kw=%5B%22jameeltips%22%2C%22%E2%80%93%22%2C%22on%22%2C%22this%22%2C%22blog%22%2C%22you%22%2C%22will%22%2C%22read%22%2C%22about%22%2C%22health%22%2C%22and%22%2C%22fitness%22%5D&refer=https%3A%2F%2Fjameeltips.us%2Fblog%2FJEydW&tz=0&dev=e&res=14.2071&uuid=82d47425-6a15-4b4c-81a4-45f7bafabe25%3A3%3A1 HTTP/1.1
Host: planetgrimace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jameeltips.us
DNT: 1
Connection: keep-alive
Referer: https://jameeltips.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 06:45:48 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://jameeltips.us
Access-Control-Allow-Origin: https://jameeltips.us
Access-Control-Allow-Credentials: true
Location: https://planetgrimace.com/watch.1664078528982.js?dev=e&key=90eb2b1fe17aa736705b962b44d6f229&kw=%5B%22jameeltips%22%2C%22%E2%80%93%22%2C%22on%22%2C%22this%22%2C%22blog%22%2C%22you%22%2C%22will%22%2C%22read%22%2C%22about%22%2C%22health%22%2C%22and%22%2C%22fitness%22%5D&pst=1714114008&refer=https%3A%2F%2Fjameeltips.us%2Fblog%2FJEydW&res=14.2071&rmtc=t&shu=87ad6be7220fbd394e1292e7923a4a703baddd554180fe295efb99120d5b58e955716dad2195f3af248114b7a8b25fb7f115a01ca378c7c8a735cd178017c9db33b30de452ea4953a3930b0c68ca88a9318adad947c0c2d4e11ceadcf69c36&tz=0&uuid=82d47425-6a15-4b4c-81a4-45f7bafabe25%3A3%3A1
Set-Cookie: u_pl=16185286; expires=Sat, 27 Apr 2024 06:45:48 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjE4NTI4NiwiayI6IjkwZWIyYjFmZTE3YWE3MzY3MDViOTYyYjQ0ZDZmMjI5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTI4MTkzLCJwaWQiOjUzOTE2LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI4LCJhaWQiOjUsInB0Ijo0LCJwayI6InNlNDk4ZWZuNXciLCJjcGtzIjp7IjI4IjoiMDYzYmFkMDAzYjRiZTAyMGJiODIxNDdmYTA2NTYzMjIifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vamFtZWVsdGlwcy51cy9ibG9nL0pFeWRXIiwiYXIiOltdfX0.iUqDgilB4kkz9ljCzrEQ16uanNoqaTAcsREddglwD0U; expires=Fri, 26 Apr 2024 06:46:48 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 75511cdfec7459a948dfcdbe5086be64
Strict-Transport-Security: max-age=0; includeSubdomains

planetgrimace.com/watch.1664078528982.js?dev=e&key=90eb2b1fe17aa736705b962b44d6f229&kw=%5B%22jameeltips%22%2C%22%E2%80%93%22%2C%22on%22%2C%22this%22%2C%22blog%22%2C%22you%22%2C%22will%22%2C%22read%22%2C%22about%22%2C%22health%22%2C%22and%22%2C%22fitness%22%5D&pst=1714114008&refer=https%3A%2F%2Fjameeltips.us%2Fblog%2FJEydW&res=14.2071&rmtc=t&shu=87ad6be7220fbd394e1292e7923a4a703baddd554180fe295efb99120d5b58e955716dad2195f3af248114b7a8b25fb7f115a01ca378c7c8a735cd178017c9db33b30de452ea4953a3930b0c68ca88a9318adad947c0c2d4e11ceadcf69c36&tz=0&uuid=82d47425-6a15-4b4c-81a4-45f7bafabe25%3A3%3A1

192.243.61.227

200 OK

2.0 kB

URL GET HTTP/1.1
planetgrimace.com/watch.1664078528982.js?dev=e&key=90eb2b1fe17aa736705b962b44d6f229&kw=%5B%22jameeltips%22%2C%22%E2%80%93%22%2C%22on%22%2C%22this%22%2C%22blog%22%2C%22you%22%2C%22will%22%2C%22read%22%2C%22about%22%2C%22health%22%2C%22and%22%2C%22fitness%22%5D&pst=1714114008&refer=https%3A%2F%2Fjameeltips.us%2Fblog%2FJEydW&res=14.2071&rmtc=t&shu=87ad6be7220fbd394e1292e7923a4a703baddd554180fe295efb99120d5b58e955716dad2195f3af248114b7a8b25fb7f115a01ca378c7c8a735cd178017c9db33b30de452ea4953a3930b0c68ca88a9318adad947c0c2d4e11ceadcf69c36&tz=0&uuid=82d47425-6a15-4b4c-81a4-45f7bafabe25%3A3%3A1
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerLet's Encrypt
Subjectplanetgrimace.com
FingerprintBF:93:3B:5A:BA:21:09:F6:06:64:E1:01:9C:D3:6E:E4:DA:13:80:7F
ValidityWed, 24 Apr 2024 14:57:56 GMT - Tue, 23 Jul 2024 14:57:55 GMT

File type
JavaScript source, ASCII text, with very long lines (2461)
Size
2.0 kB (2001 bytes)
Hash
2b0c66defe1c3e09c99264a30d14469a
fe4778105fb03561b61faaf099ef57a906ef7fb0
a3b7c42fe733569a21a089d29b9fff143bc2b1279270004500125f872c0d5874

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.1664078528982.js?dev=e&key=90eb2b1fe17aa736705b962b44d6f229&kw=%5B%22jameeltips%22%2C%22%E2%80%93%22%2C%22on%22%2C%22this%22%2C%22blog%22%2C%22you%22%2C%22will%22%2C%22read%22%2C%22about%22%2C%22health%22%2C%22and%22%2C%22fitness%22%5D&pst=1714114008&refer=https%3A%2F%2Fjameeltips.us%2Fblog%2FJEydW&res=14.2071&rmtc=t&shu=87ad6be7220fbd394e1292e7923a4a703baddd554180fe295efb99120d5b58e955716dad2195f3af248114b7a8b25fb7f115a01ca378c7c8a735cd178017c9db33b30de452ea4953a3930b0c68ca88a9318adad947c0c2d4e11ceadcf69c36&tz=0&uuid=82d47425-6a15-4b4c-81a4-45f7bafabe25%3A3%3A1 HTTP/1.1
Host: planetgrimace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jameeltips.us
Referer: https://jameeltips.us/
DNT: 1
Connection: keep-alive
Cookie: u_pl=16185286; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjE4NTI4NiwiayI6IjkwZWIyYjFmZTE3YWE3MzY3MDViOTYyYjQ0ZDZmMjI5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTI4MTkzLCJwaWQiOjUzOTE2LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI4LCJhaWQiOjUsInB0Ijo0LCJwayI6InNlNDk4ZWZuNXciLCJjcGtzIjp7IjI4IjoiMDYzYmFkMDAzYjRiZTAyMGJiODIxNDdmYTA2NTYzMjIifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vamFtZWVsdGlwcy51cy9ibG9nL0pFeWRXIiwiYXIiOltdfX0.iUqDgilB4kkz9ljCzrEQ16uanNoqaTAcsREddglwD0U
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 06:45:48 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://jameeltips.us
Access-Control-Allow-Origin: https://jameeltips.us
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=82d47425-6a15-4b4c-81a4-45f7bafabe25:3:1; expires=Fri, 03 May 2024 06:45:48 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 27 Apr 2024 06:45:48 GMT; secure; SameSite=None
uncs=1; expires=Sat, 27 Apr 2024 06:45:48 GMT; secure; SameSite=None
pdhtkv5=true; expires=Sat, 27 Apr 2024 06:45:48 GMT; secure; SameSite=None
uncs5=1; expires=Sat, 27 Apr 2024 06:45:48 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 00337fc77bba0d81ae8b33131dfb9673
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

likescenesfocused.com/watch.858016093444.js?key=f3a74d2936747962c922d42fe50d22c9&kw=%5B%22jameeltips%22%2C%22%E2%80%93%22%2C%22on%22%2C%22this%22%2C%22blog%22%2C%22you%22%2C%22will%22%2C%22read%22%2C%22about%22%2C%22health%22%2C%22and%22%2C%22fitness%22%5D&refer=https%3A%2F%2Fjameeltips.us%2Fblog%2FJEydW&tz=0&dev=e&res=14.2071&uuid=82d47425-6a15-4b4c-81a4-45f7bafabe25%3A3%3A1

192.243.61.225

307 Temporary Redirect

0 B

URL GET HTTP/1.1
likescenesfocused.com/watch.858016093444.js?key=f3a74d2936747962c922d42fe50d22c9&kw=%5B%22jameeltips%22%2C%22%E2%80%93%22%2C%22on%22%2C%22this%22%2C%22blog%22%2C%22you%22%2C%22will%22%2C%22read%22%2C%22about%22%2C%22health%22%2C%22and%22%2C%22fitness%22%5D&refer=https%3A%2F%2Fjameeltips.us%2Fblog%2FJEydW&tz=0&dev=e&res=14.2071&uuid=82d47425-6a15-4b4c-81a4-45f7bafabe25%3A3%3A1
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerLet's Encrypt
Subjectlikescenesfocused.com
Fingerprint72:A0:54:62:05:83:62:37:5E:DE:D5:B2:E3:9B:DD:AD:EA:C5:EA:0E
ValidityWed, 24 Apr 2024 15:04:39 GMT - Tue, 23 Jul 2024 15:04:38 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.858016093444.js?key=f3a74d2936747962c922d42fe50d22c9&kw=%5B%22jameeltips%22%2C%22%E2%80%93%22%2C%22on%22%2C%22this%22%2C%22blog%22%2C%22you%22%2C%22will%22%2C%22read%22%2C%22about%22%2C%22health%22%2C%22and%22%2C%22fitness%22%5D&refer=https%3A%2F%2Fjameeltips.us%2Fblog%2FJEydW&tz=0&dev=e&res=14.2071&uuid=82d47425-6a15-4b4c-81a4-45f7bafabe25%3A3%3A1 HTTP/1.1
Host: likescenesfocused.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jameeltips.us
DNT: 1
Connection: keep-alive
Referer: https://jameeltips.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 06:45:49 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://jameeltips.us
Access-Control-Allow-Origin: https://jameeltips.us
Access-Control-Allow-Credentials: true
Location: https://likescenesfocused.com/watch.858016093444.js?dev=e&key=f3a74d2936747962c922d42fe50d22c9&kw=%5B%22jameeltips%22%2C%22%E2%80%93%22%2C%22on%22%2C%22this%22%2C%22blog%22%2C%22you%22%2C%22will%22%2C%22read%22%2C%22about%22%2C%22health%22%2C%22and%22%2C%22fitness%22%5D&pst=1714114009&refer=https%3A%2F%2Fjameeltips.us%2Fblog%2FJEydW&res=14.2071&rmtc=t&shu=a4902e96bc4fdb29a05ae834bd17c99c09647f498919c8e80eceab338c6e9eec1f668148b06876b421df80d0150fb19cc7e0b88f71e08d373393a82167cb788da9c285baa44105f11d7b2e1bf36a84e0a325b01349bea3e93fc92c74e828b4&tz=0&uuid=82d47425-6a15-4b4c-81a4-45f7bafabe25%3A3%3A1
Set-Cookie: u_pl=16185426; expires=Sat, 27 Apr 2024 06:45:49 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjE4NTQyNiwiayI6ImYzYTc0ZDI5MzY3NDc5NjJjOTIyZDQyZmU1MGQyMmM5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTI4MTkzLCJwaWQiOjUzOTE2LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI4LCJhaWQiOjI3LCJwdCI6NCwicGsiOiJlZWFhbW41MG0iLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9qYW1lZWx0aXBzLnVzL2Jsb2cvSkV5ZFciLCJhciI6W119fQ._P4Cx0vjxQmNyGW0rvUSWED23vMWZh_lUClR1t9aBbo; expires=Fri, 26 Apr 2024 06:46:49 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ba135058bc50f766434bcb1e944e0d6d
Strict-Transport-Security: max-age=0; includeSubdomains

suckfaintlybooking.com/pixel/purst?dl=0&th=0&sc=0&rs=4197&rd=4197&fd=588&bv=24.4.4887&tmpl=136

192.243.59.20

200 OK

0 B

URL GET HTTP/1.1
suckfaintlybooking.com/pixel/purst?dl=0&th=0&sc=0&rs=4197&rd=4197&fd=588&bv=24.4.4887&tmpl=136
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerLet's Encrypt
Subjectsuckfaintlybooking.com
Fingerprint96:03:FE:88:9F:4A:56:5D:2C:39:6C:79:9E:0F:5C:34:55:32:48:44
ValidityWed, 24 Apr 2024 15:01:38 GMT - Tue, 23 Jul 2024 15:01:37 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=4197&rd=4197&fd=588&bv=24.4.4887&tmpl=136 HTTP/1.1
Host: suckfaintlybooking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jameeltips.us/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 26 Apr 2024 06:45:49 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

tmzr.themoneytizer.fr/v8.38.0u2.0.8/6f305142017ee81ed1d58e50bf386aae/prebid.js

172.67.174.127

200 OK

144 kB

URL GET HTTP/2
tmzr.themoneytizer.fr/v8.38.0u2.0.8/6f305142017ee81ed1d58e50bf386aae/prebid.js
IP
172.67.174.127:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerGoogle Trust Services LLC
Subjectthemoneytizer.fr
Fingerprint3C:D9:B9:11:70:A4:5F:DD:60:18:3A:B0:77:D8:39:39:B7:7F:3B:4F
ValidityWed, 27 Mar 2024 15:36:30 GMT - Tue, 25 Jun 2024 15:36:29 GMT

File type
JavaScript source, ASCII text, with very long lines (64685)
Size
144 kB (143672 bytes)
Hash
d84d1eee5078b8fb5b07e347eddf18d1
ca19ef4e3d32c03d97f25552d81c7bf6a5c31756
bd73a7d41647e62802287ab295deb669a172abb7dbc7360b110ebdc488ace03a

HTTP Headers

GET /v8.38.0u2.0.8/6f305142017ee81ed1d58e50bf386aae/prebid.js HTTP/1.1
Host: tmzr.themoneytizer.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jameeltips.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 06:45:49 GMT
content-type: application/javascript
x-amz-id-2: qU7e1dUyw2YOxxdB+oKZl7We/3pr37XUdAgJelQWya/VAE76YNW3Esdkmq/uVgRMv4DqQeiPZAs=
x-amz-request-id: 85MP2H5H3DDJ0501
last-modified: Thu, 04 Apr 2024 22:58:37 GMT
etag: W/"d84d1eee5078b8fb5b07e347eddf18d1"
x-amz-server-side-encryption: AES256
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wt5PE6o7f8%2FtqJKaDXkbERrhk1TKUolSjQifJ2%2FRGGzwfgdeY17IqlqYdUZor%2FIDQ90Jv7dbp3YXNPko6RamxDJPankadoe36dkdThTne42QiSuYVGA0pYf5xuJf88MKnMX4%2BeG4KYA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a49cb4eea3b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

likescenesfocused.com/watch.858016093444.js?dev=e&key=f3a74d2936747962c922d42fe50d22c9&kw=%5B%22jameeltips%22%2C%22%E2%80%93%22%2C%22on%22%2C%22this%22%2C%22blog%22%2C%22you%22%2C%22will%22%2C%22read%22%2C%22about%22%2C%22health%22%2C%22and%22%2C%22fitness%22%5D&pst=1714114009&refer=https%3A%2F%2Fjameeltips.us%2Fblog%2FJEydW&res=14.2071&rmtc=t&shu=a4902e96bc4fdb29a05ae834bd17c99c09647f498919c8e80eceab338c6e9eec1f668148b06876b421df80d0150fb19cc7e0b88f71e08d373393a82167cb788da9c285baa44105f11d7b2e1bf36a84e0a325b01349bea3e93fc92c74e828b4&tz=0&uuid=82d47425-6a15-4b4c-81a4-45f7bafabe25%3A3%3A1

192.243.61.225

200 OK

2.0 kB

URL GET HTTP/1.1
likescenesfocused.com/watch.858016093444.js?dev=e&key=f3a74d2936747962c922d42fe50d22c9&kw=%5B%22jameeltips%22%2C%22%E2%80%93%22%2C%22on%22%2C%22this%22%2C%22blog%22%2C%22you%22%2C%22will%22%2C%22read%22%2C%22about%22%2C%22health%22%2C%22and%22%2C%22fitness%22%5D&pst=1714114009&refer=https%3A%2F%2Fjameeltips.us%2Fblog%2FJEydW&res=14.2071&rmtc=t&shu=a4902e96bc4fdb29a05ae834bd17c99c09647f498919c8e80eceab338c6e9eec1f668148b06876b421df80d0150fb19cc7e0b88f71e08d373393a82167cb788da9c285baa44105f11d7b2e1bf36a84e0a325b01349bea3e93fc92c74e828b4&tz=0&uuid=82d47425-6a15-4b4c-81a4-45f7bafabe25%3A3%3A1
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerLet's Encrypt
Subjectlikescenesfocused.com
Fingerprint72:A0:54:62:05:83:62:37:5E:DE:D5:B2:E3:9B:DD:AD:EA:C5:EA:0E
ValidityWed, 24 Apr 2024 15:04:39 GMT - Tue, 23 Jul 2024 15:04:38 GMT

File type
JavaScript source, ASCII text, with very long lines (2477)
Size
2.0 kB (2005 bytes)
Hash
85b79a1532cb4af8b2e9924b070ee135
dff70369573a8c03308bcbdde11e142f8601680b
b203beb2e7449b0907645e4acea78a6c8b736475029b2287d9b65fb1041864f5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.858016093444.js?dev=e&key=f3a74d2936747962c922d42fe50d22c9&kw=%5B%22jameeltips%22%2C%22%E2%80%93%22%2C%22on%22%2C%22this%22%2C%22blog%22%2C%22you%22%2C%22will%22%2C%22read%22%2C%22about%22%2C%22health%22%2C%22and%22%2C%22fitness%22%5D&pst=1714114009&refer=https%3A%2F%2Fjameeltips.us%2Fblog%2FJEydW&res=14.2071&rmtc=t&shu=a4902e96bc4fdb29a05ae834bd17c99c09647f498919c8e80eceab338c6e9eec1f668148b06876b421df80d0150fb19cc7e0b88f71e08d373393a82167cb788da9c285baa44105f11d7b2e1bf36a84e0a325b01349bea3e93fc92c74e828b4&tz=0&uuid=82d47425-6a15-4b4c-81a4-45f7bafabe25%3A3%3A1 HTTP/1.1
Host: likescenesfocused.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jameeltips.us
Referer: https://jameeltips.us/
DNT: 1
Connection: keep-alive
Cookie: u_pl=16185426; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjE4NTQyNiwiayI6ImYzYTc0ZDI5MzY3NDc5NjJjOTIyZDQyZmU1MGQyMmM5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTI4MTkzLCJwaWQiOjUzOTE2LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI4LCJhaWQiOjI3LCJwdCI6NCwicGsiOiJlZWFhbW41MG0iLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9qYW1lZWx0aXBzLnVzL2Jsb2cvSkV5ZFciLCJhciI6W119fQ._P4Cx0vjxQmNyGW0rvUSWED23vMWZh_lUClR1t9aBbo
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 06:45:49 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://jameeltips.us
Access-Control-Allow-Origin: https://jameeltips.us
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=82d47425-6a15-4b4c-81a4-45f7bafabe25:3:1; expires=Fri, 03 May 2024 06:45:49 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 27 Apr 2024 06:45:49 GMT; secure; SameSite=None
uncs=1; expires=Sat, 27 Apr 2024 06:45:49 GMT; secure; SameSite=None
pdhtkv27=true; expires=Sat, 27 Apr 2024 06:45:49 GMT; secure; SameSite=None
uncs27=1; expires=Sat, 27 Apr 2024 06:45:49 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6ac79ceb76fced968a41f41a6e0f523f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

ib.adnxs.com/ut/v3/prebid

37.252.172.123

200 OK

19 B

URL POST HTTP/2
ib.adnxs.com/ut/v3/prebid
IP
37.252.172.123:443
ASN
#29990 ASN-APPNEX

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerDigiCert Inc
Subject*.adnxs.com
Fingerprint67:2D:49:EE:1E:AF:D8:2B:B2:85:1A:C5:39:29:91:05:8E:5E:6F:AA
ValidityWed, 14 Feb 2024 00:00:00 GMT - Sun, 16 Mar 2025 23:59:59 GMT

File type
JSON text data
Size
19 B (19 bytes)
Hash
f333cec2aef5c287691c1670f8207232
6dafbe0bf001219999903a4ed5bd23af5b81e52d
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

HTTP Headers

POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jameeltips.us/
content-type: text/plain
Content-Length: 772
Origin: https://jameeltips.us
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.23.4
date: Fri, 26 Apr 2024 06:45:49 GMT
content-type: application/json; charset=utf-8
content-length: 19
cache-control: no-store, no-cache, private
pragma: no-cache
expires: Sat, 15 Nov 2008 16:00:00 GMT
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
x-xss-protection: 0
access-control-allow-credentials: true
access-control-allow-origin: https://jameeltips.us
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
an-x-request-uuid: 9fc50d26-bd75-49cb-8886-36b8af138b62
x-proxy-origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-Firefox-Spdy: h2

elb.the-ozone-project.com/cdn-cgi/rum?

104.18.43.178

204 No Content

0 B

URL POST HTTP/2
elb.the-ozone-project.com/cdn-cgi/rum?
IP
104.18.43.178:443
ASN
#13335 CLOUDFLARENET

Requested by
https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1714113947519&bidder=ozone
Certificate
IssuerLet's Encrypt
Subjectthe-ozone-project.com
FingerprintC3:80:74:11:0D:D0:16:E1:89:8D:82:2D:36:82:F1:7A:2A:37:BD:CD
ValiditySat, 20 Apr 2024 09:04:54 GMT - Fri, 19 Jul 2024 09:04:53 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: elb.the-ozone-project.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1181
Origin: https://elb.the-ozone-project.com
DNT: 1
Connection: keep-alive
Referer: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1714113947519&bidder=ozone
Cookie: __cf_bm=zmV88BhMyp8tqnTSlwF34bbbbqn8zkQDMY_BAs8V5Ak-1714113947-1.0.1.1-DBkTwEHEp5H67Y67OX7vWaMUjykSBtK6hAMbrfonCB3erMhpJoI7jG.tWjcx_Fk784Z5mioL6e8hL.Z5hM.UFw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Fri, 26 Apr 2024 06:45:49 GMT
access-control-allow-origin: https://elb.the-ozone-project.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 87a49cb97fcab4f7-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js

142.250.74.35

200 OK

206 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
JavaScript source, ASCII text, with very long lines (631)
Size
206 kB (205803 bytes)
Hash
e2e79d6b927169d9e0e57e3baecc0993
1299473950b2999ba0b7f39bd5e4a60eafd1819d
231336ed913a5ebd4445b85486e053caf2b81cab91318241375f3f7a245b6c6b

HTTP Headers

GET /recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jameeltips.us
DNT: 1
Connection: keep-alive
Referer: https://jameeltips.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 205803
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 05:50:40 GMT
expires: Sat, 26 Apr 2025 05:50:40 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2024 21:03:35 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 3309
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

onetag-sys.com/usync/?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D${USER_TOKEN}

51.89.9.251

302 Found

0 B

URL GET HTTP/2
onetag-sys.com/usync/?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D${USER_TOKEN}
IP
51.89.9.251:443
ASN
#16276 OVH SAS

Requested by
https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1714113947519&bidder=ozone
Certificate
IssuerDigiCert Inc
Subject*.onetag-sys.com
Fingerprint9D:25:F4:C3:B5:6A:40:DB:23:4A:02:98:48:44:09:DB:7C:07:BF:90
ValidityTue, 23 Jan 2024 00:00:00 GMT - Wed, 29 Jan 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /usync/?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D${USER_TOKEN} HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://elb.the-ozone-project.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
cache-control: no-store
location: https://elb.the-ozone-project.com/setuid?bidder=onetag&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=
content-length: 0
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/cti/f0/e2/55/f0e25599a5b9fab56572e54b4c187c66/1708072429.png

45.133.44.10

200 OK

16 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/f0/e2/55/f0e25599a5b9fab56572e54b4c187c66/1708072429.png
IP
45.133.44.10:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0
ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT

File type
PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced
Size
16 kB (16266 bytes)
Hash
d78616d73e93425ab11be94281f43ffd
c6a6b06e8ff6bf0299eca2dfe3dc059dd5cbe518
71ff557c03bc4dd351434b49b9cf99876c8418af52cba76392950eb19f367851

HTTP Headers

GET /cti/f0/e2/55/f0e25599a5b9fab56572e54b4c187c66/1708072429.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 06:45:49 GMT
content-type: image/png
content-length: 16266
server: nginx/1.21.6
last-modified: Fri, 16 Feb 2024 08:33:57 GMT
etag: "65cf1df5-3f8a"
expires: Sun, 28 Apr 2024 06:45:49 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

elb.the-ozone-project.com/setuid?bidder=onetag&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=

104.18.43.178

200 OK

0 B

URL GET HTTP/2
elb.the-ozone-project.com/setuid?bidder=onetag&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=
IP
104.18.43.178:443
ASN
#13335 CLOUDFLARENET

Requested by
https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1714113947519&bidder=ozone
Certificate
IssuerLet's Encrypt
Subjectthe-ozone-project.com
FingerprintC3:80:74:11:0D:D0:16:E1:89:8D:82:2D:36:82:F1:7A:2A:37:BD:CD
ValiditySat, 20 Apr 2024 09:04:54 GMT - Fri, 19 Jul 2024 09:04:53 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /setuid?bidder=onetag&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid= HTTP/1.1
Host: elb.the-ozone-project.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://elb.the-ozone-project.com/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=zmV88BhMyp8tqnTSlwF34bbbbqn8zkQDMY_BAs8V5Ak-1714113947-1.0.1.1-DBkTwEHEp5H67Y67OX7vWaMUjykSBtK6hAMbrfonCB3erMhpJoI7jG.tWjcx_Fk784Z5mioL6e8hL.Z5hM.UFw; ozone_uid=2fcx19p4keGERntoRQmhbO34ttf
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 06:45:49 GMT
content-length: 0
cf-ray: 87a49cba4858b4f7-OSL
cf-cache-status: DYNAMIC
cache-control: no-cache, no-store, must-revalidate
expires: 0
vary: Origin, Accept-Encoding
pragma: no-cache
set-cookie: AWSALBTG=DypkynKPKy+DCLbMnlfuLOdKU06PSgx/hPz20MiL2SqlAK3jlvlXKNwfisIrJpT6xZ7KMmQxd9Uvqe33+i0CUGre8s17oIQ5c9MtSySyycgOfIpLVmLCncWgcLmOOJY84oKtOisg2Kgx0enoY6Hb3x11V/AQeKHoBPkTd7bNBujHJZDROyE=; Expires=Fri, 03 May 2024 06:45:49 GMT; Path=/
AWSALBTGCORS=DypkynKPKy+DCLbMnlfuLOdKU06PSgx/hPz20MiL2SqlAK3jlvlXKNwfisIrJpT6xZ7KMmQxd9Uvqe33+i0CUGre8s17oIQ5c9MtSySyycgOfIpLVmLCncWgcLmOOJY84oKtOisg2Kgx0enoY6Hb3x11V/AQeKHoBPkTd7bNBujHJZDROyE=; Expires=Fri, 03 May 2024 06:45:49 GMT; Path=/; SameSite=None
uids=eyJiZGF5IjoiMjAyNC0wNC0yNlQwNjo0NTo0OS44NTAyNjcxODlaIn0=; Domain=the-ozone-project.com; Expires=Thu, 25 Jul 2024 06:45:49 GMT; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2

crackcity.pw/wp-content/uploads/2019/07/crackcitypng.png

69.162.95.5

404 Not Found

9 B

URL GET HTTP/2
crackcity.pw/wp-content/uploads/2019/07/crackcitypng.png
IP
69.162.95.5:443
ASN
#46475 LIMESTONENETWORKS

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerLet's Encrypt
Subjectcrackcity.pw
Fingerprint41:54:02:BC:DC:8B:A9:04:23:3D:D0:EE:56:E4:95:53:6F:AC:58:63
ValidityFri, 19 Apr 2024 03:19:19 GMT - Thu, 18 Jul 2024 03:19:18 GMT

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
d8f4a1993546cc4b850cde3599e27aec
094b763b4cfcc0b05e5d040581cd513c3ca08067
907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9

HTTP Headers

GET /wp-content/uploads/2019/07/crackcitypng.png HTTP/1.1
Host: crackcity.pw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jameeltips.us/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
cache-control: max-age=0, private, must-revalidate
content-length: 9
date: Fri, 26 Apr 2024 06:45:48 GMT
server: Cowboy
set-cookie: sid=9e677350-0398-11ef-927f-5fefe8be0c4e; path=/; domain=.crackcity.pw; expires=Wed, 14 May 2092 09:59:56 GMT; max-age=2147483647; secure; HttpOnly
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/cti/6d/84/c9/6d84c95cf38073e236b57c8fd493bc60/1627917004.png

45.133.44.10

200 OK

22 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/6d/84/c9/6d84c95cf38073e236b57c8fd493bc60/1627917004.png
IP
45.133.44.10:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0
ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT

File type
PNG image data, 468 x 60, 8-bit/color RGB, non-interlaced
Size
22 kB (22093 bytes)
Hash
d3a2f167c25626f865850a86b565f2f1
49d449e3b737d891edb771546252fa59dfc2c041
72ce733b5eb986289ac3c3a5e7cd9939dd8b212f3b32bd019f5b65b53dc912ad

HTTP Headers

GET /cti/6d/84/c9/6d84c95cf38073e236b57c8fd493bc60/1627917004.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 06:45:49 GMT
content-type: image/png
content-length: 22093
server: nginx/1.21.6
last-modified: Mon, 02 Aug 2021 15:10:15 GMT
etag: "61080ad7-564d"
expires: Sun, 28 Apr 2024 06:45:49 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

jameeltips.us/cdn-cgi/rum?

172.67.157.116

204 No Content

0 B

URL POST HTTP/3
jameeltips.us/cdn-cgi/rum?
IP
172.67.157.116:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerGoogle Trust Services LLC
Subjectjameeltips.us
Fingerprint12:8B:5C:10:4B:7F:53:81:0A:B1:2E:A4:9B:1F:D2:17:E3:C4:99:89
ValidityMon, 15 Apr 2024 06:28:05 GMT - Sun, 14 Jul 2024 06:28:04 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: jameeltips.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1049
Origin: https://jameeltips.us
DNT: 1
Connection: keep-alive
Referer: https://jameeltips.us/blog/JEydW
Cookie: lang=en_US; refJEydW=MTBlMzk3NTJjMGEyMmVjOTIzOGIxMTBjNjM3ZmNjMTRjOTk1ZGJhODY1NThjYjk3Zjg5NTkxODg1NmI4OGZjNYkzSg%2Fajoc0SfHemipRilD4EvmxRik7lz6pc1YxCpH2; StatsSend=true; CountryCode=NO; userFromEEA=true; __cmpconsentx13566=CP9rVEAP9rVEAAfYeBENAyEgAAAAAAAAAAigAAAO5gCgA4AM-AjwBKoDuQAA; __cmpcccx13566=aBP9sQgXAAAAAAA; ab=1; dom3ic8zudi28v8lr6fgphwffqoz0j6c=82d47425-6a15-4b4c-81a4-45f7bafabe25%3A3%3A1; pp_main_063bad003b4be020bb82147fa0656322=1; pp_idelay_063bad003b4be020bb82147fa0656322=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
date: Fri, 26 Apr 2024 06:45:50 GMT
access-control-allow-origin: https://jameeltips.us
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 87a49cbba8a2b517-OSL
x-frame-options: DENY
x-content-type-options: nosniff

cookies.nextmillmedia.com/sync?type=image&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnextmillennium%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D[NMUID]

54.226.126.247

302 Found

0 B

URL GET HTTP/2
cookies.nextmillmedia.com/sync?type=image&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnextmillennium%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D[NMUID]
IP
54.226.126.247:443
ASN
#14618 AMAZON-AES

Requested by
https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1714113947519&bidder=ozone
Certificate
IssuerAmazon
Subjectcookies.nextmillmedia.com
Fingerprint01:8E:4A:16:C7:C3:B6:97:4E:36:AC:D6:42:3C:07:30:FB:79:87:D6
ValidityTue, 13 Jun 2023 00:00:00 GMT - Thu, 11 Jul 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sync?type=image&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnextmillennium%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D[NMUID] HTTP/1.1
Host: cookies.nextmillmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://elb.the-ozone-project.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Fri, 26 Apr 2024 06:45:50 GMT
content-length: 0
location: https://elb.the-ozone-project.com/setuid?bidder=nextmillennium&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=
server: fasthttp
set-cookie: NMUID=csuid_cd07a312-8838-4b50-be05-f707a45b9834; max-age=604800; secure; SameSite=None
X-Firefox-Spdy: h2

elb.the-ozone-project.com/setuid?bidder=nextmillennium&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=

104.18.43.178

200 OK

0 B

URL GET HTTP/2
elb.the-ozone-project.com/setuid?bidder=nextmillennium&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=
IP
104.18.43.178:443
ASN
#13335 CLOUDFLARENET

Requested by
https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1714113947519&bidder=ozone
Certificate
IssuerLet's Encrypt
Subjectthe-ozone-project.com
FingerprintC3:80:74:11:0D:D0:16:E1:89:8D:82:2D:36:82:F1:7A:2A:37:BD:CD
ValiditySat, 20 Apr 2024 09:04:54 GMT - Fri, 19 Jul 2024 09:04:53 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /setuid?bidder=nextmillennium&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid= HTTP/1.1
Host: elb.the-ozone-project.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://elb.the-ozone-project.com/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=zmV88BhMyp8tqnTSlwF34bbbbqn8zkQDMY_BAs8V5Ak-1714113947-1.0.1.1-DBkTwEHEp5H67Y67OX7vWaMUjykSBtK6hAMbrfonCB3erMhpJoI7jG.tWjcx_Fk784Z5mioL6e8hL.Z5hM.UFw; ozone_uid=2fcx19p4keGERntoRQmhbO34ttf; uids=eyJiZGF5IjoiMjAyNC0wNC0yNlQwNjo0NTo0OS44NTAyNjcxODlaIn0=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 06:45:50 GMT
content-length: 0
cf-ray: 87a49cbdcb49b4f7-OSL
cf-cache-status: DYNAMIC
cache-control: no-cache, no-store, must-revalidate
expires: 0
vary: Origin, Accept-Encoding
pragma: no-cache
set-cookie: AWSALBTG=XL/ve2KbJHgey6h6HiPKyAboaLaJ6jomR4Gev3+LX12dca2Q8qE2ywo7BG2qYcR7hwHdyPAe9NYtZF9Ykny5t/9u0JIHu8PluwCtVRA8aNji2RUx9DlbITChrBvY34tpuGA+t1beA5PtD+qd52bhCd09qFyII1N5d4ngWScq50mico49m1g=; Expires=Fri, 03 May 2024 06:45:50 GMT; Path=/
AWSALBTGCORS=XL/ve2KbJHgey6h6HiPKyAboaLaJ6jomR4Gev3+LX12dca2Q8qE2ywo7BG2qYcR7hwHdyPAe9NYtZF9Ykny5t/9u0JIHu8PluwCtVRA8aNji2RUx9DlbITChrBvY34tpuGA+t1beA5PtD+qd52bhCd09qFyII1N5d4ngWScq50mico49m1g=; Expires=Fri, 03 May 2024 06:45:50 GMT; Path=/; SameSite=None
uids=eyJiZGF5IjoiMjAyNC0wNC0yNlQwNjo0NTo0OS44NTAyNjcxODlaIn0=; Domain=the-ozone-project.com; Expires=Thu, 25 Jul 2024 06:45:50 GMT; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2

ads.servenobid.com/getsync?tek=pbs&ver=1&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D$UID

34.250.231.235

302 Found

0 B

URL GET HTTP/2
ads.servenobid.com/getsync?tek=pbs&ver=1&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D$UID
IP
34.250.231.235:443
ASN
#16509 AMAZON-02

Requested by
https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1714113947519&bidder=ozone
Certificate
IssuerAmazon
Subjectads.servenobid.com
FingerprintA5:AA:49:D0:11:97:9B:D6:A9:AE:1B:96:17:90:07:21:8A:CF:8E:C3
ValidityFri, 29 Mar 2024 00:00:00 GMT - Sun, 27 Apr 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /getsync?tek=pbs&ver=1&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D$UID HTTP/1.1
Host: ads.servenobid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://elb.the-ozone-project.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Fri, 26 Apr 2024 06:45:50 GMT
content-type: text/html;charset=ISO-8859-1
content-length: 0
location: https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D1%2526redirect%253Dhttps%25253A%25252F%25252Felb.the-ozone-project.com%25252Fsetuid%25253Fbidder%25253Dnobid%252526gdpr%25253D0%252526gdpr_consent%25253D%252526us_privacy%25253Dpbs-ozone%252526uid%25253D%252524UID
access-control-allow-origin: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2

unseenreport.com/pxf.gif?uuid=82d47425-6a15-4b4c-81a4-45f7bafabe25&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=063bad003b4be020bb82147fa0656322&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=6

192.243.61.225

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=82d47425-6a15-4b4c-81a4-45f7bafabe25&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=063bad003b4be020bb82147fa0656322&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=6
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13
ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=82d47425-6a15-4b4c-81a4-45f7bafabe25&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=063bad003b4be020bb82147fa0656322&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=6 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jameeltips.us/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 06:45:50 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c3d4e1f4c068078741f290f5505a27e5
Strict-Transport-Security: max-age=0; includeSubdomains

elb.the-ozone-project.com/cdn-cgi/rum?

104.18.43.178

204 No Content

0 B

URL POST HTTP/2
elb.the-ozone-project.com/cdn-cgi/rum?
IP
104.18.43.178:443
ASN
#13335 CLOUDFLARENET

Requested by
https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1714113947519&bidder=ozone
Certificate
IssuerLet's Encrypt
Subjectthe-ozone-project.com
FingerprintC3:80:74:11:0D:D0:16:E1:89:8D:82:2D:36:82:F1:7A:2A:37:BD:CD
ValiditySat, 20 Apr 2024 09:04:54 GMT - Fri, 19 Jul 2024 09:04:53 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: elb.the-ozone-project.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 470
Origin: https://elb.the-ozone-project.com
DNT: 1
Connection: keep-alive
Referer: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1714113947519&bidder=ozone
Cookie: __cf_bm=zmV88BhMyp8tqnTSlwF34bbbbqn8zkQDMY_BAs8V5Ak-1714113947-1.0.1.1-DBkTwEHEp5H67Y67OX7vWaMUjykSBtK6hAMbrfonCB3erMhpJoI7jG.tWjcx_Fk784Z5mioL6e8hL.Z5hM.UFw; ozone_uid=2fcx19p4keGERntoRQmhbO34ttf; uids=eyJiZGF5IjoiMjAyNC0wNC0yNlQwNjo0NTo0OS44NTAyNjcxODlaIn0=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 204 No Content
date: Fri, 26 Apr 2024 06:46:11 GMT
access-control-allow-origin: https://elb.the-ozone-project.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 87a49d3f382db4f7-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2

jameeltips.us/cdn-cgi/rum?

172.67.157.116

204 No Content

0 B

URL POST HTTP/3
jameeltips.us/cdn-cgi/rum?
IP
172.67.157.116:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerGoogle Trust Services LLC
Subjectjameeltips.us
Fingerprint12:8B:5C:10:4B:7F:53:81:0A:B1:2E:A4:9B:1F:D2:17:E3:C4:99:89
ValidityMon, 15 Apr 2024 06:28:05 GMT - Sun, 14 Jul 2024 06:28:04 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: jameeltips.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 493
Origin: https://jameeltips.us
DNT: 1
Connection: keep-alive
Referer: https://jameeltips.us/blog/JEydW
Cookie: lang=en_US; refJEydW=MTBlMzk3NTJjMGEyMmVjOTIzOGIxMTBjNjM3ZmNjMTRjOTk1ZGJhODY1NThjYjk3Zjg5NTkxODg1NmI4OGZjNYkzSg%2Fajoc0SfHemipRilD4EvmxRik7lz6pc1YxCpH2; StatsSend=true; CountryCode=NO; userFromEEA=true; __cmpconsentx13566=CP9rVEAP9rVEAAfYeBENAyEgAAAAAAAAAAigAAAO5gCgA4AM-AjwBKoDuQAA; __cmpcccx13566=aBP9sQgXAAAAAAA; ab=1; dom3ic8zudi28v8lr6fgphwffqoz0j6c=82d47425-6a15-4b4c-81a4-45f7bafabe25%3A3%3A1; pp_main_063bad003b4be020bb82147fa0656322=1; sharedid=e7f2c548-5ad2-4038-990a-ca1dbf900fbe; sharedid_cst=hCzfLC0sBw%3D%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/3 204 No Content
date: Fri, 26 Apr 2024 06:46:11 GMT
access-control-allow-origin: https://jameeltips.us
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 87a49d3f3819b517-OSL
x-frame-options: DENY
x-content-type-options: nosniff

www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit

142.250.74.131

200 OK

921 B

URL GET HTTP/2
www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerGoogle Trust Services LLC
Subjectmisc.google.com
FingerprintD2:13:30:4E:26:7E:CA:53:A2:34:37:55:7E:91:D6:DB:95:37:A0:C6
ValidityMon, 18 Mar 2024 19:43:06 GMT - Mon, 10 Jun 2024 19:43:05 GMT

File type
JavaScript source, ASCII text, with very long lines (921), with no line terminators
Size
921 B (921 bytes)
Hash
b832740e618479615e7f4ec2d6d18e95
39e2c70fbc1164d6748e0314c36691c42245c53a
66b51ffa06c4662b57b6b492d53318ac5e672cd53f52ce08e2699325eb796414

HTTP Headers

GET /recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit HTTP/1.1
Host: www.recaptcha.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jameeltips.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Fri, 26 Apr 2024 06:45:49 GMT
date: Fri, 26 Apr 2024 06:45:49 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793

104.16.79.73

200 OK

19 kB

URL GET HTTP/2
static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793
IP
104.16.79.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1714113947519&bidder=ozone
Certificate
IssuerGoogle Trust Services LLC
Subjectcloudflareinsights.com
Fingerprint73:92:5A:16:97:55:FC:A5:32:7C:F3:9D:0C:84:EF:F3:2F:AA:B5:00
ValiditySun, 10 Mar 2024 02:33:42 GMT - Sat, 08 Jun 2024 02:33:41 GMT

File type
JavaScript source, ASCII text, with very long lines (19261), with no line terminators
Size
19 kB (19261 bytes)
Hash
3be93fd15d2f7dee2fc0c8981c6fa5c6
8cd88c36fad3e96641dbc4d781f5ddbe5123312f
17106bf803d42bcf2f2bdf778ece084d3f91c68e7ea41dae7bff61fefa573dee

HTTP Headers

GET /beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://elb.the-ozone-project.com
DNT: 1
Connection: keep-alive
Referer: https://elb.the-ozone-project.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 06:45:49 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2024.4.0"
last-modified: Tue, 23 Apr 2024 12:12:17 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a49cb76f0056be-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

btloader.com/tag?o=5130683165442048&upapi=true

104.22.75.216

200 OK

83 kB

URL GET HTTP/2
btloader.com/tag?o=5130683165442048&upapi=true
IP
104.22.75.216:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerGoogle Trust Services LLC
Subjectbtloader.com
Fingerprint70:F7:F9:F7:42:5B:08:2E:94:58:BB:71:DF:F9:4D:8C:F5:09:57:DA
ValiditySun, 14 Apr 2024 06:05:01 GMT - Sat, 13 Jul 2024 06:05:00 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
83 kB (82931 bytes)
Hash
830ce2088cb33285d698804c5ce939b0
ad3af48e1c0dc9d14bdc9a6c1ce3d432d020b23e
432d96e3ffd7bdcb74f654e5fa147b2e29e983faa718b02a52300b6d3fd943b9

HTTP Headers

GET /tag?o=5130683165442048&upapi=true HTTP/1.1
Host: btloader.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jameeltips.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 06:45:47 GMT
content-type: application/javascript
content-length: 24815
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
content-encoding: gzip
etag: "1f90f414226751c3179e2e463cd1be82"
last-modified: Fri, 26 Apr 2024 06:22:09 GMT
vary: Origin, Accept-Encoding
via: 1.1 google
cf-cache-status: HIT
age: 1303
accept-ranges: bytes
server: cloudflare
cf-ray: 87a49cac8bf3abcc-CPH
X-Firefox-Spdy: h2

c.delivery.consentmanager.net/delivery/info/?id=13566&did=1&cfdid=33664&t=pv.d_ncs.d_ancs.d_bncs.cf.cfx&h=https%3A%2F%2Fjameeltips.us%2Fblog%2FJEydW&o=1714113947945&l=EN&lv=0&d=1&ct=14&e=&e2=&e3=&i=&sv=32&dv=22&

87.230.98.76

200 OK

43 B

URL GET HTTP/1.1
c.delivery.consentmanager.net/delivery/info/?id=13566&did=1&cfdid=33664&t=pv.d_ncs.d_ancs.d_bncs.cf.cfx&h=https%3A%2F%2Fjameeltips.us%2Fblog%2FJEydW&o=1714113947945&l=EN&lv=0&d=1&ct=14&e=&e2=&e3=&i=&sv=32&dv=22&
IP
87.230.98.76:443
ASN
#61157 PlusServer GmbH

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerLet's Encrypt
Subjectc.delivery.consentmanager.net
Fingerprint1D:34:3B:3F:F8:A4:47:50:61:59:64:4B:4C:3D:54:A4:02:A6:49:D0
ValiditySat, 13 Apr 2024 23:34:43 GMT - Fri, 12 Jul 2024 23:34:42 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
6f81c41597d3f5a336f458822cc0c32a
8cd77a54b38f1fb376b45af2eaab8f5982523b8d
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

HTTP Headers

GET /delivery/info/?id=13566&did=1&cfdid=33664&t=pv.d_ncs.d_ancs.d_bncs.cf.cfx&h=https%3A%2F%2Fjameeltips.us%2Fblog%2FJEydW&o=1714113947945&l=EN&lv=0&d=1&ct=14&e=&e2=&e3=&i=&sv=32&dv=22& HTTP/1.1
Host: c.delivery.consentmanager.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jameeltips.us/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
date: Fri, 26 Apr 2024 06:45:47 GMT
cache-control: no-store, no-cache, must-revalidate
edge-control: no-store, no-cache, must-revalidate
expires: Thu, 01 Dec 1994 16:00:00 GMT
pragma: no-cache
access-control-allow-origin: *
x-xss-protection: 0
last-modified: Fri, 26 Apr 2024 06:45:47 GMT
content-length: 43
content-type: image/gif

onetag-sys.com/usync/?cb=1714113947563

51.89.9.251

204 No Content

0 B

URL GET HTTP/2
onetag-sys.com/usync/?cb=1714113947563
IP
51.89.9.251:443
ASN
#16276 OVH SAS

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerDigiCert Inc
Subject*.onetag-sys.com
Fingerprint9D:25:F4:C3:B5:6A:40:DB:23:4A:02:98:48:44:09:DB:7C:07:BF:90
ValidityTue, 23 Jan 2024 00:00:00 GMT - Wed, 29 Jan 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /usync/?cb=1714113947563 HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jameeltips.us/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
X-Firefox-Spdy: h2

jameeltips.us/blog/cloud_theme/build/js/script.min.js?ver=6.6.1

172.67.157.116

200 OK

223 kB

URL GET HTTP/3
jameeltips.us/blog/cloud_theme/build/js/script.min.js?ver=6.6.1
IP
172.67.157.116:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerGoogle Trust Services LLC
Subjectjameeltips.us
Fingerprint12:8B:5C:10:4B:7F:53:81:0A:B1:2E:A4:9B:1F:D2:17:E3:C4:99:89
ValidityMon, 15 Apr 2024 06:28:05 GMT - Sun, 14 Jul 2024 06:28:04 GMT

File type

Size
223 kB (223067 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /blog/cloud_theme/build/js/script.min.js?ver=6.6.1 HTTP/1.1
Host: jameeltips.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jameeltips.us/blog/JEydW
Cookie: AppSession=773bao7g787ib27qduuc05juq5; csrfToken=e806376c7fbe7c2a0645ac5d9c2549f42f5561fee1901354fdb2398dbbc34cc225463bee50165f49dec074724b4417cef6c538b8eaeb20aa742b3ce0832adc59; lang=en_US; refJEydW=MTBlMzk3NTJjMGEyMmVjOTIzOGIxMTBjNjM3ZmNjMTRjOTk1ZGJhODY1NThjYjk3Zjg5NTkxODg1NmI4OGZjNYkzSg%2Fajoc0SfHemipRilD4EvmxRik7lz6pc1YxCpH2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 06:45:44 GMT
content-type: application/x-javascript
cache-control: public, max-age=43200
expires: Tue, 23 Apr 2024 12:54:31 GMT
etag: W/"3675b-63b44d50-14a040f;br"
last-modified: Tue, 03 Jan 2023 15:44:16 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: REVALIDATED
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KAwmSRxjCW8bOpABcODUiB2PZj7TBwVgSQVKzD69mRImMcg3xTpA%2Bs0fi98BmBdp24acEh2focmOAZJUtvXL0Zz5bWfuGehs7G0QMczdeIOEbOz1OQxoiTuGSbBhkiJj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a49c9b7f15b517-OSL
content-encoding: br

cashurl.win/webroot/img/bg3.png

172.67.159.79

404 Not Found

0 B

URL GET HTTP/2
cashurl.win/webroot/img/bg3.png
IP
172.67.159.79:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerLet's Encrypt
Subjectcashurl.win
Fingerprint2D:79:E1:27:32:91:B5:BE:05:7B:DC:DD:35:CB:18:9F:26:1D:BC:DA
ValiditySun, 21 Apr 2024 17:46:46 GMT - Sat, 20 Jul 2024 17:46:45 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /webroot/img/bg3.png HTTP/1.1
Host: cashurl.win
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jameeltips.us/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Fri, 26 Apr 2024 06:45:48 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
cache-control: max-age=31536000
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PnQJSy%2FnaRQqh6YiSrCroXNF4zpB5ksRdQp%2BWnIu9YEStA5PVXZ9HtfzQUStAoRrQmM%2BjC3%2FVRiYszqKTH%2F4CuvneXFrKbEKWf7kMgeLlf%2FXOw%2FthwggiTGeHtAU4g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a49cb18de90b65-OSL
content-encoding: br
X-Firefox-Spdy: h2

ads.holid.io/auto/jameeltips.us/holid.js

104.21.83.199

200 OK

44 kB

URL GET HTTP/2
ads.holid.io/auto/jameeltips.us/holid.js
IP
104.21.83.199:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerGoogle Trust Services LLC
Subjectholid.io
Fingerprint68:BA:BD:49:62:2A:5E:86:EE:01:84:42:70:11:F3:07:70:10:23:19
ValiditySat, 30 Mar 2024 14:28:59 GMT - Fri, 28 Jun 2024 14:28:58 GMT

File type
JavaScript source, ASCII text, with very long lines (23079)
Size
44 kB (43590 bytes)
Hash
5289569bfeb1219391d068ea8dbfeb79
59fee65665abd76f7669a9219ab40e6bdd88f1c6
9081c148df281677c5ee4bd617c0cb3632338b4512062daad739c5085cdf7859

HTTP Headers

GET /auto/jameeltips.us/holid.js HTTP/1.1
Host: ads.holid.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jameeltips.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 06:45:44 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=691200, s-maxage=691200
cf-bgj: minify
cf-polished: origSize=89095
etag: W/"65ddb0a6-15c07"
last-modified: Tue, 27 Feb 2024 09:51:34 GMT
cf-cache-status: HIT
age: 639020
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DZZmq8%2F1xAUtmkQOO7yjCi88Ql%2BAhRpb7DuAgH21e6z414LO24wS1wsAYmoIILYkiDtPnc8bHerHXKi0ZTYgPmgb0XPu2dCpg%2FY%2BNGqUMQ23gjL9OHrHWnYgn76s%2Frc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a49c9ba9a0b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

js-sec.indexww.com/um/ixmatch.html

104.18.38.76

200 OK

2.9 kB

URL GET HTTP/2
js-sec.indexww.com/um/ixmatch.html
IP
104.18.38.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerCloudflare, Inc.
Subjectindexww.com
FingerprintA5:6C:CA:55:92:12:0B:95:A4:C2:A2:18:20:23:E7:43:F6:CC:55:28
ValidityTue, 05 Sep 2023 00:00:00 GMT - Tue, 03 Sep 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (3020), with no line terminators
Size
2.9 kB (2920 bytes)
Hash
b6d4d5a83726344ee70a368a6de70411
b0e6c4f9b29ed67a87098a347df8ca2d98f5080f
1aa0da3de9f3f3dca0df6e5ef8365ea0a5fce07b2ece53d5b6c7809e48a30e4b

HTTP Headers

GET /um/ixmatch.html HTTP/1.1
Host: js-sec.indexww.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jameeltips.us/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 06:45:49 GMT
content-type: text/html; charset=UTF-8
last-modified: Mon, 25 Jul 2022 19:18:19 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cf-cache-status: HIT
age: 506
expires: Fri, 26 Apr 2024 10:45:49 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a49cb669d256a9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

jameeltips.us/blog/JEydW

172.67.157.116

200 OK

9.2 kB

URL User Request GET HTTP/2
jameeltips.us/blog/JEydW
IP
172.67.157.116:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectjameeltips.us
Fingerprint12:8B:5C:10:4B:7F:53:81:0A:B1:2E:A4:9B:1F:D2:17:E3:C4:99:89
ValidityMon, 15 Apr 2024 06:28:05 GMT - Sun, 14 Jul 2024 06:28:04 GMT

File type
HTML document, ASCII text, with very long lines (9864), with no line terminators
Size
9.2 kB (9229 bytes)
Hash
55c4173bd98d64dafab6ed4a9dc2387f
1b1fed864bfedf9ba560f518c628e418fa903002
e6253e0c8f0c608bf54f74b48782a6fadc61df41a87e3269420bf3e8c8cab4fb

HTTP Headers

GET /blog/JEydW HTTP/1.1
Host: jameeltips.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 06:45:44 GMT
content-type: text/html; charset=UTF-8
set-cookie: lang=en_US; expires=Mon, 21-Apr-2025 06:45:44 GMT; Max-Age=31104000; path=/
AppSession=773bao7g787ib27qduuc05juq5; path=/blog/; HttpOnly
refJEydW=MTBlMzk3NTJjMGEyMmVjOTIzOGIxMTBjNjM3ZmNjMTRjOTk1ZGJhODY1NThjYjk3Zjg5NTkxODg1NmI4OGZjNYkzSg%2Fajoc0SfHemipRilD4EvmxRik7lz6pc1YxCpH2; expires=Fri, 26-Apr-2024 06:50:44 GMT; Max-Age=300; path=/; HttpOnly
csrfToken=e806376c7fbe7c2a0645ac5d9c2549f42f5561fee1901354fdb2398dbbc34cc225463bee50165f49dec074724b4417cef6c538b8eaeb20aa742b3ce0832adc59; path=/blog/; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P18Va3JFTH5d0h76fD7cXp2k7VK05ljcv4g8U6bszIN0J5Vremmw2vP872eGe%2FRNHSNB0qtaqHkWkjpPoaKNPK%2FoVvk2Sl%2B2m04uIzXyOrGX66P6DGuga5TdeF8zi3vW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a49c98eb9e5684-OSL
content-encoding: br
X-Firefox-Spdy: h2

ads.themoneytizer.com/s/gen.js?type=2

0.0.0.0

0 B

URL GET
ads.themoneytizer.com/s/gen.js?type=2
IP
0.0.0.0:0
ASN
#0

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerGoogle Trust Services LLC
Subjectads.themoneytizer.com
Fingerprint42:B1:B3:BC:2F:4E:51:3F:AF:C5:35:38:10:81:1D:2C:CD:E1:DA:13
ValidityTue, 12 Mar 2024 13:17:27 GMT - Mon, 10 Jun 2024 13:17:26 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s/gen.js?type=2 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jameeltips.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 06:45:44 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
cf-cache-status: HIT
age: 9921
last-modified: Fri, 26 Apr 2024 04:00:23 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a49c9c1de656c1-OSL
content-encoding: br
X-Firefox-Spdy: h2

elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1714113947519&bidder=ozone

104.18.43.178

200 OK

11 kB

URL GET HTTP/2
elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1714113947519&bidder=ozone
IP
104.18.43.178:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerLet's Encrypt
Subjectthe-ozone-project.com
FingerprintC3:80:74:11:0D:D0:16:E1:89:8D:82:2D:36:82:F1:7A:2A:37:BD:CD
ValiditySat, 20 Apr 2024 09:04:54 GMT - Fri, 19 Jul 2024 09:04:53 GMT

File type
HTML document, ASCII text, with very long lines (461)
Size
11 kB (11265 bytes)
Hash
f30ef59f4f773b739e73bdf2f9d032b3
a7080a90ec5d28942d18fba27b14522fb87bf458
a5141a25962e95ee3ee162f5889c652681313b892e34520fb09ac3729cf41562

HTTP Headers

GET /static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1714113947519&bidder=ozone HTTP/1.1
Host: elb.the-ozone-project.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jameeltips.us/
Cookie: __cf_bm=zmV88BhMyp8tqnTSlwF34bbbbqn8zkQDMY_BAs8V5Ak-1714113947-1.0.1.1-DBkTwEHEp5H67Y67OX7vWaMUjykSBtK6hAMbrfonCB3erMhpJoI7jG.tWjcx_Fk784Z5mioL6e8hL.Z5hM.UFw
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 06:45:49 GMT
content-type: text/html; charset=utf-8
cf-ray: 87a49cb60c9ab4f7-OSL
cf-cache-status: DYNAMIC
cache-control: no-cache, no-store, must-revalidate
expires: 0
last-modified: Thu, 25 Apr 2024 10:03:45 GMT
vary: Origin, Accept-Encoding
pragma: no-cache
set-cookie: AWSALBTG=kHqzZoatYWaIRYQ2uFJ52xuoLH3kglPrDZlUtsNzB2RIDx2ZqEDSOv/gGw7MXCNwh7lCSfItwdNgUIg1k0iDdX6hbfHKuq4X40sJe6LB8fZndNb9PlkSi+RA7mLmgwBMZrCH1fdQmnPKgunZ6S7JpTIiCYeHBe6f0GpZsEQfg9OKlKjgIas=; Expires=Fri, 03 May 2024 06:45:49 GMT; Path=/
AWSALBTGCORS=kHqzZoatYWaIRYQ2uFJ52xuoLH3kglPrDZlUtsNzB2RIDx2ZqEDSOv/gGw7MXCNwh7lCSfItwdNgUIg1k0iDdX6hbfHKuq4X40sJe6LB8fZndNb9PlkSi+RA7mLmgwBMZrCH1fdQmnPKgunZ6S7JpTIiCYeHBe6f0GpZsEQfg9OKlKjgIas=; Expires=Fri, 03 May 2024 06:45:49 GMT; Path=/; SameSite=None
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2

ads.themoneytizer.com/s/requestform.js?siteId=85298&formatId=6

0.0.0.0

0 B

URL GET
ads.themoneytizer.com/s/requestform.js?siteId=85298&formatId=6
IP
0.0.0.0:0
ASN
#0

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerGoogle Trust Services LLC
Subjectads.themoneytizer.com
Fingerprint42:B1:B3:BC:2F:4E:51:3F:AF:C5:35:38:10:81:1D:2C:CD:E1:DA:13
ValidityTue, 12 Mar 2024 13:17:27 GMT - Mon, 10 Jun 2024 13:17:26 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s/requestform.js?siteId=85298&formatId=6 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jameeltips.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 06:45:45 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
cf-cache-status: MISS
last-modified: Fri, 26 Apr 2024 06:45:45 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a49c9c1de156c1-OSL
content-encoding: br
X-Firefox-Spdy: h2

elb.the-ozone-project.com/openrtb2/auction

104.18.43.178

200 OK

55 B

URL POST HTTP/2
elb.the-ozone-project.com/openrtb2/auction
IP
104.18.43.178:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerLet's Encrypt
Subjectthe-ozone-project.com
FingerprintC3:80:74:11:0D:D0:16:E1:89:8D:82:2D:36:82:F1:7A:2A:37:BD:CD
ValiditySat, 20 Apr 2024 09:04:54 GMT - Fri, 19 Jul 2024 09:04:53 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
55 B (55 bytes)
Hash
b534b6c87acbf9c3643f7c04054c14f5
d22fcaf357f2acc980dacefd30920170bf9986f9
8581abce769636948bfecf87e103e39f475af41fbd12bc354db7dd3b123d7f0e

HTTP Headers

POST /openrtb2/auction HTTP/1.1
Host: elb.the-ozone-project.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jameeltips.us/
content-type: text/plain
Content-Length: 910
Origin: https://jameeltips.us
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 06:45:47 GMT
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://jameeltips.us
access-control-allow-credentials: true
set-cookie: __cf_bm=zmV88BhMyp8tqnTSlwF34bbbbqn8zkQDMY_BAs8V5Ak-1714113947-1.0.1.1-DBkTwEHEp5H67Y67OX7vWaMUjykSBtK6hAMbrfonCB3erMhpJoI7jG.tWjcx_Fk784Z5mioL6e8hL.Z5hM.UFw; path=/; expires=Fri, 26-Apr-24 07:15:47 GMT; domain=.the-ozone-project.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a49cab59a7b4f7-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

null.holid.io/sync.html?bidders=%5B%22adform%22%2C%22improvedigital%22%2C%22openrtb%22%2C%22rubicon%22%5D&gdpr=0&gdpr_consent=undefined&usp_consent=&type=iframe

104.21.83.199

200 OK

2.0 kB

URL GET HTTP/2
null.holid.io/sync.html?bidders=%5B%22adform%22%2C%22improvedigital%22%2C%22openrtb%22%2C%22rubicon%22%5D&gdpr=0&gdpr_consent=undefined&usp_consent=&type=iframe
IP
104.21.83.199:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerGoogle Trust Services LLC
Subjectholid.io
Fingerprint68:BA:BD:49:62:2A:5E:86:EE:01:84:42:70:11:F3:07:70:10:23:19
ValiditySat, 30 Mar 2024 14:28:59 GMT - Fri, 28 Jun 2024 14:28:58 GMT

File type
HTML document, ASCII text, with very long lines (2059), with no line terminators
Size
2.0 kB (1977 bytes)
Hash
78f878e917f6f4c79bf44341c5885c9e
8e53cd26f466e8a1b8a3c42993873b3f4082c333
22c23ba2bdc377b810042f8fb1374f1e7d5569bb263bd15cccd3d5b3b2f1333e

HTTP Headers

GET /sync.html?bidders=%5B%22adform%22%2C%22improvedigital%22%2C%22openrtb%22%2C%22rubicon%22%5D&gdpr=0&gdpr_consent=undefined&usp_consent=&type=iframe HTTP/1.1
Host: null.holid.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jameeltips.us/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 06:45:52 GMT
content-type: text/html
last-modified: Wed, 08 Feb 2023 09:31:07 GMT
access-control-allow-origin: *
cache-control: public, max-age=691200, s-maxage=691200
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yZ9RjWlx%2B9Pq5Tu6PbNeXYctUyWVLKjQZo5mgcAX1sfQuhQmkqRzIuflLbVVXKt9nZr%2BEmOgivoK8G%2BK3WZxL3ynx28l5zbAodlUnQmsrprvTnJE8%2BK8i2Z%2Bd2Kd5sK6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a49cc9aa3eb4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

helloworld.holid.io/openrtb2/auction

104.21.83.199

200 OK

256 B

URL POST HTTP/2
helloworld.holid.io/openrtb2/auction
IP
104.21.83.199:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerGoogle Trust Services LLC
Subjectholid.io
Fingerprint68:BA:BD:49:62:2A:5E:86:EE:01:84:42:70:11:F3:07:70:10:23:19
ValiditySat, 30 Mar 2024 14:28:59 GMT - Fri, 28 Jun 2024 14:28:58 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
256 B (256 bytes)
Hash
ea3f2646c30c37e5ce13f190931cef51
90a4a720600e0c10d18ca495f0f941c65d108c5e
1587cfd9cacea59ecc7b13fe33610487feead33b9a68c688d4c0d03902d6922e

HTTP Headers

POST /openrtb2/auction HTTP/1.1
Host: helloworld.holid.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jameeltips.us/
content-type: text/plain
Content-Length: 832
Origin: https://jameeltips.us
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 06:45:48 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://jameeltips.us
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
x-prebid: pbs-go/0.275.0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oplesHXwof247EQpJ9H2aJIiW2Yn4%2F2tv5%2BdZgai0l5JtJLVPlnh%2FL8BUiitsYwyYHwFbYXYPa5v8JnL6hWGngco4kOh1iHSqEfF17jkQhFu44lT%2BMOvUV36z998RX%2FzIQCwZbIl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a49cb3aea5b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

elb.the-ozone-project.com/cookie_sync

104.18.43.178

200 OK

10 kB

URL POST HTTP/2
elb.the-ozone-project.com/cookie_sync
IP
104.18.43.178:443
ASN
#13335 CLOUDFLARENET

Requested by
https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1714113947519&bidder=ozone
Certificate
IssuerLet's Encrypt
Subjectthe-ozone-project.com
FingerprintC3:80:74:11:0D:D0:16:E1:89:8D:82:2D:36:82:F1:7A:2A:37:BD:CD
ValiditySat, 20 Apr 2024 09:04:54 GMT - Fri, 19 Jul 2024 09:04:53 GMT

File type
JSON text data
Size
10 kB (10422 bytes)
Hash
08c59876691ac7e1d55be9b2e8821122
e88f8392a37c66528e3254f243f7b28bf6c86b68
05b3e0ba9f0b8dbafa38b88f8140dadb97d5226940aaf83e914a6ea445df47a8

HTTP Headers

POST /cookie_sync HTTP/1.1
Host: elb.the-ozone-project.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 93
Origin: https://elb.the-ozone-project.com
DNT: 1
Connection: keep-alive
Referer: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1714113947519&bidder=ozone
Cookie: __cf_bm=zmV88BhMyp8tqnTSlwF34bbbbqn8zkQDMY_BAs8V5Ak-1714113947-1.0.1.1-DBkTwEHEp5H67Y67OX7vWaMUjykSBtK6hAMbrfonCB3erMhpJoI7jG.tWjcx_Fk784Z5mioL6e8hL.Z5hM.UFw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 06:45:49 GMT
content-type: text/plain; charset=utf-8
cf-ray: 87a49cb96fc0b4f7-OSL
cf-cache-status: DYNAMIC
access-control-allow-origin: https://elb.the-ozone-project.com
cache-control: no-cache, no-store, must-revalidate
expires: 0
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
pragma: no-cache
set-cookie: AWSALBTG=9y3ZemUqk7HrzUEELienrm0TZDaBYFqv4wCfFN2J8/hDBLduF5JibOkPVNjQCMnndXy6oRIsWi+o/30KFYZtETm/BoNyDJwdIpb6a+f5iIKv0QzXaYfMfsV0TtXt3iyBuQAhGv/LeDGui6gxiWUflKakO7epOk5KOwynxHrM0zmhOEf2NNE=; Expires=Fri, 03 May 2024 06:45:49 GMT; Path=/
AWSALBTGCORS=9y3ZemUqk7HrzUEELienrm0TZDaBYFqv4wCfFN2J8/hDBLduF5JibOkPVNjQCMnndXy6oRIsWi+o/30KFYZtETm/BoNyDJwdIpb6a+f5iIKv0QzXaYfMfsV0TtXt3iyBuQAhGv/LeDGui6gxiWUflKakO7epOk5KOwynxHrM0zmhOEf2NNE=; Expires=Fri, 03 May 2024 06:45:49 GMT; Path=/; SameSite=None
ozone_uid=2fcx19p4keGERntoRQmhbO34ttf; Path=/; Domain=the-ozone-project.com; Expires=Fri, 26 Apr 2024 06:45:49 GMT; Max-Age=7776000; Secure; SameSite=None
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2

helloworld.holid.io/cookie_sync

104.21.83.199

200 OK

813 B

URL POST HTTP/2
helloworld.holid.io/cookie_sync
IP
104.21.83.199:443
ASN
#13335 CLOUDFLARENET

Requested by
https://null.holid.io/sync.html?bidders=%5B%22adform%22%2C%22improvedigital%22%2C%22openrtb%22%2C%22rubicon%22%5D&gdpr=0&gdpr_consent=undefined&usp_consent=&type=iframe
Certificate
IssuerGoogle Trust Services LLC
Subjectholid.io
Fingerprint68:BA:BD:49:62:2A:5E:86:EE:01:84:42:70:11:F3:07:70:10:23:19
ValiditySat, 30 Mar 2024 14:28:59 GMT - Fri, 28 Jun 2024 14:28:58 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (868), with no line terminators
Size
813 B (813 bytes)
Hash
1674afb459b46800009273606c5c58f0
eec79b569249e9e1105dae00567c18ef733deb09
9a42b49a7e0b61b2aec844e435c705a99581fde85d2416e039bd9d3097b6486f

HTTP Headers

POST /cookie_sync HTTP/1.1
Host: helloworld.holid.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 95
Origin: https://null.holid.io
DNT: 1
Connection: keep-alive
Referer: https://null.holid.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 06:45:52 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
access-control-allow-origin: https://null.holid.io
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zZhhBBb98iHsTuvpuWv3pXFHiatDQh7cJKdbdDM1w1D8VRJXrN0FRRSumxj2YB1bSwATqKgJZxy7x%2FFCq0y%2BepLxHGcrAybCD8L46ifb9Bf35wlztI95HLcboYAf%2BDh7H0TNxzgq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a49cca9b1db4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

elb.the-ozone-project.com/openrtb2/auction

104.18.43.178

200 OK

55 B

URL POST HTTP/2
elb.the-ozone-project.com/openrtb2/auction
IP
104.18.43.178:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerLet's Encrypt
Subjectthe-ozone-project.com
FingerprintC3:80:74:11:0D:D0:16:E1:89:8D:82:2D:36:82:F1:7A:2A:37:BD:CD
ValiditySat, 20 Apr 2024 09:04:54 GMT - Fri, 19 Jul 2024 09:04:53 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
55 B (55 bytes)
Hash
8d2ba93ee7aff47c5b8ad22aa6382437
d6b2edd1a0cb0316de2e63c9ffc6fa6bf23e8a57
4ac90def924b548d99c4891b77da8d244fa6d3aa0c62d84e73b5297871da4b79

HTTP Headers

POST /openrtb2/auction HTTP/1.1
Host: elb.the-ozone-project.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jameeltips.us/
content-type: text/plain
Content-Length: 964
Origin: https://jameeltips.us
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=zmV88BhMyp8tqnTSlwF34bbbbqn8zkQDMY_BAs8V5Ak-1714113947-1.0.1.1-DBkTwEHEp5H67Y67OX7vWaMUjykSBtK6hAMbrfonCB3erMhpJoI7jG.tWjcx_Fk784Z5mioL6e8hL.Z5hM.UFw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 06:45:48 GMT
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://jameeltips.us
access-control-allow-credentials: true
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a49caf6d96b4f7-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

ads.themoneytizer.com/s/requestform.js?siteId=85298&formatId=2

0.0.0.0

0 B

URL GET
ads.themoneytizer.com/s/requestform.js?siteId=85298&formatId=2
IP
0.0.0.0:0
ASN
#0

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerGoogle Trust Services LLC
Subjectads.themoneytizer.com
Fingerprint42:B1:B3:BC:2F:4E:51:3F:AF:C5:35:38:10:81:1D:2C:CD:E1:DA:13
ValidityTue, 12 Mar 2024 13:17:27 GMT - Mon, 10 Jun 2024 13:17:26 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s/requestform.js?siteId=85298&formatId=2 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jameeltips.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 06:45:45 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
cf-cache-status: MISS
last-modified: Fri, 26 Apr 2024 06:45:45 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a49c9c1de456c1-OSL
content-encoding: br
X-Firefox-Spdy: h2

jameeltips.us/blog/cloud_theme/build/css/styles.min.css?ver=6.6.1

172.67.157.116

200 OK

202 kB

URL GET HTTP/3
jameeltips.us/blog/cloud_theme/build/css/styles.min.css?ver=6.6.1
IP
172.67.157.116:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerGoogle Trust Services LLC
Subjectjameeltips.us
Fingerprint12:8B:5C:10:4B:7F:53:81:0A:B1:2E:A4:9B:1F:D2:17:E3:C4:99:89
ValidityMon, 15 Apr 2024 06:28:05 GMT - Sun, 14 Jul 2024 06:28:04 GMT

File type
ASCII text, with very long lines (65369)
Size
202 kB (201672 bytes)
Hash
179be71d42df03ea58d6ea2785217085
82001a88284463f8e04172b8395f5a9eced37df6
a0319a0b75558303ee14a9d90af0769cd778b155206a96f14aad796c9454a454

HTTP Headers

GET /blog/cloud_theme/build/css/styles.min.css?ver=6.6.1 HTTP/1.1
Host: jameeltips.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jameeltips.us/blog/JEydW
Cookie: AppSession=773bao7g787ib27qduuc05juq5; csrfToken=e806376c7fbe7c2a0645ac5d9c2549f42f5561fee1901354fdb2398dbbc34cc225463bee50165f49dec074724b4417cef6c538b8eaeb20aa742b3ce0832adc59; lang=en_US; refJEydW=MTBlMzk3NTJjMGEyMmVjOTIzOGIxMTBjNjM3ZmNjMTRjOTk1ZGJhODY1NThjYjk3Zjg5NTkxODg1NmI4OGZjNYkzSg%2Fajoc0SfHemipRilD4EvmxRik7lz6pc1YxCpH2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 06:45:44 GMT
content-type: text/css
cache-control: public, max-age=43200
expires: Wed, 10 Apr 2024 07:21:54 GMT
etag: W/"313c8-63b44d50-14a042a;br"
last-modified: Tue, 03 Jan 2023 15:44:16 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: REVALIDATED
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=grTLp60nw%2FOcmGCQPzmYianvy889rYPctwxsJ8RZzemTeHOcoGPCKw7qkoF5m97GhzfipOsUyxXjPf92B%2BzjcHg%2BClxx35AoO6irU%2Fjn2PP1noOIyI6bnM3C7jRtkr2b"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a49c9b5efbb517-OSL
content-encoding: br

static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793

104.16.79.73

200 OK

19 kB

URL GET HTTP/2
static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793
IP
104.16.79.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerGoogle Trust Services LLC
Subjectcloudflareinsights.com
Fingerprint73:92:5A:16:97:55:FC:A5:32:7C:F3:9D:0C:84:EF:F3:2F:AA:B5:00
ValiditySun, 10 Mar 2024 02:33:42 GMT - Sat, 08 Jun 2024 02:33:41 GMT

File type
JavaScript source, ASCII text, with very long lines (19261), with no line terminators
Size
19 kB (19261 bytes)
Hash
3be93fd15d2f7dee2fc0c8981c6fa5c6
8cd88c36fad3e96641dbc4d781f5ddbe5123312f
17106bf803d42bcf2f2bdf778ece084d3f91c68e7ea41dae7bff61fefa573dee

HTTP Headers

GET /beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jameeltips.us
DNT: 1
Connection: keep-alive
Referer: https://jameeltips.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 06:45:44 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2024.4.0"
last-modified: Tue, 23 Apr 2024 12:12:17 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a49c9badcb56be-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

ads.holid.io/prebid8.31.0-gdpr.js

104.21.83.199

200 OK

431 kB

URL GET HTTP/2
ads.holid.io/prebid8.31.0-gdpr.js
IP
104.21.83.199:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerGoogle Trust Services LLC
Subjectholid.io
Fingerprint68:BA:BD:49:62:2A:5E:86:EE:01:84:42:70:11:F3:07:70:10:23:19
ValiditySat, 30 Mar 2024 14:28:59 GMT - Fri, 28 Jun 2024 14:28:58 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
431 kB (431327 bytes)
Hash
8c68e1555ba2c0768e0bf7737527a589
4350c0d099e03e672fba174b9243513f67154570
ae39dd5b071afce65108b5ff9f24ca9719659dcf8c99170e742c6809c95f1c7c

HTTP Headers

GET /prebid8.31.0-gdpr.js HTTP/1.1
Host: ads.holid.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jameeltips.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 06:45:48 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=691200, s-maxage=691200
cf-bgj: minify
cf-polished: origSize=431864
etag: W/"65a7df43-696f8"
last-modified: Wed, 17 Jan 2024 14:08:03 GMT
cf-cache-status: HIT
age: 313188
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IRMVsl0itcM1wTSznJLfYLGXO90Ri%2F0fXyT3gUCRQHgTeOTZ66WOnwplOvzOGl1vG7WO6UzYaOXlnD8WwGHO3voAn%2Fju020eFXD9tSMPYx5vtme9FVcrcVlsL9mc7CI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a49cb10c38b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

downstairsnegotiatebarren.com/sfp.js

172.67.180.87

200 OK

86 kB

URL GET HTTP/2
downstairsnegotiatebarren.com/sfp.js
IP
172.67.180.87:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerLet's Encrypt
Subjectdownstairsnegotiatebarren.com
Fingerprint2C:6A:E1:8E:26:5B:1D:8B:86:CB:C1:72:4E:52:4B:8B:67:3A:D2:44
ValidityMon, 04 Mar 2024 21:53:07 GMT - Sun, 02 Jun 2024 21:53:06 GMT

File type

Size
86 kB (85611 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jameeltips.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 06:45:48 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: d24df1f40809097ca9940f72b882a075
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: STALE
age: 0
last-modified: Fri, 26 Apr 2024 06:45:48 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ptt1J05%2Be8mzUkGNhu4PE2BYuZMTHBTiMDWHl1Xj3ZFAhy34wszVNCsznK8Hj3UHNSuH43AZR0MqwhoYLAE%2BH6wFn6zlH3cWjzM%2BCdaFV5e86KH%2BdDqjPTOfQD%2Bf4hSfAAYxheb%2B5jPaLdKnu3OE7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a49cb37c22b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.consentmanager.net/delivery/js/cmp_en.min.js

185.76.9.21

200 OK

430 kB

URL GET HTTP/2
cdn.consentmanager.net/delivery/js/cmp_en.min.js
IP
185.76.9.21:443
ASN
#60068 Datacamp Limited

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerLet's Encrypt
Subject1376624012.rsc.cdn77.org
FingerprintAF:BA:C5:36:2A:F9:83:4F:32:1A:8F:95:51:86:52:81:8F:51:7D:B8
ValiditySun, 14 Apr 2024 19:25:23 GMT - Sat, 13 Jul 2024 19:25:22 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
430 kB (429977 bytes)
Hash
e826e2568f3153d2e146bf66286bd521
b47610e60026f3db1e80bcf0026b53dbb089007b
b601830d2f9a081099ea148ed53a859bf410ca3460f0029030fb663fef728c99

HTTP Headers

GET /delivery/js/cmp_en.min.js HTTP/1.1
Host: cdn.consentmanager.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jameeltips.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 06:45:47 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 24 Apr 2024 09:35:32 GMT
etag: W/"68f99-616d4644e6100"
cache-control: max-age=86400
expires: Thu, 25 Apr 2024 09:41:22 GMT
edge-control: max-age=86400
x-77-nzt: EwwBuUwJFAH3WCgBAAgBuUwKDAGhDAGKxyXBAfdJFAAA
x-77-nzt-ray: af585630e210e8929b4d2b667cd92929
x-accel-expires: @1714124483
x-accel-date: 1714038083
x-77-cache: HIT
x-77-age: 75864
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 75864
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

api.adinplay.com/libs/aiptag/pub/JML/jameeltips.us/tag.min.js

104.26.2.232

200 OK

710 kB

URL GET HTTP/2
api.adinplay.com/libs/aiptag/pub/JML/jameeltips.us/tag.min.js
IP
104.26.2.232:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerGoogle Trust Services LLC
Subjectadinplay.com
Fingerprint13:C0:EE:BC:9F:76:6C:85:78:CB:97:C2:D1:F0:18:AF:3F:DA:11:15
ValiditySat, 13 Apr 2024 18:47:28 GMT - Fri, 12 Jul 2024 19:39:42 GMT

File type
JavaScript source, ASCII text, with very long lines (63322)
Size
710 kB (710066 bytes)
Hash
b07b4546195a9c8e92c780f8a3a1c1b4
5960ee4eaef7564970b92649366b5b567edfd405
fe5722b119c0aed7feb39823bbce8af298ece6dd9f95ed7db47eac361a4b1234

HTTP Headers

GET /libs/aiptag/pub/JML/jameeltips.us/tag.min.js HTTP/1.1
Host: api.adinplay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jameeltips.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 06:45:45 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin: *
etag: W/"6629fe2e-ad5b2"
last-modified: Thu, 25 Apr 2024 06:54:38 GMT
x-host: adinplay-1
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2QQbU4uFNa8f8YRuAiZl%2FsWsuNjUloCDBG6roHT48yj8X%2BUAOq2uRMxhXc%2FMrbjO9%2BTTV9ysZlK82%2BA0Q6yotToDYInXVwcvO768ouBYchdCXXKPKD%2FMq5H3iGDeAMfQSV8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a49c9b9aa056c7-OSL
content-encoding: br
X-Firefox-Spdy: h2

jameeltips.us/blog/js/ads.js?ver=6.6.1

172.67.157.116

200 OK

190 B

URL GET HTTP/3
jameeltips.us/blog/js/ads.js?ver=6.6.1
IP
172.67.157.116:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jameeltips.us/blog/JEydW
Certificate
IssuerGoogle Trust Services LLC
Subjectjameeltips.us
Fingerprint12:8B:5C:10:4B:7F:53:81:0A:B1:2E:A4:9B:1F:D2:17:E3:C4:99:89
ValidityMon, 15 Apr 2024 06:28:05 GMT - Sun, 14 Jul 2024 06:28:04 GMT

File type
ASCII text, with no line terminators
Size
190 B (190 bytes)
Hash
0dfa4a5fbdff661e852f55aeb6cc152f
74a8e52d698c2c2db136db646188b8d2a62d3e99
9d807c16e2160c2660ffd43bf8b8bc54eb39ecd044e823209c0ade70db965d5a

HTTP Headers

GET /blog/js/ads.js?ver=6.6.1 HTTP/1.1
Host: jameeltips.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jameeltips.us/blog/JEydW
Cookie: AppSession=773bao7g787ib27qduuc05juq5; csrfToken=e806376c7fbe7c2a0645ac5d9c2549f42f5561fee1901354fdb2398dbbc34cc225463bee50165f49dec074724b4417cef6c538b8eaeb20aa742b3ce0832adc59; lang=en_US; refJEydW=MTBlMzk3NTJjMGEyMmVjOTIzOGIxMTBjNjM3ZmNjMTRjOTk1ZGJhODY1NThjYjk3Zjg5NTkxODg1NmI4OGZjNYkzSg%2Fajoc0SfHemipRilD4EvmxRik7lz6pc1YxCpH2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 06:45:44 GMT
content-type: application/x-javascript
cache-control: public, max-age=43200
cf-bgj: minify
cf-polished: origSize=191
alt-svc: h3=":443"; ma=86400
etag: W/"bf-63b44d50-14a0440;;;"
expires: Thu, 18 Apr 2024 16:59:31 GMT
last-modified: Tue, 03 Jan 2023 15:44:16 GMT
cf-cache-status: REVALIDATED
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v4QCeKBhAhWtw8SMZ%2FNaYbiAnMU83%2FueFoZatD7JqVWwn1UwnRKk8OAxXxIGobomfI1cLW9xqSQuRtiZoyXgpHOGeXaosK3DKp29rL1NAKh2VUU1XsjrhoOxPHZvgzKX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a49c9b7f10b517-OSL
content-encoding: br

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (63)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML