200 OK 3.2 kB URL
cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.0/lazysizes.min.js
IP / ASN
104.17.24.14
#13335 CLOUDFLARENET
Resource Info
File type JavaScript source, ASCII text, with very long lines (7862)
First Seen 2023-03-07
Last Seen 2025-08-02
Times Seen 2582
Size 3.2 kB (3150 bytes)
MD5 96201abb62283557a9d7b97b4cab14ab
SHA1 a72f33d920d0ab863df4cb60edf44ec140304cdb
SHA256 46112dbceed738f759d03f04b115d5256a7d73660b7795acb382192ad84d9f98
GET /ajax/libs/lazysizes/5.3.0/lazysizes.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alphonsewiltfongunfaq.pages.dev/
Origin: https://alphonsewiltfongunfaq.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 25 Jan 2025 09:24:45 GMT
content-type: application/javascript; charset=utf-8
content-length: 3150
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5ff0b799-1ed1"
last-modified: Sat, 02 Jan 2021 18:12:41 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 701984
expires: Thu, 15 Jan 2026 09:24:45 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MK1ngYUpGYt7LP%2BJ68DnSXjlFgietZKIlnF0iJIGbP2hQW8f0A5CIl9KrTFnycPM4GBa9Zc6%2BJ8wD4qZaYZ3f4G2UIOFOBdFgdimn3tyeTy8XoFWavz8MvHpPT3ST4aotPpQq%2BNS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 90773648b928569d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
200 OK 22 kB URL
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.slim.min.js
IP / ASN
104.17.24.14
#13335 CLOUDFLARENET
Resource Info
File type JavaScript source, ASCII text, with very long lines (65241)
First Seen 2023-03-07
Last Seen 2025-08-02
Times Seen 6665
Size 22 kB (22329 bytes)
MD5 1276065911521c5c22037a31365d179d
SHA1 d1c6704e94efe2d465fc161b6381e127d35acd81
SHA256 bbb7b9921ca2b61948753a6edb63c78443663dc45d1621d18e102e1dcb34e512
GET /ajax/libs/jquery/3.6.0/jquery.slim.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alphonsewiltfongunfaq.pages.dev/
Origin: https://alphonsewiltfongunfaq.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 25 Jan 2025 09:24:45 GMT
content-type: application/javascript; charset=utf-8
content-length: 22329
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "603e8adc-11ab4"
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 701637
expires: Thu, 15 Jan 2026 09:24:45 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S%2Fah0IwZx76R1ohLpLNqXrGd8nZwGacVbf%2Fi0M7Gt6JWFkzOFcIOSbRC8NpkbnsEGXiE7ZTGpvvi9qYjULGSQv4uca5LzOx4EBRU3TEpyDeGVmPCtK3vNrT6oR3ijj%2FHGB4Ow%2F31"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 90773648c931569d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
200 OK 28 kB URL
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
IP / ASN
104.17.24.14
#13335 CLOUDFLARENET
Resource Info
File type JavaScript source, ASCII text, with very long lines (65451)
First Seen 2023-03-07
Last Seen 2025-08-02
Times Seen 14535
Size 28 kB (27964 bytes)
MD5 12108007906290015100837a6a61e9f4
SHA1 1d6ae46f2ffa213dede37a521b011ec1cd8d1ad3
SHA256 c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4
GET /ajax/libs/jquery/3.5.0/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alphonsewiltfongunfaq.pages.dev/
Origin: https://alphonsewiltfongunfaq.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 25 Jan 2025 09:24:45 GMT
content-type: application/javascript; charset=utf-8
content-length: 27964
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-15d95"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 755359
expires: Thu, 15 Jan 2026 09:24:45 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tqswVnXPHQ8sl3kJ8KGKPSOQWHpyP1A8x9CD4H1Wzz14wFdxM2RZ9HU2RYGLmOe5Hq1bPcx4Ygs7I3trhhBqmrA%2FAfprCEEpavxTk%2FKmu%2BEolB7tRbSnEwgLld7KqRsmA9RCvBtf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 90773648d940569d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
200 OK 29 kB URL
swarthid.github.io/news/pop.js
IP / ASN
185.199.108.153
#54113 FASTLY
Resource Info
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
First Seen 2024-09-03
Last Seen 2025-06-24
Times Seen 96
Size 29 kB (29136 bytes)
MD5 d15d8ea461a2253e2723eabfd97c1c24
SHA1 d6b15221df9aad7f206b90c4a859e73aa081bdbf
SHA256 ba922b2bda4a062d839f7583922770f0b80059010ecaa5b67e3ffb417d570289
GET /news/pop.js HTTP/1.1
Host: swarthid.github.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alphonsewiltfongunfaq.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
permissions-policy: interest-cohort=()
last-modified: Wed, 28 Aug 2024 21:56:07 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: W/"66cf9cf7-171fc"
expires: Sat, 25 Jan 2025 09:34:45 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: C0D7:2040B2:2897D8D:29068FD:6794ADDC
accept-ranges: bytes
age: 0
date: Sat, 25 Jan 2025 09:24:45 GMT
via: 1.1 varnish
x-served-by: cache-hel1410024-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1737797086.609683,VS0,VE125
vary: Accept-Encoding
x-fastly-request-id: 9491ac3aa49efd9347530621eca799d69afe458f
content-length: 29136
X-Firefox-Spdy: h2
200 OK 10 kB URL
swarthid.github.io/5c2bdfa9dd187d33604b355863934a38/invoke.js
IP / ASN
185.199.108.153
#54113 FASTLY
Resource Info
File type JavaScript source, ASCII text, with very long lines (31334)
First Seen 2024-09-03
Last Seen 2025-06-24
Times Seen 99
Size 10 kB (10503 bytes)
MD5 ed9c7b5e275b9d5549c6f493350ba786
SHA1 aaa63f0f4438ccdc57767df138faf7d815b2cb13
SHA256 2fe6c62831e98b1a3ce07710d109c163dc6f3fb449c779af46a2a7c0470fdd04
GET /5c2bdfa9dd187d33604b355863934a38/invoke.js HTTP/1.1
Host: swarthid.github.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alphonsewiltfongunfaq.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
permissions-policy: interest-cohort=()
last-modified: Mon, 12 Aug 2024 11:11:39 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: W/"66b9edeb-7a67"
expires: Sat, 25 Jan 2025 09:34:45 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 8229:54375:2A07886:2A768A0:6794ADDC
accept-ranges: bytes
age: 0
date: Sat, 25 Jan 2025 09:24:45 GMT
via: 1.1 varnish
x-served-by: cache-hel1410024-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1737797086.615737,VS0,VE125
vary: Accept-Encoding
x-fastly-request-id: cdcccc437ccd6d4f134251d15811d684058ff876
content-length: 10503
X-Firefox-Spdy: h2
200 OK 10 kB URL
swarthid.github.io/530f8870d8a0f24c43720d58b02daf83/invoke.js
IP / ASN
185.199.108.153
#54113 FASTLY
Resource Info
File type JavaScript source, ASCII text, with very long lines (31328)
First Seen 2024-09-03
Last Seen 2025-06-24
Times Seen 99
Size 10 kB (10501 bytes)
MD5 6190f33d45289898b7993fb11905caa6
SHA1 6d5611d8283c3f2f20c7f98f2918faaa880b28bd
SHA256 7a4894454db6745f748e0cc61dfd6b09ae15d4e6e311f94a6d0b158cf6f927c7
GET /530f8870d8a0f24c43720d58b02daf83/invoke.js HTTP/1.1
Host: swarthid.github.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alphonsewiltfongunfaq.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
permissions-policy: interest-cohort=()
last-modified: Mon, 12 Aug 2024 11:11:14 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: W/"66b9edd2-7a61"
expires: Sat, 25 Jan 2025 09:34:45 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 52F5:3B9328:298E90F:29FD6AF:6794ADDD
accept-ranges: bytes
date: Sat, 25 Jan 2025 09:24:45 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-hel1410024-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1737797086.618718,VS0,VE150
vary: Accept-Encoding
x-fastly-request-id: 7e2db17cdf38885f198fcf03e0a11735a162e32b
content-length: 10501
X-Firefox-Spdy: h2
200 OK 362 B URL
3.bp.blogspot.com/-ZZSacDHLWlM/VhvlKTMjbLI/AAAAAAAAF2M/UDzU4rrvcaI/s1600/btn_close.gif
IP / ASN
142.250.178.65
#15169 GOOGLE
Resource Info
File type GIF image data, version 89a, 52 x 15
First Seen 2023-04-30
Last Seen 2025-08-02
Times Seen 2108
Size 362 B (362 bytes)
MD5 fd2c05a8c327ace309722b0a5fc4faf3
SHA1 f446e97c43f8830be9f60644563dd846abe6b8e8
SHA256 0450e2e1aa3c8b5435690d841f3e573c4f521864e1f8e01a5b6dbcdac922c8b4
GET /-ZZSacDHLWlM/VhvlKTMjbLI/AAAAAAAAF2M/UDzU4rrvcaI/s1600/btn_close.gif HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alphonsewiltfongunfaq.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="btn_close.gif"
x-content-type-options: nosniff
server: fife
content-length: 362
x-xss-protection: 0
date: Sat, 25 Jan 2025 06:22:41 GMT
expires: Sun, 26 Jan 2025 06:22:41 GMT
cache-control: public, max-age=86400, no-transform
age: 10924
etag: "v1764"
content-type: image/gif
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
200 OK 85 kB URL
recordedthereby.com/sfp.js
IP / ASN
185.196.197.72
#39572 DataWeb Global Group B.V.
Resource Info
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
First Seen 2025-01-25
Last Seen 2025-06-27
Times Seen 2209
Size 85 kB (85380 bytes)
MD5 108625937affa4b38bb17cea65510d72
SHA1 2c0f48e9efa3fb5554d1fa393b28d74d5339f9ee
SHA256 c84263fcf6b091998dd37f5f600b3bfea92ac1d31cbf9631bb87fa411124a9e0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /sfp.js HTTP/1.1
Host: recordedthereby.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alphonsewiltfongunfaq.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 25 Jan 2025 09:24:46 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 85380
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Host: recordedthereby.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 55a3b7114dd60f61f3c55a6e39582368
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
404 Not Found 727 B URL
tse1.mm.bing.net/th?q=
IP / ASN
150.171.27.10
#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, baseline, precision 8, 80x80, components 3
First Seen 2023-08-21
Last Seen 2025-08-02
Times Seen 1375
Size 727 B (727 bytes)
MD5 5116706c119475f5ae2fc135c3358037
SHA1 7e5bdf3585153e317ebef05a9b8241d311e44cb3
SHA256 7edda2585f580c167fd4e3a6c162534548cda437f8bef67c544f3aa9c162a17c
GET /th?q= HTTP/1.1
Host: tse1.mm.bing.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alphonsewiltfongunfaq.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
cache-control: no-cache
pragma: no-cache
content-length: 727
expires: -1
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CB288EE6B3EC44989C35ED67E4557471 Ref B: OSL30EDGE0205 Ref C: 2025-01-25T09:24:46Z
date: Sat, 25 Jan 2025 09:24:46 GMT
X-Firefox-Spdy: h2
200 OK 495 B URL
suggestqueries.google.com/complete/search?jsonp=autoRelated&hl=en&client=firefox&q=
IP / ASN
142.250.178.46
#15169 GOOGLE
Resource Info
File type ASCII text, with no line terminators
First Seen 2023-05-14
Last Seen 2025-08-02
Times Seen 1249
Size 495 B (495 bytes)
MD5 fdbaede1a8136a6bd589d54e2f69fff8
SHA1 883905e057c9b758a95c9ece940d089e3af85e0a
SHA256 5ffae3c0e627b6a2083d67639bfa32ecfe695671ee25f8e1315d2067a4e28df4
GET /complete/search?jsonp=autoRelated&hl=en&client=firefox&q= HTTP/1.1
Host: suggestqueries.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alphonsewiltfongunfaq.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 25 Jan 2025 09:24:46 GMT
pragma: no-cache
expires: -1
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-7nVZCK-h4RVJcy_jUn2cTQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/fff
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/fff"}]}
accept-ch: Sec-CH-Prefers-Color-Scheme
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: gws
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
200 OK 40 B URL
experttrafficcounter.com/stats
IP / ASN
52.28.211.29
#16509 AMAZON-02
Resource Info
File type ASCII text, with no line terminators
First Seen 2025-01-25
Last Seen 2025-01-25
Times Seen 1
Size 40 B (40 bytes)
MD5 985ee2cc2e471a7843b97cc7f0ef7ca8
SHA1 256b7cd3bace1e57112af420aef81383a6c079c5
SHA256 0c2f5fd1fcc24ed41df26b503a5914151ce28af3514f3b171e3c60668279145c
GET /stats HTTP/1.1
Host: experttrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alphonsewiltfongunfaq.pages.dev/
Origin: https://alphonsewiltfongunfaq.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 25 Jan 2025 09:24:47 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://alphonsewiltfongunfaq.pages.dev
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=c0dc6ee3-1e6a-4d60-80b2-5a18d3f2a664:2:1; expires=Tue, 23 Jan 2035 09:24:47 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
204 No Content 0 B URL
sarcasmadvisor.com/pixel/pure
IP / ASN
172.240.108.76
#7979 SERVERS-COM
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5607131
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
OPTIONS /pixel/pure HTTP/1.1
Host: sarcasmadvisor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://alphonsewiltfongunfaq.pages.dev/
Origin: https://alphonsewiltfongunfaq.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: nginx/1.21.6
Date: Sat, 25 Jan 2025 09:24:47 GMT
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0
200 OK 118 B URL
comprehensionaccountsfragile.com/watch.1223320133783.js?key=5c2bdfa9dd187d33604b355863934a38&kw=%5B%5D&refer=https%3A%2F%2Falphonsewiltfongunfaq.pages.dev%2F&tz=0&dev=e&res=14.2071&uuid=
IP / ASN
172.240.253.132
#7979 SERVERS-COM
Resource Info
File type HTML document, ASCII text, with no line terminators
First Seen 2024-05-29
Last Seen 2025-07-27
Times Seen 1145
Size 118 B (118 bytes)
MD5 b0f623103cd51d764412d46f8a7e0816
SHA1 3c88223adef88d7cb3ef5536b4b398ef54f31781
SHA256 fe40b26bcb3f34ba8f180d33623bb3b109597ba9b3f5596ba1bc6b665b8dcb67
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.1223320133783.js?key=5c2bdfa9dd187d33604b355863934a38&kw=%5B%5D&refer=https%3A%2F%2Falphonsewiltfongunfaq.pages.dev%2F&tz=0&dev=e&res=14.2071&uuid= HTTP/1.1
Host: comprehensionaccountsfragile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alphonsewiltfongunfaq.pages.dev/
Origin: https://alphonsewiltfongunfaq.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 25 Jan 2025 09:24:47 GMT
Content-Type: text/html
Content-Length: 118
Connection: keep-alive
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
set-cookie: u_pl17946688=1; expires=Sun, 26 Jan 2025 09:24:47 GMT; path=/; secure; SameSite=None
x-envoy-upstream-service-time: 1
x-envoy-decorator-operation: go-banner.modules.svc.cluster.local:9090/*
Host: comprehensionaccountsfragile.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 25761d7cc1d855685f074150a4b71c04
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
200 OK 118 B URL
hopefulbiologicaloverreact.com/watch.63759240189.js?key=530f8870d8a0f24c43720d58b02daf83&kw=%5B%5D&refer=https%3A%2F%2Falphonsewiltfongunfaq.pages.dev%2F&tz=0&dev=e&res=14.2071&uuid=
IP / ASN
192.243.59.12
#39572 DataWeb Global Group B.V.
Resource Info
File type HTML document, ASCII text, with no line terminators
First Seen 2024-05-29
Last Seen 2025-07-27
Times Seen 1145
Size 118 B (118 bytes)
MD5 b0f623103cd51d764412d46f8a7e0816
SHA1 3c88223adef88d7cb3ef5536b4b398ef54f31781
SHA256 fe40b26bcb3f34ba8f180d33623bb3b109597ba9b3f5596ba1bc6b665b8dcb67
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.63759240189.js?key=530f8870d8a0f24c43720d58b02daf83&kw=%5B%5D&refer=https%3A%2F%2Falphonsewiltfongunfaq.pages.dev%2F&tz=0&dev=e&res=14.2071&uuid= HTTP/1.1
Host: hopefulbiologicaloverreact.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alphonsewiltfongunfaq.pages.dev/
Origin: https://alphonsewiltfongunfaq.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 25 Jan 2025 09:24:47 GMT
Content-Type: text/html
Content-Length: 118
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl17941123=1; expires=Sun, 26 Jan 2025 09:24:47 GMT; path=/; secure; SameSite=None
Host: hopefulbiologicaloverreact.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: c7341dc5c670f6252817a1d32c69dfd7
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
200 OK 0 B URL
sarcasmadvisor.com/pixel/pure
IP / ASN
172.240.108.76
#7979 SERVERS-COM
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5607131
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /pixel/pure HTTP/1.1
Host: sarcasmadvisor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alphonsewiltfongunfaq.pages.dev/
Content-Type: application/json
Content-Length: 73
Origin: https://alphonsewiltfongunfaq.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 25 Jan 2025 09:24:47 GMT
Content-Length: 0
Connection: keep-alive
Host: sarcasmadvisor.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
200 OK 0 B URL
capaciousdrewreligion.com/advertisers.js
IP / ASN
185.196.197.72
#39572 DataWeb Global Group B.V.
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5607131
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /advertisers.js HTTP/1.1
Host: capaciousdrewreligion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alphonsewiltfongunfaq.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 25 Jan 2025 09:24:47 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 8cf1ea5c7dddb72f27fdc558e8fa004b
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
200 OK 118 B URL
hopefulbiologicaloverreact.com/watch.63759240189?key=530f8870d8a0f24c43720d58b02daf83&kw=%5B%5D&refer=https%3A%2F%2Falphonsewiltfongunfaq.pages.dev%2F&tz=0&dev=e&res=14.2071&uuid=c0dc6ee3-1e6a-4d60-80b2-5a18d3f2a664%3A2%3A1
IP / ASN
192.243.59.12
#39572 DataWeb Global Group B.V.
Resource Info
File type HTML document, ASCII text, with no line terminators
First Seen 2024-05-29
Last Seen 2025-07-27
Times Seen 1145
Size 118 B (118 bytes)
MD5 b0f623103cd51d764412d46f8a7e0816
SHA1 3c88223adef88d7cb3ef5536b4b398ef54f31781
SHA256 fe40b26bcb3f34ba8f180d33623bb3b109597ba9b3f5596ba1bc6b665b8dcb67
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.63759240189?key=530f8870d8a0f24c43720d58b02daf83&kw=%5B%5D&refer=https%3A%2F%2Falphonsewiltfongunfaq.pages.dev%2F&tz=0&dev=e&res=14.2071&uuid=c0dc6ee3-1e6a-4d60-80b2-5a18d3f2a664%3A2%3A1 HTTP/1.1
Host: hopefulbiologicaloverreact.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alphonsewiltfongunfaq.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: u_pl17941123=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 25 Jan 2025 09:24:47 GMT
Content-Type: text/html
Content-Length: 118
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: hopefulbiologicaloverreact.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 52430582b31f701e42ede5b938da40af
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
200 OK 118 B URL
comprehensionaccountsfragile.com/watch.1223320133783?key=5c2bdfa9dd187d33604b355863934a38&kw=%5B%5D&refer=https%3A%2F%2Falphonsewiltfongunfaq.pages.dev%2F&tz=0&dev=e&res=14.2071&uuid=c0dc6ee3-1e6a-4d60-80b2-5a18d3f2a664%3A2%3A1
IP / ASN
172.240.253.132
#7979 SERVERS-COM
Resource Info
File type HTML document, ASCII text, with no line terminators
First Seen 2024-05-29
Last Seen 2025-07-27
Times Seen 1145
Size 118 B (118 bytes)
MD5 b0f623103cd51d764412d46f8a7e0816
SHA1 3c88223adef88d7cb3ef5536b4b398ef54f31781
SHA256 fe40b26bcb3f34ba8f180d33623bb3b109597ba9b3f5596ba1bc6b665b8dcb67
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.1223320133783?key=5c2bdfa9dd187d33604b355863934a38&kw=%5B%5D&refer=https%3A%2F%2Falphonsewiltfongunfaq.pages.dev%2F&tz=0&dev=e&res=14.2071&uuid=c0dc6ee3-1e6a-4d60-80b2-5a18d3f2a664%3A2%3A1 HTTP/1.1
Host: comprehensionaccountsfragile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alphonsewiltfongunfaq.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: u_pl17946688=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 25 Jan 2025 09:24:47 GMT
Content-Type: text/html
Content-Length: 118
Connection: keep-alive
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
x-envoy-upstream-service-time: 0
x-envoy-decorator-operation: go-banner.modules.svc.cluster.local:9090/*
Host: comprehensionaccountsfragile.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: a4d828e7025f50c62917382e7446afbe
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
200 OK 0 B URL
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP / ASN
142.250.178.98
#15169 GOOGLE
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5607131
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alphonsewiltfongunfaq.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
vary: Accept-Encoding
date: Sat, 25 Jan 2025 09:24:47 GMT
expires: Sat, 25 Jan 2025 09:24:47 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 15366746776583082235
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 53830
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
200 OK 1 B URL
unseenreport.com/pxf.gif?uuid=c0dc6ee3-1e6a-4d60-80b2-5a18d3f2a664&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=7ca25250e078787639c419b9bf5487ff&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=9
IP / ASN
192.243.61.225
#39572 DataWeb Global Group B.V.
Resource Info
File type very short file (no magic)
First Seen 2023-04-05
Last Seen 2025-07-31
Times Seen 25187
Size 1 B (1 bytes)
MD5 93b885adfe0da089cdf634904fd59f71
SHA1 5ba93c9db0cff93f52b521d7420e43f6eda2784f
SHA256 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pxf.gif?uuid=c0dc6ee3-1e6a-4d60-80b2-5a18d3f2a664&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=7ca25250e078787639c419b9bf5487ff&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=9 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alphonsewiltfongunfaq.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 25 Jan 2025 09:24:47 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Host: unseenreport.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 0346c0c815f2e6fb01da1066daab6c1b
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
GET blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjh6x2fJSRoFfTxy-Emk03HHYdQtC3cUaTVbfTIebWeLfO46XVN7-mQpUtg13yCTAF6T3utjGymA0i6KulEqLZ5e5pvHJaql-ZgvGuDq3qt6yWJaEFHVgJBfQFU4UGut6k99nyT9Mq3MPCWrrBt11z8fFZfRHfy51MyMMqQnHsZdy9RrNBqGRX7IqClQAo/s1600/favicon.ico
200 OK 5.2 kB URL
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjh6x2fJSRoFfTxy-Emk03HHYdQtC3cUaTVbfTIebWeLfO46XVN7-mQpUtg13yCTAF6T3utjGymA0i6KulEqLZ5e5pvHJaql-ZgvGuDq3qt6yWJaEFHVgJBfQFU4UGut6k99nyT9Mq3MPCWrrBt11z8fFZfRHfy51MyMMqQnHsZdy9RrNBqGRX7IqClQAo/s1600/favicon.ico
IP / ASN
142.250.178.97
#15169 GOOGLE
Requested by https://laspi.net/#uads=108429888439787693110688b89c6195631bff4db8472e3bb171e
Resource Info
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
First Seen 2024-09-03
Last Seen 2025-06-24
Times Seen 100
Size 5.2 kB (5230 bytes)
MD5 9c637eed5a801e2addbbf2dec98b1560
SHA1 75c03a183794c82929b7008032b7ba1354e5a476
SHA256 b0cba32ca532c547d60b584b04ea5b9ec20e87e2af087fdb87cea2a5ce455a1a
Certificate Info
Issuer Google Trust Services
Subject *.googleusercontent.com
Fingerprint D2:15:13:77:74:22:58:D3:06:17:16:14:8F:CF:FF:DF:94:2F:1E:20
Validity Mon, 06 Jan 2025 08:37:05 GMT - Mon, 31 Mar 2025 08:37:04 GMT
GET /img/b/R29vZ2xl/AVvXsEjh6x2fJSRoFfTxy-Emk03HHYdQtC3cUaTVbfTIebWeLfO46XVN7-mQpUtg13yCTAF6T3utjGymA0i6KulEqLZ5e5pvHJaql-ZgvGuDq3qt6yWJaEFHVgJBfQFU4UGut6k99nyT9Mq3MPCWrrBt11z8fFZfRHfy51MyMMqQnHsZdy9RrNBqGRX7IqClQAo/s1600/favicon.ico HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alphonsewiltfongunfaq.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/png
vary: Origin
access-control-expose-headers: Content-Length
etag: "v2fdf"
expires: Sun, 26 Jan 2025 09:24:47 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="favicon.ico.png"
x-content-type-options: nosniff
date: Sat, 25 Jan 2025 09:24:47 GMT
server: fife
content-length: 5230
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
200 OK 453 B URL
www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwiHpqqZzamIAxVZjGMGHUd1K2QQFnoECAkQAQ&url=https%3A%2F%2Flaspi.net%2F%23uads%3D108429888439787693110688b89c6195631bff4db8472e3bb171e&usg=AOvVaw2Wu1B92y9t-XY0AenHyLym
IP / ASN
142.250.178.100
#15169 GOOGLE
Resource Info
File type JavaScript source, ASCII text, with very long lines (591)
First Seen 2025-01-25
Last Seen 2025-01-25
Times Seen 1
Size 453 B (453 bytes)
MD5 d11f3d53d4dfd9b76e080c1c082268b3
SHA1 3bae573d5385b87f09be124c78110d9998390bb2
SHA256 6dff9d2ee8f2a7964768834b2b95fd05c2847fdedf1d2548e6a63fc303739f05
GET /url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwiHpqqZzamIAxVZjGMGHUd1K2QQFnoECAkQAQ&url=https%3A%2F%2Flaspi.net%2F%23uads%3D108429888439787693110688b89c6195631bff4db8472e3bb171e&usg=AOvVaw2Wu1B92y9t-XY0AenHyLym HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alphonsewiltfongunfaq.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 25 Jan 2025 09:24:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-8VTnbhSFFZlL5UF2oSvppA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
accept-ch: Sec-CH-Prefers-Color-Scheme
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-encoding: br
server: gws
content-length: 453
x-xss-protection: 0
set-cookie: __Secure-ENID=25.SE=gxcmLPZTxPdXVAVDNurcawMDf_2HSWL_Vze7zTIEbjlEDs1eIzYnaGcr9cu1YKDJ_ASpkbaRzvjx5KoUuh6SXE4f_-ZVOB0b3yvQ3LB1ueyMEmbAdlOxFubnNo_vYN0X8rciiKTWlz6Jg8_AJzeGmUja1xHo2cMZ0ZapQ_Xxpw3zKnz8jfyTNqd0TIk4E-FwyLPG9cTKwa1dvjWTfxDpHjer6KAs1dn8ecHvnaWj7daWJ-Or; expires=Wed, 25-Feb-2026 01:43:07 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET laspi.net/wp-content/plugins/floating-ads-bottom/images/close.png
200 OK 718 B URL
laspi.net/wp-content/plugins/floating-ads-bottom/images/close.png
IP / ASN
188.114.97.1
#13335 CLOUDFLARENET
Requested by https://laspi.net/#uads=108429888439787693110688b89c6195631bff4db8472e3bb171e
Resource Info
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
First Seen 2023-05-07
Last Seen 2025-07-07
Times Seen 140
Size 718 B (718 bytes)
MD5 86a65311d3a85713a94e430596145106
SHA1 e5d90fb9f6c749809e69d7c5168ef2ef860425bf
SHA256 d50a82cbf1b41068353ddf2589695da59293e5e0d0081e432acc5a83df3428b9
Certificate Info
Issuer Google Trust Services
Subject laspi.net
Fingerprint 5C:FB:59:A9:80:C8:8B:E0:39:C7:70:0E:9A:D2:5C:5A:79:BA:85:E2
Validity Thu, 26 Dec 2024 02:44:42 GMT - Wed, 26 Mar 2025 03:42:54 GMT
GET /wp-content/plugins/floating-ads-bottom/images/close.png HTTP/1.1
Host: laspi.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://laspi.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 25 Jan 2025 09:24:49 GMT
content-type: image/png
content-length: 718
x-provided-by: StackCDN
last-modified: Sun, 10 Mar 2024 16:59:23 GMT
etag: "2ce-6135158cfa9b8"
cache-control: max-age=31536000
expires: Wed, 06 Nov 2024 23:43:22 GMT
x-origin-cache-status: MISS
x-cdn-cache-status: REVALIDATED
x-via: AMS1
cf-cache-status: HIT
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LA4xN%2BIE7Vg0ftXcWYa8TQO8U8k2G54CKX2%2FoV4VOj%2BJDOZlei4fNG8w1CZ84ZPTKhsJf48owT2e%2FVnVLX0PaIofLvLQP2Lrd6TRy25mz5n2hQ796ZyJzSC1rFY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 907736620ef65691-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3343&min_rtt=1418&rtt_var=1327&sent=24&recv=14&lost=0&retrans=0&sent_bytes=13041&recv_bytes=2177&delivery_rate=559332&cwnd=12000&unsent_bytes=0&cid=2400a32a117ae686&ts=167&x=1", cfExtPri, cfHdrFlush;dur=0
200 OK 48 kB IP / ASN
188.114.97.1
#13335 CLOUDFLARENET
Resource Info
File type HTML document, ASCII text, with very long lines (17518), with CRLF, LF line terminators
First Seen 2025-01-25
Last Seen 2025-01-25
Times Seen 1
Size 48 kB (47514 bytes)
MD5 2b1ef05e0d57b1b9fe7ef3b1f226e357
SHA1 de4cb3a419f6bb6937dd732f6d5ed7f7ed83641d
SHA256 eacf68b1f76151086e80e470f2d860ac6f6ba0beb0e8a626ae77156b2caf31da
Certificate Info
Issuer Google Trust Services
Subject laspi.net
Fingerprint 5C:FB:59:A9:80:C8:8B:E0:39:C7:70:0E:9A:D2:5C:5A:79:BA:85:E2
Validity Thu, 26 Dec 2024 02:44:42 GMT - Wed, 26 Mar 2025 03:42:54 GMT
GET / HTTP/1.1
Host: laspi.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 25 Jan 2025 09:24:49 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, s-maxage=216000
x-powered-by: PHP/7.4.33
link: <https://laspi.net/wp-json/>; rel="https://api.w.org/"
x-stackcache-cacheable: yes
x-cache-enabled: true
x-provided-by: StackCDN
x-origin-cache-status: MISS
x-cdn-cache-status: HIT
x-via: AMS1
last-modified: Thu, 23 Jan 2025 10:46:44 GMT
cf-cache-status: HIT
age: 151975
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IdIgAQ95QeSVJCi2RWxb5K2Qomrq%2BJmTGo55qn6HPtH65cOfUZZtN%2BFyUxDPR2ggjg3yxUhVfLrbHJaRt4ePSbC84C8O2AIXD7ahE44ERsuOvQer8CM%2BcjlhB0Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 907736611af3b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfCacheStatus;desc="HIT", cfL4;desc="?proto=TCP&rtt=523&min_rtt=414&rtt_var=213&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3190&recv_bytes=1132&delivery_rate=8150093&cwnd=254&unsent_bytes=0&cid=71f8c6e3b81fce04&ts=33&x=0"
X-Firefox-Spdy: h2
GET headacheaim.com/f349db6125575591c998d04010914019/invoke.js
403 Forbidden 0 B URL
headacheaim.com/f349db6125575591c998d04010914019/invoke.js
IP / ASN
192.243.61.227
#39572 DataWeb Global Group B.V.
Requested by https://laspi.net/#uads=108429888439787693110688b89c6195631bff4db8472e3bb171e
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5607131
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject headacheaim.com
Fingerprint 96:4E:D8:0E:BD:B9:9F:4E:94:C8:DA:DB:CD:52:2C:DD:EE:C1:73:A3
Validity Sat, 21 Dec 2024 13:46:52 GMT - Fri, 21 Mar 2025 13:46:51 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /f349db6125575591c998d04010914019/invoke.js HTTP/1.1
Host: headacheaim.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://laspi.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Server: nginx/1.21.6
Date: Sat, 25 Jan 2025 09:24:50 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: headacheaim.com
GET frostscanty.com/530f8870d8a0f24c43720d58b02daf83/invoke.js
403 Forbidden 0 B URL
frostscanty.com/530f8870d8a0f24c43720d58b02daf83/invoke.js
IP / ASN
192.243.61.227
#39572 DataWeb Global Group B.V.
Requested by https://laspi.net/#uads=108429888439787693110688b89c6195631bff4db8472e3bb171e
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5607131
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject frostscanty.com
Fingerprint 96:B4:FE:6A:E3:AE:CD:D0:7A:FD:AA:67:5A:A3:FC:15:3A:62:4E:2F
Validity Thu, 12 Dec 2024 21:46:32 GMT - Wed, 12 Mar 2025 21:46:31 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /530f8870d8a0f24c43720d58b02daf83/invoke.js HTTP/1.1
Host: frostscanty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://laspi.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Server: nginx/1.21.6
Date: Sat, 25 Jan 2025 09:24:51 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: frostscanty.com
GET headacheaim.com/f349db6125575591c998d04010914019/invoke.js
403 Forbidden 0 B URL
headacheaim.com/f349db6125575591c998d04010914019/invoke.js
IP / ASN
192.243.61.227
#39572 DataWeb Global Group B.V.
Requested by https://laspi.net/#uads=108429888439787693110688b89c6195631bff4db8472e3bb171e
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5607131
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject headacheaim.com
Fingerprint 96:4E:D8:0E:BD:B9:9F:4E:94:C8:DA:DB:CD:52:2C:DD:EE:C1:73:A3
Validity Sat, 21 Dec 2024 13:46:52 GMT - Fri, 21 Mar 2025 13:46:51 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /f349db6125575591c998d04010914019/invoke.js HTTP/1.1
Host: headacheaim.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://laspi.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Server: nginx/1.21.6
Date: Sat, 25 Jan 2025 09:24:51 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: headacheaim.com
GET headacheaim.com/f349db6125575591c998d04010914019/invoke.js
403 Forbidden 0 B URL
headacheaim.com/f349db6125575591c998d04010914019/invoke.js
IP / ASN
192.243.61.227
#39572 DataWeb Global Group B.V.
Requested by https://laspi.net/#uads=108429888439787693110688b89c6195631bff4db8472e3bb171e
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5607131
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject headacheaim.com
Fingerprint 96:4E:D8:0E:BD:B9:9F:4E:94:C8:DA:DB:CD:52:2C:DD:EE:C1:73:A3
Validity Sat, 21 Dec 2024 13:46:52 GMT - Fri, 21 Mar 2025 13:46:51 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /f349db6125575591c998d04010914019/invoke.js HTTP/1.1
Host: headacheaim.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://laspi.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Server: nginx/1.21.6
Date: Sat, 25 Jan 2025 09:24:51 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: headacheaim.com
POST laspi.net/cdn-cgi/rum?
204 No Content 0 B URL
laspi.net/cdn-cgi/rum?
IP / ASN
188.114.97.1
#13335 CLOUDFLARENET
Requested by https://laspi.net/#uads=108429888439787693110688b89c6195631bff4db8472e3bb171e
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5607131
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Google Trust Services
Subject laspi.net
Fingerprint 5C:FB:59:A9:80:C8:8B:E0:39:C7:70:0E:9A:D2:5C:5A:79:BA:85:E2
Validity Thu, 26 Dec 2024 02:44:42 GMT - Wed, 26 Mar 2025 03:42:54 GMT
POST /cdn-cgi/rum? HTTP/1.1
Host: laspi.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1364
Origin: https://laspi.net
DNT: 1
Connection: keep-alive
Referer: https://laspi.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Sat, 25 Jan 2025 09:24:51 GMT
access-control-allow-origin: https://laspi.net
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 9077366f4c075691-OSL
x-frame-options: DENY
x-content-type-options: nosniff
GET cdn.jsdelivr.net/gh/vyantagc/vyantagc@master/uclear.js
200 OK 41 B URL
cdn.jsdelivr.net/gh/vyantagc/vyantagc@master/uclear.js
IP / ASN
104.18.186.31
#13335 CLOUDFLARENET
Requested by https://laspi.net/#uads=108429888439787693110688b89c6195631bff4db8472e3bb171e
Resource Info
File type ASCII text
First Seen 2023-03-09
Last Seen 2025-06-24
Times Seen 56
Size 41 B (41 bytes)
MD5 f4fead5920845823379d97a98f43279d
SHA1 6233573d432a25f6d6c8eaea92c01e6c07d79027
SHA256 dddc28eceb9b570a5ca4828fa03413aad48ba7d9f100d765570f731f3de85e51
Certificate Info
Issuer Sectigo Limited
Subject *.jsdelivr.net
Fingerprint 74:7A:63:DF:06:27:1E:52:8C:E8:0D:AD:1F:89:98:B5:EB:2D:49:EE
Validity Sat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT
GET /gh/vyantagc/vyantagc@master/uclear.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://laspi.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 25 Jan 2025 09:24:51 GMT
content-type: application/javascript; charset=utf-8
content-length: 41
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: master
x-jsd-version-type: branch
etag: W/"29-YjNXPUMqJfbWyOrqksAebAfXkCc"
content-encoding: br
x-served-by: cache-fra-eddf8230048-FRA, cache-lga21982-LGA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vTXT1gHYqXE0t4MWwXLKTrMfx2zlDkCW0N1GpZkCFU8L11vGhEApW7rWxCcsohFrz2rrcmnNhYIpcLNA3hR5aT59OQiVy%2BUdV8t%2BcCJToAZ%2FfoTuOnZIFFeWWfXaSY51rX4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 9077366f69ffb4ed-OSL
X-Firefox-Spdy: h2
GET cdn.jsdelivr.net/gh/vyantagc/vyantagc@master/uclear.js
200 OK 41 B URL
cdn.jsdelivr.net/gh/vyantagc/vyantagc@master/uclear.js
IP / ASN
104.18.186.31
#13335 CLOUDFLARENET
Requested by https://laspi.net/#uads=108429888439787693110688b89c6195631bff4db8472e3bb171e
Resource Info
File type ASCII text
First Seen 2023-03-09
Last Seen 2025-06-24
Times Seen 56
Size 41 B (41 bytes)
MD5 f4fead5920845823379d97a98f43279d
SHA1 6233573d432a25f6d6c8eaea92c01e6c07d79027
SHA256 dddc28eceb9b570a5ca4828fa03413aad48ba7d9f100d765570f731f3de85e51
Certificate Info
Issuer Sectigo Limited
Subject *.jsdelivr.net
Fingerprint 74:7A:63:DF:06:27:1E:52:8C:E8:0D:AD:1F:89:98:B5:EB:2D:49:EE
Validity Sat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT
GET /gh/vyantagc/vyantagc@master/uclear.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://laspi.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 25 Jan 2025 09:24:51 GMT
content-type: application/javascript; charset=utf-8
content-length: 41
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: master
x-jsd-version-type: branch
etag: W/"29-YjNXPUMqJfbWyOrqksAebAfXkCc"
content-encoding: br
x-served-by: cache-fra-eddf8230048-FRA, cache-lga21982-LGA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 0
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=USU7GwdR1ufaLV%2FMvky6bqqQfcGW8mAzU5l0HVfVz2LplM10mt53tddix5GT%2BeFEawvAfL%2BB%2FSHhTO0xDURZbzD64pVvI2zhide%2BiB2fK72r45tPHf6%2FvEoMjygYiVlFiTw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 907736707a80b521-OSL
server-timing: cfExtPri
GET 108429888439787693110.bisa-aja.my.id/json?token=108429888439787693110688b89c6195631bff4db8472e3bb171e
200 OK 13 kB URL
108429888439787693110.bisa-aja.my.id/json?token=108429888439787693110688b89c6195631bff4db8472e3bb171e
IP / ASN
172.67.184.47
#13335 CLOUDFLARENET
Requested by https://laspi.net/#uads=108429888439787693110688b89c6195631bff4db8472e3bb171e
Resource Info
File type JSON text data
First Seen 2025-01-25
Last Seen 2025-01-25
Times Seen 1
Size 13 kB (12608 bytes)
MD5 d89aa66d99be9db6b0024573931bee48
SHA1 6f2563af6a051dbe38cf6a87069ddfc51811c089
SHA256 840a39dffd05cb833798097d90278f3acf747668b63185dc85904520eb0e302a
Certificate Info
Issuer Google Trust Services
Subject bisa-aja.my.id
Fingerprint 4A:C8:04:B8:66:2C:D4:32:53:3E:21:23:2C:55:74:58:1F:C6:F4:18
Validity Mon, 09 Dec 2024 11:07:15 GMT - Sun, 09 Mar 2025 11:07:14 GMT
GET /json?token=108429888439787693110688b89c6195631bff4db8472e3bb171e HTTP/1.1
Host: 108429888439787693110.bisa-aja.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://laspi.net/
Origin: https://laspi.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Jan 2025 09:24:51 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
set-cookie: ci_session=48d34d89f787cc3636443858b7d5216f8446f611; expires=Sat, 25-Jan-2025 11:24:51 GMT; Max-Age=7200; path=/; HttpOnly; SameSite=Lax
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, no-store, max-age=0, no-cache
pragma: no-cache
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dt8MLbBp6RkCd%2BjGICDmlpI30iQVLsvVpye%2BnQ3lvMqgCKc%2Bzq2DU0%2B1KNi6RvU93GHiVxxJAKl3T%2FVg9IBpo3N5fbVvhatAxrDcpuuV%2BhZ2vXRzsqKAjYejUVRbPOl98yuCwTelSwOM%2F3K4K2fBg8J%2Flc9LA8o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 9077366a2c8656c5-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1417&min_rtt=418&rtt_var=1854&sent=16&recv=16&lost=0&retrans=1&sent_bytes=5935&recv_bytes=1413&delivery_rate=8242884&cwnd=256&unsent_bytes=0&cid=fc522abb4c93500e&ts=1934&x=0"
X-Firefox-Spdy: h2
GET scorchobservedsow.com/530f8870d8a0f24c43720d58b02daf83/invoke.js
403 Forbidden 0 B URL
scorchobservedsow.com/530f8870d8a0f24c43720d58b02daf83/invoke.js
IP / ASN
192.243.61.227
#39572 DataWeb Global Group B.V.
Requested by https://laspi.net/#uads=108429888439787693110688b89c6195631bff4db8472e3bb171e
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5607131
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject scorchobservedsow.com
Fingerprint 46:34:26:21:03:E0:34:A0:C3:24:3B:B3:20:47:6D:A4:DC:3F:1F:A7
Validity Sat, 14 Dec 2024 22:49:04 GMT - Fri, 14 Mar 2025 22:49:03 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /530f8870d8a0f24c43720d58b02daf83/invoke.js HTTP/1.1
Host: scorchobservedsow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://laspi.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Server: nginx/1.21.6
Date: Sat, 25 Jan 2025 09:24:52 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: scorchobservedsow.com
GET 108429888439787693110.uads.cc/srv.js?capub=11111
500 Internal Server Error 7.7 kB URL
108429888439787693110.uads.cc/srv.js?capub=11111
IP / ASN
104.21.41.70
#13335 CLOUDFLARENET
Requested by https://laspi.net/#uads=108429888439787693110688b89c6195631bff4db8472e3bb171e
Resource Info
File type gzip compressed data, from Unix
First Seen 2025-01-25
Last Seen 2025-01-25
Times Seen 1
Size 7.7 kB (7653 bytes)
MD5 0443e729a2a25ca1372ad80ed121b260
SHA1 4fb613b259fdb0fae2d624726ddc8946d6a0c1cb
SHA256 1e3c84065ac1c753f1bcf3c95278eb0e8f9bd2a834aceb1472ad36210d6aece1
Certificate Info
Issuer Google Trust Services
Subject uads.cc
Fingerprint 67:7C:ED:5B:17:B0:A7:B4:07:A3:51:2B:AF:3E:FD:15:03:14:89:D9
Validity Tue, 17 Dec 2024 23:01:48 GMT - Tue, 18 Mar 2025 00:00:10 GMT
GET /srv.js?capub=11111 HTTP/1.1
Host: 108429888439787693110.uads.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://laspi.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 500 Internal Server Error
date: Sat, 25 Jan 2025 09:24:50 GMT
content-type: text/html; charset=UTF-8
cache-control: no-store, max-age=0, no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: BYPASS
set-cookie: ci_session=4dc074b830b1e6a2d56e4086869421f221fc03bc; expires=Sat, 25-Jan-2025 11:24:50 GMT; Max-Age=7200; path=/; HttpOnly; SameSite=Lax
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w%2BIvwFTgwVYhS6V30AlxloBcuQOeht4V48IPKXaL0wsiyE8TpKnS7uRin1A4DaeVoQH975Y6uQeBBqWBkUA0%2FQ0DYha9RFzz4i1nW%2F%2FFVXUaPOZ7uJ7SG6BOotcc76ythJqCQkRQ%2FuPh3HHU5e8vpg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 907736622c08b529-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=785&min_rtt=443&rtt_var=596&sent=8&recv=10&lost=0&retrans=0&sent_bytes=3256&recv_bytes=1211&delivery_rate=7594405&cwnd=254&unsent_bytes=0&cid=a7f7d15c7fd15fdf&ts=1015&x=0"
X-Firefox-Spdy: h2
GET scorchobservedsow.com/f349db6125575591c998d04010914019/invoke.js
403 Forbidden 0 B URL
scorchobservedsow.com/f349db6125575591c998d04010914019/invoke.js
IP / ASN
192.243.61.227
#39572 DataWeb Global Group B.V.
Requested by https://laspi.net/#uads=108429888439787693110688b89c6195631bff4db8472e3bb171e
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5607131
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject scorchobservedsow.com
Fingerprint 46:34:26:21:03:E0:34:A0:C3:24:3B:B3:20:47:6D:A4:DC:3F:1F:A7
Validity Sat, 14 Dec 2024 22:49:04 GMT - Fri, 14 Mar 2025 22:49:03 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /f349db6125575591c998d04010914019/invoke.js HTTP/1.1
Host: scorchobservedsow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://laspi.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Server: nginx/1.21.6
Date: Sat, 25 Jan 2025 09:24:52 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: scorchobservedsow.com
GET scorchobservedsow.com/f349db6125575591c998d04010914019/invoke.js
403 Forbidden 0 B URL
scorchobservedsow.com/f349db6125575591c998d04010914019/invoke.js
IP / ASN
192.243.61.227
#39572 DataWeb Global Group B.V.
Requested by https://laspi.net/#uads=108429888439787693110688b89c6195631bff4db8472e3bb171e
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5607131
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject scorchobservedsow.com
Fingerprint 46:34:26:21:03:E0:34:A0:C3:24:3B:B3:20:47:6D:A4:DC:3F:1F:A7
Validity Sat, 14 Dec 2024 22:49:04 GMT - Fri, 14 Mar 2025 22:49:03 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /f349db6125575591c998d04010914019/invoke.js HTTP/1.1
Host: scorchobservedsow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://laspi.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Server: nginx/1.21.6
Date: Sat, 25 Jan 2025 09:24:52 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: scorchobservedsow.com
GET blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjh6x2fJSRoFfTxy-Emk03HHYdQtC3cUaTVbfTIebWeLfO46XVN7-mQpUtg13yCTAF6T3utjGymA0i6KulEqLZ5e5pvHJaql-ZgvGuDq3qt6yWJaEFHVgJBfQFU4UGut6k99nyT9Mq3MPCWrrBt11z8fFZfRHfy51MyMMqQnHsZdy9RrNBqGRX7IqClQAo/s1600/favicon.ico
200 OK 5.2 kB URL
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjh6x2fJSRoFfTxy-Emk03HHYdQtC3cUaTVbfTIebWeLfO46XVN7-mQpUtg13yCTAF6T3utjGymA0i6KulEqLZ5e5pvHJaql-ZgvGuDq3qt6yWJaEFHVgJBfQFU4UGut6k99nyT9Mq3MPCWrrBt11z8fFZfRHfy51MyMMqQnHsZdy9RrNBqGRX7IqClQAo/s1600/favicon.ico
IP / ASN
142.250.178.97
#15169 GOOGLE
Requested by https://laspi.net/#uads=108429888439787693110688b89c6195631bff4db8472e3bb171e
Resource Info
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
First Seen 2024-09-03
Last Seen 2025-06-24
Times Seen 100
Size 5.2 kB (5230 bytes)
MD5 9c637eed5a801e2addbbf2dec98b1560
SHA1 75c03a183794c82929b7008032b7ba1354e5a476
SHA256 b0cba32ca532c547d60b584b04ea5b9ec20e87e2af087fdb87cea2a5ce455a1a
Certificate Info
Issuer Google Trust Services
Subject *.googleusercontent.com
Fingerprint D2:15:13:77:74:22:58:D3:06:17:16:14:8F:CF:FF:DF:94:2F:1E:20
Validity Mon, 06 Jan 2025 08:37:05 GMT - Mon, 31 Mar 2025 08:37:04 GMT
GET /img/b/R29vZ2xl/AVvXsEjh6x2fJSRoFfTxy-Emk03HHYdQtC3cUaTVbfTIebWeLfO46XVN7-mQpUtg13yCTAF6T3utjGymA0i6KulEqLZ5e5pvHJaql-ZgvGuDq3qt6yWJaEFHVgJBfQFU4UGut6k99nyT9Mq3MPCWrrBt11z8fFZfRHfy51MyMMqQnHsZdy9RrNBqGRX7IqClQAo/s1600/favicon.ico HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://laspi.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/png
vary: Origin
access-control-expose-headers: Content-Length
etag: "v2fdf"
expires: Sun, 26 Jan 2025 09:24:52 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="favicon.ico.png"
x-content-type-options: nosniff
date: Sat, 25 Jan 2025 09:24:52 GMT
server: fife
content-length: 5230
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
200 OK 9.4 kB URL
108429888439787693110.bisa-aja.my.id/client.js
IP / ASN
172.67.184.47
#13335 CLOUDFLARENET
Resource Info
File type gzip compressed data, from Unix
First Seen 2025-01-25
Last Seen 2025-01-25
Times Seen 1
Size 9.4 kB (9428 bytes)
MD5 13e95753fb83c3313511b18f3cba43f9
SHA1 52e18b7857541a562dffc3a2d7cb5df0f9a7b3c4
SHA256 00b2d6905105c2569e97ac3fbc3bb23d0e474401d151e4743ffbf765cf6cb640
Certificate Info
Issuer Google Trust Services
Subject bisa-aja.my.id
Fingerprint 4A:C8:04:B8:66:2C:D4:32:53:3E:21:23:2C:55:74:58:1F:C6:F4:18
Validity Mon, 09 Dec 2024 11:07:15 GMT - Sun, 09 Mar 2025 11:07:14 GMT
GET /client.js HTTP/1.1
Host: 108429888439787693110.bisa-aja.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alphonsewiltfongunfaq.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 25 Jan 2025 09:24:46 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, no-store, max-age=0, no-cache
pragma: no-cache
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: BYPASS
set-cookie: ci_session=66a320b3cc119b9366c6d3c524a12aa7724741ed; expires=Sat, 25-Jan-2025 11:24:46 GMT; Max-Age=7200; path=/; HttpOnly; SameSite=Lax
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lM%2BVDvoMMrqFnts1vzi4UTVXh%2BUxbo7zC4qfBgg9iwIWV2OmWsSaPY%2FPOeEggl5O3lHm7eK%2Br5DGSUaO5ymfyc1X5NpYXq5XiET4QgVlSJ8HVQIWIFLb0IhwABhBjPnMtnN1hDZGQkpmKsa54kAgVXzxikjct3U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90773649ac2db50c-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=559&min_rtt=455&rtt_var=227&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3282&recv_bytes=1232&delivery_rate=6652373&cwnd=254&unsent_bytes=0&cid=73d6e3c2d740fe31&ts=623&x=0"
X-Firefox-Spdy: h2
GET laspi.net/wp-includes/blocks/navigation/style.min.css?ver=6.6.1
200 OK 16 kB URL
laspi.net/wp-includes/blocks/navigation/style.min.css?ver=6.6.1
IP / ASN
188.114.97.1
#13335 CLOUDFLARENET
Requested by https://laspi.net/#uads=108429888439787693110688b89c6195631bff4db8472e3bb171e
Resource Info
File type ASCII text, with very long lines (16384), with no line terminators
First Seen 2024-07-24
Last Seen 2025-08-01
Times Seen 1428
Size 16 kB (16384 bytes)
MD5 248b1933d8fafcd0e9927fba349545c9
SHA1 da66b61dcc5204277eb7846b9dce55b2e7d58a42
SHA256 837b6cb608d918fcd1361fb556d54f0a80d0dd10172790698504b2054535589e
Certificate Info
Issuer Google Trust Services
Subject laspi.net
Fingerprint 5C:FB:59:A9:80:C8:8B:E0:39:C7:70:0E:9A:D2:5C:5A:79:BA:85:E2
Validity Thu, 26 Dec 2024 02:44:42 GMT - Wed, 26 Mar 2025 03:42:54 GMT
GET /wp-includes/blocks/navigation/style.min.css?ver=6.6.1 HTTP/1.1
Host: laspi.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://laspi.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 25 Jan 2025 09:24:49 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding
x-provided-by: StackCDN
last-modified: Tue, 23 Jul 2024 19:53:54 GMT
cache-control: max-age=31536000
expires: Mon, 21 Oct 2024 20:37:59 GMT
x-origin-cache-status: EXPIRED
content-encoding: gzip
x-cdn-cache-status: HIT
x-via: AMS1
cf-cache-status: HIT
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EgZ%2FsDoVp3l%2FU4GAF4S0LkgQ4vvplYMHC9HHAPksyoh4TwbVwBCNTi%2Fwij98Cm4ajiG2q7nfIe9e0bYA6Xh5VCzk5kDJp09zzH0BmTxexNFSwW3E72ul3z7GLcg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90773661eed95691-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3819&min_rtt=3340&rtt_var=1595&sent=15&recv=11&lost=0&retrans=0&sent_bytes=4167&recv_bytes=2047&delivery_rate=177841&cwnd=12000&unsent_bytes=0&cid=2400a32a117ae686&ts=148&x=1", cfExtPri, cfHdrFlush;dur=0
GET laspi.net/wp-includes/blocks/navigation/view.min.js?ver=6.6.1
200 OK 3.3 kB URL
laspi.net/wp-includes/blocks/navigation/view.min.js?ver=6.6.1
IP / ASN
188.114.97.1
#13335 CLOUDFLARENET
Requested by https://laspi.net/#uads=108429888439787693110688b89c6195631bff4db8472e3bb171e
Resource Info
File type ASCII text, with very long lines (3382), with no line terminators
First Seen 2024-04-10
Last Seen 2025-04-06
Times Seen 551
Size 3.3 kB (3300 bytes)
MD5 f7f22b0914c178cff7904ea9b3dec7db
SHA1 3068181842419091a46d2f5f05c9b8b55d8ee432
SHA256 ff515d5fa71453898785feea95fe93363edd5e9536890c809952a0b3ee7089fe
Certificate Info
Issuer Google Trust Services
Subject laspi.net
Fingerprint 5C:FB:59:A9:80:C8:8B:E0:39:C7:70:0E:9A:D2:5C:5A:79:BA:85:E2
Validity Thu, 26 Dec 2024 02:44:42 GMT - Wed, 26 Mar 2025 03:42:54 GMT
GET /wp-includes/blocks/navigation/view.min.js?ver=6.6.1 HTTP/1.1
Host: laspi.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://laspi.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 25 Jan 2025 09:24:49 GMT
content-type: text/javascript
vary: Accept-Encoding, Accept-Encoding
x-provided-by: StackCDN
last-modified: Tue, 09 Apr 2024 22:28:52 GMT
cache-control: max-age=31536000
expires: Sun, 22 Dec 2024 21:28:57 GMT
x-origin-cache-status: EXPIRED
content-encoding: gzip
x-cdn-cache-status: HIT
x-via: AMS1
cf-cache-status: HIT
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R7DdqVkN%2F1GnS7bQhqFDGmCft6LcZDSmbrMK3wmgGTOn0sc43hu9eFxdV%2BiyXhI20WFAcj2Z2MyJw6OF8nQm8AMjjYZ4JX7ML5bCs4wU0a80b0s0JzdZstirsic%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90773661fee25691-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3360&min_rtt=1418&rtt_var=1724&sent=22&recv=13&lost=0&retrans=0&sent_bytes=11009&recv_bytes=2134&delivery_rate=2213151&cwnd=12000&unsent_bytes=0&cid=2400a32a117ae686&ts=156&x=1", cfExtPri, cfHdrFlush;dur=0
GET laspi.net/wp-includes/js/wp-emoji-release.min.js?ver=6.6.1
200 OK 19 kB URL
laspi.net/wp-includes/js/wp-emoji-release.min.js?ver=6.6.1
IP / ASN
188.114.97.1
#13335 CLOUDFLARENET
Requested by https://laspi.net/#uads=108429888439787693110688b89c6195631bff4db8472e3bb171e
Resource Info
File type JavaScript source, ASCII text, with very long lines (15752)
First Seen 2024-03-13
Last Seen 2025-08-02
Times Seen 55136
Size 19 kB (18726 bytes)
MD5 b976b651932bfd25b9ddb5b7693d88a7
SHA1 7fcb7cb5c11227f9213b1e08a07d0212209e1432
SHA256 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
Certificate Info
Issuer Google Trust Services
Subject laspi.net
Fingerprint 5C:FB:59:A9:80:C8:8B:E0:39:C7:70:0E:9A:D2:5C:5A:79:BA:85:E2
Validity Thu, 26 Dec 2024 02:44:42 GMT - Wed, 26 Mar 2025 03:42:54 GMT
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.6.1 HTTP/1.1
Host: laspi.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://laspi.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 25 Jan 2025 09:24:51 GMT
content-type: text/javascript
vary: Accept-Encoding, Accept-Encoding
x-provided-by: StackCDN
last-modified: Tue, 02 Apr 2024 19:19:36 GMT
cache-control: max-age=31536000
expires: Thu, 17 Oct 2024 19:44:41 GMT
x-origin-cache-status: MISS
content-encoding: gzip
x-cdn-cache-status: REVALIDATED
x-via: AMS1
cf-cache-status: HIT
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ojiT78Gv5tINN82OQrdtIpr8aFeW8pdb99CBecIht9krEfj8Rhd7YsA3tNz33ZnpbWEop%2FVQ8bIwjwlg18eu%2B3y197ZgtqMXGajFb90r8YkUudpw4SXzA8Fomiw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 9077366ecb865691-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3109&min_rtt=1418&rtt_var=1464&sent=27&recv=16&lost=0&retrans=0&sent_bytes=14615&recv_bytes=2479&delivery_rate=751477&cwnd=12000&unsent_bytes=0&cid=2400a32a117ae686&ts=2206&x=1", cfExtPri, cfHdrFlush;dur=0
GET 108429888439787693110.bisa-aja.my.id/srv.js?capub=11111
500 Internal Server Error 0 B URL
108429888439787693110.bisa-aja.my.id/srv.js?capub=11111
IP / ASN
172.67.184.47
#13335 CLOUDFLARENET
Requested by https://laspi.net/#uads=108429888439787693110688b89c6195631bff4db8472e3bb171e
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5607131
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Google Trust Services
Subject bisa-aja.my.id
Fingerprint 4A:C8:04:B8:66:2C:D4:32:53:3E:21:23:2C:55:74:58:1F:C6:F4:18
Validity Mon, 09 Dec 2024 11:07:15 GMT - Sun, 09 Mar 2025 11:07:14 GMT
GET /srv.js?capub=11111 HTTP/1.1
Host: 108429888439787693110.bisa-aja.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://laspi.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 500 Internal Server Error
date: Sat, 25 Jan 2025 09:24:50 GMT
content-type: text/html; charset=UTF-8
cache-control: no-store, max-age=0, no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: BYPASS
set-cookie: ci_session=e9cf5ab4c7312866a5242d67fe21e039702ea811; expires=Sat, 25-Jan-2025 11:24:50 GMT; Max-Age=7200; path=/; HttpOnly; SameSite=Lax
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2F4W5He%2Byp8O%2FuB3aJnyuxJf843DUeFGLKw%2BzVWCkeFdvJXgts4dZJwDv8CPOGdwWZeEHOzc9km9Op6k9J9STxVODBmLwWJjxkftaWEfA9PsUHaoe7M4s%2BwBAro9V8i7Y693EClLJFdI1y0fce9JEfIlekAwYBc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 907736622c2c56c5-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=544&min_rtt=418&rtt_var=259&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3207&recv_bytes=1074&delivery_rate=8242884&cwnd=254&unsent_bytes=0&cid=fc522abb4c93500e&ts=648&x=0"
X-Firefox-Spdy: h2
200 OK 130 kB IP / ASN
188.114.97.1
#13335 CLOUDFLARENET
Resource Info
File type HTML document, ASCII text, with very long lines (17518), with CRLF, LF line terminators
First Seen 2025-01-25
Last Seen 2025-01-25
Times Seen 1
Size 130 kB (129720 bytes)
MD5 2b1ef05e0d57b1b9fe7ef3b1f226e357
SHA1 de4cb3a419f6bb6937dd732f6d5ed7f7ed83641d
SHA256 eacf68b1f76151086e80e470f2d860ac6f6ba0beb0e8a626ae77156b2caf31da
Certificate Info
Issuer Google Trust Services
Subject laspi.net
Fingerprint 5C:FB:59:A9:80:C8:8B:E0:39:C7:70:0E:9A:D2:5C:5A:79:BA:85:E2
Validity Thu, 26 Dec 2024 02:44:42 GMT - Wed, 26 Mar 2025 03:42:54 GMT
GET / HTTP/1.1
Host: laspi.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 25 Jan 2025 09:24:49 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, s-maxage=216000
x-powered-by: PHP/7.4.33
link: <https://laspi.net/wp-json/>; rel="https://api.w.org/"
x-stackcache-cacheable: yes
x-cache-enabled: true
x-provided-by: StackCDN
x-origin-cache-status: MISS
x-cdn-cache-status: HIT
x-via: AMS1
last-modified: Thu, 23 Jan 2025 10:46:44 GMT
cf-cache-status: HIT
age: 151975
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IdIgAQ95QeSVJCi2RWxb5K2Qomrq%2BJmTGo55qn6HPtH65cOfUZZtN%2BFyUxDPR2ggjg3yxUhVfLrbHJaRt4ePSbC84C8O2AIXD7ahE44ERsuOvQer8CM%2BcjlhB0Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 907736611af3b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfCacheStatus;desc="HIT", cfL4;desc="?proto=TCP&rtt=523&min_rtt=414&rtt_var=213&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3190&recv_bytes=1132&delivery_rate=8150093&cwnd=254&unsent_bytes=0&cid=71f8c6e3b81fce04&ts=33&x=0"
X-Firefox-Spdy: h2
GET 108429888439787693110.bisa-aja.my.id/pre?token=108429888439787693110688b89c6195631bff4db8472e3bb171e
200 OK 235 B URL
108429888439787693110.bisa-aja.my.id/pre?token=108429888439787693110688b89c6195631bff4db8472e3bb171e
IP / ASN
172.67.184.47
#13335 CLOUDFLARENET
Requested by https://laspi.net/#uads=108429888439787693110688b89c6195631bff4db8472e3bb171e
Resource Info
File type troff or preprocessor input, ASCII text, with no line terminators
First Seen 2024-09-08
Last Seen 2025-03-15
Times Seen 26
Size 235 B (235 bytes)
MD5 086e5d186c7b0f5352e500ae6eaadaa9
SHA1 cdc961070c087dc40451dd4b94a3155387e7b88b
SHA256 8a97f3fbd4b4bc14c70ffff9df59e652a457cd5577ffdea2ed345c0edc69a9f1
Certificate Info
Issuer Google Trust Services
Subject bisa-aja.my.id
Fingerprint 4A:C8:04:B8:66:2C:D4:32:53:3E:21:23:2C:55:74:58:1F:C6:F4:18
Validity Mon, 09 Dec 2024 11:07:15 GMT - Sun, 09 Mar 2025 11:07:14 GMT
GET /pre?token=108429888439787693110688b89c6195631bff4db8472e3bb171e HTTP/1.1
Host: 108429888439787693110.bisa-aja.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://laspi.net/
Origin: https://laspi.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 25 Jan 2025 09:24:51 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
set-cookie: ci_session=76623912e78cbb7928e171b856e041d8d50bf933; expires=Sat, 25-Jan-2025 11:24:51 GMT; Max-Age=7200; path=/; HttpOnly; SameSite=Lax
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, no-store, max-age=0, no-cache
pragma: no-cache
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9oHCsqYCyAZ0IsVGJuyBIdkb%2B1iFtLD36GcFitfbdnmWDV45wkHDucUdHd3dtpDqNBFYy8eMQUi%2BG6RMwiVPHAS3RHhdcOjVUOlilcTIDgN8LqrbD7r7iKmICBAxSS9dogdlee5GteqNg99STY4j05MEqXNhHis%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 9077366a2c8456c5-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1417&min_rtt=418&rtt_var=1854&sent=17&recv=16&lost=0&retrans=1&sent_bytes=6589&recv_bytes=1413&delivery_rate=8242884&cwnd=256&unsent_bytes=0&cid=fc522abb4c93500e&ts=1939&x=0"
X-Firefox-Spdy: h2
GET laspi.net/favicon.ico
302 Found 0 B IP / ASN
188.114.97.1
#13335 CLOUDFLARENET
Requested by https://laspi.net/#uads=108429888439787693110688b89c6195631bff4db8472e3bb171e
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5607131
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Google Trust Services
Subject laspi.net
Fingerprint 5C:FB:59:A9:80:C8:8B:E0:39:C7:70:0E:9A:D2:5C:5A:79:BA:85:E2
Validity Thu, 26 Dec 2024 02:44:42 GMT - Wed, 26 Mar 2025 03:42:54 GMT
GET /favicon.ico HTTP/1.1
Host: laspi.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://laspi.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Sat, 25 Jan 2025 09:24:51 GMT
content-type: text/html; charset=UTF-8
location: https://laspi.net/wp-includes/images/w-logo-blue-white-bg.png
cache-control: public, max-age=31536000, s-maxage=216000
x-powered-by: PHP/7.4.33
link: <https://laspi.net/wp-json/>; rel="https://api.w.org/"
x-stackcache-cacheable: yes
x-cache-enabled: true
x-redirect-by: WordPress
x-provided-by: StackCDN
x-origin-cache-status: MISS
x-cdn-cache-status: HIT
x-via: AMS1
cf-cache-status: HIT
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6O2SyIGOHh2ritKX%2F1PfqKmaJIecPppFeWmRZZWLBGnYvfQctJ%2Ft4DFGEjbkoej4O3%2Bf6XDEYwFZ4ABPCEDw8Sd2sh%2FZb2TpoFR5KF1RGYRCmaqBLlLDKjj%2B52E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 9077366f1bcb5691-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2985&min_rtt=1418&rtt_var=1344&sent=36&recv=20&lost=0&retrans=0&sent_bytes=21625&recv_bytes=4445&delivery_rate=162386&cwnd=12000&unsent_bytes=0&cid=2400a32a117ae686&ts=2261&x=1", cfExtPri, cfHdrFlush;dur=0
GET 108429888439787693110.bisa-aja.my.id/srv.js?capub=11111
200 OK 2.8 kB URL
108429888439787693110.bisa-aja.my.id/srv.js?capub=11111
IP / ASN
172.67.184.47
#13335 CLOUDFLARENET
Requested by https://laspi.net/#uads=108429888439787693110688b89c6195631bff4db8472e3bb171e
Resource Info
File type JavaScript source, ASCII text, with very long lines (3111), with no line terminators
First Seen 2024-12-28
Last Seen 2025-03-15
Times Seen 29
Size 2.8 kB (2810 bytes)
MD5 3073f22c44642678628dfcf81e373a2d
SHA1 00b5a169b892fbcdd0f564fcc83f4aca093a0d7f
SHA256 4e0d18027e860c78ee9271d35795d545744a46c49d94dbc735714cc55c2fd99c
Certificate Info
Issuer Google Trust Services
Subject bisa-aja.my.id
Fingerprint 4A:C8:04:B8:66:2C:D4:32:53:3E:21:23:2C:55:74:58:1F:C6:F4:18
Validity Mon, 09 Dec 2024 11:07:15 GMT - Sun, 09 Mar 2025 11:07:14 GMT
GET /srv.js?capub=11111 HTTP/1.1
Host: 108429888439787693110.bisa-aja.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://laspi.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 25 Jan 2025 09:24:50 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, no-store, max-age=0, no-cache
pragma: no-cache
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: BYPASS
set-cookie: ci_session=dc37767aa091eced0b4a407d4ea5bda1efde2bc0; expires=Sat, 25-Jan-2025 11:24:50 GMT; Max-Age=7200; path=/; HttpOnly; SameSite=Lax
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9B%2BRbPJAwde7yjzX97BVSwXEfRLzSKEy4yjJgQhbLGxrjKHQ0MVCvNezWG%2Fp8mXJYBSeHaOEK5vC1fIJpAYxd2RMAKuikDGXB1gkoRZCkXIF4LdLkK7sAj6w2ZPu2xMTqfoknnM%2FvfPj%2ByBQWV716GY3JvLgG5A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 907736688ae456c5-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=619&min_rtt=418&rtt_var=345&sent=10&recv=12&lost=0&retrans=0&sent_bytes=4019&recv_bytes=1154&delivery_rate=8242884&cwnd=256&unsent_bytes=0&cid=fc522abb4c93500e&ts=1278&x=0"
X-Firefox-Spdy: h2
GET laspi.net/wp-content/themes/twentytwentytwo/style.css?ver=1.8
200 OK 6.0 kB URL
laspi.net/wp-content/themes/twentytwentytwo/style.css?ver=1.8
IP / ASN
188.114.97.1
#13335 CLOUDFLARENET
Requested by https://laspi.net/#uads=108429888439787693110688b89c6195631bff4db8472e3bb171e
Resource Info
File type Unicode text, UTF-8 text, with very long lines (6186), with no line terminators
First Seen 2024-10-24
Last Seen 2025-03-15
Times Seen 51
Size 6.0 kB (5987 bytes)
MD5 5978ecff3aa1955d656c9a4a2ba642e1
SHA1 510105c86fa681d478d10fd7d4d06f48f0d9f399
SHA256 600f9f7b6622ae531fdea92fec08c8e65bb25a68f57b3da415a821e72941e070
Certificate Info
Issuer Google Trust Services
Subject laspi.net
Fingerprint 5C:FB:59:A9:80:C8:8B:E0:39:C7:70:0E:9A:D2:5C:5A:79:BA:85:E2
Validity Thu, 26 Dec 2024 02:44:42 GMT - Wed, 26 Mar 2025 03:42:54 GMT
GET /wp-content/themes/twentytwentytwo/style.css?ver=1.8 HTTP/1.1
Host: laspi.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://laspi.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 25 Jan 2025 09:24:49 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding
x-provided-by: StackCDN
last-modified: Mon, 26 Aug 2024 16:16:18 GMT
cache-control: max-age=31536000
expires: Tue, 10 Dec 2024 21:46:50 GMT
x-origin-cache-status: EXPIRED
content-encoding: gzip
x-cdn-cache-status: HIT
x-via: AMS1
cf-cache-status: HIT
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gy02HlpcgzETe5fhp2PN%2Fgcov0GoGwlK1JBK9xYHc7vo%2FNPCCG6GTrp2dWuIFIJ1D%2BvfgIR2XTW2ZDaR46cCD%2Bm6ZmwBZZxNwRNS%2FFpy3AiKxUYmbihXSvcAL98%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90773661eedc5691-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3638&min_rtt=2365&rtt_var=1560&sent=19&recv=12&lost=0&retrans=0&sent_bytes=7869&recv_bytes=2091&delivery_rate=28464&cwnd=12000&unsent_bytes=0&cid=2400a32a117ae686&ts=153&x=1", cfExtPri, cfHdrFlush;dur=0
GET static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
200 OK 20 kB URL
static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
IP / ASN
104.16.79.73
#13335 CLOUDFLARENET
Requested by https://laspi.net/#uads=108429888439787693110688b89c6195631bff4db8472e3bb171e
Resource Info
File type JavaScript source, ASCII text, with very long lines (19948), with no line terminators
First Seen 2024-06-07
Last Seen 2025-08-02
Times Seen 101548
Size 20 kB (19948 bytes)
MD5 ec18af6d41f6f278b6aed3bdabffa7bc
SHA1 62c9e2cab76b888829f3c5335e91c320b22329ae
SHA256 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
Certificate Info
Issuer Google Trust Services
Subject cloudflareinsights.com
Fingerprint 68:D3:62:56:06:F9:32:39:3B:2D:19:7E:B1:45:4B:2C:76:5F:73:C6
Validity Mon, 30 Dec 2024 10:58:15 GMT - Sun, 30 Mar 2025 11:58:10 GMT
GET /beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://laspi.net
DNT: 1
Connection: keep-alive
Referer: https://laspi.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 25 Jan 2025 09:24:49 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2024.6.1"
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 907736623820b500-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
